Unverified Commit 7e97bec0 authored by Benjamin Bässler's avatar Benjamin Bässler Committed by Benjamin Baessler
Browse files

Add docker secrets support

parent f2704649
...@@ -25,6 +25,7 @@ There are several ways to run PowerDNS-Admin. Following is a simple way to start ...@@ -25,6 +25,7 @@ There are several ways to run PowerDNS-Admin. Following is a simple way to start
Step 1: Update the configuration Step 1: Update the configuration
Edit the `docker-compose.yml` file to update the database connection string in `SQLALCHEMY_DATABASE_URI`. Other environment variables are mentioned in the [legal_envvars](https://github.com/ngoduykhanh/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L37). Edit the `docker-compose.yml` file to update the database connection string in `SQLALCHEMY_DATABASE_URI`. Other environment variables are mentioned in the [legal_envvars](https://github.com/ngoduykhanh/PowerDNS-Admin/blob/master/configs/docker_config.py#L5-L37).
To use docker secret feature it is possible to append `_FILE` to the environment variables and point to a file with the value stored in it.
Step 2: Start docker container Step 2: Start docker container
......
...@@ -64,8 +64,21 @@ legal_envvars_bool = ( ...@@ -64,8 +64,21 @@ legal_envvars_bool = (
import os import os
import sys import sys
for v in legal_envvars: for v in legal_envvars:
if v in os.environ:
ret = None
# _FILE suffix will allow to read value from file, usefull for Docker's
# secrets feature
if v + '_FILE' in os.environ:
if v in os.environ:
raise AttributeError("Both {} and {} are set but are exclusive." .format(v, v + '_FILE'))
with open(os.environ[v + '_FILE']) as f:
ret = f.read()
f.close()
elif v in os.environ:
ret = os.environ[v] ret = os.environ[v]
if ret is not None:
if v in legal_envvars_bool: if v in legal_envvars_bool:
ret = bool(ret) ret = bool(ret)
if v in legal_envvars_int: if v in legal_envvars_int:
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment