From 77f774d4892e56678e713524ac7519c71ca0dfdd Mon Sep 17 00:00:00 2001 From: Paulino Padial Date: Tue, 23 Jan 2018 18:12:33 +0100 Subject: [PATCH] Added .pass file build logic --- Dockerfile | 2 +- docker-entrypoint.sh | 29 ++++++++++++++++++++++++++++- 2 files changed, 29 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index bbc6ec1..9f45537 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,7 +17,7 @@ ADD docker-entrypoint.sh /docker-entrypoint.sh RUN chmod +x /docker-entrypoint.sh # Volumes declaration -VOLUME ["/backup", "/scripts"] +VOLUME ["/backup"] # Start the container process ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 0d9d7a2..a8b03a0 100644 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -1,4 +1,31 @@ #!/bin/sh -# Execute cron with parameters +# Logic for Password file required +# If PASSWORD_SECRET env var is defined, search for the /run/secrets/${PASSWORD_SECRET} and read the content +# If PASSWORD_SECRET is not defined, use PASSWORD env variable +# The idea, as specified in the software: +# create a file $HOME/.pgpass containing a line like this +# hostname:*:*:dbuser:dbpass +# replace hostname with the value of DBHOST and postgres with +# the value of USERNAME + +PASSPHRASE="" +if [ "${PASSWORD_SECRET}" ]; then + if [ -f "/run/secrets/${PASSWORD_SECRET}" ]; then + PASSPHRASE = $(cat /run/secrets/${PASSWORD_SECRET}) + else + echo "ERROR: Secret file not found in /run/secrets/${PASSWORD_SECRET}" + echo "Please verify your docker secrets configuration." + exit 1 + fi +else + PASSPHRASE = ${PASSWORD} +fi + +# Create the file +cat <<-EOF > ${HOME}/.pgpass +${DBHOST}:*:*:${USERNAME}:${PASSPHRASE} +EOF + +# Execute cron with parameters (autopostgresql script is under /etc/cron.daily) exec cron -f -l ${LOG_LEVEL:-8}