feat: entrypoint basic auth generation

2024-03-23 12:01:31 +01:00 · 2024-03-23 12:01:31 +01:00 · dba79dc23b
parent acf824c967
commit dba79dc23b
8 changed files with 29 additions and 26 deletions
--- a/abra.sh
+++ b/abra.sh
@ -1,6 +1,6 @@
-export ENTRYPOINT_VERSION=v1
-export HTPASSWD_CONF_VERSION=v1
-export NGINX_CONF_VERSION=v1
+export APP_ENTRYPOINT_VERSION=v1
+export BADGER_ENTRYPOINT_VERSION=v1
+export DEFAULT_CONF_VERSION=v1
 export SSH_CONF_VERSION=v1
 export SSH_DEPLOY_KEY_VERSION=v1
 export WEBHOOKD_SCRIPT_VERSION=v1
--- a/app-entrypoint.sh.tmpl
+++ b/app-entrypoint.sh.tmpl
@ -0,0 +1,6 @@
+#!/bin/sh
+
+{{ if eq (env "AUTH_ENABLED") "1" }}
+apk add --no-cache apache2-utils
+htpasswd -b -c /etc/nginx/.htpasswd {{ env "AUTH_USERNAME" }} {{ secret "auth_password" }}
+{{ end }}
--- a/badger-entrypoint.sh.tmpl
+++ b/badger-entrypoint.sh.tmpl
--- a/compose.auth.yml
+++ b/compose.auth.yml
@ -1,5 +1,5 @@
 ---
-version: "3"
+version: "3.8"

 services:
  app:
@ -7,9 +7,6 @@ services:
      - AUTH_ENABLED
      - AUTH_USERNAME
      - DOMAIN
-    configs:
-      - source: htpasswd_conf
-        target: /etc/nginx/.htpasswd
    secrets:
      - auth_password

@ -17,9 +14,3 @@ secrets:
  auth_password:
    external: true
    name: ${STACK_NAME}_auth_password_${SECRET_AUTH_PASSWORD_VERSION}
-
-configs:
-  htpasswd_conf:
-    name: ${STACK_NAME}_htpasswd_conf_${HTPASSWD_CONF_VERSION}
-    file: htpasswd.conf.tmpl
-    template_driver: golang
--- a/compose.private.yml
+++ b/compose.private.yml
@ -1,5 +1,5 @@
 ---
-version: "3"
+version: "3.8"

 services:
  badger:
--- a/compose.yml
+++ b/compose.yml
@ -1,19 +1,22 @@
 ---
-version: "3"
+version: "3.8"

 services:
  app:
    image: nginx:1.25.3-alpine
    environment:
      - DOMAIN
-    configs:
-      - source: nginx_conf
-        target: /etc/nginx/conf.d/default.conf
    volumes:
      - nginx-data:/usr/share/nginx/website
    networks:
      - proxy
      - internal
+    configs:
+      - source: app_entrypoint
+        target: /docker-entrypoint.d/666-app-entrypoint.sh
+        mode: 0555
+      - source: default_conf
+        target: /etc/nginx/templates/default.conf.template
    deploy:
      restart_policy:
        condition: on-failure
@ -39,7 +42,7 @@ services:
      - source: webhookd_script
        target: /root/scripts/deploy.sh
        mode: 0555
-      - source: entrypoint
+      - source: badger_entrypoint
        target: /entrypoint.sh
        mode: 0555
    volumes:
@ -58,11 +61,15 @@ configs:
    name: ${STACK_NAME}_webhookd_script_${WEBHOOKD_SCRIPT_VERSION}
    file: deploy.sh.tmpl
    template_driver: golang
-  nginx_conf:
-    name: ${STACK_NAME}_nginx_conf_${NGINX_CONF_VERSION}
-    file: nginx.conf.tmpl
+  default_conf:
+    name: ${STACK_NAME}_default_conf_${DEFAULT_CONF_VERSION}
+    file: default.conf.tmpl
    template_driver: golang
-  entrypoint:
-    name: ${STACK_NAME}_entrypoint_${ENTRYPOINT_VERSION}
-    file: entrypoint.sh.tmpl
+  app_entrypoint:
+    name: ${STACK_NAME}_app_entrypoint_${APP_ENTRYPOINT_VERSION}
+    file: app-entrypoint.sh.tmpl
+    template_driver: golang
+  badger_entrypoint:
+    name: ${STACK_NAME}_badger_entrypoint_${BADGER_ENTRYPOINT_VERSION}
+    file: badger-entrypoint.sh.tmpl
    template_driver: golang
--- a/default.conf.tmpl
+++ b/default.conf.tmpl
--- a/htpasswd.conf.tmpl
+++ b/htpasswd.conf.tmpl
@ -1 +0,0 @@
-{{ env "AUTH_USERNAME" }}:{{ secret "auth_password" }}
				`@ -1 +0,0 @@`
				`{{ env "AUTH_USERNAME" }}:{{ secret "auth_password" }}`