maride/blogker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: maride:c5cd522a2223c7fdf7b253f7d21203cc2f0cd37f
Branches Tags
maride:main
..
compare: maride:11edf32c6812dd17baf167fcc30e6e93a1597b0f
Branches Tags
maride:main

No commits in common. "c5cd522a2223c7fdf7b253f7d21203cc2f0cd37f" and "11edf32c6812dd17baf167fcc30e6e93a1597b0f" have entirely different histories.
c5cd522a22 ... 11edf32c68

4 changed files with 4 additions and 34 deletions
Show Stats Expand all files Collapse all files

5
Dockerfile
View File

@ -1,8 +1,7 @@
FROM nginx:mainline-alpine FROM nginx:mainline-alpine
# Install hugo # Install hugo
RUN apk add hugo git openssh bash RUN apk add hugo git
# Copy over auxiliary scripts # Copy over auxiliary scripts
COPY aux /aux COPY aux/* /docker-entrypoint.d/
COPY init/* /docker-entrypoint.d/

21
README.md
View File

@ -4,32 +4,13 @@ A nginx-powered container hosting a hugo-built blog regularly pulled off git.
## Run ## Run
There are multiple options to get your Hugo blog into blogker:
- by specifying a git URL where it gets pulled from regularly
- by passing in the required files via a bind or volume mount
### Auto-Pull Git ### Auto-Pull Git
If you store your blog data in a git repository, run the container with env `REPO_URL` set to a Git repo: If you store your blog data in a git repository, run the container with env `REPO_URL` set to a Git repo:
`docker run -e REPO_URL=https://git.maride.cc/maride/sec.maride.cc.git -p 80:80 -d blogker` `docker run -e REPO_URL=https://git.maride.cc/maride/sec.maride.cc.git -p 80:80 -d blogker`
#### Pull frequency The repository will be pulled and built every 10 minutes.
The repository will be pulled and built every 10 minutes by default.
Other values can be specified by the `BUILDFREQ` environment variable.
For example, if you want to have the blog updated every minute:
`docker run -e REPO_URL=https://... -e BUILDFREQ=1 -p 80:80 -d blogker`
Lowering this value may risk running into rate limits on some git servers.
#### SSH URLs
If you specify a SSH URL (`ssh:// ...`) for your repository, the host key will be automatically pulled and added as trusted host. Make sure to double-check those host keys with your git server - although a [MITM](https://www.rapid7.com/fundamentals/man-in-the-middle-attacks/) scenario is unlikely and won't pose a big risk in the case of blogker. [YMMV](https://www.urbandictionary.com/define.php?term=ymmv), but still, this may be a security risk in some cases.
If you want to pull private repositories, you may need to generate a SSH key for this purpose, and hand in the private key file, e.g. via `-v ./id_rsa:/root/.ssh/id_rsa`.
### Passthrough via Bind ### Passthrough via Bind

2
init/cron.sh → aux/cron.sh
View File

@ -9,7 +9,7 @@ if [ "$BUILDFREQ" == "" ]; then
fi fi
# Run the pull script regularly # Run the pull script regularly
echo "$BUILDFREQ * * * * /aux/pull-n-build.sh" >> /var/spool/cron/crontabs/root echo "$BUILDFREQ * * * * /docker-entrypoint.d/pull-n-build.sh" >> /var/spool/cron/crontabs/root
# start cron daemon (goes into background) # start cron daemon (goes into background)
crond crond

10
init/check-ssh.sh
View File

@ -1,10 +0,0 @@
#!/bin/bash
SSH_GIT_URL_REGEX="^ssh:\/\/([^@]+@)?([a-z0-9\-\.]+)[:/].*$"
if [[ "$REPO_URL" =~ $SSH_GIT_URL_REGEX ]]; then
echo "Detected SSH repo URL, importing host key"
ssh-keyscan ${BASH_REMATCH[2]} >> /root/.ssh/known_hosts || exit 1
fi
/aux/pull-n-build.sh || exit 1