blob: 25fcb10393e25520eec755bd887901c5d6ca20c8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
#!/bin/bash
set -e
# Load config
source "$(dirname "$0")/config.env"
# Create network if not exists
if ! podman network exists ${NETWORK}; then
echo "Creating network: ${NETWORK} (subnet: ${PRIVATE_SUBNET})"
podman network create --subnet=${PRIVATE_SUBNET} ${NETWORK}
else
echo "Network exists: ${NETWORK}"
fi
# Stop existing container if running
podman stop ${CONTAINER_NAME} 2>/dev/null || true
podman rm ${CONTAINER_NAME} 2>/dev/null || true
ip route del ${PUBLIC_IP}/32 2>/dev/null || true
# Rebuild authorized_keys from .pub files
mkdir -p /git/.ssh
rm -f /git/.ssh/authorized_keys
cat /git/.ssh/*.pub > /git/.ssh/authorized_keys 2>/dev/null || true
chmod 600 /git/.ssh/authorized_keys
# Build image
echo "Building image..."
podman build -t cgit "$(dirname "$0")"
# Run container
podman run -d \
--name ${CONTAINER_NAME} \
--network ${NETWORK} \
--ip ${PRIVATE_IP} \
--cap-add=NET_ADMIN \
--env-file "$(dirname "$0")/config.env" \
-v ${CONTAINER_NAME}_data:/data \
-v /git:/git \
localhost/cgit
# Setup public IP
sleep 2
IFACE=$(podman exec ${CONTAINER_NAME} sh -c "ip -o link | grep -v lo | head -1 | cut -d: -f2 | tr -d ' ' | cut -d@ -f1")
podman exec ${CONTAINER_NAME} ip addr add ${PUBLIC_IP}/32 dev ${IFACE}
ip route add ${PUBLIC_IP}/32 via ${PRIVATE_IP}
echo "Running at https://${DOMAIN}/"
|
