Added restricted Git access with git-shell-commands

Author: jkarlosb

Dockerfile

@@ -22,6 +22,13 @@ RUN mkdir /git-server/keys \
   && echo git:12345 | chpasswd \
   && mkdir /home/git/.ssh
 
+# This is a login shell for SSH accounts to provide restricted Git access.
+# It permits execution only of server-side Git commands implementing the
+# pull/push functionality, plus custom commands present in a subdirectory
+# named git-shell-commands in the user’s home directory.
+# More info: https://git-scm.com/docs/git-shell
+COPY git-shell-commands /home/git/git-shell-commands
+
 # En sshd_config habilitamos acceso por key y deshabilitamos por password
 COPY sshd_config /etc/ssh/sshd_config
 COPY start.sh start.sh

README.md

@@ -9,7 +9,12 @@ How to run the container in port 2222 with two volumes, keys volume for public k
 
 How check that container works (you must to have a key):
 
-	$ ssh git@<ip-docker-server> -p 2222 -v
+	$ ssh git@<ip-docker-server> -p 2222
+	...
+	Welcome to jkarlos/git-server-docker!
+	You've successfully authenticated, but I do not
+	provide interactive shell access.
+	...
 
 How clone a repository:
 

git-shell-commands/no-interactive-login

@@ -0,0 +1,5 @@
+#!/bin/sh
+printf '%s\n' "Welcome to jkarlos/git-server-docker!"
+printf '%s\n' "You've successfully authenticated, but I do not"
+printf '%s\n' "provide interactive shell access."
+exit 128