Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support docker secrets for web password #584

Conversation

lightswitch05
Copy link
Member

@lightswitch05 lightswitch05 commented Feb 26, 2020

Support docker secrets for web password.

Description

This is the initial implementation for #556. I wanted to go ahead open a pull request to start discussions about the changes before I spent too much time with tests and documentation.

  • If WEBPASSWORD is set, WEBPASSWORD_FILE is ignored.
  • If WEBPASSWORD is empty, and WEBPASSWORD_FILE is set to a valid readable file path, then WEBPASSWORD will be set to the contents of WEBPASSWORD_FILE.

TODO:

  • Discuss changes with pihole team
  • Update documentation
  • Add tests for WEBPASSWORD_FILE

Example using with Docker Secrets:

version: "3.3"
services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    network_mode: "host"
    environment:
      WEBPASSWORD_FILE: '/run/secrets/pihole_webpw'
    secrets:
      - pihole_webpw
    # Volumes store your data between container upgrades
    volumes:
      - './etc-pihole/:/etc/pihole/'
      - './etc-dnsmasq.d/:/etc/dnsmasq.d/'
    dns:
      - 127.0.0.1
      - 1.1.1.1

secrets:
  pihole_webpw:
    file: my_file_secret.txt

Motivation and Context

This implements request #556

How Has This Been Tested?

Manually tested at the moment. Need to add actual tests once there has been some discussions on the implementation.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

…ocker Secrets.

If 'WEBPASSWORD' is set, 'WEBPASSWORD_FILE' is ignored. If 'WEBPASSWORD' is empty, and 'WEBPASSWORD_FILE' is set to a valid readable file, then 'WEBPASSWORD' will be set to the contents of 'WEBPASSWORD_FILE'.

Signed-off-by: Daniel <daniel@developerdan.com>
@lightswitch05 lightswitch05 force-pushed the feature/support-docker-secrets-for-web-password branch from 707c263 to 6489242 Compare Feb 26, 2020
diginc
diginc approved these changes Feb 27, 2020
@diginc
Copy link
Member

@diginc diginc commented Feb 27, 2020

Thanks, we'll get this build into the :dev image for more testing

@diginc diginc merged commit e6a9cd5 into pi-hole:dev Feb 27, 2020
1 check passed
@dschaper
Copy link
Member

@dschaper dschaper commented Mar 6, 2020

@lightswitch05 Can you send me your email at dan.schaper@pi-hole.net? We'd like to have you stop by our Mattermost server.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants