You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@couchdb.apache.org by wo...@apache.org on 2018/07/10 06:42:33 UTC
[couchdb-docker] branch master updated: Persist custom config
settings across restarts
This is an automated email from the ASF dual-hosted git repository.
wohali pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/couchdb-docker.git
The following commit(s) were added to refs/heads/master by this push:
new 4038958 Persist custom config settings across restarts
4038958 is described below
commit 40389583b40ad08b008890aa20af5093c755d1d9
Author: Adam Kocoloski <ko...@apache.org>
AuthorDate: Mon May 21 08:31:36 2018 -0400
Persist custom config settings across restarts
This patch ensures that configuration properties set using the _config
endpoint survive container restarts. Previously these settings would be
erased by the code in the entrypoint that writes down the admin user
and cookie auth secret.
The patch also takes care to ensure that the admin user and secret are
not accidentally left on the disk in plaintext -- i.e., it ensures that
the entrypoint writes these settings into the last entry in the config
chain.
Finally, the patch ensures that local.d is always used to store custom
configuration. Backing local.d by a persistent volume should allow for
the config properties to survive a Pod being rescheduled onto another
node by Kubernetes.
---
dev/docker-entrypoint.sh | 19 +++++++++++++------
1 file changed, 13 insertions(+), 6 deletions(-)
diff --git a/dev/docker-entrypoint.sh b/dev/docker-entrypoint.sh
index 718779e..de42028 100755
--- a/dev/docker-entrypoint.sh
+++ b/dev/docker-entrypoint.sh
@@ -37,18 +37,25 @@ if [ "$1" = '/opt/couchdb/bin/couchdb' ]; then
echo "-name couchdb@$NODENAME" >> /opt/couchdb/etc/vm.args
fi
+ # Ensure that CouchDB will write custom settings in this file
+ touch /opt/couchdb/etc/local.d/docker.ini
+
if [ "$COUCHDB_USER" ] && [ "$COUCHDB_PASSWORD" ]; then
- # Create admin
- printf "[admins]\n%s = %s\n" "$COUCHDB_USER" "$COUCHDB_PASSWORD" > /opt/couchdb/etc/local.d/docker.ini
- chown -f couchdb:couchdb /opt/couchdb/etc/local.d/docker.ini || true
+ # Create admin only if not already present
+ if ! grep -Pzoqr "\[admins\]\n$COUCHDB_USER =" /opt/couchdb/etc/local.d/*.ini; then
+ printf "[admins]\n%s = %s\n" "$COUCHDB_USER" "$COUCHDB_PASSWORD" >> /opt/couchdb/etc/local.d/docker.ini
+ fi
fi
if [ "$COUCHDB_SECRET" ]; then
- # Set secret
- printf "[couch_httpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >> /opt/couchdb/etc/local.d/docker.ini
- chown -f couchdb:couchdb /opt/couchdb/etc/local.d/docker.ini || true
+ # Set secret only if not already present
+ if ! grep -Pzoqr "\[couch_httpd_auth\]\nsecret =" /opt/couchdb/etc/local.d/*.ini; then
+ printf "[couch_httpd_auth]\nsecret = %s\n" "$COUCHDB_SECRET" >> /opt/couchdb/etc/local.d/docker.ini
+ fi
fi
+ chown -f couchdb:couchdb /opt/couchdb/etc/local.d/docker.ini || true
+
# if we don't find an [admins] section followed by a non-comment, display a warning
if ! grep -Pzoqr '\[admins\]\n[^;]\w+' /opt/couchdb/etc/local.d/*.ini; then
# The - option suppresses leading tabs but *not* spaces. :)