diff --git a/Dockerfile b/Dockerfile index cf4b84c..35d3850 100644 --- a/Dockerfile +++ b/Dockerfile @@ -26,8 +26,8 @@ COPY --from=daemonize /usr/sbin/daemonize /usr/sbin/daemonize COPY ./monit.conf /etc/monit.d/geminabox.conf COPY ./geminabox.sh /usr/local/bin/geminabox COPY --from=build /srv/http /srv/http -RUN install -dm 2750 -o app -g www-data /srv/http/geminabox +RUN install -dm 2750 -o app -g www-data /srv/gems RUN chmod 755 /usr/local/bin/geminabox EXPOSE 9292 -VOLUME /srv/http/geminabox +VOLUME /srv/gems diff --git a/config.ru b/config.ru index 4173e31..8d3f596 100644 --- a/config.ru +++ b/config.ru @@ -1,10 +1,16 @@ require 'geminabox' require 'rack/session/redis' +require 'securerandom' Geminabox.data = '/srv/http' Geminabox.rubygems_proxy = true Geminabox.allow_remote_failure = true +use Rack::Auth::Basic, 'Gems' do |username, password| + username == ENV.fetch('HTTP_BASIC_USER', SecureRandom.hex) && + password == ENV.fetch('HTTP_BASIC_PASSWORD', SecureRandom.hex) +end + use Rack::Session::Redis, redis_server: 'redis://redis:6379/2' use Rack::Protection diff --git a/geminabox.sh b/geminabox.sh index 5807572..fa40613 100644 --- a/geminabox.sh +++ b/geminabox.sh @@ -1,7 +1,7 @@ #!/bin/sh set -e -dir=/srv/http/geminabox +dir=/srv/gems pid=/tmp/geminabox.pid chown -R app:www-data /srv/http @@ -9,7 +9,7 @@ cd ${dir} for link in Gemfile Gemfile.lock .bundle config.ru vendor; do test -e ${link} && continue - ln -s ../${link} . + ln -s /srv/http/${link} . done rm -f ${pid}