Use Docker secrets if available and otherwise generate a random key. Fixes issue #59.
Also consider secrets for database credentials as suggested in issue #46.
docker run --link=mysql:mysql -d roundcube/roundcubemail
```
+## Docker Secrets
+
+When running the Roundcube container in a Docker Swarm, you can use [Docker Secrets](https://docs.docker.com/engine/swarm/secrets/)
+to share credentials accross all instances. The following secrets are currently supported by Roundcube:
+
+* `roundcube_des_key`: Unique and random key for encryption purposes
+* `roundcube_db_user`: Database connection username (mappend to `ROUNDCUBEMAIL_DB_USER`)
+* `roundcube_db_password`: Database connection password (mappend to `ROUNDCUBEMAIL_DB_PASSWORD`)
+
### Advanced configuration
Apart from the above described environment variables, the Docker image also allows to add custom config files
echo >&2 "Complete! ROUNDCUBEMAIL has been successfully copied to $PWD"
fi
+ if [ -f /run/secrets/roundcube_db_user]; then
+ ROUNDCUBEMAIL_DB_USER=`cat /run/secrets/roundcube_db_user`
+ fi
+ if [ -f /run/secrets/roundcube_db_password]; then
+ ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password`
+ fi
+
if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then
: "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}"
: "${ROUNDCUBEMAIL_DB_HOST:=postgres}"
if [ ! -e config/config.inc.php ]; then
ROUNDCUBEMAIL_PLUGINS_PHP=`echo "${ROUNDCUBEMAIL_PLUGINS}" | sed -E "s/[, ]+/', '/g"`
+ ROUNDCUBEMAIL_DES_KEY=`test -f /run/secrets/roundcube_des_key && cat /run/secrets/roundcube_des_key || head /dev/urandom | base64 | head -c 24`
touch config/config.inc.php
echo "Write config to $PWD/config/config.inc.php"
\$config['smtp_port'] = '${ROUNDCUBEMAIL_SMTP_PORT}';
\$config['smtp_user'] = '%u';
\$config['smtp_pass'] = '%p';
+ \$config['des_key'] = '${ROUNDCUBEMAIL_DES_KEY}';
\$config['temp_dir'] = '${ROUNDCUBEMAIL_TEMP_DIR}';
\$config['plugins'] = ['${ROUNDCUBEMAIL_PLUGINS_PHP}'];
\$config['zipdownload_selection'] = true;
echo >&2 "Complete! ROUNDCUBEMAIL has been successfully copied to $PWD"
fi
+ if [ -f /run/secrets/roundcube_db_user]; then
+ ROUNDCUBEMAIL_DB_USER=`cat /run/secrets/roundcube_db_user`
+ fi
+ if [ -f /run/secrets/roundcube_db_password]; then
+ ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password`
+ fi
+
if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then
: "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}"
: "${ROUNDCUBEMAIL_DB_HOST:=postgres}"
if [ ! -e config/config.inc.php ]; then
ROUNDCUBEMAIL_PLUGINS_PHP=`echo "${ROUNDCUBEMAIL_PLUGINS}" | sed -E "s/[, ]+/', '/g"`
+ ROUNDCUBEMAIL_DES_KEY=`test -f /run/secrets/roundcube_des_key && cat /run/secrets/roundcube_des_key || head /dev/urandom | base64 | head -c 24`
touch config/config.inc.php
echo "Write config to $PWD/config/config.inc.php"
\$config['smtp_port'] = '${ROUNDCUBEMAIL_SMTP_PORT}';
\$config['smtp_user'] = '%u';
\$config['smtp_pass'] = '%p';
+ \$config['des_key'] = '${ROUNDCUBEMAIL_DES_KEY}';
\$config['temp_dir'] = '${ROUNDCUBEMAIL_TEMP_DIR}';
\$config['plugins'] = ['${ROUNDCUBEMAIL_PLUGINS_PHP}'];
\$config['zipdownload_selection'] = true;
echo >&2 "Complete! ROUNDCUBEMAIL has been successfully copied to $PWD"
fi
+ if [ -f /run/secrets/roundcube_db_user]; then
+ ROUNDCUBEMAIL_DB_USER=`cat /run/secrets/roundcube_db_user`
+ fi
+ if [ -f /run/secrets/roundcube_db_password]; then
+ ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password`
+ fi
+
if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then
: "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}"
: "${ROUNDCUBEMAIL_DB_HOST:=postgres}"
if [ ! -e config/config.inc.php ]; then
ROUNDCUBEMAIL_PLUGINS_PHP=`echo "${ROUNDCUBEMAIL_PLUGINS}" | sed -E "s/[, ]+/', '/g"`
+ ROUNDCUBEMAIL_DES_KEY=`test -f /run/secrets/roundcube_des_key && cat /run/secrets/roundcube_des_key || head /dev/urandom | base64 | head -c 24`
touch config/config.inc.php
echo "Write config to $PWD/config/config.inc.php"
\$config['smtp_port'] = '${ROUNDCUBEMAIL_SMTP_PORT}';
\$config['smtp_user'] = '%u';
\$config['smtp_pass'] = '%p';
+ \$config['des_key'] = '${ROUNDCUBEMAIL_DES_KEY}';
\$config['temp_dir'] = '${ROUNDCUBEMAIL_TEMP_DIR}';
\$config['plugins'] = ['${ROUNDCUBEMAIL_PLUGINS_PHP}'];
\$config['zipdownload_selection'] = true;
git.99rst.org / roundcube-roundcubemail-docker.git / commitdiff