Adds support for loading environment vars from file. (#938)

* Adds support for loading environment from file.
This commit is contained in:
Micah Zoltu 2023-12-05 19:19:30 +08:00 committed by GitHub
parent 480693fb9f
commit 6bdb524489
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -1,5 +1,27 @@
#!/bin/bash #!/bin/bash
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
val="$(< "${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
# Setup environment variables # Setup environment variables
export MODE="self-hosted" export MODE="self-hosted"
@ -44,10 +66,12 @@ if [ -z "$DB_PORT" ]; then
echo "DB_PORT is not set. Please set it in your .env file." echo "DB_PORT is not set. Please set it in your .env file."
exit 1 exit 1
fi fi
file_env 'DB_USERNAME'
if [ -z "$DB_USERNAME" ]; then if [ -z "$DB_USERNAME" ]; then
echo "DB_USERNAME is not set. Please set it in your .env file." echo "DB_USERNAME is not set. Please set it in your .env file."
exit 1 exit 1
fi fi
file_env 'DB_PASSWORD'
if [ -z "$DB_PASSWORD" ]; then if [ -z "$DB_PASSWORD" ]; then
echo "DB_PASSWORD is not set. Please set it in your .env file." echo "DB_PASSWORD is not set. Please set it in your .env file."
exit 1 exit 1
@ -89,11 +113,13 @@ fi
# SHARED # # SHARED #
########## ##########
file_env 'AUTH_JWT_SECRET'
if [ -z "$AUTH_JWT_SECRET" ]; then if [ -z "$AUTH_JWT_SECRET" ]; then
echo "AUTH_JWT_SECRET is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string." echo "AUTH_JWT_SECRET is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string."
exit 1 exit 1
fi fi
file_env 'VALET_TOKEN_SECRET'
if [ -z "$VALET_TOKEN_SECRET" ]; then if [ -z "$VALET_TOKEN_SECRET" ]; then
echo "VALET_TOKEN_SECRET is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string." echo "VALET_TOKEN_SECRET is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string."
exit 1 exit 1
@ -120,6 +146,7 @@ if [ -z "$AUTH_SERVER_DISABLE_USER_REGISTRATION" ]; then
export AUTH_SERVER_DISABLE_USER_REGISTRATION=false export AUTH_SERVER_DISABLE_USER_REGISTRATION=false
fi fi
file_env 'AUTH_SERVER_PSEUDO_KEY_PARAMS_KEY'
if [ -z "$AUTH_SERVER_PSEUDO_KEY_PARAMS_KEY" ]; then if [ -z "$AUTH_SERVER_PSEUDO_KEY_PARAMS_KEY" ]; then
export AUTH_SERVER_PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32) export AUTH_SERVER_PSEUDO_KEY_PARAMS_KEY=$(openssl rand -hex 32)
fi fi
@ -142,6 +169,7 @@ if [ -z "$AUTH_SERVER_EPHEMERAL_SESSION_AGE" ]; then
export AUTH_SERVER_EPHEMERAL_SESSION_AGE=259200 export AUTH_SERVER_EPHEMERAL_SESSION_AGE=259200
fi fi
file_env 'AUTH_SERVER_ENCRYPTION_SERVER_KEY'
if [ -z "$AUTH_SERVER_ENCRYPTION_SERVER_KEY" ]; then if [ -z "$AUTH_SERVER_ENCRYPTION_SERVER_KEY" ]; then
echo "AUTH_SERVER_ENCRYPTION_SERVER_KEY is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string." echo "AUTH_SERVER_ENCRYPTION_SERVER_KEY is not set. Please set it in your .env file. You can run 'openssl rand -hex 32' to generate a random string."
