From ff38c3be1c6f3effe986505ca3735b8f0e0c649e Mon Sep 17 00:00:00 2001
From: Olivier Mehani <omehani@mozilla.com>
Date: Mon, 23 Dec 2024 12:55:13 +1100
Subject: [PATCH] docker: add push support by default (bug 1864902)

---
 .dockerignore                                      | 1 +
 Dockerfile                                         | 6 ++++++
 README.md                                          | 5 +++++
 auth-example/etc/nginx/git-http-backend_write.conf | 2 +-
 auth-example/etc/nginx/htpasswd.template           | 1 +
 5 files changed, 14 insertions(+), 1 deletion(-)
 create mode 100644 auth-example/etc/nginx/htpasswd.template

diff --git a/.dockerignore b/.dockerignore
index e82689f..e99f245 100644
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,3 +1,4 @@
 **
+!auth-example/**
 !rootfs/**
 !cgit_build.conf
diff --git a/Dockerfile b/Dockerfile
index 4ab02a2..253bd2e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -31,6 +31,10 @@ RUN make && make install
 
 FROM nginx:${NGINX_VERSION}-alpine${ALPINE_VERSION}
 
+ENV GIT_USER=lando
+# 'password'
+# generate with `htpasswd -n user | cut -d: -f2`
+ENV GIT_PASSWORD='$apr1$syi9IAPx$lGAixLm5WXtzEWR.fA.cS0'
 
 # mailcap - provides /etc/mime.types
 RUN apk add --no-cache \
@@ -52,6 +56,8 @@ RUN apk add --no-cache \
 ENV CGIT_APP_USER=nginx
 
 COPY ./rootfs/ /
+COPY ./auth-example/etc/nginx/git-http-backend_write.conf /etc/nginx/git-http-backend_write.conf
+COPY ./auth-example/etc/nginx/htpasswd.template /etc/nginx/templates/htpasswd.template
 COPY --from=build /opt/cgit /opt/cgit
 
 VOLUME ["/opt/git"]
diff --git a/README.md b/README.md
index 164cfa8..918cc69 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,7 @@
+# This is a mirror
+
+This repo is a mirror of [Upstream], with local modifications to enable authenticated push by default.
+
 # Cgit Docker
 
 [![GitHub](https://img.shields.io/github/license/LuqueDaniel/cgit-docker?style=flat-square)](https://github.com/LuqueDaniel/cgit-docker/blob/main/LICENSE)
@@ -67,3 +71,4 @@ echo "CHANGED" >> /tmp/nginx-cloned/README.md
 * [Cgit README](https://git.zx2c4.com/cgit/tree/README)
 * [Cgit configuration](https://git.zx2c4.com/cgit/tree/cgitrc.5.txt)
 * [cgit - ArchWiki](https://wiki.archlinux.org/title/Cgit)
+* [Upstream](https://github.com/LuqueDaniel/cgit-docker)
diff --git a/auth-example/etc/nginx/git-http-backend_write.conf b/auth-example/etc/nginx/git-http-backend_write.conf
index 2a65543..6437a84 100644
--- a/auth-example/etc/nginx/git-http-backend_write.conf
+++ b/auth-example/etc/nginx/git-http-backend_write.conf
@@ -1,2 +1,2 @@
     auth_basic           "closed site";
-    auth_basic_user_file .htpasswd;
+    auth_basic_user_file conf.d/htpasswd;
diff --git a/auth-example/etc/nginx/htpasswd.template b/auth-example/etc/nginx/htpasswd.template
new file mode 100644
index 0000000..f302a4d
--- /dev/null
+++ b/auth-example/etc/nginx/htpasswd.template
@@ -0,0 +1 @@
+$GIT_USER:$GIT_PASSWORD