feature: password templating

2023-08-02 22:06:27 +02:00 · 2023-08-02 22:06:27 +02:00 · 9fb5ac222c
parent 920b017342
commit 9fb5ac222c
3 changed files with 11 additions and 6 deletions
--- a/4
+++ b/4
@ -33,7 +33,7 @@ RUN addgroup -S $GROUP --gid $GID &&  \
      --ingroup "$GROUP" \
      --uid "$UID" \
      "$USER" && \
-    apk add --no-cache libc6-compat gpg
+    apk add --no-cache libc6-compat envsubst

 USER $USER

@ -41,7 +41,7 @@ RUN mkdir /perkeep/data && \
    mkdir /perkeep/config

 COPY --chown=$USER:$GROUP --chmod=750 --from=builder /go/bin/* /usr/local/bin/
-COPY --chown=$USER:$GROUP --chmod=750 server-config.json /perkeep/config/server-config-custom.json
+COPY --chown=$USER:$GROUP --chmod=750 server-config.tpl.json /perkeep/config/server-config-custom.tpl.json
 COPY --chown=$USER:$GROUP --chmod=750 docker-entrypoint.sh /docker-entrypoint.sh

 VOLUME /perkeep/data
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@ -1,11 +1,16 @@
 #!/bin/sh

+if [ "T$PASSWORD" == "T" ];
+then
+  return 1;
+fi
+
 if [ ! -f /perkeep/config/identity-secring.gpg  ];
 then
  pk put init -newkey
  mv perkeep/.config/perkeep/identity-secring.gpg /perkeep/config/
-  IDENTITY=$(sed -n -e '/identity/ s/.*:.*"\(.*\)".*/\1/p' /perkeep/.config/perkeep/client-config.json | tee /dev/tty)
-  sed -i -e "s/TO_REPLACE/$IDENTITY/g" /perkeep/config/server-config-custom.json
+  export IDENTITY=$(sed -n -e '/identity/ s/.*:.*"\(.*\)".*/\1/p' /perkeep/.config/perkeep/client-config.json | tee /dev/tty)
+  envsubst < /perkeep/config/server-config-custom.tpl.json > /perkeep/config/server-config-custom.json
  rm -r /perkeep/.config
 fi

--- a/server-config.tpl.json
+++ b/server-config.tpl.json
@ -1,8 +1,8 @@
 {
-  "auth": "localhost",
+  "auth": "userpass:antoine:$PASSWORD:+localhost",
  "listen": "0.0.0.0:3179",
  "camliNetIP": "",
-  "identity": "TO_REPLACE",
+  "identity": "$IDENTITY",
  "identitySecretRing": "/perkeep/config/identity-secring.gpg",
  "blobPath": "/perkeep/data/blobs",
  "packRelated": true,