Jennie Robinson Faber
ed05044464
- nginx: deny all requests to hidden files (/.git/config was publicly readable) - nginx: remove CSS injection and /custom/ static file serving - cron: install script deps at build time into /opt to avoid ro mount conflict - docker-compose: widen cron build context for package.json COPY - Delete unused theme/ghost-guild.css
23 lines
795 B
Bash
23 lines
795 B
Bash
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
# Configure git for automated commits
|
|
git config --global --add safe.directory /app
|
|
git config --global user.email "wiki-bot@ghostguild.org"
|
|
git config --global user.name "Wiki Bot"
|
|
|
|
# Add git remote host to known_hosts so SSH doesn't prompt
|
|
mkdir -p /root/.ssh_tmp
|
|
cp /root/.ssh/* /root/.ssh_tmp/ 2>/dev/null || true
|
|
ssh-keyscan -t ed25519,rsa git.ghostguild.org >> /root/.ssh_tmp/known_hosts 2>/dev/null
|
|
export GIT_SSH_COMMAND="ssh -o UserKnownHostsFile=/root/.ssh_tmp/known_hosts -i /root/.ssh/id_ed25519"
|
|
|
|
# Dump environment for cron jobs (crond doesn't inherit container env)
|
|
env | grep -v '^_=' | sed 's/^\(.*\)$/export \1/' > /etc/environment.sh
|
|
chmod 600 /etc/environment.sh
|
|
|
|
echo "Cron jobs loaded:"
|
|
crontab -l
|
|
echo "Starting crond..."
|
|
|
|
exec "$@"
|