2020-04-24 21:44:54 +05:00
|
|
|
#!/bin/bash
|
2025-05-15 19:32:37 +02:00
|
|
|
|
|
|
|
|
set -eu
|
|
|
|
|
|
2025-07-30 13:51:24 +02:00
|
|
|
# Load secrets from files if corresponding *__FILE environment variables are set.
|
|
|
|
|
# Only the first line of each file is read (stripping carriage returns and newlines).
|
|
|
|
|
|
|
|
|
|
read_secret() {
|
|
|
|
|
local file="$1"
|
|
|
|
|
head -n 1 "$file" | tr -d '\r\n'
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
load_secret() {
|
|
|
|
|
local envar="$1"
|
|
|
|
|
local file="${envar}__FILE"
|
|
|
|
|
if [[ -z "${!envar:-}" && -e "${!file:-}" ]]; then
|
|
|
|
|
export "$envar"="$(read_secret "${!file}")"
|
|
|
|
|
fi
|
|
|
|
|
}
|
2025-05-15 19:32:37 +02:00
|
|
|
|
|
|
|
|
if [[ -n "${DATABASE_URL}" ]]; then
|
|
|
|
|
if [[ -z "${DATABASE_PASSWORD:-}" && -e "${DATABASE_PASSWORD__FILE:-}" ]]; then
|
2025-07-30 13:51:24 +02:00
|
|
|
DATABASE_PASSWORD="$(read_secret "${DATABASE_PASSWORD__FILE}")"
|
2025-05-15 19:32:37 +02:00
|
|
|
export DATABASE_URL="${DATABASE_URL/\$\{DATABASE_PASSWORD\}/${DATABASE_PASSWORD}}"
|
|
|
|
|
fi
|
|
|
|
|
fi
|
|
|
|
|
|
2025-07-30 13:51:24 +02:00
|
|
|
load_secret SECRET_KEY
|
|
|
|
|
load_secret DEFAULT_ADMIN_PASSWORD
|
|
|
|
|
load_secret S3_SECRET_ACCESS_KEY
|
|
|
|
|
load_secret OIDC_CLIENT_SECRET
|
|
|
|
|
load_secret SMTP_PASSWORD
|
2025-05-15 19:32:37 +02:00
|
|
|
|
|
|
|
|
export NODE_ENV=production
|
|
|
|
|
|
|
|
|
|
node db/init.js
|
|
|
|
|
exec node app.js --prod
|
