blob: 64f8461594b1ef42abc0fd60a6947757e9685c4e (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
|
#!/usr/bin/env bash
# Copyright (c) 2023 Egor Tensin <egor@tensin.name>
# This file is part of the "cgitize" project.
# For details, see https://github.com/egor-tensin/cgitize.
# Distributed under the MIT License.
set -o errexit -o nounset -o pipefail
shopt -s inherit_errexit lastpipe
script_dir="$( dirname -- "${BASH_SOURCE[0]}" )"
script_dir="$( cd -- "$script_dir" && pwd )"
readonly script_dir
readonly src_dir=/usr/src
readonly cfg_path=/etc/cgitize/cgitize.toml
readonly fail_path=/fail
secure_repo_dir() {
local dir
dir="$( "$script_dir/get_output_dir.py" -- "$cfg_path" )"
chmod -- o-rwx "$dir"
# This is required so that nginx can access the directory.
# nginx uses a fixed UID:
# https://github.com/nginxinc/docker-nginx/blob/4785a604aa40e0b0a69047a61e28781a2b0c2069/mainline/alpine-slim/Dockerfile#L16
chown -- :101 "$dir"
}
setup() {
secure_repo_dir
touch -- "$fail_path"
}
run() {
cd -- "$src_dir"
python3 -m cgitize.main "$@"
rm -f -- "$fail_path"
}
main() {
setup
run "$@"
}
main "$@"
|