Added support for docker secrets
When using docker secrets, a file in /run/secrets/ is added. For example, SUPERUSER_PASSWORD_FILE=/run/secrets/superuser_password will populate SUPERUSER_PASSWORD environment variable from the contents of that file. The code to support this is now added to docker/docker-entrypoint.sh
This commit is contained in:
Tobias Jakobsson
parent
3190ff8584
commit
f2f1002803
|
|
@ -1,6 +1,49 @@
|
|||
#!/bin/bash
|
||||
set -e
|
||||
|
||||
# usage: file_env VAR [DEFAULT]
|
||||
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
|
||||
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
|
||||
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
|
||||
file_env() {
|
||||
local var="$1"
|
||||
local fileVar="${var}_FILE"
|
||||
local def="${2:-}"
|
||||
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
|
||||
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
|
||||
exit 1
|
||||
fi
|
||||
local val="$def"
|
||||
if [ "${!var:-}" ]; then
|
||||
val="${!var}"
|
||||
elif [ "${!fileVar:-}" ]; then
|
||||
val="$(< "${!fileVar}")"
|
||||
fi
|
||||
export "$var"="$val"
|
||||
unset "$fileVar"
|
||||
}
|
||||
|
||||
# Make all environment variables to be used with Docker secrets
|
||||
|
||||
file_env 'SUPERUSER_NAME'
|
||||
file_env 'SUPERUSER_EMAIL'
|
||||
file_env 'SUPERUSER_PASSWORD'
|
||||
file_env 'SUPERUSER_API_TOKEN'
|
||||
file_env 'ALLOWED_HOSTS'
|
||||
file_env 'DB_NAME'
|
||||
file_env 'DB_USER'
|
||||
file_env 'DB_PASSWORD'
|
||||
file_env 'DB_HOST'
|
||||
file_env 'SECRET_KEY'
|
||||
file_env 'EMAIL_SERVER'
|
||||
file_env 'EMAIL_PORT'
|
||||
file_env 'EMAIL_USERNAME'
|
||||
file_env 'EMAIL_PASSWORD'
|
||||
file_env 'EMAIL_TIMEOUT'
|
||||
file_env 'EMAIL_FROM'
|
||||
file_env 'NETBOX_USERNAME'
|
||||
file_env 'NETBOX_PASSWORD'
|
||||
|
||||
# wait shortly and then run db migrations (retry on error)
|
||||
while ! ./manage.py migrate 2>&1; do
|
||||
echo "⏳ Waiting on DB..."
|
||||
|
|
|
|||
Loading…
Reference in New Issue