changes for ssh passthough

docker-compose.yaml

@@ -11,13 +11,15 @@ services:
     environment:
       - USER_UID=895
       - USER_GID=895
+      - GITEA__server__ROOT_URL=https://blacka.com/git
     restart: always
     networks:
       - gitea
     volumes:
       - ./data:/data
+      - /var/lib/gitea/.ssh:/data/git/.ssh
       - /etc/timezone:/etc/timezone:ro
       - /etc/localtime:/etc/localtime:ro
     ports:
       - "3000:3000"
-      - "222:22"
+      - "2222:22"

httpd.conf.snippet

@@ -0,0 +1,7 @@
+<Proxy *>
+      Order allow,deny
+      Allow from all
+</Proxy>
+AllowEncodedSlashes NoDecode
+# Note: no trailing slash after either /git or port
+ProxyPass /git http://localhost:3000 nocanon

setup.sh

@@ -1,11 +1,19 @@
 #! /bin/bash
 
 GITEA_HOME=/var/lib/gitea
+HOST_GIT_USER=git  # this will be the user in the ssh git urls, e.g. git@blacka.com/org/repo.git
 
 # create the 'gitea' user to run and own this thing
 if ! id -u 985 >/dev/null 2>&1; then
-    groupadd -g 895 gitea
-    useradd -u 895 -g gitea -d "$GITEA_HOME" -m gitea
+    groupadd -g 895 "$HOST_GIT_USER"
+    useradd -u 895 -g "$HOST_GIT_USER" -G docker -d "$GITEA_HOME" -m gitea
 fi
 
 install -d "$GITEA_HOME/data"
+
+cat <<"EOF" | sudo tee $GITEA_HOME/docker-shell
+#!/bin/sh
+/usr/bin/docker exec -i -u git --env SSH_ORIGINAL_COMMAND="$SSH_ORIGINAL_COMMAND" gitea sh "$@"
+EOF
+sudo chmod +x $GITEA_HOME/docker-shell
+sudo usermod -s $GITEA_HOME/docker-shell git