diff options
Diffstat (limited to '.docker/app/updater.sh')
| -rw-r--r-- | .docker/app/updater.sh | 51 |
1 files changed, 24 insertions, 27 deletions
diff --git a/.docker/app/updater.sh b/.docker/app/updater.sh index 681ef75e1..78cc415c8 100644 --- a/.docker/app/updater.sh +++ b/.docker/app/updater.sh @@ -1,7 +1,4 @@ #!/bin/sh -e -# -# this scripts waits for startup.sh to finish (implying a shared volume) and runs multiprocess daemon when working copy is available -# # We don't need those here (HTTP_HOST would cause false SELF_URL_PATH check failures) unset HTTP_PORT @@ -11,20 +8,28 @@ unset ADMIN_USER_PASS unset AUTO_CREATE_USER_PASS # allow setting environment variables with docker secrets -# the format is <variable-name>_FILE -suffix="_FILE" - -# Loop through all environment variables -for var in $(printenv | awk -F= '{print $1}'); do - if [[ $var == *"$suffix" ]]; then - envFileName=`printenv ${var}` - if [[ -f "$envFileName" ]]; then - envVar="${var%$suffix}" # generate the original env var without suffix - val=`cat $envFileName` # get the value of the secret from file - export "${envVar}"="$val" # set the original env var - echo "${envVar} environment variable was set by secret ${envFileName}" +# the format is <variable-name>__FILE +SUFFIX="__FILE" + +# loop through all environment variables +for VAR in $(printenv | awk -F= '{print $1}'); do + if [[ $VAR == *"$SUFFIX" ]]; then + ENV_FILE_NAME="$(printenv "${VAR}")" + ENV_VAR="${VAR%$SUFFIX}" + + if printenv "$ENV_VAR" &>/dev/null; then + echo "warning: Both $ENV_VAR and $VAR are set. $VAR will override $ENV_VAR." fi - fi + + if [[ -f "$ENV_FILE_NAME" ]]; then + VALUE="$(cat "$ENV_FILE_NAME")" + export "$ENV_VAR"="$VALUE" + echo "$ENV_VAR environment variable was set by secret file $ENV_FILE_NAME" + else + echo "warning: Secret file $ENV_FILE_NAME for $VAR does not exist or is not a regular file." + + fi + fi done # wait for the app container to delete .app_is_ready and perform rsync, etc. @@ -32,12 +37,9 @@ sleep 30 if ! id app; then addgroup -g $OWNER_GID app - adduser -D -h $APP_INSTALL_BASE_DIR -G app -u $OWNER_UID app + adduser -D -h /var/www/html -G app -u $OWNER_UID app fi -update-ca-certificates || true - -# TODO this should do a reasonable amount of attempts and terminate with an error while ! pg_isready -h $TTRSS_DB_HOST -U $TTRSS_DB_USER -p $TTRSS_DB_PORT; do echo waiting until $TTRSS_DB_HOST is ready... sleep 3 @@ -46,16 +48,11 @@ done sed -i.bak "s/^\(memory_limit\) = \(.*\)/\1 = ${PHP_WORKER_MEMORY_LIMIT}/" \ /etc/php${PHP_SUFFIX}/php.ini -DST_DIR=$APP_INSTALL_BASE_DIR/tt-rss +DST_DIR=/var/www/html/tt-rss while [ ! -s $DST_DIR/config.php -a -e $DST_DIR/.app_is_ready ]; do echo waiting for app container... sleep 3 done -# this is some next level bullshit -# - https://stackoverflow.com/questions/65622914/why-would-i-get-a-php-pdoexception-complaining-that-it-cant-make-a-postgres-con -# - fatal error: could not open certificate file "/root/.postgresql/postgresql.crt": Permission denied -chown -R app:app /root # /.postgresql - -sudo -E -u app "${TTRSS_PHP_EXECUTABLE}" $APP_INSTALL_BASE_DIR/tt-rss/update_daemon2.php "$@" +sudo -E -u app "${TTRSS_PHP_EXECUTABLE}" /var/www/html/tt-rss/update_daemon2.php "$@" |