2021-02-04 11:25:26 -05:00
|
|
|
#! /bin/bash
|
|
|
|
|
# ref: https://github.com/linuxserver/docker-baseimage-alpine/blob/master/root/etc/cont-init.d/01-envfile
|
|
|
|
|
|
|
|
|
|
# in s6, environmental variables are written as text files for s6 to monitor
|
2021-02-05 16:52:24 -05:00
|
|
|
# seach through full-path filenames for files ending in "__FILE"
|
|
|
|
|
for FILENAME in $(find /var/run/s6/container_environment/ | grep "__FILE$"); do
|
|
|
|
|
echo "[secret-init] Evaluating ${FILENAME##*/}"
|
2021-02-04 11:25:26 -05:00
|
|
|
|
2021-02-05 16:52:24 -05:00
|
|
|
# set SECRETFILE to the contents of the full-path textfile
|
2021-02-04 11:25:26 -05:00
|
|
|
SECRETFILE=$(cat ${FILENAME})
|
|
|
|
|
# SECRETFILE=${FILENAME}
|
|
|
|
|
echo "[secret-init] Setting SECRETFILE to ${SECRETFILE}..." # DEBUG - rm for prod!
|
|
|
|
|
|
|
|
|
|
# if SECRETFILE exists / is not null
|
|
|
|
|
if [[ -f ${SECRETFILE} ]]; then
|
|
|
|
|
# strip the appended "__FILE" from environmental variable name ...
|
2021-02-05 16:52:24 -05:00
|
|
|
STRIPFILE=$(echo ${FILENAME} | sed "s/__FILE//g")
|
2021-02-04 11:25:26 -05:00
|
|
|
echo "[secret-init] Set STRIPFILE to ${STRIPFILE}" # DEBUG - rm for prod!
|
2021-02-05 16:52:24 -05:00
|
|
|
|
2021-02-04 11:25:26 -05:00
|
|
|
# ... and set value to contents of secretfile
|
|
|
|
|
# since s6 uses text files, this is effectively "export ..."
|
2021-02-05 23:47:30 -05:00
|
|
|
# cat ${SECRETFILE} > ${STRIPFILE}
|
|
|
|
|
cat $(${SECRETFILE} | sed "s/[^\w.-]+//g") > ${STRIPFILE}
|
2021-02-04 11:25:26 -05:00
|
|
|
echo "[secret-init] Set ${STRIPFILE} to $(cat ${STRIPFILE})" # DEBUG - rm for prod!"
|
2021-02-05 16:52:24 -05:00
|
|
|
echo "[secret-init] Success! ${STRIPFILE} set from ${FILENAME}"
|
2021-02-04 11:25:26 -05:00
|
|
|
|
|
|
|
|
else
|
2021-02-05 16:52:24 -05:00
|
|
|
echo "[secret-init] cannot find secret in ${FILENAME}"
|
2021-02-04 11:25:26 -05:00
|
|
|
fi
|
|
|
|
|
done
|
