docker-library
/
rabbitmq
mirror of https://github.com/docker-library/rabbitmq.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #143 from vovimayhem/story/default_pass_file 

Support for reading the default password from a file (i.e. docker secret)
This commit is contained in:
Tianon Gravi 2017-03-24 13:28:03 -07:00 committed by GitHub
parent 07a16a2856 6a95e08240
commit 0c14528163
2 changed files with 58 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
alpine/docker-entrypoint.sh
View File

@ -1,6 +1,28 @@
#!/bin/bash #!/bin/bash
set -eu set -eu
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# allow the container to be started with `--user` # allow the container to be started with `--user`
if [[ "$1" == rabbitmq* ]] && [ "$(id -u)" = '0' ]; then if [[ "$1" == rabbitmq* ]] && [ "$(id -u)" = '0' ]; then
if [ "$1" = 'rabbitmq-server' ]; then if [ "$1" = 'rabbitmq-server' ]; then
@ -19,6 +41,12 @@ fi
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}" : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}" : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
default_user
default_pass
)
# https://www.rabbitmq.com/configure.html # https://www.rabbitmq.com/configure.html
sslConfigKeys=( sslConfigKeys=(
cacertfile cacertfile
@ -61,6 +89,7 @@ declare -A configDefaults=(
haveConfig= haveConfig=
haveSslConfig= haveSslConfig=
haveManagementSslConfig= haveManagementSslConfig=
for fileEnvKey in "${fileEnvKeys[@]}"; do file_env "RABBITMQ_${fileEnvKey^^}"; done
for conf in "${allConfigKeys[@]}"; do for conf in "${allConfigKeys[@]}"; do
var="RABBITMQ_${conf^^}" var="RABBITMQ_${conf^^}"
val="${!var:-}" val="${!var:-}"

29
debian/docker-entrypoint.sh vendored
View File

@ -1,6 +1,28 @@
#!/bin/bash #!/bin/bash
set -eu set -eu
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# allow the container to be started with `--user` # allow the container to be started with `--user`
if [[ "$1" == rabbitmq* ]] && [ "$(id -u)" = '0' ]; then if [[ "$1" == rabbitmq* ]] && [ "$(id -u)" = '0' ]; then
if [ "$1" = 'rabbitmq-server' ]; then if [ "$1" = 'rabbitmq-server' ]; then
@ -19,6 +41,12 @@ fi
: "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}" : "${RABBITMQ_MANAGEMENT_SSL_CERTFILE:=$RABBITMQ_SSL_CERTFILE}"
: "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}" : "${RABBITMQ_MANAGEMENT_SSL_KEYFILE:=$RABBITMQ_SSL_KEYFILE}"
# Allowed env vars that will be read from mounted files (i.e. Docker Secrets):
fileEnvKeys=(
default_user
default_pass
)
# https://www.rabbitmq.com/configure.html # https://www.rabbitmq.com/configure.html
sslConfigKeys=( sslConfigKeys=(
cacertfile cacertfile
@ -61,6 +89,7 @@ declare -A configDefaults=(
haveConfig= haveConfig=
haveSslConfig= haveSslConfig=
haveManagementSslConfig= haveManagementSslConfig=
for fileEnvKey in "${fileEnvKeys[@]}"; do file_env "RABBITMQ_${fileEnvKey^^}"; done
for conf in "${allConfigKeys[@]}"; do for conf in "${allConfigKeys[@]}"; do
var="RABBITMQ_${conf^^}" var="RABBITMQ_${conf^^}"
val="${!var:-}" val="${!var:-}"