From 8667f8615da479a8e9c4e8d5bb5987632d75bfaf Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Fri, 5 Dec 2025 21:43:18 -0800
Subject: Add ssh server

---
 Dockerfile | 32 ++++++++++++++++++++++++++++----
 1 file changed, 28 insertions(+), 4 deletions(-)

(limited to 'Dockerfile')

diff --git a/Dockerfile b/Dockerfile
index c310452..ecb4743 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -40,13 +40,37 @@ RUN apt-get update && apt-get install -y --no-install-recommends \
     python3-pygments \
     tini \
     curl \
+    openssh-server \
+    locales \
     && rm -rf /var/lib/apt/lists/*
 
+# Generate locale to fix git locale warnings
+RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen
+
 COPY --from=build_stage /var/www/html/cgit /var/www/html/cgit
 
-RUN mkdir -p /var/lib/git/repositories \
-    && chown -R www-data:www-data /var/www/html/cgit \
-    && chown -R www-data:www-data /var/lib/git
+RUN mkdir -p /var/lib/git/repositories
+
+RUN useradd -m -d /var/lib/git/repositories -s /usr/bin/git-shell code
+
+# Store git-shell-commands in a persistent location (will be copied to home on startup)
+RUN mkdir -p /usr/local/share/git-shell-commands
+COPY init-repo /usr/local/share/git-shell-commands/init-repo
+COPY delete-repo /usr/local/share/git-shell-commands/delete-repo
+COPY help /usr/local/share/git-shell-commands/help
+COPY list /usr/local/share/git-shell-commands/list
+COPY no-interactive-login /usr/local/share/git-shell-commands/no-interactive-login
+RUN chmod +x /usr/local/share/git-shell-commands/*
+
+RUN mkdir -p /run/sshd \
+    && mkdir -p /etc/ssh/sshd_config.d
+
+COPY sshd_code_user.conf /etc/ssh/sshd_config.d/code_user.conf
+
+RUN chown -R www-data:www-data /var/www/html/cgit \
+    && chown -R code:code /var/lib/git/repositories \
+    && chmod 755 /var/lib/git \
+    && chmod 755 /var/lib/git/repositories
 
 RUN rm /etc/nginx/sites-enabled/default
 
@@ -63,6 +87,6 @@ RUN chown -R www-data:www-data /run/sock
 
 COPY static /var/www/html/cgit/static
 
-EXPOSE 80
+EXPOSE 80 22
 HEALTHCHECK CMD ["curl", "http://localhost:80"]
 ENTRYPOINT ["/usr/bin/tini", "--", "/usr/local/bin/entrypoint.sh"]
-- 
cgit v1.2.3-70-g09d2