From: indridieinarsson Date: Sun, 19 May 2024 20:20:25 +0000 (+0000) Subject: Oauth client secret as docker secret for roundcube docker (#247) X-Git-Url: http://git.99rst.org/?a=commitdiff_plain;h=3e0abad485e7890201e3c378f30a5ac56fd27f53;p=roundcube-roundcubemail-docker.git Oauth client secret as docker secret for roundcube docker (#247) * Add support for docker secrets for oauth secret - apache version only * Add oauth secret handling to template * Add oauth secret handling to template. Generate examples from template --------- Co-authored-by: IndriĆ°i Einarsson --- diff --git a/README.md b/README.md index c590523..18f1818 100644 --- a/README.md +++ b/README.md @@ -103,6 +103,7 @@ to share credentials across all instances. The following secrets are currently s * `roundcube_des_key`: Unique and random key for encryption purposes * `roundcube_db_user`: Database connection username (mappend to `ROUNDCUBEMAIL_DB_USER`) * `roundcube_db_password`: Database connection password (mappend to `ROUNDCUBEMAIL_DB_PASSWORD`) +* `roundcube_oauth_client_secret`: OAuth client secret (mappend to `ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET`) ## Advanced configuration diff --git a/apache/docker-entrypoint.sh b/apache/docker-entrypoint.sh index f76c042..0ffdc1d 100755 --- a/apache/docker-entrypoint.sh +++ b/apache/docker-entrypoint.sh @@ -27,6 +27,9 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then if [ -f /run/secrets/roundcube_db_password ]; then ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password` fi + if [ -f /run/secrets/roundcube_oauth_client_secret ]; then + ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET=`cat /run/secrets/roundcube_oauth_client_secret` + fi if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}" @@ -111,6 +114,10 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then echo "\$config['des_key'] = getenv('ROUNDCUBEMAIL_DES_KEY');" >> config/config.docker.inc.php fi + if [ ! -z "${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}" ]; then + echo "\$config['oauth_client_secret'] = '${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}';" >> config/config.docker.inc.php + fi + if [ ! -z "${ROUNDCUBEMAIL_SPELLCHECK_URI}"]; then echo "\$config['spellcheck_engine'] = 'googie';" >> config/config.docker.inc.php echo "\$config['spellcheck_uri'] = '${ROUNDCUBEMAIL_SPELLCHECK_URI}';" >> config/config.docker.inc.php diff --git a/fpm-alpine/docker-entrypoint.sh b/fpm-alpine/docker-entrypoint.sh index f76c042..0ffdc1d 100755 --- a/fpm-alpine/docker-entrypoint.sh +++ b/fpm-alpine/docker-entrypoint.sh @@ -27,6 +27,9 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then if [ -f /run/secrets/roundcube_db_password ]; then ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password` fi + if [ -f /run/secrets/roundcube_oauth_client_secret ]; then + ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET=`cat /run/secrets/roundcube_oauth_client_secret` + fi if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}" @@ -111,6 +114,10 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then echo "\$config['des_key'] = getenv('ROUNDCUBEMAIL_DES_KEY');" >> config/config.docker.inc.php fi + if [ ! -z "${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}" ]; then + echo "\$config['oauth_client_secret'] = '${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}';" >> config/config.docker.inc.php + fi + if [ ! -z "${ROUNDCUBEMAIL_SPELLCHECK_URI}"]; then echo "\$config['spellcheck_engine'] = 'googie';" >> config/config.docker.inc.php echo "\$config['spellcheck_uri'] = '${ROUNDCUBEMAIL_SPELLCHECK_URI}';" >> config/config.docker.inc.php diff --git a/fpm/docker-entrypoint.sh b/fpm/docker-entrypoint.sh index f76c042..0ffdc1d 100755 --- a/fpm/docker-entrypoint.sh +++ b/fpm/docker-entrypoint.sh @@ -27,6 +27,9 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then if [ -f /run/secrets/roundcube_db_password ]; then ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password` fi + if [ -f /run/secrets/roundcube_oauth_client_secret ]; then + ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET=`cat /run/secrets/roundcube_oauth_client_secret` + fi if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}" @@ -111,6 +114,10 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then echo "\$config['des_key'] = getenv('ROUNDCUBEMAIL_DES_KEY');" >> config/config.docker.inc.php fi + if [ ! -z "${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}" ]; then + echo "\$config['oauth_client_secret'] = '${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}';" >> config/config.docker.inc.php + fi + if [ ! -z "${ROUNDCUBEMAIL_SPELLCHECK_URI}"]; then echo "\$config['spellcheck_engine'] = 'googie';" >> config/config.docker.inc.php echo "\$config['spellcheck_uri'] = '${ROUNDCUBEMAIL_SPELLCHECK_URI}';" >> config/config.docker.inc.php diff --git a/templates/docker-entrypoint.sh b/templates/docker-entrypoint.sh index f76c042..0ffdc1d 100644 --- a/templates/docker-entrypoint.sh +++ b/templates/docker-entrypoint.sh @@ -27,6 +27,9 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then if [ -f /run/secrets/roundcube_db_password ]; then ROUNDCUBEMAIL_DB_PASSWORD=`cat /run/secrets/roundcube_db_password` fi + if [ -f /run/secrets/roundcube_oauth_client_secret ]; then + ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET=`cat /run/secrets/roundcube_oauth_client_secret` + fi if [ ! -z "${!POSTGRES_ENV_POSTGRES_*}" ] || [ "$ROUNDCUBEMAIL_DB_TYPE" == "pgsql" ]; then : "${ROUNDCUBEMAIL_DB_TYPE:=pgsql}" @@ -111,6 +114,10 @@ if [[ "$1" == apache2* ]] || [ "$1" == php-fpm ]; then echo "\$config['des_key'] = getenv('ROUNDCUBEMAIL_DES_KEY');" >> config/config.docker.inc.php fi + if [ ! -z "${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}" ]; then + echo "\$config['oauth_client_secret'] = '${ROUNDCUBEMAIL_OAUTH_CLIENT_SECRET}';" >> config/config.docker.inc.php + fi + if [ ! -z "${ROUNDCUBEMAIL_SPELLCHECK_URI}"]; then echo "\$config['spellcheck_engine'] = 'googie';" >> config/config.docker.inc.php echo "\$config['spellcheck_uri'] = '${ROUNDCUBEMAIL_SPELLCHECK_URI}';" >> config/config.docker.inc.php