COPY --from=builder /usr/local/cargo/bin/quire /usr/local/bin/quire
-RUN groupadd --system quire \
- && useradd --system --gid quire --create-home quire
+# Volume layout per PLAN.md. Ownership is set on the host; the container
+# runs as the host uid/gid passed via `docker exec --user`, so no user
+# is created in the image.
+RUN mkdir -p /var/quire/repos /var/quire/runs
-# Volume layout per PLAN.md.
-RUN mkdir -p /var/quire/repos /var/quire/runs \
- && chown -R quire:quire /var/quire
-
-USER quire
WORKDIR /var/quire
ENTRYPOINT ["quire"]
sudo cp sshd_config /etc/ssh/sshd_config.d/quire.conf
sudo systemctl reload sshd
-4. Start the quire container:
+4. Start the quire container, running as the host's `git` user so file
+ ownership on the bind-mounted `/var/quire` matches inside and out:
- docker run -d --name quire-container quire
+ docker run -d --name quire-container \
+ --user "$(id -u git):$(id -g git)" \
+ -e HOME=/tmp \
+ -v /var/quire:/var/quire \
+ quire
+
+ In a compose file, the equivalent is `user: "${QUIRE_UID}:${QUIRE_GID}"`
+ with the values templated from `id -u git` / `id -g git` during host
+ setup.
5. Test:
which validates the git command against an allowlist (git-receive-pack,
git-upload-pack, git-upload-archive) and sanitizes the repository path
before exec'ing the git subprocess.
+
+The container image doesn't bake in a `quire` user — it runs as whatever
+uid/gid the host passes via `--user`. This avoids "dubious ownership"
+errors from git when the bind-mounted repo dir's host uid wouldn't
+otherwise match a container user. `HOME=/tmp` is set because the host
+uid has no `/etc/passwd` entry inside the container, and git needs a
+writable `HOME` for its config probing.
projects / quire.git / commitdiff