Merge pull request #24 from DennisGaida/patch-1

Support docker secrets via startup script
author: Greg <supahgreg@users.noreply.github.com> 2025-10-10 08:25:50 -0500
committer: GitHub <noreply@github.com> 2025-10-10 08:25:50 -0500
commit: b0db7c79be6b1f762a7cb14bd2390bf833556aea (patch)
tree: 59892bd474e31ed8e3faedf8bd35a29ed496934e /.docker/app/updater.sh
parent: 26f1f67746850a3806b5f395ada3f478ca2b951b (diff)
parent: 22008fbb00352c19e128978f4f75ee5f1f346cf8 (diff)
1 files changed, 24 insertions, 0 deletions
diff --git a/.docker/app/updater.sh b/.docker/app/updater.sh
index c34cf5225..c38ddd20d 100644
--- a/.docker/app/updater.sh
+++ b/.docker/app/updater.sh
@@ -10,6 +10,30 @@ unset HTTP_HOST
 unset ADMIN_USER_PASS
 unset AUTO_CREATE_USER_PASS
 
+# allow setting environment variables with docker secrets 
+# the format is <variable-name>__FILE
+SUFFIX="__FILE"
+
+# loop through all environment variables
+for VAR in $(printenv | awk -F= '{print $1}'); do
+	if [[ $VAR == *"$SUFFIX" ]]; then
+		ENV_FILE_NAME="$(printenv "${VAR}")"
+		ENV_VAR="${VAR%$SUFFIX}"
+
+		if printenv "$ENV_VAR" &>/dev/null; then
+			echo "warning: Both $ENV_VAR and $VAR are set. $VAR will override $ENV_VAR."
+		fi
+
+		if [[ -r "$ENV_FILE_NAME" ]]; then
+			VALUE="$(cat "$ENV_FILE_NAME")"
+			export "$ENV_VAR"="$VALUE"
+			echo "$ENV_VAR environment variable was set by secret file $ENV_FILE_NAME"
+		else
+			echo "warning: Secret file $ENV_FILE_NAME for $VAR is not readable or does not exist."
+		fi
+	fi
+done
+
 # wait for the app container to delete .app_is_ready and perform rsync, etc.
 sleep 30
author	Greg <supahgreg@users.noreply.github.com>	2025-10-10 08:25:50 -0500
committer	GitHub <noreply@github.com>	2025-10-10 08:25:50 -0500
commit	b0db7c79be6b1f762a7cb14bd2390bf833556aea (patch)
tree	59892bd474e31ed8e3faedf8bd35a29ed496934e /.docker/app/updater.sh
parent	26f1f67746850a3806b5f395ada3f478ca2b951b (diff)
parent	22008fbb00352c19e128978f4f75ee5f1f346cf8 (diff)