feat(git): use non-root and add robots.

3 files changed, 5 insertions, 3 deletions

diff --git a/services/docker/git-server/Dockerfile b/services/docker/git-server/Dockerfile
index b725122..274ba6a 100644
--- a/services/docker/git-server/Dockerfile
+++ b/services/docker/git-server/Dockerfile
@@ -3,13 +3,14 @@ RUN apt-get update && apt-get install -y \
     git cgit lighttpd apache2-utils python3-pygments python3-markdown \
     tar gzip bzip2 zip unzip tini && \
     rm -rf /var/lib/apt/lists/*
+RUN groupadd -g 1000 git && useradd -m -u 1000 -g 1000 -s /usr/bin/bash git
 
 ENV GIT_CONFIG_SYSTEM=/etc/gitconfig GIT_CONFIG_GLOBAL=/git/private/gitconfig
 
 ADD gitconfig /etc/gitconfig
-ADD --chmod=755 hooks/* /etc/git/hooks/
-ADD git-lighttpd.conf git-auth.conf /app/
-ADD --chmod=755 lighttpd-wrapper.bash /app/
+ADD hooks/* /etc/git/hooks/
+ADD git-lighttpd.conf git-auth.conf lighttpd-wrapper.bash /app/
 
+USER git:git
 VOLUME [ "/git" ]
 CMD [ "tini", "--", "/app/lighttpd-wrapper.bash" ]
diff --git a/services/docker/git-server/git-lighttpd.conf b/services/docker/git-server/git-lighttpd.conf
index ba8e592..567303a 100644
--- a/services/docker/git-server/git-lighttpd.conf
+++ b/services/docker/git-server/git-lighttpd.conf
@@ -2,6 +2,7 @@ server.modules += ("mod_accesslog")
 server.modules += ("mod_auth", "mod_authn_file", "mod_access")
 server.modules += ("mod_setenv", "mod_cgi", "mod_alias")
 
+server.port = 3636
 server.document-root = "/var/www/html/"
 accesslog.filename = "/dev/fd/3"
 
diff --git a/services/docker/git-server/hooks/update b/services/docker/git-server/hooks/update
index 4cfcacc..4cfcacc 100644..100755
--- a/services/docker/git-server/hooks/update
+++ b/services/docker/git-server/hooks/update