Refactoring code for secrets use
This commit is contained in:
parent
39dc4078ad
commit
014d5f75d8
|
@ -8,6 +8,7 @@ services:
|
||||||
- onlyoffice-postgresql
|
- onlyoffice-postgresql
|
||||||
- onlyoffice-rabbitmq
|
- onlyoffice-rabbitmq
|
||||||
environment:
|
environment:
|
||||||
|
- USE_SECRETS=false
|
||||||
- DB_TYPE=postgres
|
- DB_TYPE=postgres
|
||||||
- DB_HOST=onlyoffice-postgresql
|
- DB_HOST=onlyoffice-postgresql
|
||||||
- DB_PORT=5432
|
- DB_PORT=5432
|
||||||
|
|
|
@ -87,11 +87,11 @@ JWT_SECRET=${JWT_SECRET:-secret}
|
||||||
JWT_HEADER=${JWT_HEADER:-Authorization}
|
JWT_HEADER=${JWT_HEADER:-Authorization}
|
||||||
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
||||||
|
|
||||||
if [[ -n ${JWT_SECRET_FILE} ]] && [[ -s ${SECRETS_PATH}/jwtSecret ]]; then
|
if [ ${USE_SECRETS} == "true" ] && [ -s ${SECRETS_PATH}/jwtSecret ]; then
|
||||||
JWT_SECRET=$( cat ${SECRETS_PATH}/jwtSecret )
|
JWT_SECRET=$( cat ${SECRETS_PATH}/jwtSecret )
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -n ${JWT_HEADER_FILE} ]] && [[ -s ${SECRETS_PATH}/jwtHeader ]]; then
|
if [ ${USE_SECRETS} == "true" ] && [ -s ${SECRETS_PATH}/jwtHeader ]; then
|
||||||
JWT_HEADER=$( cat ${SECRETS_PATH}/jwtHeader )
|
JWT_HEADER=$( cat ${SECRETS_PATH}/jwtHeader )
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
@ -129,6 +129,17 @@ if [ "${LETS_ENCRYPT_DOMAIN}" != "" -a "${LETS_ENCRYPT_MAIL}" != "" ]; then
|
||||||
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
|
SSL_KEY_PATH=${LETSENCRYPT_ROOT_DIR}/${LETS_ENCRYPT_DOMAIN}/privkey.pem
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# update db credentials if secrets was configure
|
||||||
|
if [ "${USE_SECRETS}" == "true" ]; then
|
||||||
|
if [ -s ${SECRETS_PATH}/dbUser ]; then
|
||||||
|
DB_USER=$( cat ${SECRETS_PATH}/dbUser )
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ -s ${SECRETS_PATH}/dbPass ]; then
|
||||||
|
DB_PWD=$( cat ${SECRETS_PATH}/dbPass )
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
read_setting(){
|
read_setting(){
|
||||||
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
deprecated_var POSTGRESQL_SERVER_HOST DB_HOST
|
||||||
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
deprecated_var POSTGRESQL_SERVER_PORT DB_PORT
|
||||||
|
@ -261,18 +272,6 @@ update_db_settings(){
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbName = '${DB_NAME}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${DB_USER}'"
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
|
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${DB_PWD}'"
|
||||||
|
|
||||||
# update db credentials if secrets present
|
|
||||||
|
|
||||||
if [ -s ${SECRETS_PATH}/dbUser ]; then
|
|
||||||
SECRET_DB_USER=$( cat ${SECRETS_PATH}/dbUser )
|
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbUser = '${SECRET_DB_USER}'"
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [ -s ${SECRETS_PATH}/db_password ]; then
|
|
||||||
SECRET_DB_PWD=$( cat ${SECRETS_PATH}/dbPass )
|
|
||||||
${JSON} -I -e "this.services.CoAuthoring.sql.dbPass = '${SECRET_DB_PWD}'"
|
|
||||||
fi
|
|
||||||
}
|
}
|
||||||
|
|
||||||
update_rabbitmq_setting(){
|
update_rabbitmq_setting(){
|
||||||
|
|
Loading…
Reference in a new issue