feature: password templating

Dockerfile

@@ -33,7 +33,7 @@ RUN addgroup -S $GROUP --gid $GID &&  \
       --ingroup "$GROUP" \
       --uid "$UID" \
       "$USER" && \
-    apk add --no-cache libc6-compat gpg
+    apk add --no-cache libc6-compat envsubst
 
 USER $USER
 
@@ -41,7 +41,7 @@ RUN mkdir /perkeep/data && \
     mkdir /perkeep/config
 
 COPY --chown=$USER:$GROUP --chmod=750 --from=builder /go/bin/* /usr/local/bin/
-COPY --chown=$USER:$GROUP --chmod=750 server-config.json /perkeep/config/server-config-custom.json
+COPY --chown=$USER:$GROUP --chmod=750 server-config.tpl.json /perkeep/config/server-config-custom.tpl.json
 COPY --chown=$USER:$GROUP --chmod=750 docker-entrypoint.sh /docker-entrypoint.sh
 
 VOLUME /perkeep/data

docker-entrypoint.sh

@@ -1,11 +1,16 @@
 #!/bin/sh
 
+if [ "T$PASSWORD" == "T" ];
+then
+  return 1;
+fi
+
 if [ ! -f /perkeep/config/identity-secring.gpg  ];
 then
   pk put init -newkey
   mv perkeep/.config/perkeep/identity-secring.gpg /perkeep/config/
-  IDENTITY=$(sed -n -e '/identity/ s/.*:.*"\(.*\)".*/\1/p' /perkeep/.config/perkeep/client-config.json | tee /dev/tty)
+  export IDENTITY=$(sed -n -e '/identity/ s/.*:.*"\(.*\)".*/\1/p' /perkeep/.config/perkeep/client-config.json | tee /dev/tty)
-  sed -i -e "s/TO_REPLACE/$IDENTITY/g" /perkeep/config/server-config-custom.json
+  envsubst < /perkeep/config/server-config-custom.tpl.json > /perkeep/config/server-config-custom.json
   rm -r /perkeep/.config
 fi
 

server-config.tpl.json

@@ -1,8 +1,8 @@
 {
-  "auth": "localhost",
+  "auth": "userpass:antoine:$PASSWORD:+localhost",
   "listen": "0.0.0.0:3179",
   "camliNetIP": "",
-  "identity": "TO_REPLACE",
+  "identity": "$IDENTITY",
   "identitySecretRing": "/perkeep/config/identity-secring.gpg",
   "blobPath": "/perkeep/data/blobs",
   "packRelated": true,