Fix problem with cron frequency introduced with 682960d450

Dockerfile

@@ -1,7 +1,8 @@
 FROM nginx:mainline-alpine
 
 # Install hugo
-RUN apk add hugo git
+RUN apk add hugo git openssh bash
 
 # Copy over auxiliary scripts
-COPY aux/* /docker-entrypoint.d/
+COPY aux /aux
+COPY init/* /docker-entrypoint.d/

README.md

@@ -4,13 +4,36 @@ A nginx-powered container hosting a hugo-built blog regularly pulled off git.
 
 ## Run
 
+There are multiple options to get your Hugo blog into blogker:
+- by specifying a git URL where it gets pulled from regularly
+- by passing in the required files via a bind or volume mount
+
 ### Auto-Pull Git
 
 If you store your blog data in a git repository, run the container with env `REPO_URL` set to a Git repo:
 
 `docker run -e REPO_URL=https://git.maride.cc/maride/sec.maride.cc.git -p 80:80 -d blogker`
 
-The repository will be pulled and built every 10 minutes.
+#### Pull frequency
+
+The repository will be pulled and built every 10 minutes by default.
+
+Other values can be specified by the `BUILDFREQ` environment variable.
+For example, if you want to have the blog updated every minute:
+
+`docker run -e REPO_URL=https://... -e BUILDFREQ=1 -p 80:80 -d blogker`
+
+Lowering this value may risk running into rate limits on some git servers.
+
+#### SSH URLs
+
+If you specify a SSH URL (`ssh:// ...`) for your repository, the host key will be automatically pulled and added as trusted host. Make sure to double-check those host keys with your git server - although a [MITM](https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/) scenario is unlikely and won't pose a big risk in the case of blogker. [YMMV](https://www.urbandictionary.com/define.php?term=ymmv), but still, this may be a security risk in some cases.
+
+If you want to pull private repositories, you may need to generate a SSH key for this purpose, and hand in the private key file, e.g. via `-v ./id_rsa:/root/.ssh/id_rsa`.
+
+#### Specify branch
+
+If there is a specific branch to use (other than [master/main](https://about.gitlab.com/blog/2021/03/10/new-git-default-branch-name/)), you can specify the desired branch using the `REPO_BRANCH` environment variable.
 
 ### Passthrough via Bind
 

aux/pull-n-build.sh

@@ -15,12 +15,22 @@ set -e -v
 		true
 	else
 		# repo URL set
+		if [ -d /repo ]; then
+			# repo already exists, try to pull
+			cd /repo && git pull --recurse-submodules
+			if [ "$?" -ne 0 ]; then
+				# pull failed, clean and retry to clone
+				echo "Pull failed, attempting to clean clone"
+				rm -rf /repo
+			fi
+		fi
 		if [ ! -d /repo ]; then
 			# repo needs to be cloned
-			git clone --recurse-submodules $REPO_URL /repo
+			# check if there is a specific branch to clone
-		else
+			if [ ! "$REPO_BRANCH" == "" ]; then
-			# no - pull existing repo
+				BRANCHCMD="--branch $REPO_BRANCH"
-			cd /repo && git pull --recurse-submodules
+			fi
+			git clone --recurse-submodules $BRANCHCMD $REPO_URL /repo
 		fi
 	fi
 

init/check-ssh.sh

@@ -0,0 +1,10 @@
+#!/bin/bash
+
+SSH_GIT_URL_REGEX="^ssh:\/\/([^@]+@)?([a-z0-9\-\.]+)[:/].*$"
+
+if [[ "$REPO_URL" =~ $SSH_GIT_URL_REGEX ]]; then
+	echo "Detected SSH repo URL, importing host key"
+	ssh-keyscan ${BASH_REMATCH[2]} >> /root/.ssh/known_hosts || exit 1
+fi
+
+/aux/pull-n-build.sh || exit 1

init/cron.sh

@@ -9,7 +9,9 @@ if [ "$BUILDFREQ" == "" ]; then
 fi
 
 # Run the pull script regularly
-echo "$BUILDFREQ * * * * /docker-entrypoint.d/pull-n-build.sh" >> /var/spool/cron/crontabs/root
+target="/aux/pull-n-build.sh"
+entry="*/$BUILDFREQ * * * * $target"
+grep "$target" /var/spool/cron/crontabs/root || echo "$entry" >> /var/spool/cron/crontabs/root
 
 # start cron daemon (goes into background)
 crond