safebox/guacamole-client
4
0
Fork 0
mirror of https://github.com/gyurix1968/guacamole-client.git synced 2025-09-06 13:17:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

GUACAMOLE-626: Add Docker secret support for MySQL and Postgres

Browse Source 
Add support for reading from docker secret files. New script prefers environment variables ending with _FILE over normal variables, meaning that Docker secrets will take precedence. You can, however, mix variable types, ex. MYSQL_USER uses a normal environment variable, while MYSQL_PASSWORD uses a secret.
This commit is contained in:
Thomas John Wesolowski
2018-08-09 22:06:24 -05:00
committed by Thomas Wesolowski
parent 735b22bcf0
commit 32c2618ca9
1 changed files with 68 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

84
guacamole-docker/bin/start.sh
View File

@@ -125,13 +125,13 @@ END
exit 1; exit 1;
fi fi
# Verify required parameters are present MYSQL_MISSING_VARS=`cat <<END
if [ -z "$MYSQL_USER" -o -z "$MYSQL_PASSWORD" -o -z "$MYSQL_DATABASE" ]; then
cat <<END
FATAL: Missing required environment variables FATAL: Missing required environment variables
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
If using a MySQL database, you must provide each of the following If using a MySQL database, you must provide each of the following
environment variables: environment variables or their corresponding Docker secrets by appending _FILE
to the environment variable, and setting the value to the path of the
corresponding secret:
MYSQL_USER The user to authenticate as when connecting to MYSQL_USER The user to authenticate as when connecting to
MySQL. MySQL.
@@ -141,16 +141,39 @@ environment variables:
MYSQL_DATABASE The name of the MySQL database to use for Guacamole MYSQL_DATABASE The name of the MySQL database to use for Guacamole
authentication. authentication.
END END`
# Verify that the required Docker secrets are present, else, default to their normal environment variables
if [ -n "$MYSQL_USER_FILE" ]; then
set_property "mysql-username" `cat $MYSQL_USER_FILE`
elif [ -n "$MYSQL_USER" ]; then
set_property "mysql-username" "$MYSQL_USER"
else
cat "$MYSQL_MISSING_VARS"
exit 1;
fi
if [ -n "$MYSQL_PASSWORD_FILE" ]; then
set_property "mysql-password" `cat $MYSQL_PASSWORD_FILE`
elif [ -n "$MYSQL_PASSWORD" ]; then
set_property "mysql-password" "$MYSQL_PASSWORD"
else
cat "$MYSQL_MISSING_VARS"
exit 1;
fi
if [ -n "$MYSQL_DATABASE_FILE" ]; then
set_property "mysql-database" `cat $MYSQL_DATABASE_FILE`
elif [ -n "$MYSQL_DATABASE" ]; then
set_property "mysql-database" "$MYSQL_DATABASE"
else
cat "$MYSQL_MISSING_VARS"
exit 1; exit 1;
fi fi
# Update config file # Update config file
set_property "mysql-hostname" "$MYSQL_HOSTNAME" set_property "mysql-hostname" "$MYSQL_HOSTNAME"
set_property "mysql-port" "$MYSQL_PORT" set_property "mysql-port" "$MYSQL_PORT"
set_property "mysql-database" "$MYSQL_DATABASE"
set_property "mysql-username" "$MYSQL_USER"
set_property "mysql-password" "$MYSQL_PASSWORD"
set_optional_property \ set_optional_property \
"mysql-absolute-max-connections" \ "mysql-absolute-max-connections" \
@@ -221,13 +244,13 @@ END
exit 1; exit 1;
fi fi
# Verify required parameters are present POSTGRES_MISSING_VARS=`cat <<END
if [ -z "$POSTGRES_USER" -o -z "$POSTGRES_PASSWORD" -o -z "$POSTGRES_DATABASE" ]; then
cat <<END
FATAL: Missing required environment variables FATAL: Missing required environment variables
------------------------------------------------------------------------------- -------------------------------------------------------------------------------
If using a PostgreSQL database, you must provide each of the following If using a PostgreSQL database, you must provide each of the following
environment variables: environment variables or their corresponding Docker secrets by appending _FILE
to the environment variable, and setting the value to the path of the
corresponding secret:
POSTGRES_USER The user to authenticate as when connecting to POSTGRES_USER The user to authenticate as when connecting to
PostgreSQL. PostgreSQL.
@@ -237,16 +260,45 @@ environment variables:
POSTGRES_DATABASE The name of the PostgreSQL database to use for Guacamole POSTGRES_DATABASE The name of the PostgreSQL database to use for Guacamole
authentication. authentication.
END END`
# Verify that the required Docker secrets are present, else, default to their normal environment variables
if [ -n "$POSTGRES_USER_FILE" ]; then
set_property "postgresql-username" `cat $POSTGRES_USER_FILE`
elif [ -n "$POSTGRES_USER" ]; then
set_property "postgresql-username" "$POSTGRES_USER"
else
cat "$POSTGRES_MISSING_VARS"
exit 1;
fi
if [ -n "$POSTGRES_PASSWORD_FILE" ]; then
set_property "postgresql-password" `cat $POSTGRES_PASSWORD_FILE`
elif [ -n "$POSTGRES_PASSWORD" ]; then
set_property "postgresql-password" "$POSTGRES_PASSWORD"
else
cat "$POSTGRES_MISSING_VARS"
exit 1;
fi
if [ -n "$POSTGRES_DATABASE_FILE" ]; then
set_property "postgresql-database" `cat $POSTGRES_DATABASE_FILE`
elif [ -n "$POSTGRES_DATABASE" ]; then
set_property "postgresql-database" "$POSTGRES_DATABASE"
else
cat "$POSTGRES_MISSING_VARS"
exit 1;
fi
# Verify required parameters are present
if [ -z "$POSTGRES_USER" -o -z "$POSTGRES_PASSWORD" -o -z "$POSTGRES_DATABASE" ]; then
cat
exit 1; exit 1;
fi fi
# Update config file # Update config file
set_property "postgresql-hostname" "$POSTGRES_HOSTNAME" set_property "postgresql-hostname" "$POSTGRES_HOSTNAME"
set_property "postgresql-port" "$POSTGRES_PORT" set_property "postgresql-port" "$POSTGRES_PORT"
set_property "postgresql-database" "$POSTGRES_DATABASE"
set_property "postgresql-username" "$POSTGRES_USER"
set_property "postgresql-password" "$POSTGRES_PASSWORD"
set_optional_property \ set_optional_property \
"postgresql-absolute-max-connections" \ "postgresql-absolute-max-connections" \