WSL/SLF GitLab Repository
Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
Menu
Open sidebar
EnviDat
ckan-container
Commits
5a643640
Commit
5a643640
authored
Feb 24, 2022
by
Sam
Browse files
modify repo to use env vars instead of secrets
parent
a82c8a55
Changes
6
Hide whitespace changes
Inline
Side-by-side
.env
View file @
5a643640
# BASIC CONFIG
CKAN_VERSION=2.9
PYTHON_VERSION=3.9
MAINTAINER=sam.woodcock@protonmail.com
INTERNAL_REG=registry.envidat.ch/envidat
EXTERNAL_REG=docker.io
# INJECTED SECRETS
CKAN_CONFIG_FILE=ckan.ini
CKAN_DB_INIT_PASS_FILE=.postgres.secret
CKAN_DB_SECRET_FILE=.db.secret
CKAN_SOLR_CREDS_FILE=.solr.secret
.gitignore
View file @
5a643640
*.secret
.db.env
.solr.env
ckan.ini
production.ini
\ No newline at end of file
ckan-entrypoint.sh
View file @
5a643640
...
...
@@ -9,20 +9,15 @@ abort () {
exit
1
}
if
[
-z
"
$CKAN_CONFIG_PATH
"
]
;
then
if
[
-f
"/run/secrets/ckan_config"
]
;
then
echo
"Linking existing config to
$CONFIG
"
ln
-sf
/run/secrets/ckan_config
"
$CONFIG
"
echo
"Extracting CKAN_SQLALCHEMY_URL"
CKAN_SQLALCHEMY_URL
=
$(
awk
-F
" = "
'/sqlalchemy.url/ {print $2;exit;}'
"
$CONFIG
"
)
SOLR_USER
=
$(
awk
-F
" = "
'/solr_user/ {print $2;exit;}'
"
$CONFIG
"
)
SOLR_PASS
=
$(
awk
-F
" = "
'/solr_password/ {print $2;exit;}'
"
$CONFIG
"
)
else
abort
"ERROR: CKAN_CONFIG_PATH specified, but file doesn't exist."
fi
if
[
-f
"/home/ckan/ckan.ini"
]
;
then
echo
"Linking existing config to
$CONFIG
"
ln
-sf
/home/ckan/ckan.ini
"
$CONFIG
"
echo
"Extracting CKAN_SQLALCHEMY_URL"
CKAN_SQLALCHEMY_URL
=
$(
awk
-F
" = "
'/sqlalchemy.url/ {print $2;exit;}'
"
$CONFIG
"
)
SOLR_USER
=
$(
awk
-F
" = "
'/solr_user/ {print $2;exit;}'
"
$CONFIG
"
)
SOLR_PASS
=
$(
awk
-F
" = "
'/solr_password/ {print $2;exit;}'
"
$CONFIG
"
)
else
abort
"ERROR: No
CKAN config file provide
d."
abort
"ERROR: No
ckan.ini file foun
d."
fi
# Wait for PostgreSQL
...
...
docker-compose.yml
View file @
5a643640
...
...
@@ -5,16 +5,6 @@ volumes:
pg_data
:
solr_data
:
secrets
:
ckan_config
:
file
:
./${CKAN_CONFIG_FILE:-/dev/null}
db_init_pass
:
file
:
./${CKAN_DB_INIT_PASS_FILE:-/dev/null}
db_env_secret
:
file
:
./${CKAN_DB_SECRET_FILE:-/dev/null}
solr_creds
:
file
:
./${CKAN_SOLR_CREDS_FILE:-/dev/null}
networks
:
ckan-internal
:
external
:
true
...
...
@@ -38,10 +28,9 @@ services:
-
"
8989:5000"
env_file
:
-
.env
secrets
:
-
ckan_config
volumes
:
-
ckan_storage:/var/lib/ckan
-
./ckan.ini:/home/ckan/ckan.ini
networks
:
-
ckan-internal
...
...
@@ -55,10 +44,8 @@ services:
-
MAINTAINER=${MAINTAINER}
environment
:
-
PGDATA=/var/lib/postgresql/data/db
-
POSTGRES_PASSWORD_FILE=/run/secrets/db_init_pass
secrets
:
-
db_init_pass
-
db_env_secret
env_file
:
-
.db.env
volumes
:
-
pg_data:/var/lib/postgresql/data
-
/etc/hosts:/etc/hosts:ro
...
...
@@ -88,8 +75,8 @@ services:
args
:
-
EXTERNAL_REG=${EXTERNAL_REG}
-
MAINTAINER=${MAINTAINER}
secrets
:
-
solr
_creds
env_file
:
-
.
solr
.env
networks
:
-
ckan-internal
depends_on
:
...
...
init_solr/init.sh
View file @
5a643640
...
...
@@ -5,11 +5,8 @@ abort () {
exit
1
}
if
[
-f
"/run/secrets/solr_creds"
]
;
then
echo
"Found solr credentials secret, sourcing..."
.
"/run/secrets/solr_creds"
else
abort
"ERROR: Solr credentials secret not found."
if
[
-z
"
$SOLR_CKAN_PASS
"
]
;
then
abort
"ERROR: Solr passwords not set in environment."
fi
echo
"Sleeping 5 seconds."
...
...
postgresql/docker-entrypoint-initdb.d/00_init_secrets.sh
deleted
100644 → 0
View file @
a82c8a55
#!/bin/bash
set
-eo
pipefail
if
[[
-f
"/run/secrets/db_env_secret"
]]
;
then
echo
"db_env_secret secret found, sourcing..."
source
/run/secrets/db_env_secret
else
echo
"db_env_secret secret not found."
fi
\ No newline at end of file
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment