working on secrets

2025-10-31 13:14:12 -04:00
parent 9a4d5058f9
commit 51c939dd2c
4 changed files with 69 additions and 6 deletions
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -0,0 +1,38 @@
+#!/bin/bash
+
+set -e
+
+file_env() {
+   local var="$1"
+   local fileVar="${var}_FILE"
+   local def="${2:-}"
+
+   if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+      echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+      exit 1
+   fi
+
+   local val="$def"
+
+   if [ "${!var:-}" ]; then
+      val="${!var}"
+   elif [ "${!fileVar:-}" ]; then
+      val="$(< "${!fileVar}")"
+   fi
+
+   export "$var"="$val"
+   unset "$fileVar"
+}
+
+file_env "DJANGO_SECRET_KEY"
+file_env "OIDC_RP_CLIENT_SECRET"
+file_env "DJANGO_SUPERUSER_PASSWORD"
+# file_env "MINIO_ROOT_PASSWORD"
+# file_env "COLLABORATION_SERVER_SECRET"
+# file_env "POSTGRES_PASSWORD"
+# file_env "DB_PASSWORD"
+# file_env "AWS_S3_SECRET_ACCESS_KEY"
+
+# Execute the actual command (from command: in compose.yml)
+exec "$@"
+