From 615c5720828d8941bc191716af911257d8f8f2e0 Mon Sep 17 00:00:00 2001
From: David Goodwin <david@codepoets.co.uk>
Date: Fri, 10 Sep 2021 21:06:00 +0100
Subject: [PATCH] see https://github.com/postfixadmin/postfixadmin/issues/527 -
 try and make it easier to specify a setup_password

---
 apache/docker-entrypoint.sh     | 13 +++++++++++++
 docker-entrypoint.sh            | 13 +++++++++++++
 fpm-alpine/docker-entrypoint.sh | 13 +++++++++++++
 fpm/docker-entrypoint.sh        | 13 +++++++++++++
 4 files changed, 52 insertions(+)

diff --git a/apache/docker-entrypoint.sh b/apache/docker-entrypoint.sh
index df53586..ef7691e 100755
--- a/apache/docker-entrypoint.sh
+++ b/apache/docker-entrypoint.sh
@@ -39,6 +39,19 @@ POSTFIXADMIN_ENCRYPT=$(get_env_value "POSTFIXADMIN_ENCRYPT" "md5crypt")
 
 DEFAULT_SETUP_PASSWORD="changeme"
 POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD" "${DEFAULT_SETUP_PASSWORD}")
+POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT" "${DEFAULT_SETUP_PASSWORD}")
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_HASH" "${DEFAULT_SETUP_PASSWORD}")
+fi
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    if [ "${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}" != "${DEFAULT_SETUP_PASSWORD}" ]; then
+        # this fails if someone passes in a password containing a quote.
+        POSTFIXADMIN_SETUP_PASSWORD=$(php -r "echo password_hash('${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}', PASSWORD_DEFAULT);")
+    fi
+fi
+
 
 if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then
 
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index df53586..ef7691e 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -39,6 +39,19 @@ POSTFIXADMIN_ENCRYPT=$(get_env_value "POSTFIXADMIN_ENCRYPT" "md5crypt")
 
 DEFAULT_SETUP_PASSWORD="changeme"
 POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD" "${DEFAULT_SETUP_PASSWORD}")
+POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT" "${DEFAULT_SETUP_PASSWORD}")
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_HASH" "${DEFAULT_SETUP_PASSWORD}")
+fi
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    if [ "${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}" != "${DEFAULT_SETUP_PASSWORD}" ]; then
+        # this fails if someone passes in a password containing a quote.
+        POSTFIXADMIN_SETUP_PASSWORD=$(php -r "echo password_hash('${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}', PASSWORD_DEFAULT);")
+    fi
+fi
+
 
 if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then
 
diff --git a/fpm-alpine/docker-entrypoint.sh b/fpm-alpine/docker-entrypoint.sh
index 5218086..ddd7a44 100755
--- a/fpm-alpine/docker-entrypoint.sh
+++ b/fpm-alpine/docker-entrypoint.sh
@@ -39,6 +39,19 @@ POSTFIXADMIN_ENCRYPT=$(get_env_value "POSTFIXADMIN_ENCRYPT" "md5crypt")
 
 DEFAULT_SETUP_PASSWORD="changeme"
 POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD" "${DEFAULT_SETUP_PASSWORD}")
+POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT" "${DEFAULT_SETUP_PASSWORD}")
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_HASH" "${DEFAULT_SETUP_PASSWORD}")
+fi
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    if [ "${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}" != "${DEFAULT_SETUP_PASSWORD}" ]; then
+        # this fails if someone passes in a password containing a quote.
+        POSTFIXADMIN_SETUP_PASSWORD=$(php -r "echo password_hash('${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}', PASSWORD_DEFAULT);")
+    fi
+fi
+
 
 if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then
 
diff --git a/fpm/docker-entrypoint.sh b/fpm/docker-entrypoint.sh
index df53586..ef7691e 100755
--- a/fpm/docker-entrypoint.sh
+++ b/fpm/docker-entrypoint.sh
@@ -39,6 +39,19 @@ POSTFIXADMIN_ENCRYPT=$(get_env_value "POSTFIXADMIN_ENCRYPT" "md5crypt")
 
 DEFAULT_SETUP_PASSWORD="changeme"
 POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD" "${DEFAULT_SETUP_PASSWORD}")
+POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT" "${DEFAULT_SETUP_PASSWORD}")
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    POSTFIXADMIN_SETUP_PASSWORD=$(get_env_value "POSTFIXADMIN_SETUP_PASSWORD_HASH" "${DEFAULT_SETUP_PASSWORD}")
+fi
+
+if [ "${POSTFIXADMIN_SETUP_PASSWORD}" = "${DEFAULT_SETUP_PASSWORD}" ]; then
+    if [ "${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}" != "${DEFAULT_SETUP_PASSWORD}" ]; then
+        # this fails if someone passes in a password containing a quote.
+        POSTFIXADMIN_SETUP_PASSWORD=$(php -r "echo password_hash('${POSTFIXADMIN_SETUP_PASSWORD_CLEAR_TEXT}', PASSWORD_DEFAULT);")
+    fi
+fi
+
 
 if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then