-
Notifications
You must be signed in to change notification settings - Fork 100
/
container_env
54 lines (42 loc) · 2.02 KB
/
container_env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
#!/bin/bash
[[ -n "$(ls -A /etc/pki/ca-trust/source/anchors)" ]] && update-ca-trust
[[ -s /etc/default/evm ]] && source /etc/default/evm
[[ -f /run/secrets/postgresql/POSTGRESQL_DATABASE ]] && database_name_file=$(cat /run/secrets/postgresql/POSTGRESQL_DATABASE)
database_name=${DATABASE_NAME:-$database_name_file}
database_name=${database_name:-db_unknown}
[[ -f /run/secrets/postgresql/POSTGRESQL_HOSTNAME ]] && database_hostname_file=$(cat /run/secrets/postgresql/POSTGRESQL_HOSTNAME)
database_hostname=${DATABASE_HOSTNAME:-$database_hostname_file}
database_hostname=${database_hostname:-localhost}
[[ -f /run/secrets/postgresql/POSTGRESQL_PASSWORD ]] && database_password_file=$(cat /run/secrets/postgresql/POSTGRESQL_PASSWORD)
database_password=${DATABASE_PASSWORD:-$database_password_file}
[[ -f /run/secrets/postgresql/POSTGRESQL_PORT ]] && database_port_file=$(cat /run/secrets/postgresql/POSTGRESQL_PORT)
database_port=${DATABASE_PORT:-$database_port_file}
database_port=${database_port:-5432}
[[ -f /run/secrets/postgresql/POSTGRESQL_USER ]] && database_username_file=$(cat /run/secrets/postgresql/POSTGRESQL_USER)
database_username=${DATABASE_USERNAME:-$database_username_file}
database_ssl_mode=${DATABASE_SSL_MODE:-prefer}
echo "== Writing database config =="
cat > ${APP_ROOT}/config/database.yml << KEY
---
production:
adapter: postgresql
username: ${database_username}
password: ${database_password}
host: ${database_hostname}
database: ${database_name}
port: ${database_port}
encoding: utf8
pool: 5
wait_timeout: 5
ssl_mode: ${database_ssl_mode}
KEY
[[ -f /.postgresql/root.crt ]] && echo " sslrootcert=/.postgresql/root.crt" >> ${APP_ROOT}/config/database.yml
[[ -f /run/secrets/manageiq/application/encryption_key ]] && encryption_key_file=$(cat /run/secrets/manageiq/application/encryption_key)
encryption_key=${ENCRYPTION_KEY:-$encryption_key_file}
echo "== Writing encryption key =="
cat > ${APP_ROOT}/certs/v2_key << KEY
---
:algorithm: aes-256-cbc
:key: ${encryption_key}
KEY
echo "${GUID}" > ${APP_ROOT}/GUID