mirror
/
mumble-docker
kopia lustrzana https://github.com/mumble-voip/mumble-docker
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

feature: Allow loading config values from secrets 

- Check /run/secrets/MUMBLE_CONFIG_* and handle their content
pull/29/head
Maximilian Weiler 2022-12-04 21:40:37 +01:00
rodzic b354cddda9
commit c8b2fb353c
Nie znaleziono w bazie danych klucza dla tego podpisu
ID klucza GPG: E3B3532EF1BCEAFA
1 zmienionych plików z 24 dodań i 3 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

25
entrypoint.sh
Wyświetl plik

@ -74,7 +74,7 @@ if [[ -f "$MUMBLE_CUSTOM_CONFIG_FILE" ]]; then
CONFIG_FILE="$MUMBLE_CUSTOM_CONFIG_FILE" CONFIG_FILE="$MUMBLE_CUSTOM_CONFIG_FILE"
else else
# Ensures the config file is empty, starting from a clean slate # Ensures the config file is empty, starting from a clean slate
echo -e "# Config file automatically generated from the MUMBLE_CONFIG_* environment variables\n" > "${CONFIG_FILE}" echo -e "# Config file automatically generated from the MUMBLE_CONFIG_* environment variables or secrets in /run/secrets/MUMBLE_CONFIG_* files\n" > "${CONFIG_FILE}"
# Process settings through variables of format MUMBLE_CONFIG_* # Process settings through variables of format MUMBLE_CONFIG_*
@ -96,6 +96,23 @@ else
done < <( printenv --null | sed -zn 's/^MUMBLE_CONFIG_//p' ) done < <( printenv --null | sed -zn 's/^MUMBLE_CONFIG_//p' )
# ^ Feeding it in like this, prevents the creation of a subshell for the while-loop # ^ Feeding it in like this, prevents the creation of a subshell for the while-loop
# Check any docker/podman secrets matching the pattern and set config from there
while read -r var; do
config_option="${option_for[$(normalize_name "$var")]}"
secret_file="/run/secrets/MUMBLE_CONFIG_$var"
if [[ -z "$config_option" ]]; then
if [[ "$MUMBLE_ACCEPT_UNKNOWN_SETTINGS" = true ]]; then
echo "[WARNING]: Unable to find config corresponding to container secret \"$secret_file\". Make sure that it is correctly spelled, using it as-is"
set_config "$var" "$value"
else
>&2 echo "[ERROR]: Unable to find config corresponding to container secret \"$secret_file\""
exit 1
fi
else
set_config "$config_option" "$(cat $secret_file)"
fi
done < <(ls /run/secrets | sed -n 's/^MUMBLE_CONFIG_//p')
# Apply default settings if they're missing # Apply default settings if they're missing
# Compatibilty with old DB filename # Compatibilty with old DB filename
@ -129,8 +146,12 @@ fi
# Make sure the correct configuration file is used # Make sure the correct configuration file is used
server_invocation+=( "-ini" "${CONFIG_FILE}") server_invocation+=( "-ini" "${CONFIG_FILE}")
if [[ -f /run/secrets/MUMBLE_SUPERUSER_PASSWORD ]]; then
#Variable to change the superuser password
"${server_invocation[@]}" -supw "$(cat /run/secrets/MUMBLE_SUPERUSER_PASSWORD)"
echo "Successfully configured superuser password from container secret"
elif [[ -n "${MUMBLE_SUPERUSER_PASSWORD}" ]]; then
#Variable to change the superuser password #Variable to change the superuser password
if [[ -n "${MUMBLE_SUPERUSER_PASSWORD}" ]]; then
"${server_invocation[@]}" -supw "$MUMBLE_SUPERUSER_PASSWORD" "${server_invocation[@]}" -supw "$MUMBLE_SUPERUSER_PASSWORD"
echo "Successfully configured superuser password" echo "Successfully configured superuser password"
fi fi