From e090ee1be935f6e114f573c322156fc6f224491e Mon Sep 17 00:00:00 2001
From: Adar Nimrod <nimrod@shore.co.il>
Date: Sat, 2 Nov 2019 14:03:23 +0200
Subject: [PATCH] Various improvements.

- Use the alternative HTTP port (so a limited user can be used).
- Run as a limited user.
- Add documentation.
- Add a Docker Compose file for local testing and as an example.
---
 Dockerfile         |  6 ++++--
 README.md          | 16 ++++++++++++++++
 docker-compose.yml | 17 +++++++++++++++++
 3 files changed, 37 insertions(+), 2 deletions(-)
 create mode 100644 docker-compose.yml

diff --git a/Dockerfile b/Dockerfile
index b42ad6d..ca00f62 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,6 +11,7 @@ RUN apt-get update && \
     && \
     a2enmod cgid && \
     a2enconf cgit && \
+    sed -i 's/80/8080/g' /etc/apache2/ports.conf /etc/apache2/sites-enabled/000-default.conf && \
     install -d -o www-data -g www-data -m 755 /var/cache/cgit && \
     install -d -o www-data -g www-data -m 755 /run/apache2 && \
     install -d -o www-data -g www-data -m 755 /var/log/apache2 && \
@@ -24,7 +25,8 @@ ENV APACHE_RUN_DIR=/run/apache2 \
     APACHE_RUN_USER=www-data \
     APACHE_RUN_GROUP=www-data \
     APACHE_PID_FILE=/run/apache2/apache2.pid
-EXPOSE 80
+EXPOSE 8080
 CMD [ "apache2", "-DFOREGROUND" ]
 VOLUME ["/srv/git"]
-HEALTHCHECK CMD wget --spider --quiet http://localhost/cgit/ --user-agent 'Healthcheck' || exit 1
+USER "www-data"
+HEALTHCHECK CMD wget --spider --quiet http://localhost:8080/cgit/ --user-agent 'Healthcheck' || exit 1
diff --git a/README.md b/README.md
index 740d850..7f0d570 100644
--- a/README.md
+++ b/README.md
@@ -2,6 +2,22 @@
 
 > cgit Docker image.
 
+## Usage
+
+This container runs Apache that is configured with cgit at `/cgit`. It exposes
+port 8080 and serves the repositories under `/srv/git`. The container runs as
+a limited user (`www-data`), so make sure to have the content of `/srv/git`
+readble by it. Also, if you wish to persist the cache, the location is
+`/var/cache/cgit`.
+
+## Example usage
+
+```
+docker -v '/srv/git:/srv/git:ro' -p '80:8080' adarnimrod/cgit
+```
+
+There's also a `docker-compose.yml` as further example.
+
 ## License
 
 This software is licensed under the MIT license (see `LICENSE.txt`).
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..fe7700b
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,17 @@
+# vim:ff=unix:ts=2:sw=2:ai:expandtab
+---
+version: '3.5'
+services:
+  cgit:
+    build:
+      context: .
+      cache_from:
+        - adarnimrod/cgit
+    image: adarnimrod/cgit
+    ports:
+      - 80:8080
+    volumes:
+      - git:/srv/git:ro
+
+volumes:
+  git:
-- 
GitLab