Add docker secrets support

2024-09-18 22:39:36 +00:00 · 2020-03-27 00:59:28 +01:00 · 2020-03-27 00:59:28 +01:00 · 7e97bec07f
commit 7e97bec07f
parent f2704649f1
2 changed files with 15 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -25,6 +25,7 @@ There are several ways to run PowerDNS-Admin. Following is a simple way to start
 Step 1: Update the configuration

 Edit the `docker-compose.yml` file to update the database connection string in `SQLALCHEMY_DATABASE_URI`. Other environment variables are mentioned in the [legal_envvars](https://github.com/ngoduykhanh/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L37).
+To use docker secret feature it is possible to append `_FILE` to the environment variables and point to a file with the value stored in it.

 Step 2: Start docker container

--- a/configs/docker_config.py
+++ b/configs/docker_config.py
@ -64,8 +64,21 @@ legal_envvars_bool = (
 import os
 import sys
 for v in legal_envvars:
-    if v in os.environ:
+
+    ret = None
+    # _FILE suffix will allow to read value from file, usefull for Docker's
+    # secrets feature
+    if v + '_FILE' in os.environ:
+        if v in os.environ:
+            raise AttributeError("Both {} and {} are set but are exclusive." .format(v, v + '_FILE'))
+        with open(os.environ[v + '_FILE']) as f:
+            ret = f.read()
+        f.close()
+
+    elif v in os.environ:
        ret = os.environ[v]
+
+    if ret is not None:
        if v in legal_envvars_bool:
            ret = bool(ret)
        if v in legal_envvars_int: