From 343169d233c3c0f8104d87f27e8e2f9913808ea8 Mon Sep 17 00:00:00 2001 From: J0WI Date: Mon, 29 Apr 2019 14:59:35 +0200 Subject: Compatibility with docker secrets (Fix #560) Signed-off-by: J0WI --- 16.0/apache/entrypoint.sh | 30 ++++++++++++++++++++++++++++++ 16.0/fpm-alpine/entrypoint.sh | 30 ++++++++++++++++++++++++++++++ 16.0/fpm/entrypoint.sh | 30 ++++++++++++++++++++++++++++++ 3 files changed, 90 insertions(+) (limited to '16.0') diff --git a/16.0/apache/entrypoint.sh b/16.0/apache/entrypoint.sh index 78bd0a8d..a45147fa 100755 --- a/16.0/apache/entrypoint.sh +++ b/16.0/apache/entrypoint.sh @@ -19,6 +19,31 @@ run_as() { fi } +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + else + # do not define empty vars + return + fi + export "$var"="$val" + unset "$fileVar" +} + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then if [ -n "${REDIS_HOST+x}" ]; then @@ -67,6 +92,8 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP if [ "$installed_version" = "0.0.0.0" ]; then echo "New nextcloud instance" + file_env NEXTCLOUD_ADMIN_PASSWORD + if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then # shellcheck disable=SC2016 install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"' @@ -81,6 +108,9 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"' fi + file_env MYSQL_PASSWORD + file_env POSTGRES_PASSWORD + install=false if [ -n "${SQLITE_DATABASE+x}" ]; then echo "Installing with SQLite database" diff --git a/16.0/fpm-alpine/entrypoint.sh b/16.0/fpm-alpine/entrypoint.sh index 78bd0a8d..a45147fa 100755 --- a/16.0/fpm-alpine/entrypoint.sh +++ b/16.0/fpm-alpine/entrypoint.sh @@ -19,6 +19,31 @@ run_as() { fi } +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + else + # do not define empty vars + return + fi + export "$var"="$val" + unset "$fileVar" +} + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then if [ -n "${REDIS_HOST+x}" ]; then @@ -67,6 +92,8 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP if [ "$installed_version" = "0.0.0.0" ]; then echo "New nextcloud instance" + file_env NEXTCLOUD_ADMIN_PASSWORD + if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then # shellcheck disable=SC2016 install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"' @@ -81,6 +108,9 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"' fi + file_env MYSQL_PASSWORD + file_env POSTGRES_PASSWORD + install=false if [ -n "${SQLITE_DATABASE+x}" ]; then echo "Installing with SQLite database" diff --git a/16.0/fpm/entrypoint.sh b/16.0/fpm/entrypoint.sh index 78bd0a8d..a45147fa 100755 --- a/16.0/fpm/entrypoint.sh +++ b/16.0/fpm/entrypoint.sh @@ -19,6 +19,31 @@ run_as() { fi } +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + else + # do not define empty vars + return + fi + export "$var"="$val" + unset "$fileVar" +} + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then if [ -n "${REDIS_HOST+x}" ]; then @@ -67,6 +92,8 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP if [ "$installed_version" = "0.0.0.0" ]; then echo "New nextcloud instance" + file_env NEXTCLOUD_ADMIN_PASSWORD + if [ -n "${NEXTCLOUD_ADMIN_USER+x}" ] && [ -n "${NEXTCLOUD_ADMIN_PASSWORD+x}" ]; then # shellcheck disable=SC2016 install_options='-n --admin-user "$NEXTCLOUD_ADMIN_USER" --admin-pass "$NEXTCLOUD_ADMIN_PASSWORD"' @@ -81,6 +108,9 @@ if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UP install_options=$install_options' --data-dir "$NEXTCLOUD_DATA_DIR"' fi + file_env MYSQL_PASSWORD + file_env POSTGRES_PASSWORD + install=false if [ -n "${SQLITE_DATABASE+x}" ]; then echo "Installing with SQLite database" -- cgit v1.2.3