From b617bfc7a0d1d661f688a52357bde1ea446e0ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Pecchia?= <179218+mabeett@users.noreply.github.com> Date: Sun, 18 Aug 2024 22:21:05 +0200 Subject: [PATCH 1/3] Secrets handling via entrypoint MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Secrets files handled only in the entrypoint, converted during initial execuition. Solves #1148 Signed-off-by: Matías Pecchia <179218+mabeett@users.noreply.github.com> --- .config/autoconfig.php | 14 -------------- .config/redis.config.php | 2 +- .config/s3.config.php | 12 +++--------- .config/smtp.config.php | 6 ++---- 28/apache/config/autoconfig.php | 14 -------------- 28/apache/config/redis.config.php | 2 +- 28/apache/config/s3.config.php | 12 +++--------- 28/apache/config/smtp.config.php | 6 ++---- 28/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 28/fpm-alpine/config/autoconfig.php | 14 -------------- 28/fpm-alpine/config/redis.config.php | 2 +- 28/fpm-alpine/config/s3.config.php | 12 +++--------- 28/fpm-alpine/config/smtp.config.php | 6 ++---- 28/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 28/fpm/config/autoconfig.php | 14 -------------- 28/fpm/config/redis.config.php | 2 +- 28/fpm/config/s3.config.php | 12 +++--------- 28/fpm/config/smtp.config.php | 6 ++---- 28/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/apache/config/autoconfig.php | 14 -------------- 29/apache/config/redis.config.php | 2 +- 29/apache/config/s3.config.php | 12 +++--------- 29/apache/config/smtp.config.php | 6 ++---- 29/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/fpm-alpine/config/autoconfig.php | 14 -------------- 29/fpm-alpine/config/redis.config.php | 2 +- 29/fpm-alpine/config/s3.config.php | 12 +++--------- 29/fpm-alpine/config/smtp.config.php | 6 ++---- 29/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 29/fpm/config/autoconfig.php | 14 -------------- 29/fpm/config/redis.config.php | 2 +- 29/fpm/config/s3.config.php | 12 +++--------- 29/fpm/config/smtp.config.php | 6 ++---- 29/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- docker-entrypoint.sh | 27 ++++++++++++++++++++++----- 35 files changed, 196 insertions(+), 231 deletions(-) diff --git a/.config/autoconfig.php b/.config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/.config/autoconfig.php +++ b/.config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/.config/redis.config.php b/.config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/.config/redis.config.php +++ b/.config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/.config/s3.config.php b/.config/s3.config.php index 9941c562..b7dabf32 100644 --- a/.config/s3.config.php +++ b/.config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/.config/smtp.config.php b/.config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/.config/smtp.config.php +++ b/.config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/apache/config/autoconfig.php b/28/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/apache/config/autoconfig.php +++ b/28/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/apache/config/redis.config.php b/28/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/apache/config/redis.config.php +++ b/28/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/apache/config/s3.config.php b/28/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/apache/config/s3.config.php +++ b/28/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/apache/config/smtp.config.php b/28/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/apache/config/smtp.config.php +++ b/28/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/apache/entrypoint.sh b/28/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/apache/entrypoint.sh +++ b/28/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/28/fpm-alpine/config/autoconfig.php b/28/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/fpm-alpine/config/autoconfig.php +++ b/28/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/fpm-alpine/config/redis.config.php b/28/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/fpm-alpine/config/redis.config.php +++ b/28/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/fpm-alpine/config/s3.config.php b/28/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/fpm-alpine/config/s3.config.php +++ b/28/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/fpm-alpine/config/smtp.config.php b/28/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/fpm-alpine/config/smtp.config.php +++ b/28/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/fpm-alpine/entrypoint.sh b/28/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/fpm-alpine/entrypoint.sh +++ b/28/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/28/fpm/config/autoconfig.php b/28/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/28/fpm/config/autoconfig.php +++ b/28/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/28/fpm/config/redis.config.php b/28/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/28/fpm/config/redis.config.php +++ b/28/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/28/fpm/config/s3.config.php b/28/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/28/fpm/config/s3.config.php +++ b/28/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/28/fpm/config/smtp.config.php b/28/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/28/fpm/config/smtp.config.php +++ b/28/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/28/fpm/entrypoint.sh b/28/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/28/fpm/entrypoint.sh +++ b/28/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/apache/config/autoconfig.php b/29/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/apache/config/autoconfig.php +++ b/29/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/apache/config/redis.config.php b/29/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/apache/config/redis.config.php +++ b/29/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/apache/config/s3.config.php b/29/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/apache/config/s3.config.php +++ b/29/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/apache/config/smtp.config.php b/29/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/apache/config/smtp.config.php +++ b/29/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/apache/entrypoint.sh b/29/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/apache/entrypoint.sh +++ b/29/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/fpm-alpine/config/autoconfig.php b/29/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/fpm-alpine/config/autoconfig.php +++ b/29/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/fpm-alpine/config/redis.config.php b/29/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/fpm-alpine/config/redis.config.php +++ b/29/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/fpm-alpine/config/s3.config.php b/29/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/fpm-alpine/config/s3.config.php +++ b/29/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/fpm-alpine/config/smtp.config.php b/29/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/fpm-alpine/config/smtp.config.php +++ b/29/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/fpm-alpine/entrypoint.sh b/29/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/fpm-alpine/entrypoint.sh +++ b/29/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/29/fpm/config/autoconfig.php b/29/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/29/fpm/config/autoconfig.php +++ b/29/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/29/fpm/config/redis.config.php b/29/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/29/fpm/config/redis.config.php +++ b/29/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/29/fpm/config/s3.config.php b/29/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/29/fpm/config/s3.config.php +++ b/29/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/29/fpm/config/smtp.config.php b/29/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/29/fpm/config/smtp.config.php +++ b/29/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/29/fpm/entrypoint.sh b/29/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/29/fpm/entrypoint.sh +++ b/29/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 8e178f2e..809e2762 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" From 1a0fb1bfc2f4bf04ede9eab2fc3bb55482ce6946 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mat=C3=ADas=20Pecchia?= <179218+mabeett@users.noreply.github.com> Date: Sun, 22 Sep 2024 19:56:30 +0200 Subject: [PATCH 2/3] Runs update.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Matías Pecchia <179218+mabeett@users.noreply.github.com> --- 30/apache/config/autoconfig.php | 14 -------------- 30/apache/config/redis.config.php | 2 +- 30/apache/config/s3.config.php | 12 +++--------- 30/apache/config/smtp.config.php | 6 ++---- 30/apache/entrypoint.sh | 27 ++++++++++++++++++++++----- 30/fpm-alpine/config/autoconfig.php | 14 -------------- 30/fpm-alpine/config/redis.config.php | 2 +- 30/fpm-alpine/config/s3.config.php | 12 +++--------- 30/fpm-alpine/config/smtp.config.php | 6 ++---- 30/fpm-alpine/entrypoint.sh | 27 ++++++++++++++++++++++----- 30/fpm/config/autoconfig.php | 14 -------------- 30/fpm/config/redis.config.php | 2 +- 30/fpm/config/s3.config.php | 12 +++--------- 30/fpm/config/smtp.config.php | 6 ++---- 30/fpm/entrypoint.sh | 27 ++++++++++++++++++++++----- 15 files changed, 84 insertions(+), 99 deletions(-) diff --git a/30/apache/config/autoconfig.php b/30/apache/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/apache/config/autoconfig.php +++ b/30/apache/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/apache/config/redis.config.php b/30/apache/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/apache/config/redis.config.php +++ b/30/apache/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/apache/config/s3.config.php b/30/apache/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/apache/config/s3.config.php +++ b/30/apache/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/apache/config/smtp.config.php b/30/apache/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/apache/config/smtp.config.php +++ b/30/apache/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/apache/entrypoint.sh b/30/apache/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/apache/entrypoint.sh +++ b/30/apache/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/30/fpm-alpine/config/autoconfig.php b/30/fpm-alpine/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/fpm-alpine/config/autoconfig.php +++ b/30/fpm-alpine/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/fpm-alpine/config/redis.config.php b/30/fpm-alpine/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/fpm-alpine/config/redis.config.php +++ b/30/fpm-alpine/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/fpm-alpine/config/s3.config.php b/30/fpm-alpine/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/fpm-alpine/config/s3.config.php +++ b/30/fpm-alpine/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/fpm-alpine/config/smtp.config.php b/30/fpm-alpine/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/fpm-alpine/config/smtp.config.php +++ b/30/fpm-alpine/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/fpm-alpine/entrypoint.sh b/30/fpm-alpine/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/fpm-alpine/entrypoint.sh +++ b/30/fpm-alpine/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" diff --git a/30/fpm/config/autoconfig.php b/30/fpm/config/autoconfig.php index 92ad2a1c..f01f18d6 100644 --- a/30/fpm/config/autoconfig.php +++ b/30/fpm/config/autoconfig.php @@ -6,13 +6,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbtype'] = 'sqlite'; $AUTOCONFIG['dbname'] = getenv('SQLITE_DATABASE'); $autoconfig_enabled = true; -} elseif (getenv('MYSQL_DATABASE_FILE') && getenv('MYSQL_USER_FILE') && getenv('MYSQL_PASSWORD_FILE') && getenv('MYSQL_HOST')) { - $AUTOCONFIG['dbtype'] = 'mysql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('MYSQL_DATABASE_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('MYSQL_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('MYSQL_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); - $autoconfig_enabled = true; } elseif (getenv('MYSQL_DATABASE') && getenv('MYSQL_USER') && getenv('MYSQL_PASSWORD') && getenv('MYSQL_HOST')) { $AUTOCONFIG['dbtype'] = 'mysql'; $AUTOCONFIG['dbname'] = getenv('MYSQL_DATABASE'); @@ -20,13 +13,6 @@ if (getenv('SQLITE_DATABASE')) { $AUTOCONFIG['dbpass'] = getenv('MYSQL_PASSWORD'); $AUTOCONFIG['dbhost'] = getenv('MYSQL_HOST'); $autoconfig_enabled = true; -} elseif (getenv('POSTGRES_DB_FILE') && getenv('POSTGRES_USER_FILE') && getenv('POSTGRES_PASSWORD_FILE') && getenv('POSTGRES_HOST')) { - $AUTOCONFIG['dbtype'] = 'pgsql'; - $AUTOCONFIG['dbname'] = trim(file_get_contents(getenv('POSTGRES_DB_FILE'))); - $AUTOCONFIG['dbuser'] = trim(file_get_contents(getenv('POSTGRES_USER_FILE'))); - $AUTOCONFIG['dbpass'] = trim(file_get_contents(getenv('POSTGRES_PASSWORD_FILE'))); - $AUTOCONFIG['dbhost'] = getenv('POSTGRES_HOST'); - $autoconfig_enabled = true; } elseif (getenv('POSTGRES_DB') && getenv('POSTGRES_USER') && getenv('POSTGRES_PASSWORD') && getenv('POSTGRES_HOST')) { $AUTOCONFIG['dbtype'] = 'pgsql'; $AUTOCONFIG['dbname'] = getenv('POSTGRES_DB'); diff --git a/30/fpm/config/redis.config.php b/30/fpm/config/redis.config.php index a5b13da6..a5fde3c7 100644 --- a/30/fpm/config/redis.config.php +++ b/30/fpm/config/redis.config.php @@ -5,7 +5,7 @@ if (getenv('REDIS_HOST')) { 'memcache.locking' => '\OC\Memcache\Redis', 'redis' => array( 'host' => getenv('REDIS_HOST'), - 'password' => getenv('REDIS_HOST_PASSWORD_FILE') ? trim(file_get_contents(getenv('REDIS_HOST_PASSWORD_FILE'))) : (string) getenv('REDIS_HOST_PASSWORD'), + 'password' => (string) getenv('REDIS_HOST_PASSWORD'), ), ); diff --git a/30/fpm/config/s3.config.php b/30/fpm/config/s3.config.php index 9941c562..b7dabf32 100644 --- a/30/fpm/config/s3.config.php +++ b/30/fpm/config/s3.config.php @@ -24,25 +24,19 @@ if (getenv('OBJECTSTORE_S3_BUCKET')) { ) ); - if (getenv('OBJECTSTORE_S3_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_KEY')) { + if (getenv('OBJECTSTORE_S3_KEY')) { $CONFIG['objectstore']['arguments']['key'] = getenv('OBJECTSTORE_S3_KEY'); } else { $CONFIG['objectstore']['arguments']['key'] = ''; } - if (getenv('OBJECTSTORE_S3_SECRET_FILE')) { - $CONFIG['objectstore']['arguments']['secret'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SECRET_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SECRET')) { + if (getenv('OBJECTSTORE_S3_SECRET')) { $CONFIG['objectstore']['arguments']['secret'] = getenv('OBJECTSTORE_S3_SECRET'); } else { $CONFIG['objectstore']['arguments']['secret'] = ''; } - if (getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE')) { - $CONFIG['objectstore']['arguments']['sse_c_key'] = trim(file_get_contents(getenv('OBJECTSTORE_S3_SSE_C_KEY_FILE'))); - } elseif (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { + if (getenv('OBJECTSTORE_S3_SSE_C_KEY')) { $CONFIG['objectstore']['arguments']['sse_c_key'] = getenv('OBJECTSTORE_S3_SSE_C_KEY'); } } diff --git a/30/fpm/config/smtp.config.php b/30/fpm/config/smtp.config.php index 66a2ef7e..40cfdf94 100644 --- a/30/fpm/config/smtp.config.php +++ b/30/fpm/config/smtp.config.php @@ -5,16 +5,14 @@ if (getenv('SMTP_HOST') && getenv('MAIL_FROM_ADDRESS') && getenv('MAIL_DOMAIN')) 'mail_smtphost' => getenv('SMTP_HOST'), 'mail_smtpport' => getenv('SMTP_PORT') ?: (getenv('SMTP_SECURE') ? 465 : 25), 'mail_smtpsecure' => getenv('SMTP_SECURE') ?: '', - 'mail_smtpauth' => getenv('SMTP_NAME') && (getenv('SMTP_PASSWORD') || getenv('SMTP_PASSWORD_FILE')), + 'mail_smtpauth' => getenv('SMTP_NAME') && getenv('SMTP_PASSWORD'), 'mail_smtpauthtype' => getenv('SMTP_AUTHTYPE') ?: 'LOGIN', 'mail_smtpname' => getenv('SMTP_NAME') ?: '', 'mail_from_address' => getenv('MAIL_FROM_ADDRESS'), 'mail_domain' => getenv('MAIL_DOMAIN'), ); - if (getenv('SMTP_PASSWORD_FILE')) { - $CONFIG['mail_smtppassword'] = trim(file_get_contents(getenv('SMTP_PASSWORD_FILE'))); - } elseif (getenv('SMTP_PASSWORD')) { + if (getenv('SMTP_PASSWORD')) { $CONFIG['mail_smtppassword'] = getenv('SMTP_PASSWORD'); } else { $CONFIG['mail_smtppassword'] = ''; diff --git a/30/fpm/entrypoint.sh b/30/fpm/entrypoint.sh index 8e178f2e..809e2762 100755 --- a/30/fpm/entrypoint.sh +++ b/30/fpm/entrypoint.sh @@ -63,14 +63,16 @@ file_env() { local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//") local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//") if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then - echo >&2 "error: both $var and $fileVar are set (but are exclusive)" - exit 1 + echo "Warning: both $var and $fileVar are set ($fileVar takes precedence)" fi - if [ -n "${varValue}" ]; then - export "$var"="${varValue}" - elif [ -n "${fileVarValue}" ]; then + if [ -n "${fileVarValue}" ]; then + echo "note: taking ${fileVar} file for ${var} value" export "$var"="$(cat "${fileVarValue}")" + elif [ -n "${varValue}" ]; then + echo "note: using ${var} variable for ${var} value" + export "$var"="${varValue}" elif [ -n "${def}" ]; then + echo "note: using invoked definition for ${var} value" export "$var"="$def" fi unset "$fileVar" @@ -82,6 +84,21 @@ if expr "$1" : "apache" 1>/dev/null; then fi fi +# All possible content secrets to variable +file_env NEXTCLOUD_ADMIN_PASSWORD +file_env NEXTCLOUD_ADMIN_USER +file_env MYSQL_DATABASE +file_env MYSQL_PASSWORD +file_env MYSQL_USER +file_env POSTGRES_DB +file_env POSTGRES_PASSWORD +file_env POSTGRES_USER +file_env REDIS_HOST_PASSWORD +file_env SMTP_PASSWORD +file_env OBJECTSTORE_S3_KEY +file_env OBJECTSTORE_S3_SECRET +file_env OBJECTSTORE_S3_SSE_C_KEY + if expr "$1" : "apache" 1>/dev/null || [ "$1" = "php-fpm" ] || [ "${NEXTCLOUD_UPDATE:-0}" -eq 1 ]; then uid="$(id -u)" gid="$(id -g)" From 2f4de23ea11705a977984c273082efa2d4dcf743 Mon Sep 17 00:00:00 2001 From: Josh Date: Sat, 14 Dec 2024 14:24:34 -0500 Subject: [PATCH 3/3] docs(README): Basic status badges Signed-off-by: Josh --- README.md | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/README.md b/README.md index b3d5e7df..152489b2 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,11 @@ +![GitHub last commit](https://img.shields.io/github/last-commit/nextcloud/docker) +[![GitHub Release](https://img.shields.io/github/v/release/nextcloud/docker?link=https%3A%2F%2Fgithub.com%2Fnextcloud%2Fdocker%2Freleases%2Flatest&label=latest%20Image)](https://github.com/nextcloud/docker/releases/) +[![Docker Image Version](https://img.shields.io/docker/v/library/nextcloud?sort=semver&logo=nextcloud&label=Nextcloud)](https://nextcloud.com/changelog/) +![GitHub commits since latest release](https://img.shields.io/github/commits-since/nextcloud/docker/latest) +![GitHub commit activity](https://img.shields.io/github/commit-activity/m/nextcloud/docker) +![GitHub contributors](https://img.shields.io/github/contributors/nextcloud/docker?label=contributors%20-%20Thank%20you!) +![Docker Pulls](https://img.shields.io/docker/pulls/library/nextcloud) + # What is Nextcloud? A safe home for all your data. Access & share your files, calendars, contacts, mail & more from any device, on your terms. @@ -19,6 +27,9 @@ The second option is a `fpm` container. It is based on the [php-fpm](https://hub Most Nextcloud Server administrative matters are covered in the official [Nextcloud Admin Manual](https://docs.nextcloud.com/server/latest/admin_manual/) or [other official Nextcloud documentation](https://docs.nextcloud.com) (which are all routinely updated). +[![Discourse Users](https://img.shields.io/discourse/users?server=https%3A%2F%2Fhelp.nextcloud.com&label=Community%20Forum&color=blue&link=https%3A%2F%2Fhelp.nextcloud.com%2F)](https://help.nextcloud.com/) +[![Discourse Posts](https://img.shields.io/discourse/posts?server=https%3A%2F%2Fhelp.nextcloud.com&label=Community%20Forum&color=blue&link=https%3A%2F%2Fhelp.nextcloud.com%2F)](https://help.nextcloud.com/) + **If you have any problems or usage questions while using the image, please ask for assistance on the [Nextcloud Community Help Forum](https://help.nextcloud.com)** rather than reporting them as "bugs" (unless they are bugs of course). This helps the maintainers (who are volunteers) remain focused on making the image better (rather than responding solely to one-on-one support issues). (Tip: Some of the maintainers are also regular responders to help requests on the [community help forum](https://help.nextcloud.com/).) @@ -732,8 +743,16 @@ If there is a relevant existing open issue, you can either add to the discussion If you believe you've found a new bug, please create a new Issue so that others can try to reproduce it and remediation can be tracked. +![GitHub Issues or Pull Requests](https://img.shields.io/github/issues/nextcloud/docker?label=Open%20Issues) +![GitHub Issues or Pull Requests by label](https://img.shields.io/github/issues/nextcloud/docker/bug?style=flat&label=Bug%20Reports&color=red) +![GitHub Issues or Pull Requests by label](https://img.shields.io/github/issues/nextcloud/docker/enhancement?style=flat&label=Enhancement%20Ideas&color=green) +![GitHub Issues or Pull Requests by label](https://img.shields.io/github/issues/nextcloud/docker/good%20first%20issue?style=flat&label=Good%20First%20Issues) + **If you have any problems or usage questions while using the image, please ask for assistance on the [Nextcloud Community Help Forum](https://help.nextcloud.com)** rather than reporting them as "bugs" (unless they really are bugs of course). This helps the maintainers (who are volunteers) remain focused on making the image better (rather than responding solely to one-on-one support issues). (Tip: Some of the maintainers are also regular responders to help requests on the [Nextcloud Community Help Forum](https://help.nextcloud.com).) +[![Discourse Users](https://img.shields.io/discourse/users?server=https%3A%2F%2Fhelp.nextcloud.com&label=Community%20Forum&color=blue&link=https%3A%2F%2Fhelp.nextcloud.com%2F)](https://help.nextcloud.com/) +[![Discourse Posts](https://img.shields.io/discourse/posts?server=https%3A%2F%2Fhelp.nextcloud.com&label=Community%20Forum&color=blue&link=https%3A%2F%2Fhelp.nextcloud.com%2F)](https://help.nextcloud.com/) + Most Nextcloud Server matters are covered in the official [Nextcloud Admin Manual](https://docs.nextcloud.com/server/latest/admin_manual/) or the [other official Nextcloud documentation](https://docs.nextcloud.com) (which are routinely updated).