vikunja
/
vikunja
6
43
Fork 72
Code Issues 150 Pull Requests 19 Packages Releases 32 Activity

WIP: feat(docker): Add ability to substitute env vars with _file vars #1621

Draft
donor_extortion wants to merge 2 commits from donor_extortion/api:feature/docker-env-file into main
pull from: donor_extortion/api:feature/docker-env-file
merge into: vikunja:main
Conversation 2 Commits 2 Files Changed 2 +60
2 changed files with 60 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
docker/entrypoint.sh
View File

@ -1,6 +1,41 @@
#!/usr/bin/env sh
set -e
# usage: file_env VAR [DEFAULT]
# Set $VAR to the contents of the path specified by $VAR_FILE. Useful for docker secrets
file_env() {
VAR="$1"
FILE_VAR="${VAR}_FILE"
eval "VAR_EXPANDED=\"\${$VAR}\""
eval "FILE_VAR_EXPANDED=\"\${$FILE_VAR}\""
DEFAULT="${2:-}"
if [ "${VAR_EXPANDED:-}" ] && [ "${FILE_VAR_EXPANDED:-}" ]; then
echo >&2 "error: both $VAR and $FILE_VAR are set (but are exclusive)"
exit 1
fi
VAL="$DEFAULT"
if [ "${VAR_EXPANDED:-}" ]; then
VAL="${VAR_EXPANDED}"
elif [ "${FILE_VAR_EXPANDED:-}" ]; then
if [ -f "${FILE_VAR_EXPANDED}" ]; then
VAL="$(cat "${FILE_VAR_EXPANDED}")"
else
echo >&2 "error: couldn't find file at '$FILE_VAR_EXPANDED'"
exit 1
fi
fi
export "$VAR"="$VAL"
unset "$FILE_VAR"
}
# Substitue all env vars starting with VIKUNJA and ending with _FILE
for var in $(env | sed -n "s/^\(VIKUNJA.*\)_FILE=.*$/\1/p"); do
file_env "${var}"
done
if [ -n "$PUID" ] && [ "$PUID" -ne 0 ] && \
[ -n "$PGID" ] && [ "$PGID" -ne 0 ] ; then
echo "info: creating the new user vikunja with $PUID:$PGID"

25
docs/content/doc/setup/config.md
View File

@ -27,6 +27,31 @@ first:
child: true
{{< /highlight >}}
## Docker
Environment variables that contain senstitive data can be suffixed with `_FILE`. If you take the expected environment variable for the configuration
option with the _FILE suffix at the end, the contents of the file it points to will be used. See [Docker Swarm](https://docs.docker.com/engine/swarm/secrets/)
and [Docker Compose](https://docs.docker.com/compose/use-secrets/) docs for more info on using secrets.
{{< highlight bash >}}
echo "a super secure random secret" > /host/secrets/path/vikunja_service_jwtsecret
{{< /highlight >}}
{{< highlight yaml >}}
version: '3'
secrets:
vikunja_service_jwtsecret:
file: /host/secrets/path/vikunja_service_jwtsecret
services:
api:
image: vikunja/api
secrets:
- vikunja_service_jwtsecret
environment:
VIKUNJA_SERVICE_JWTSECRET_FILE: /run/secrets/vikunja_service_jwtsecret
{{< /highlight >}}
# Formats
Vikunja supports using `toml`, `yaml`, `hcl`, `ini`, `json`, envfile, env variables and Java Properties files.