test secrets

2026-02-16 10:30:44 +00:00 · 2022-07-13 18:28:10 +02:00
parent bfcfa68eae
commit 0862bc8c04
8 changed files with 141 additions and 1 deletions
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/hbbr/dependencies
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/hbbr/dependencies
@@ -0,0 +1 @@
+key-secret
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/hbbs/dependencies
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/hbbs/dependencies
@@ -1 +1,2 @@
+key-secret
 hbbr
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/type
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/type
@@ -0,0 +1 @@
+oneshot
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/up
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/up
@@ -0,0 +1 @@
+/etc/s6-overlay/s6-rc.d/key-secret/up.real
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/up.real
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/key-secret/up.real
@@ -0,0 +1,35 @@
+#!/command/with-contenv sh
+
+if [ ! -d /data ] ; then
+  mkdir /data
+fi
+
+# normal docker secrets
+if [ ! -f /data/id_ed25519.pub ] && [ -r /run/secrets/key_pub ] ; then
+  cp /run/secrets/key_pub /data/id_ed25519.pub
+  echo "Public key created from secret"
+fi
+
+if [ ! -f /data/id_ed25519 ] && [ -r /run/secrets/key_priv ] ; then
+  cp /run/secrets/key_priv /data/id_ed25519
+  echo "Private key created from secret"
+fi
+
+# ENV variables
+if [ ! -f /data/id_ed25519.pub ] && [ ! "$KEY_PUB" = "" ] ; then
+  echo -n "$KEY_PUB" > /data/id_ed25519.pub
+  echo "Public key created from ENV variable"
+fi
+
+if [ ! -f /data/id_ed25519 ] && [ ! "$KEY_PRIV" = "" ] ; then
+  echo -n "$KEY_PRIV" > /data/id_ed25519
+  echo "Private key created from ENV variable"
+fi
+
+# fix perms
+if [ -f /data/id_ed25519.pub ] ; then
+  chmod 600 /data/id_ed25519.pub 
+fi
+if [ -f /data/id_ed25519 ] ; then
+  chmod 600 /data/id_ed25519
+fi
--- a/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/key-secret
+++ b/docker/rootfs/etc/s6-overlay/s6-rc.d/user/contents.d/key-secret