0f0d750d83
Firstly, this patch ensures that the server connects to the database according to the given configuration variables. Up until now, there was a pg_isready check for the hard-coded hostname "db". While this generally worked in the default setup – db is an alias for pgbouncer in the provided YAML configuration files – it is obviously wrong and would lead to unexpected behavior in customized setups. Secondly, the .pgpass setup, which was a remnant of another time and not used anymore, has been removed.
83 lines
2.2 KiB
Bash
Executable File
83 lines
2.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
warn_insecure_admin() {
|
|
cat <<-EOF
|
|
|
|
==============================================
|
|
WARNING
|
|
==============================================
|
|
|
|
WARNING: INSECURE ADMIN ACCOUNT CONFIGURATION!
|
|
|
|
EOF
|
|
sleep 10
|
|
}
|
|
|
|
# Set DJANGO_SECRET_KEY variable
|
|
source /run/secrets/django
|
|
[[ -n "$DJANGO_SECRET_KEY" ]] || {
|
|
echo "ERROR: Django secret key undefined! Cannot continue."
|
|
sleep 5
|
|
exit 2
|
|
}
|
|
export SECRET_KEY="$DJANGO_SECRET_KEY"
|
|
|
|
until pg_isready -h "${DATABASE_HOST}" -p "${DATABASE_PORT:-5432}"; do
|
|
echo "Waiting for Postgres cluster to become available..."
|
|
sleep 3
|
|
done
|
|
|
|
# Wait for redis
|
|
wait-for-it redis:6379
|
|
wait-for-it redis-slave:6379
|
|
|
|
echo 'running migrations'
|
|
python manage.py migrate
|
|
|
|
# Admin
|
|
if [[ -f /run/secrets/os_admin ]]; then
|
|
echo "Retrieving secure admin password"
|
|
source /run/secrets/os_admin
|
|
if [[ -n "${OPENSLIDES_ADMIN_PASSWORD}" ]]; then
|
|
echo "Changing admin password"
|
|
python manage.py changedefaultadminpassword "${OPENSLIDES_ADMIN_PASSWORD}"
|
|
else
|
|
warn_insecure_admin
|
|
fi
|
|
else
|
|
warn_insecure_admin
|
|
fi
|
|
|
|
# Main user
|
|
if [[ -f /run/secrets/os_user ]]; then
|
|
echo "Retrieving secure user credentials"
|
|
source /run/secrets/os_user
|
|
if [[ -n "${OPENSLIDES_USER_FIRSTNAME}" ]] &&
|
|
[[ -n "${OPENSLIDES_USER_LASTNAME}" ]] &&
|
|
[[ -n "${OPENSLIDES_USER_PASSWORD}" ]]; then
|
|
user_name="${OPENSLIDES_USER_FIRSTNAME} ${OPENSLIDES_USER_LASTNAME}"
|
|
echo "Adding user: ${user_name}"
|
|
# createopenslidesuser: error: the following arguments are required:
|
|
# first_name, last_name, username, password, groups_id
|
|
# email is optional
|
|
# userid forces to to only create a user with this id, if it not exists before.
|
|
python manage.py createinitialuser \
|
|
--email "${OPENSLIDES_USER_EMAIL:-}" \
|
|
"${OPENSLIDES_USER_FIRSTNAME}" \
|
|
"${OPENSLIDES_USER_LASTNAME}" \
|
|
"${user_name}" \
|
|
"${OPENSLIDES_USER_PASSWORD}" \
|
|
2
|
|
else
|
|
echo "Incomplete user account data. Skipping account creation."
|
|
fi
|
|
fi
|
|
|
|
# SAML setup
|
|
. /usr/local/lib/saml-setup.sh
|
|
|
|
echo "Done migrating and setting up user accounts..."
|
|
python -m http.server --directory /app/empty --bind 0.0.0.0 8000
|