From 8f9ea37a85c6a4d526002e53e909fed3700db721 Mon Sep 17 00:00:00 2001 From: Peter Schiffer <3899107+pschiffe@users.noreply.github.com> Date: Sat, 6 May 2023 21:50:58 +0200 Subject: [PATCH] Simplify configuration of pdns admin Drop quotes from env var values, and add them only if needed directly in the python config file. Resolves #108 --- README.md | 15 ++++--- pdns-admin-base-ngoduykhanh/config.py.tpl | 13 +++++-- .../docker-entrypoint.sh | 39 +++++++++++-------- 3 files changed, 40 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index ca9d0d1..1ed64c8 100644 --- a/README.md +++ b/README.md @@ -104,15 +104,15 @@ Docker image with backend of [PowerDNS Admin](https://github.com/PowerDNS-Admin/ ``` (name=default value) -PDNS_ADMIN_SQLA_DB_HOST="'mysql'" -PDNS_ADMIN_SQLA_DB_PORT="'3306'" -PDNS_ADMIN_SQLA_DB_USER="'root'" -PDNS_ADMIN_SQLA_DB_PASSWORD="'powerdnsadmin'" -PDNS_ADMIN_SQLA_DB_NAME="'powerdnsadmin'" +PDNS_ADMIN_SQLA_DB_HOST="mysql" +PDNS_ADMIN_SQLA_DB_PORT="3306" +PDNS_ADMIN_SQLA_DB_USER="root" +PDNS_ADMIN_SQLA_DB_PASSWORD="powerdnsadmin" +PDNS_ADMIN_SQLA_DB_NAME="powerdnsadmin" ``` If linked with official [mariadb](https://hub.docker.com/_/mariadb/) image with alias `mysql`, the connection can be automatically configured, so you don't need to specify any of the above. Also, DB is automatically initialized if tables are missing. -Similar to the pdns-mysql, pdns-admin is also completely configurable via env vars. Prefix in this case is `PDNS_ADMIN_`, but there is one caveat: as the config file is a python source file, every string value must be quoted, as shown above. Double quotes are consumed by Bash, so the single quotes stay for Python. (Port number in this case is treated as string, because later on it's concatenated with hostname, user, etc in the db uri). Configuration from these env vars will be written to the `/opt/powerdns-admin/config.py` file. +Similar to the pdns-mysql, pdns-admin is also completely configurable via env vars. Prefix in this case is `PDNS_ADMIN_`, configuration will be written to the `/opt/powerdns-admin/config.py` file. ### Connecting to the PowerDNS server @@ -125,7 +125,7 @@ webserver-address=0.0.0.0 webserver-allow-from=172.5.0.0/16 ``` -And again, PowerDNS connection is configured via env vars (it needs url of the PowerDNS server, api key and a version of PowerDNS server, for example 4.0.1): +And again, PowerDNS connection is configured via env vars (it needs url of the PowerDNS server, api key and a version of PowerDNS server, for example 4.0): ``` (name=default value) @@ -133,7 +133,6 @@ PDNS_API_URL="http://pdns:8081/" PDNS_API_KEY="" PDNS_VERSION="" ``` -*These values are stored in the DB and thus cannot contain double-quoting as configuration described above.* If this container is linked with pdns-mysql from this repo with alias `pdns`, it will be configured automatically and none of the env vars from above are needed to be specified. diff --git a/pdns-admin-base-ngoduykhanh/config.py.tpl b/pdns-admin-base-ngoduykhanh/config.py.tpl index ea91560..b5a38b8 100644 --- a/pdns-admin-base-ngoduykhanh/config.py.tpl +++ b/pdns-admin-base-ngoduykhanh/config.py.tpl @@ -18,9 +18,16 @@ SESSION_TYPE = 'sqlalchemy' # SAML Authnetication SAML_ENABLED = False -{% for key, value in environment('PDNS_ADMIN_') %}{{ key }} = {{ value }} -{% endfor %} +# Configuration from env vars +{%- for key, value in environment('PDNS_ADMIN_') %} +{%- set v = value | trim('"\'\\') %} +{%- if v in ['True', 'False', 'None', '0'] or v | int != 0 %} +{{ key }} = {{ v }} +{%- else %} +{{ key }} = '{{ v }}' +{%- endif %} +{%- endfor %} ### DATABASE CONFIG -SQLALCHEMY_DATABASE_URI = 'mysql://' + SQLA_DB_USER + ':' + SQLA_DB_PASSWORD + '@' + SQLA_DB_HOST + ':' + SQLA_DB_PORT + '/' + SQLA_DB_NAME +SQLALCHEMY_DATABASE_URI = 'mysql://' + SQLA_DB_USER + ':' + SQLA_DB_PASSWORD + '@' + SQLA_DB_HOST + ':' + str(SQLA_DB_PORT) + '/' + SQLA_DB_NAME SQLALCHEMY_TRACK_MODIFICATIONS = True diff --git a/pdns-admin-uwsgi-ngoduykhanh/docker-entrypoint.sh b/pdns-admin-uwsgi-ngoduykhanh/docker-entrypoint.sh index 0d6c750..33d4376 100755 --- a/pdns-admin-uwsgi-ngoduykhanh/docker-entrypoint.sh +++ b/pdns-admin-uwsgi-ngoduykhanh/docker-entrypoint.sh @@ -3,14 +3,21 @@ set -euo pipefail # Configure mysql