add docker secrets support - forgot update & updater

2 files changed, 34 insertions, 0 deletions

diff --git a/.docker/app/update.sh b/.docker/app/update.sh
index e383091d1..a509a9d69 100644
--- a/.docker/app/update.sh
+++ b/.docker/app/update.sh
@@ -8,6 +8,23 @@
 unset HTTP_PORT
 unset HTTP_HOST
 
+# allow setting environment variables with docker secrets 
+# the format is <variable-name>_FILE
+suffix="_FILE"
+
+# Loop through all environment variables
+for var in $(printenv | awk -F= '{print $1}'); do
+  if [[ $var == *"$suffix" ]]; then
+		envFileName=`printenv ${var}`
+		if [[ -f "$envFileName" ]]; then
+			envVar="${var%$suffix}"   # generate the original env var without suffix
+			val=`cat $envFileName`    # get the value of the secret from file
+			export "${envVar}"="$val" # set the original env var
+			echo "${envVar} environment variable was set by secret ${envFileName}"
+		fi
+  fi
+done
+
 if ! id app >/dev/null 2>&1; then
 	addgroup -g $OWNER_GID app
 	adduser -D -h $APP_INSTALL_BASE_DIR -G app -u $OWNER_UID app
diff --git a/.docker/app/updater.sh b/.docker/app/updater.sh
index c34cf5225..681ef75e1 100644
--- a/.docker/app/updater.sh
+++ b/.docker/app/updater.sh
@@ -10,6 +10,23 @@ unset HTTP_HOST
 unset ADMIN_USER_PASS
 unset AUTO_CREATE_USER_PASS
 
+# allow setting environment variables with docker secrets 
+# the format is <variable-name>_FILE
+suffix="_FILE"
+
+# Loop through all environment variables
+for var in $(printenv | awk -F= '{print $1}'); do
+  if [[ $var == *"$suffix" ]]; then
+		envFileName=`printenv ${var}`
+		if [[ -f "$envFileName" ]]; then
+			envVar="${var%$suffix}"   # generate the original env var without suffix
+			val=`cat $envFileName`    # get the value of the secret from file
+			export "${envVar}"="$val" # set the original env var
+			echo "${envVar} environment variable was set by secret ${envFileName}"
+		fi
+  fi
+done
+
 # wait for the app container to delete .app_is_ready and perform rsync, etc.
 sleep 30