Add comments and TODOs

.envrc.sample

@@ -2,3 +2,24 @@ export SERVICE=selfoss
 export DOMAIN=reader.example.com
 export STACK_NAME=selfoss
 export LETS_ENCRYPT_ENV=production
+
+# Selfoss options, see https://www.selfoss.aditu.de/#configuration
+
+# Options are sqlite, pgsql, mysql; currently sqlite and pgsql are supported
+# If you choose pgsql
+export SELFOSS_DB_TYPE=sqlite
+
+# Set these two variables to enable authentication
+export SELFOSS_USERNAME=
+export SELFOSS_PASSWORD=
+# The recommended /password hash script currently seems broken; use this instead:
+# 	http://www.passwordtool.hu/php5-password-hash-generator
+
+# Options are ERROR, WARNING, INFO, DEBU
+export SELFOSS_LOGGER_LEVEL=DEBUG
+
+export ENTRYPOINT_CONF_VERSION=v7
+export DB_PASSWORD_VERSION=v1
+# Not required yet, see
+# 	https://git.autonomic.zone/compose-stacks/selfoss/issues/3
+#export SELFOSS_PASSWORD_VERSION=v1

compose.yml

@@ -36,6 +36,8 @@ services:
     environment:
       - SELFOSS_USERNAME
       - SELFOSS_PASSWORD
+      # TODO 3wc: call PHP password_hash() on this before loading it, see
+      #   https://git.autonomic.zone/compose-stacks/selfoss/issues/3
       #- SELFOSS_PASSWORD_FILE=/run/secrets/selfoss_password
       - SELFOSS_DB_TYPE
       - SELFOSS_LOGGER_LEVEL
@@ -45,9 +47,9 @@ services:
       - SELFOSS_DB_PASSWORD_FILE=/run/secrets/db_password
     secrets:
       - db_password
+      # TODO 3wc: see above note about issue #3
       #- selfoss_password
     entrypoint: /docker-entrypoint.sh
-    #entrypoint: ['tail', '-f', '/dev/null']
     configs:
       - source: entrypoint_conf
         target: /docker-entrypoint.sh
@@ -57,6 +59,7 @@ services:
       - internal
     depends_on:
       - postgres
+    # TODO 3wc: not working currently, complains about YAML syntax error
     #healthcheck:
     #  test: ["CMD", "wget", "-f" "http://localhost:8888"]
     #  interval: 30s
@@ -77,6 +80,7 @@ secrets:
   db_password:    
     external: true 
     name: ${STACK_NAME}_db_password_${DB_PASSWORD_VERSION}
+  # TODO 3wc: see above note about issue #3
   #selfoss_password:    
   #  external: true 
   #  name: ${STACK_NAME}_selfoss_password_${SELFOSS_PASSWORD_VERSION}

entrypoint.sh.tmpl

@@ -1,6 +1,10 @@
 #!/usr/bin/env bash
 
 configure_php() {
+	# 3wc: these changes allow environment variables to propagate to PHP; Selfoss
+	# already loads its config from environment variables but unless we make these
+	# changes, it can't access them. See 
+	#	https://github.com/docker-library/php/pull/93/files
 	if ! grep -q '^clear_env = no' /etc/php7/php-fpm.d/www.conf; then
 		sed -i 's/;clear_env = no/clear_env = no/' /etc/php7/php-fpm.d/www.conf
 	fi
@@ -14,36 +18,40 @@ configure_php() {
 }
 
 file_env() {
-   local var="$1"
-   local fileVar="${var}_FILE"
-   local def="${2:-}"
+	# 3wc: Load $VAR_FILE into $VAR - useful for secrets. See
+	# 	https://medium.com/@adrian.gheorghe.dev/using-docker-secrets-in-your-environment-variables-7a0609659aab
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
 
-   if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
-      echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-      exit 1
-   fi
-   local val="$def"
-   if [ "${!var:-}" ]; then
-      val="${!var}"
-   elif [ "${!fileVar:-}" ]; then
-      val="$(< "${!fileVar}")"
-   fi
-   export "$var"="$val"
-   unset "$fileVar"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
 }
 
 load_vars() {
-   file_env "SELFOSS_PASSWORD"
-   file_env "SELFOSS_DB_PASSWORD"
+	file_env "SELFOSS_PASSWORD"
+	file_env "SELFOSS_DB_PASSWORD"
 }
 
 main() {
-   set -eu
+	set -eu
 
-	 configure_php
-   load_vars
+	configure_php
+	load_vars
 }
 
 main
 
+# 3wc: upstream ENTRYPOINT
+# https://github.com/theAkito/docker-selfoss/blob/master/Dockerfile
 run.sh