exit 1 exit 1
@ -161,9 +189,11 @@ fi
if [ -z "$AUTH_SERVER_SNS_ENDPOINT" ]; then if [ -z "$AUTH_SERVER_SNS_ENDPOINT" ]; then
export AUTH_SERVER_SNS_ENDPOINT="http://localstack:4566" export AUTH_SERVER_SNS_ENDPOINT="http://localstack:4566"
fi fi
file_env 'AUTH_SERVER_SNS_SECRET_ACCESS_KEY'
if [ -z "$AUTH_SERVER_SNS_SECRET_ACCESS_KEY" ]; then if [ -z "$AUTH_SERVER_SNS_SECRET_ACCESS_KEY" ]; then
export AUTH_SERVER_SNS_SECRET_ACCESS_KEY="x" export AUTH_SERVER_SNS_SECRET_ACCESS_KEY="x"
fi fi
file_env 'AUTH_SERVER_SNS_ACCESS_KEY_ID'
if [ -z "$AUTH_SERVER_SNS_ACCESS_KEY_ID" ]; then if [ -z "$AUTH_SERVER_SNS_ACCESS_KEY_ID" ]; then
export AUTH_SERVER_SNS_ACCESS_KEY_ID="x" export AUTH_SERVER_SNS_ACCESS_KEY_ID="x"
fi fi
@ -176,9 +206,11 @@ fi
if [ -z "$AUTH_SERVER_SQS_AWS_REGION" ]; then if [ -z "$AUTH_SERVER_SQS_AWS_REGION" ]; then
export AUTH_SERVER_SQS_AWS_REGION="us-east-1" export AUTH_SERVER_SQS_AWS_REGION="us-east-1"
fi fi
file_env 'AUTH_SERVER_SQS_ACCESS_KEY_ID'
if [ -z "$AUTH_SERVER_SQS_ACCESS_KEY_ID" ]; then if [ -z "$AUTH_SERVER_SQS_ACCESS_KEY_ID" ]; then
export AUTH_SERVER_SQS_ACCESS_KEY_ID="x" export AUTH_SERVER_SQS_ACCESS_KEY_ID="x"
fi fi
file_env 'AUTH_SERVER_SQS_SECRET_ACCESS_KEY'
if [ -z "$AUTH_SERVER_SQS_SECRET_ACCESS_KEY" ]; then if [ -z "$AUTH_SERVER_SQS_SECRET_ACCESS_KEY" ]; then
export AUTH_SERVER_SQS_SECRET_ACCESS_KEY="x" export AUTH_SERVER_SQS_SECRET_ACCESS_KEY="x"
fi fi
@ -218,9 +250,11 @@ fi
if [ -z "$SYNCING_SERVER_SNS_ENDPOINT" ]; then if [ -z "$SYNCING_SERVER_SNS_ENDPOINT" ]; then
export SYNCING_SERVER_SNS_ENDPOINT="http://localstack:4566" export SYNCING_SERVER_SNS_ENDPOINT="http://localstack:4566"
fi fi
file_env 'SYNCING_SERVER_SNS_SECRET_ACCESS_KEY'
if [ -z "$SYNCING_SERVER_SNS_SECRET_ACCESS_KEY" ]; then if [ -z "$SYNCING_SERVER_SNS_SECRET_ACCESS_KEY" ]; then
export SYNCING_SERVER_SNS_SECRET_ACCESS_KEY="x" export SYNCING_SERVER_SNS_SECRET_ACCESS_KEY="x"
fi fi
file_env 'SYNCING_SERVER_SNS_ACCESS_KEY_ID'
if [ -z "$SYNCING_SERVER_SNS_ACCESS_KEY_ID" ]; then if [ -z "$SYNCING_SERVER_SNS_ACCESS_KEY_ID" ]; then
export SYNCING_SERVER_SNS_ACCESS_KEY_ID="x" export SYNCING_SERVER_SNS_ACCESS_KEY_ID="x"
fi fi
@ -233,9 +267,11 @@ fi
if [ -z "$SYNCING_SERVER_SQS_AWS_REGION" ]; then if [ -z "$SYNCING_SERVER_SQS_AWS_REGION" ]; then
export SYNCING_SERVER_SQS_AWS_REGION="us-east-1" export SYNCING_SERVER_SQS_AWS_REGION="us-east-1"
fi fi
file_env 'SYNCING_SERVER_SQS_ACCESS_KEY_ID'
if [ -z "$SYNCING_SERVER_SQS_ACCESS_KEY_ID" ]; then if [ -z "$SYNCING_SERVER_SQS_ACCESS_KEY_ID" ]; then
export SYNCING_SERVER_SQS_ACCESS_KEY_ID="x" export SYNCING_SERVER_SQS_ACCESS_KEY_ID="x"
fi fi
file_env 'SYNCING_SERVER_SQS_SECRET_ACCESS_KEY'
if [ -z "$SYNCING_SERVER_SQS_SECRET_ACCESS_KEY" ]; then if [ -z "$SYNCING_SERVER_SQS_SECRET_ACCESS_KEY" ]; then
export SYNCING_SERVER_SQS_SECRET_ACCESS_KEY="x" export SYNCING_SERVER_SQS_SECRET_ACCESS_KEY="x"
fi fi
@ -278,9 +314,11 @@ fi
if [ -z "$FILES_SERVER_SNS_ENDPOINT" ]; then if [ -z "$FILES_SERVER_SNS_ENDPOINT" ]; then
export FILES_SERVER_SNS_ENDPOINT="http://localstack:4566" export FILES_SERVER_SNS_ENDPOINT="http://localstack:4566"
fi fi
file_env 'FILES_SERVER_SNS_SECRET_ACCESS_KEY'
if [ -z "$FILES_SERVER_SNS_SECRET_ACCESS_KEY" ]; then if [ -z "$FILES_SERVER_SNS_SECRET_ACCESS_KEY" ]; then
export FILES_SERVER_SNS_SECRET_ACCESS_KEY="x" export FILES_SERVER_SNS_SECRET_ACCESS_KEY="x"
fi fi
file_env 'FILES_SERVER_SNS_ACCESS_KEY_ID'
if [ -z "$FILES_SERVER_SNS_ACCESS_KEY_ID" ]; then if [ -z "$FILES_SERVER_SNS_ACCESS_KEY_ID" ]; then
export FILES_SERVER_SNS_ACCESS_KEY_ID="x" export FILES_SERVER_SNS_ACCESS_KEY_ID="x"
fi fi
@ -293,9 +331,11 @@ fi
if [ -z "$FILES_SERVER_SQS_AWS_REGION" ]; then if [ -z "$FILES_SERVER_SQS_AWS_REGION" ]; then
export FILES_SERVER_SQS_AWS_REGION="us-east-1" export FILES_SERVER_SQS_AWS_REGION="us-east-1"
fi fi
file_env 'FILES_SERVER_SQS_ACCESS_KEY_ID'
if [ -z "$FILES_SERVER_SQS_ACCESS_KEY_ID" ]; then if [ -z "$FILES_SERVER_SQS_ACCESS_KEY_ID" ]; then
export FILES_SERVER_SQS_ACCESS_KEY_ID="x" export FILES_SERVER_SQS_ACCESS_KEY_ID="x"
fi fi
file_env 'FILES_SERVER_SQS_SECRET_ACCESS_KEY'
if [ -z "$FILES_SERVER_SQS_SECRET_ACCESS_KEY" ]; then if [ -z "$FILES_SERVER_SQS_SECRET_ACCESS_KEY" ]; then
export FILES_SERVER_SQS_SECRET_ACCESS_KEY="x" export FILES_SERVER_SQS_SECRET_ACCESS_KEY="x"
fi fi
@ -322,9 +362,11 @@ fi
if [ -z "$REVISIONS_SERVER_SNS_ENDPOINT" ]; then if [ -z "$REVISIONS_SERVER_SNS_ENDPOINT" ]; then
export REVISIONS_SERVER_SNS_ENDPOINT="http://localstack:4566" export REVISIONS_SERVER_SNS_ENDPOINT="http://localstack:4566"
fi fi
file_env 'REVISIONS_SERVER_SNS_SECRET_ACCESS_KEY'
if [ -z "$REVISIONS_SERVER_SNS_SECRET_ACCESS_KEY" ]; then if [ -z "$REVISIONS_SERVER_SNS_SECRET_ACCESS_KEY" ]; then
export REVISIONS_SERVER_SNS_SECRET_ACCESS_KEY="x" export REVISIONS_SERVER_SNS_SECRET_ACCESS_KEY="x"
fi fi
file_env 'REVISIONS_SERVER_SNS_ACCESS_KEY_ID'
if [ -z "$REVISIONS_SERVER_SNS_ACCESS_KEY_ID" ]; then if [ -z "$REVISIONS_SERVER_SNS_ACCESS_KEY_ID" ]; then
export REVISIONS_SERVER_SNS_ACCESS_KEY_ID="x" export REVISIONS_SERVER_SNS_ACCESS_KEY_ID="x"
fi fi
@ -337,9 +379,11 @@ fi
if [ -z "$REVISIONS_SERVER_SQS_AWS_REGION" ]; then if [ -z "$REVISIONS_SERVER_SQS_AWS_REGION" ]; then
export REVISIONS_SERVER_SQS_AWS_REGION="us-east-1" export REVISIONS_SERVER_SQS_AWS_REGION="us-east-1"
fi fi
file_env 'REVISIONS_SERVER_SQS_ACCESS_KEY_ID'
if [ -z "$REVISIONS_SERVER_SQS_ACCESS_KEY_ID" ]; then if [ -z "$REVISIONS_SERVER_SQS_ACCESS_KEY_ID" ]; then
export REVISIONS_SERVER_SQS_ACCESS_KEY_ID="x" export REVISIONS_SERVER_SQS_ACCESS_KEY_ID="x"
fi fi
file_env 'REVISIONS_SERVER_SQS_SECRET_ACCESS_KEY'
if [ -z "$REVISIONS_SERVER_SQS_SECRET_ACCESS_KEY" ]; then if [ -z "$REVISIONS_SERVER_SQS_SECRET_ACCESS_KEY" ]; then
export REVISIONS_SERVER_SQS_SECRET_ACCESS_KEY="x" export REVISIONS_SERVER_SQS_SECRET_ACCESS_KEY="x"
fi fi