From dafba403166631695ee711198bcae5791314d00f Mon Sep 17 00:00:00 2001
From: Philipp <admin@philipp.info>
Date: Mon, 7 Sep 2020 19:29:16 +0200
Subject: [PATCH 1/3] Friendica - Add Docker Secrets

---
 friendica/content.md | 59 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 59 insertions(+)

diff --git a/friendica/content.md b/friendica/content.md
index 093313312..b193444b6 100644
--- a/friendica/content.md
+++ b/friendica/content.md
@@ -140,6 +140,65 @@ The Friendica image supports auto configuration via environment variables. You c
 -	`MYSQL_DATABASE` Name of the database using mysql / mariadb.
 -	`MYSQL_HOST` Hostname of the database server using mysql / mariadb.
 
+
+# Docker Secrets
+As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files. For example:
+```yaml
+version: '3.2'
+
+services:
+  db:
+    image: mariadb
+    restart: always
+    volumes:
+      - db:/var/lib/mysql
+    environment:
+       - MYSQL_DATABASE_FILE=/run/secrets/mysql_db
+       - MYSQL_USER_FILE=/run/secrets/mysql_user
+       - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
+    secrets:
+      - mysql_database
+      - mysql_password
+      - mysql_user
+
+  app:
+    image: friendica
+    restart: always
+    volumes:
+      - friendica:/var/www/html
+    ports:
+      - "8080:80"
+    environment:
+      - MYSQL_HOST=db
+      - MYSQL_DATABASE_FILE=/run/secrets/mysql_db
+      - MYSQL_USER_FILE=/run/secrets/mysql_user
+      - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
+      - FRIENDICA_ADMIN_MAIL_FILE=/run/secrets/friendica_admin_mail
+    depends_on:
+      - db
+    secrets:
+      - friendica_admin_mail
+      - mysql_database
+      - mysql_password
+      - mysql_user
+
+volumes:
+  db:
+  friendica:
+
+secrets:
+  friendica_admin_mail:
+    file: ./friendica_admin_mail.txt # put admin email to this file
+  mysql_database:
+    file: ./mysql_database.txt # put mysql database name to this file
+  mysql_password:
+    file: ./mysql_password.txt # put mysql password to this file
+  mysql_user:
+    file: ./mysql_user.txt # put mysql username to this file
+```
+
+Currently, this is only supported for `FRIENDICA_ADMIN_MAIL`, `MYSQL_DATABASE`, `MYSQL_PASSWORD`, `MYSQL_USER`.
+
 # Maintenance of the image
 
 ## Updating to a newer version

From c68db791f65f0ddf58611fc7c481f9d7ebf27b22 Mon Sep 17 00:00:00 2001
From: Philipp <admin@philipp.info>
Date: Mon, 7 Sep 2020 19:47:42 +0200
Subject: [PATCH 2/3] fix markup

---
 friendica/content.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/friendica/content.md b/friendica/content.md
index b193444b6..3d3395d48 100644
--- a/friendica/content.md
+++ b/friendica/content.md
@@ -140,9 +140,10 @@ The Friendica image supports auto configuration via environment variables. You c
 -	`MYSQL_DATABASE` Name of the database using mysql / mariadb.
 -	`MYSQL_HOST` Hostname of the database server using mysql / mariadb.
 
-
 # Docker Secrets
+
 As an alternative to passing sensitive information via environment variables, _FILE may be appended to the previously listed environment variables, causing the initialization script to load the values for those variables from files present in the container. In particular, this can be used to load passwords from Docker secrets stored in /run/secrets/<secret_name> files. For example:
+
 ```yaml
 version: '3.2'
 

From 90f4aa62aeb00040da9267b27cf738b0054351ca Mon Sep 17 00:00:00 2001
From: Philipp <admin@philipp.info>
Date: Tue, 8 Sep 2020 20:54:09 +0200
Subject: [PATCH 3/3] Fix secrets name

---
 friendica/content.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/friendica/content.md b/friendica/content.md
index 3d3395d48..2fadf1907 100644
--- a/friendica/content.md
+++ b/friendica/content.md
@@ -154,7 +154,7 @@ services:
     volumes:
       - db:/var/lib/mysql
     environment:
-       - MYSQL_DATABASE_FILE=/run/secrets/mysql_db
+       - MYSQL_DATABASE_FILE=/run/secrets/mysql_database
        - MYSQL_USER_FILE=/run/secrets/mysql_user
        - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
     secrets:
@@ -171,7 +171,7 @@ services:
       - "8080:80"
     environment:
       - MYSQL_HOST=db
-      - MYSQL_DATABASE_FILE=/run/secrets/mysql_db
+      - MYSQL_DATABASE_FILE=/run/secrets/mysql_database
       - MYSQL_USER_FILE=/run/secrets/mysql_user
       - MYSQL_PASSWORD_FILE=/run/secrets/mysql_password
       - FRIENDICA_ADMIN_MAIL_FILE=/run/secrets/friendica_admin_mail