Skip to content

Support docker secrets for web password #584

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
diginc merged 1 commit into from
Feb 27, 2020
Merged

Support docker secrets for web password #584

diginc merged 1 commit into from
Feb 27, 2020

Conversation

@lightswitch05
Copy link
Member

@lightswitch05 lightswitch05 commented Feb 26, 2020

Support docker secrets for web password.

Description

This is the initial implementation for #556. I wanted to go ahead open a pull request to start discussions about the changes before I spent too much time with tests and documentation.

  • If WEBPASSWORD is set, WEBPASSWORD_FILE is ignored.
  • If WEBPASSWORD is empty, and WEBPASSWORD_FILE is set to a valid readable file path, then WEBPASSWORD will be set to the contents of WEBPASSWORD_FILE.

TODO:

  • Discuss changes with pihole team
  • Update documentation
  • Add tests for WEBPASSWORD_FILE

Example using with Docker Secrets:

version: "3.3"
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    network_mode: "host"
    environment:
      WEBPASSWORD_FILE: '/run/secrets/pihole_webpw'
    secrets:
      - pihole_webpw
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 1.1.1.1

secrets:
  pihole_webpw:
    file: my_file_secret.txt

Motivation and Context

This implements request #556

How Has This Been Tested?

Manually tested at the moment. Need to add actual tests once there has been some discussions on the implementation.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

@lightswitch05
Added 'WEBPASSWORD_FILE' environment variable to enable support for D…
6489242 
…ocker Secrets.

If 'WEBPASSWORD' is set, 'WEBPASSWORD_FILE' is ignored. If 'WEBPASSWORD' is empty, and 'WEBPASSWORD_FILE' is set to a valid readable file, then 'WEBPASSWORD' will be set to the contents of 'WEBPASSWORD_FILE'.

Signed-off-by: Daniel <daniel@developerdan.com>
@lightswitch05 lightswitch05 force-pushed the feature/support-docker-secrets-for-web-password branch from 707c263 to 6489242 Compare February 26, 2020 18:13
@diginc
Copy link
Collaborator

diginc commented Feb 27, 2020

Thanks, we'll get this build into the :dev image for more testing

@diginc diginc merged commit e6a9cd5 into pi-hole:dev Feb 27, 2020
This was referenced Feb 28, 2020
Closed
Closed
Closed
@dschaper
Copy link
Member

dschaper commented Mar 6, 2020

@lightswitch05 Can you send me your email at dan.schaper@pi-hole.net? We'd like to have you stop by our Mattermost server.

@tlgs tlgs mentioned this pull request Jun 17, 2021
Merged
6 tasks
@jeremyhayes jeremyhayes mentioned this pull request Aug 15, 2021
Open
@pralor-bot
Copy link

pralor-bot commented Feb 23, 2025

This pull request has been mentioned on Pi-hole Userspace. There might be relevant details there:

https://discourse.pi-hole.net/t/v6-on-docker-ftlconf-webserver-api-password-support-secrets/76150/4

This was referenced Feb 23, 2025
Merged
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@diginc diginc diginc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lightswitch05 @diginc @dschaper @pralor-bot