added integration for docker secrets

2024-12-18 23:41:39 +03:00 · 2021-11-20 10:54:34 +11:00 · 2021-11-20 10:54:34 +11:00 · 7a8808df4f
commit 7a8808df4f
parent 4c1c0087c7
7 changed files with 4242 additions and 13 deletions
--- a/.docker/docker-compose.yml
+++ b/.docker/docker-compose.yml
@ -1,4 +1,9 @@
-version: '3'
+version: "3"
 secrets:
  password:
    file: ./secrets/password
 services:
  flame:
    image: pawelmalak/flame
@ -7,6 +12,8 @@ services:
      - /path/to/data:/app/data
    ports:
      - 5005:5005
    secrets:
      - password
    environment:
-      - PASSWORD=flame_password
+      - PASSWORD_FILE=/run/secrets/password
    restart: unless-stopped
--- a/.docker/secrets/password
+++ b/.docker/secrets/password
@ -0,0 +1 @@
 flame_docker_secret_password
--- a/README.md
+++ b/README.md
@ -70,6 +70,10 @@ services:
    restart: unless-stopped
 ```
 ##### Docker Secrets
 All environment variables set can be overwritten by appending `_FILE` to the variable value.For example, you can use `PASSWORD_FILE` to pass through a docker secret instead of `PASSWORD`. If both `PASSWORD` and `PASSWORD_FILE` are set, the docker secret will take precedent. An example using docker secrets is available in [here](.docker/docker-compose.yml).
 #### Skaffold
 ```sh
@ -212,7 +216,7 @@ metadata:
 - Backup your `db.sqlite` before running script!
 - Known Issues:
  - generated icons are sometimes incorrect
-  
+
 ```bash
 pip3 install Pillow, beautifulsoup4
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@ -22,6 +22,7 @@
    "axios": "^0.24.0",
    "colors": "^1.4.0",
    "concurrently": "^6.3.0",
    "docker-secret": "^1.2.3",
    "dotenv": "^10.0.0",
    "express": "^4.17.1",
    "jsonwebtoken": "^8.5.1",
--- a/utils/init/index.js
+++ b/utils/init/index.js
@ -1,7 +1,9 @@
 const initConfig = require('./initConfig');
 const initFiles = require('./initFiles');
 const initSecrets = require('./initSecrets');
 const initApp = async () => {
  initSecrets();
  await initFiles();
  await initConfig();
 };
--- a/utils/init/initSecrets.js
+++ b/utils/init/initSecrets.js
@ -0,0 +1,15 @@
 const { getSecrets } = require('docker-secret');
 const Logger = require('../Logger');
 const logger = new Logger();
 const initSecrets = () => {
  const secrets = getSecrets();
  for (const property in secrets) {
    const upperProperty = property.toUpperCase();
    process.env[upperProperty] = secrets[property];
    logger.log(`${upperProperty} was overwritten with docker secret value`, 'WARN');
  }
 };
 module.exports = initSecrets;