自定义gitea映像没有与Docker撰写的用户查找用户
我正在开发一个具有Ansible和Docker组成的Docker基础架构,我对Gitea的自定义图像有问题。 我想使用自定义图像,因为我需要通过LDAP实现身份验证。 我在容器日志中遇到的错误是:
sudo: unknown user: gitea
sudo: error initializing audit plugin sudoers_audit
这是我的配置:
app.ini(of gitea)
[DEFAULT]
RUN_USER = git
RUN_MODE = prod
...
[database]
PATH = /data/gitea/gitea.db
DB_TYPE = postgres
HOST = db:5432
NAME = gitea
USER = gitea
PASSWD = gitea
LOG_SQL = false
...
dockerfile
FROM gitea/gitea:1.16.8
RUN apk add sudo
RUN chmod 777 /home
COPY entrypoint /usr/bin/custom_entrypoint
COPY gitea-cli.sh /usr/bin/gitea-cli.sh
ENTRYPOINT /usr/bin/custom_entrypoint
entrypoint
#!/bin/sh
set -e
echo 'Started entrypoint'
while ! nc -z $GITEA__database__HOST; do sleep 1; done;
echo 'Starting operations'
gitea-cli.sh migrate
>- gitea-cli.sh admin auth add-ldap --name ansible-ldap --host 127.0.0.1 --port 1389 --security-protocol unencrypted --user-search-base dc=ldap,dc=vcc,dc=unige,dc=it --admin-filter "(objectClass=giteaAdmin)" --user-filter "(&(objectClass=inetOrgPerson)(uid=%s))" --username-attribute uid --firstname-attribute givenName --surname-attribute surname --email-attribute mail --bind-dn cn=admin,dc=ldap,dc=vcc,dc=unige,dc=it --bind-password admin --allow-deactivate-all
echo 'Ending entrypoint'
gitea-cli.sh
#!/bin/sh
echo 'Started gitea-cli'
USER=git HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea sudo -E -u git gitea --config /data/gitea/conf/app.ini "$@"
docker-compose.yaml
db:
image: postgres:14.3
restart: always
hostname: db
environment:
POSTGRES_DB: gitea
POSTGRES_USER: gitea
POSTGRES_PASSWORD: gitea
ports:
- 5432:5432
volumes:
- /data/postgres:/var/lib/postgresql/data
networks:
- vcc
openldap:
image: bitnami/openldap:2.5
ports:
- 1389:1389
- 1636:1636
environment:
BITNAMI_DEBUG: "true"
LDAP_LOGLEVEL: 4
LDAP_ADMIN_USERNAME: admin
LDAP_ADMIN_PASSWORD: admin
LDAP_ROOT: dc=ldap,dc=vcc,dc=unige,dc=it
LDAP_CUSTOM_LDIF_DIR: /bitnami/openldap/backup
LDAP_CUSTOM_SCHEMA_FILE: /bitnami/openldap/schema/schema.ldif
volumes:
- /data/openldap/:/bitnami/openldap
networks:
- vcc
gitea:
image: 127.0.0.1:5000/custom_gitea:51
restart: always
hostname: git.localdomain
build: /data/gitea/custom
ports:
- 4000:4000
- 222:22
environment:
USER: git
USER_UID: 1000
USER_GID: 1000
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: db:5432
GITEA__database__NAME: gitea
GITEA__database__USER: gitea
GITEA__database__PASSWD: gitea
GITEA__security__INSTALL_LOCK: "true"
GITEA__security__SECRET_KEY: XQolFkmSxJWhxkZrkrGbPDbVrEwiZshnzPOY
volumes:
- /data/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /data/gitea/app.ini:/data/gitea/conf/app.ini
# deploy:
# mode: global
depends_on:
- db
- openldap
- openldap_admin
networks:
- vcc
I'm developing a Docker infrastructure with Ansible and Docker Compose and I have a problem with my custom image of Gitea.
I want to use a custom image because I need to implement authentication via LDAP.
The error that i get inside the container log is:
sudo: unknown user: gitea
sudo: error initializing audit plugin sudoers_audit
This is my configuration:
app.ini (of Gitea)
[DEFAULT]
RUN_USER = git
RUN_MODE = prod
...
[database]
PATH = /data/gitea/gitea.db
DB_TYPE = postgres
HOST = db:5432
NAME = gitea
USER = gitea
PASSWD = gitea
LOG_SQL = false
...
Dockerfile
FROM gitea/gitea:1.16.8
RUN apk add sudo
RUN chmod 777 /home
COPY entrypoint /usr/bin/custom_entrypoint
COPY gitea-cli.sh /usr/bin/gitea-cli.sh
ENTRYPOINT /usr/bin/custom_entrypoint
entrypoint
#!/bin/sh
set -e
echo 'Started entrypoint'
while ! nc -z $GITEA__database__HOST; do sleep 1; done;
echo 'Starting operations'
gitea-cli.sh migrate
>- gitea-cli.sh admin auth add-ldap --name ansible-ldap --host 127.0.0.1 --port 1389 --security-protocol unencrypted --user-search-base dc=ldap,dc=vcc,dc=unige,dc=it --admin-filter "(objectClass=giteaAdmin)" --user-filter "(&(objectClass=inetOrgPerson)(uid=%s))" --username-attribute uid --firstname-attribute givenName --surname-attribute surname --email-attribute mail --bind-dn cn=admin,dc=ldap,dc=vcc,dc=unige,dc=it --bind-password admin --allow-deactivate-all
echo 'Ending entrypoint'
gitea-cli.sh
#!/bin/sh
echo 'Started gitea-cli'
USER=git HOME=/home/gitea GITEA_WORK_DIR=/var/lib/gitea sudo -E -u git gitea --config /data/gitea/conf/app.ini "$@"
docker-compose.yaml
db:
image: postgres:14.3
restart: always
hostname: db
environment:
POSTGRES_DB: gitea
POSTGRES_USER: gitea
POSTGRES_PASSWORD: gitea
ports:
- 5432:5432
volumes:
- /data/postgres:/var/lib/postgresql/data
networks:
- vcc
openldap:
image: bitnami/openldap:2.5
ports:
- 1389:1389
- 1636:1636
environment:
BITNAMI_DEBUG: "true"
LDAP_LOGLEVEL: 4
LDAP_ADMIN_USERNAME: admin
LDAP_ADMIN_PASSWORD: admin
LDAP_ROOT: dc=ldap,dc=vcc,dc=unige,dc=it
LDAP_CUSTOM_LDIF_DIR: /bitnami/openldap/backup
LDAP_CUSTOM_SCHEMA_FILE: /bitnami/openldap/schema/schema.ldif
volumes:
- /data/openldap/:/bitnami/openldap
networks:
- vcc
gitea:
image: 127.0.0.1:5000/custom_gitea:51
restart: always
hostname: git.localdomain
build: /data/gitea/custom
ports:
- 4000:4000
- 222:22
environment:
USER: git
USER_UID: 1000
USER_GID: 1000
GITEA__database__DB_TYPE: postgres
GITEA__database__HOST: db:5432
GITEA__database__NAME: gitea
GITEA__database__USER: gitea
GITEA__database__PASSWD: gitea
GITEA__security__INSTALL_LOCK: "true"
GITEA__security__SECRET_KEY: XQolFkmSxJWhxkZrkrGbPDbVrEwiZshnzPOY
volumes:
- /data/gitea:/data
- /etc/timezone:/etc/timezone:ro
- /etc/localtime:/etc/localtime:ro
- /data/gitea/app.ini:/data/gitea/conf/app.ini
# deploy:
# mode: global
depends_on:
- db
- openldap
- openldap_admin
networks:
- vcc
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
用户 gitea 在图像中根本不存在。
默认用户是git:
有两个解决方案:
添加gitea用户
只需在dockerfile中添加
adduser,它应该有效:您还必须使用1001更改 user_uid 和 user_gid (用户) 1000是git)
使用默认用户
,只需在Dockerfile和app.ini的Gitea服务中,用 gitea gitea 。
之后,如果您有错误:
您必须在 gitea-cli.sh迁移之前,必须添加
chown -r 1000:1000/data/data/gitea/conf。因为您在主机和容器之间共享音量,所以如果主机用户具有UID 1000。
用用户ID为1002:
docker-compose.yml:
在dockerfile中的入口点之前:
User gitea simply don't exist in the image.
The default user is git:
There is two solutions:
Adding gitea user
Just add
adduserin your Dockerfile and it should work:You'll also have to change the USER_UID and USER_GID with 1001 (user 1000 is git)
Using default user
Just replace user gitea with git in the gitea service of the dockerfile and in the app.ini .
After that, if you have error like:
You have to add
chown -R 1000:1000 /data/gitea/confbefore gitea-cli.sh migrate in entrypoint.Because you share volume between the host and the container, this will work only if you host user have UID 1000. If not you will have to modify the gitea service in the docker-compose.yml.
Example with an user id of 1002:
docker-compose.yml:
and before the ENTRYPOINT in the dockerfile: