From fce7331e5634da1213bdfdf4a7492a44977bdc08 Mon Sep 17 00:00:00 2001
From: Nick Andrew <nick@nick-andrew.net>
Date: Sun, 16 Nov 2014 23:42:47 +1100
Subject: [PATCH 1/4] Use full path to reprepro-import

---
 scripts/start.sh | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/scripts/start.sh b/scripts/start.sh
index 5fb8f26..8dcf580 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -28,13 +28,12 @@ chown -R user /home/user/.ssh
 # load cron
 CRONFILE=`mktemp`
 cat > $CRONFILE <<EOF
-* * * * * reprepro-import >> /var/log/reprepro.log
+* * * * * /usr/local/sbin/reprepro-import >> /var/log/reprepro.log
 EOF
 crontab -u root $CRONFILE
 rm -f $CRONFILE
 
 # run import once, to create the right directory structure
-reprepro-import
+/usr/local/sbin/reprepro-import
 
 supervisord -n
-

From 082b56789ed3440c9a8f6c7db1548c4d5eaf0860 Mon Sep 17 00:00:00 2001
From: Nick Andrew <nick@nick-andrew.net>
Date: Sun, 16 Nov 2014 23:44:19 +1100
Subject: [PATCH 2/4] Set the crontab directly

Saves a temporary file when the HERE-document is already a temp file.
---
 scripts/start.sh | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/scripts/start.sh b/scripts/start.sh
index 8dcf580..56b15af 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -25,13 +25,10 @@ for key in /docker/keys/*.pub ; do
 done
 chown -R user /home/user/.ssh
 
-# load cron
-CRONFILE=`mktemp`
-cat > $CRONFILE <<EOF
+# load crontab for root
+crontab <<EOF
 * * * * * /usr/local/sbin/reprepro-import >> /var/log/reprepro.log
 EOF
-crontab -u root $CRONFILE
-rm -f $CRONFILE
 
 # run import once, to create the right directory structure
 /usr/local/sbin/reprepro-import

From 25bbb48dcf84aea02e19e691634aa5a577b2e64c Mon Sep 17 00:00:00 2001
From: Nick Andrew <nick@nick-andrew.net>
Date: Sun, 16 Nov 2014 23:56:50 +1100
Subject: [PATCH 3/4] Move output dir to /repository/debian & expose it

We need the output data to be persistent and/or backed-up, and the
right way to do this is to expose it to other containers which use
the --volumes-from option.

The data volume is called /repository rather than /docker to avoid
possible conflict with /docker in other using containers.
---
 Dockerfile                 | 2 +-
 configs/nginx-default.conf | 2 +-
 scripts/reprepro-import.sh | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 6ac0223..c400873 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -49,7 +49,7 @@ ENV DEBIAN_FRONTEND newt
 ADD scripts/start.sh /usr/local/sbin/start
 RUN chmod 755 /usr/local/sbin/start
 
-VOLUME ["/docker/keys", "/docker/incoming"]
+VOLUME ["/docker/keys", "/docker/incoming", "/repository"]
 
 EXPOSE 80
 EXPOSE 22
diff --git a/configs/nginx-default.conf b/configs/nginx-default.conf
index efff12e..05deecd 100644
--- a/configs/nginx-default.conf
+++ b/configs/nginx-default.conf
@@ -2,7 +2,7 @@ server {
         listen 80 default_server;
         listen [::]:80 default_server ipv6only=on;
 
-        root /var/www;
+        root /repository/debian;
         index index.html index.htm;
 
         # Make site accessible from http://localhost/
diff --git a/scripts/reprepro-import.sh b/scripts/reprepro-import.sh
index 77db325..9486525 100644
--- a/scripts/reprepro-import.sh
+++ b/scripts/reprepro-import.sh
@@ -2,7 +2,7 @@
 
 BASEDIR=/var/lib/reprepro
 INCOMING=/docker/incoming
-OUTDIR=/var/www/debian
+OUTDIR=/repository/debian
 
 #
 # Make sure we're in the apt/ directory

From 28ba0e13980726960df5b8b6392d71cd25b9cb65 Mon Sep 17 00:00:00 2001
From: Nick Andrew <nick@nick-andrew.net>
Date: Mon, 17 Nov 2014 01:29:49 +1100
Subject: [PATCH 4/4] Remove sudo access

Not required by the application; debugging can be done with 'nsenter'
or 'docker-enter' - see https://github.com/jpetazzo/nsenter
---
 Dockerfile       | 7 ++-----
 scripts/start.sh | 2 +-
 2 files changed, 3 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index c400873..751fa08 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -6,7 +6,7 @@ RUN apt-get update
 
 
 # Install supervisor for managing services
-RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny sudo nginx
+RUN apt-get install -q -y supervisor cron openssh-server pwgen reprepro screen vim-tiny nginx
 
 
 # Configure cron
@@ -31,10 +31,8 @@ RUN echo "daemon off;" >> /etc/nginx/nginx.conf
 RUN rm -f /etc/nginx/sites-enabled/default
 ADD configs/nginx-default.conf /etc/nginx/sites-enabled/default
 
-# Setup root & sudo access
+# Setup root access
 RUN echo "root:docker" | chpasswd
-RUN echo %sudo  ALL=NOPASSWD: ALL >> /etc/sudoers
-
 
 # Configure supervisor
 RUN service supervisor stop
@@ -54,4 +52,3 @@ VOLUME ["/docker/keys", "/docker/incoming", "/repository"]
 EXPOSE 80
 EXPOSE 22
 CMD ["/usr/local/sbin/start"]
-
diff --git a/scripts/start.sh b/scripts/start.sh
index 56b15af..1e6534c 100644
--- a/scripts/start.sh
+++ b/scripts/start.sh
@@ -8,7 +8,7 @@
 # let's create a user to SSH into
 SSH_USERPASS=`pwgen -c -n -1 8`
 mkdir /home/user
-useradd -G sudo -d /home/user -s /bin/bash user 
+useradd -d /home/user -s /bin/bash user
 chown -R user /home/user
 chown -R user /docker/incoming