env vars -: "${PDNS_ADMIN_SQLA_DB_HOST:='${MYSQL_ENV_MYSQL_HOST:-mysql}'}" -: "${PDNS_ADMIN_SQLA_DB_PORT:='${MYSQL_ENV_MYSQL_PORT:-3306}'}" -: "${PDNS_ADMIN_SQLA_DB_USER:='${MYSQL_ENV_MYSQL_USER:-root}'}" -if [ "${PDNS_ADMIN_SQLA_DB_USER}" = "'root'" ]; then - : "${PDNS_ADMIN_SQLA_DB_PASSWORD:='$MYSQL_ENV_MYSQL_ROOT_PASSWORD'}" +: "${PDNS_ADMIN_SQLA_DB_HOST:=${MYSQL_ENV_MYSQL_HOST:-mysql}}" +: "${PDNS_ADMIN_SQLA_DB_PORT:=${MYSQL_ENV_MYSQL_PORT:-3306}}" +: "${PDNS_ADMIN_SQLA_DB_USER:=${MYSQL_ENV_MYSQL_USER:-root}}" +if [ "${PDNS_ADMIN_SQLA_DB_USER}" = "root" ]; then + : "${PDNS_ADMIN_SQLA_DB_PASSWORD:=$MYSQL_ENV_MYSQL_ROOT_PASSWORD}" fi -: "${PDNS_ADMIN_SQLA_DB_PASSWORD:='${MYSQL_ENV_MYSQL_PASSWORD:-powerdnsadmin}'}" -: "${PDNS_ADMIN_SQLA_DB_NAME:='${MYSQL_ENV_MYSQL_DATABASE:-powerdnsadmin}'}" +: "${PDNS_ADMIN_SQLA_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-powerdnsadmin}}" +: "${PDNS_ADMIN_SQLA_DB_NAME:=${MYSQL_ENV_MYSQL_DATABASE:-powerdnsadmin}}" + +# Cleanup quotes from mysql env vars +PDNS_ADMIN_SQLA_DB_HOST="${PDNS_ADMIN_SQLA_DB_HOST//[\'\"]}" +PDNS_ADMIN_SQLA_DB_PORT="${PDNS_ADMIN_SQLA_DB_PORT//[\'\"]}" +PDNS_ADMIN_SQLA_DB_USER="${PDNS_ADMIN_SQLA_DB_USER//[\'\"]}" +PDNS_ADMIN_SQLA_DB_PASSWORD="${PDNS_ADMIN_SQLA_DB_PASSWORD//[\'\"]}" +PDNS_ADMIN_SQLA_DB_NAME="${PDNS_ADMIN_SQLA_DB_NAME//[\'\"]}" export PDNS_ADMIN_SQLA_DB_HOST PDNS_ADMIN_SQLA_DB_PORT PDNS_ADMIN_SQLA_DB_USER PDNS_ADMIN_SQLA_DB_PASSWORD PDNS_ADMIN_SQLA_DB_NAME @@ -21,33 +28,33 @@ export PDNS_ADMIN_SQLA_DB_HOST PDNS_ADMIN_SQLA_DB_PORT PDNS_ADMIN_SQLA_DB_USER P # Generate secret key [ -f /root/secret-key ] || tr -dc _A-Z-a-z-0-9 < /dev/urandom | head -c 32 > /root/secret-key || true -PDNS_ADMIN_SECRET_KEY="'$(cat /root/secret-key)'" +PDNS_ADMIN_SECRET_KEY="$(cat /root/secret-key)" export PDNS_ADMIN_SECRET_KEY envtpl < /config.py.tpl > /opt/powerdns-admin/powerdnsadmin/default_config.py # Initialize DB if needed -MYSQL_COMMAND="mysql -h ${PDNS_ADMIN_SQLA_DB_HOST//\'/} -P ${PDNS_ADMIN_SQLA_DB_PORT//\'/} -u ${PDNS_ADMIN_SQLA_DB_USER//\'/} -p${PDNS_ADMIN_SQLA_DB_PASSWORD//\'/}" +MYSQL_COMMAND="mysql -h ${PDNS_ADMIN_SQLA_DB_HOST} -P ${PDNS_ADMIN_SQLA_DB_PORT} -u ${PDNS_ADMIN_SQLA_DB_USER} -p${PDNS_ADMIN_SQLA_DB_PASSWORD}" until $MYSQL_COMMAND -e ';' ; do >&2 echo 'MySQL is unavailable - sleeping' sleep 1 done -$MYSQL_COMMAND -e "CREATE DATABASE IF NOT EXISTS ${PDNS_ADMIN_SQLA_DB_NAME//\'/}" +$MYSQL_COMMAND -e "CREATE DATABASE IF NOT EXISTS ${PDNS_ADMIN_SQLA_DB_NAME}" flask db upgrade # initial settings if not available in the DB -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_url', '${PDNS_API_URL}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_url') LIMIT 1;" -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_key', '${PDNS_API_KEY}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_key') LIMIT 1;" -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_version', '${PDNS_VERSION}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_version') LIMIT 1;" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_url', '${PDNS_API_URL//[\'\"]}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_url') LIMIT 1;" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_key', '${PDNS_API_KEY//[\'\"]}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_key') LIMIT 1;" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_version', '${PDNS_VERSION//[\'\"]}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_version') LIMIT 1;" # update pdns api settings if env changed -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "UPDATE setting SET value='${PDNS_API_URL}' WHERE name='pdns_api_url';" -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "UPDATE setting SET value='${PDNS_API_KEY}' WHERE name='pdns_api_key';" -$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME//\'/} -e "UPDATE setting SET value='${PDNS_VERSION}' WHERE name='pdns_version';" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_API_URL//[\'\"]}' WHERE name='pdns_api_url';" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_API_KEY//[\'\"]}' WHERE name='pdns_api_key';" +$MYSQL_COMMAND ${PDNS_ADMIN_SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_VERSION//[\'\"]}' WHERE name='pdns_version';" mkdir -p /run/uwsgi chown uwsgi: /run/uwsgi