Commit 93761156 authored by zauberstuhl's avatar zauberstuhl
Browse files

Support docker secrets with mail container

parent ca6a90b2
Pipeline #2168 passed with stages
in 3 minutes and 44 seconds
......@@ -22,6 +22,10 @@ RUN touch /var/log/nanolist.log
RUN chmod +x /usr/local/bin/nanolist
RUN chmod 777 /var/log/nanolist.log
# add expand docker secret script
ADD env_secrets_expand.sh /env_secrets_expand.sh
RUN chmod +x /env_secrets_expand.sh
# apply patches for existing files
ADD patches/* /tmp/
RUN for i in /tmp/*.patch; do patch -p1 < $i || exit 1; rm -v $i; done
......
#!/bin/sh
: ${ENV_SECRETS_DIR:=/run/secrets}
env_secret_debug()
{
if [ ! -z "$ENV_SECRETS_DEBUG" ]; then
echo -e "\033[1m$@\033[0m"
fi
}
# usage: env_secret_expand VAR
# ie: env_secret_expand 'XYZ_DB_PASSWORD'
# (will check for "$XYZ_DB_PASSWORD" variable value for a placeholder that defines the
# name of the docker secret to use instead of the original value. For example:
# XYZ_DB_PASSWORD={{DOCKER-SECRET:my-db.secret}}
env_secret_expand() {
var="$1"
eval val=\$$var
if secret_name=$(expr match "$val" "{{DOCKER-SECRET:\([^}]\+\)}}$"); then
secret="${ENV_SECRETS_DIR}/${secret_name}"
env_secret_debug "Secret file for $var: $secret"
if [ -f "$secret" ]; then
val=$(cat "${secret}")
export "$var"="$val"
env_secret_debug "Expanded variable: $var=$val"
else
env_secret_debug "Secret file does not exist! $secret"
fi
fi
}
env_secrets_expand() {
for env_var in $(printenv | cut -f1 -d"=")
do
env_secret_expand $env_var
done
if [ ! -z "$ENV_SECRETS_DEBUG" ]; then
echo -e "\n\033[1mExpanded environment variables\033[0m"
printenv
fi
}
env_secrets_expand
\ No newline at end of file
--- /usr/local/bin/start-mailserver.sh 2018-07-31 20:48:13.000000000 +0200
+++ /usr/local/bin/start-mailserver.sh 2018-09-03 17:30:10.650504563 +0200
@@ -582,15 +582,31 @@
@@ -1,5 +1,8 @@
#!/bin/bash
+# Expand docker secrets
+. /env_secrets_expand.sh
+
##########################################################################
# >> DEFAULT VARS
#
@@ -582,15 +585,31 @@
done
notify 'inf' 'Starting to override configs'
......@@ -34,7 +43,7 @@
notify 'inf' "Configuring dovecot LDAP"
declare -A _dovecot_ldap_mapping
@@ -626,7 +642,7 @@
@@ -626,7 +645,7 @@
notify 'inf' "==> Warning: /etc/postfix/ldap-domains.cf not found"
[ -f /etc/postfix/ldap-aliases.cf -a -f /etc/postfix/ldap-groups.cf ] && \
......@@ -43,7 +52,7 @@
notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found"
return 0
@@ -763,7 +779,8 @@
@@ -763,7 +782,8 @@
fi
notify 'inf' "Configuring root alias"
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment