From dfa48a0a4786a83a591bfbd9bd1ca01f4f1ffd29 Mon Sep 17 00:00:00 2001
From: Cassowary <cassowary@aldercone.studio>
Date: Tue, 3 Oct 2023 17:20:39 -0700
Subject: [PATCH] Fix multiple issues and work around abra bug.

---
 abra.sh            | 20 ++++++++++----------
 compose.yml        |  2 ++
 entrypoint.sh.tmpl |  5 +++--
 3 files changed, 15 insertions(+), 12 deletions(-)

diff --git a/abra.sh b/abra.sh
index 7faf109..8d62c3f 100644
--- a/abra.sh
+++ b/abra.sh
@@ -1,27 +1,27 @@
 #!/bin/bash
 
-export ENTRYPOINT_CONF_VERSION=v6
+export ENTRYPOINT_CONF_VERSION=v7
 
 assets() {
-  export OTP_SECRET=$(cat /run/secrets/otp_secret)
-  export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
-  export DB_PASS=$(cat /run/secrets/db_password)
+  set -x  OTP_SECRET $(cat /run/secrets/otp_secret)
+  set -x  SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
+  set -x  DB_PASS $(cat /run/secrets/db_password)
 
   RAILS_ENV=production bundle exec rails assets:precompile
 }
 
 setup() {
-  export OTP_SECRET=$(cat /run/secrets/otp_secret)
-  export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
-  export DB_PASS=$(cat /run/secrets/db_password)
+  set -x  OTP_SECRET $(cat /run/secrets/otp_secret)
+  set -x  SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
+  set -x  DB_PASS $(cat /run/secrets/db_password)
 
   RAILS_ENV=production bundle exec rake db:setup
 }
 
 admin() {
-  export OTP_SECRET=$(cat /run/secrets/otp_secret)
-  export SECRET_KEY_BASE=$(cat /run/secrets/secret_key_base)
-  export DB_PASS=$(cat /run/secrets/db_password)
+  set -x  OTP_SECRET $(cat /run/secrets/otp_secret)
+  set -x  SECRET_KEY_BASE $(cat /run/secrets/secret_key_base)
+  set -x  DB_PASS $(cat /run/secrets/db_password)
 
   RAILS_ENV=production bin/tootctl accounts create "$1" --email "$2" --confirmed --role admin
 }
diff --git a/compose.yml b/compose.yml
index 7fcaf91..b2d0030 100644
--- a/compose.yml
+++ b/compose.yml
@@ -45,6 +45,7 @@ services:
       - DB_NAME
       - DB_PORT
       - DB_USER
+      - DB_PASS_FILE=/run/secrets/db_password
       - DEFAULT_LOCALE
       - EMAIL_DOMAIN_ALLOWLIST
       - EMAIL_DOMAIN_DENYLIST
@@ -67,6 +68,7 @@ services:
       - MAX_SESSION_ACTIVATIONS
       - MAX_TOOT_CHARS
       - OAUTH_REDIRECT_AT_SIGN_IN
+      - OTP_SECRET_FILE=/run/secrets/otp_secret
       - OIDC_AUTH_ENDPOINT
       - OIDC_CLIENT_AUTH_METHOD
       - OIDC_CLIENT_ID
diff --git a/entrypoint.sh.tmpl b/entrypoint.sh.tmpl
index 57b8ff0..4f218e2 100644
--- a/entrypoint.sh.tmpl
+++ b/entrypoint.sh.tmpl
@@ -23,11 +23,12 @@ file_env() {
   unset "$fileVar"
 }
 
-export DB_PASS=$(cat /run/secrets/db_password)
-
 # for sidekiq service bundle exec env var threading
 file_env "OTP_SECRET"
 file_env "SECRET_KEY_BASE"
+file_env "DB_PASS"
+file_env "SMTP_PASSWORD"
+file_env "VAPID_PRIVATE_KEY"
 
 {{ if eq (env "OIDC_ENABLED") "true" }}
 file_env "OIDC_CLIENT_SECRET"