Refactoring run with secret instruction
This commit is contained in:
parent
dfa4075e9c
commit
c5b01dc5e5
18
README.md
18
README.md
|
@ -171,7 +171,7 @@ For manage sensitive data like database password/username you can use Docker sec
|
||||||
At first you need to iniciate docker swarm with command
|
At first you need to iniciate docker swarm with command
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker swarm init
|
sudo docker swarm init
|
||||||
```
|
```
|
||||||
|
|
||||||
**STEP 2**:
|
**STEP 2**:
|
||||||
|
@ -179,21 +179,21 @@ Next step you need make secrets. DocumentServer support username/password for po
|
||||||
If you want use secrets only for database access:
|
If you want use secrets only for database access:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
printf "your_pass" | docker secret create dbPass -
|
sudo printf "your_pass" | docker secret create dbPass -
|
||||||
printf "your_user" | docker secret create dbUser -
|
sudo printf "your_user" | docker secret create dbUser -
|
||||||
```
|
```
|
||||||
To use serkets jwt run:
|
If you want use JWT from secrets:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
printf "secret_value" | docker secret create jwtSecret -
|
sudo printf "secret_value" | docker secret create jwtSecret -
|
||||||
printf "secret_header" | docker secret create jwtHeader -
|
sudo printf "secret_header" | docker secret create jwtHeader -
|
||||||
```
|
```
|
||||||
|
|
||||||
**STEP 3**:
|
**STEP 3**:
|
||||||
After you make the secrets need build DocumentServer with command
|
After you make the secrets need build DocumentServer with command
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker compose build
|
sudo docker compose build
|
||||||
```
|
```
|
||||||
|
|
||||||
**STEP 4**:
|
**STEP 4**:
|
||||||
|
@ -203,13 +203,13 @@ After that when images is gonna be builded very important uncommented strings in
|
||||||
Now DocumentServer is ready to deploy with secrets. For that run:
|
Now DocumentServer is ready to deploy with secrets. For that run:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker stack deploy --compose-file=docker-compose.yml documentserver-secrets
|
sudo docker stack deploy --compose-file=docker-compose.yml documentserver-secrets
|
||||||
```
|
```
|
||||||
|
|
||||||
Also you can run docker compose with the same config
|
Also you can run docker compose with the same config
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
docker compose up -d
|
sudo docker compose up -d
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Available Configuration Parameters
|
#### Available Configuration Parameters
|
||||||
|
|
|
@ -87,11 +87,11 @@ JWT_SECRET=${JWT_SECRET:-secret}
|
||||||
JWT_HEADER=${JWT_HEADER:-Authorization}
|
JWT_HEADER=${JWT_HEADER:-Authorization}
|
||||||
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
JWT_IN_BODY=${JWT_IN_BODY:-false}
|
||||||
|
|
||||||
if [ -n ${JWT_SECRET_FILE} ] || [ -s ${SECRETS_PATH}/jwtSecret ]; then
|
if [[ -n ${JWT_SECRET_FILE} ]] && [[ -s ${SECRETS_PATH}/jwtSecret ]]; then
|
||||||
JWT_SECRET=$( cat ${SECRETS_PATH}/jwtSecret )
|
JWT_SECRET=$( cat ${SECRETS_PATH}/jwtSecret )
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ -n ${JWT_HEADER_FILE} ] || [ -s ${SECRETS_PATH}/jwtHeader ]; then
|
if [[ -n ${JWT_HEADER_FILE} ]] && [[ -s ${SECRETS_PATH}/jwtHeader ]]; then
|
||||||
JWT_HEADER=$( cat ${SECRETS_PATH}/jwtHeader )
|
JWT_HEADER=$( cat ${SECRETS_PATH}/jwtHeader )
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue