Update rendered example
This commit is contained in:
parent
80a416420b
commit
2462fd01fe
|
@ -1,4 +1,4 @@
|
|||
FROM danielberteaud/alma:9.24.2-1
|
||||
FROM danielberteaud/alma:9.24.3-1
|
||||
MAINTAINER Daniel Berteaud <dbd@ehtrace.com>
|
||||
|
||||
ARG OO_VERSION=8.0.1
|
||||
|
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
set -euo pipefail
|
||||
|
||||
vault write /database/roles/onlyoffice \
|
||||
vault write database/roles/onlyoffice \
|
||||
db_name="postgres" \
|
||||
creation_statements="CREATE ROLE \"{{name}}\" WITH LOGIN PASSWORD '{{password}}' VALID UNTIL '{{expiration}}'; \
|
||||
GRANT \"onlyoffice\" TO \"{{name}}\"; \
|
||||
|
|
|
@ -127,8 +127,8 @@ job "onlyoffice" {
|
|||
template {
|
||||
data = <<_EOT
|
||||
LANG=fr_FR.utf8
|
||||
OO_JWT_TOKEN={{ with secret "/kv/service/onlyoffice" }}{{ .Data.data.jwt_token }}{{ end }}
|
||||
OO_STORAGE_SECRET={{ with secret "/kv/service/onlyoffice" }}{{ .Data.data.storage_secret }}{{ end }}
|
||||
OO_JWT_TOKEN={{ with secret "kv/service/onlyoffice" }}{{ .Data.data.jwt_token }}{{ end }}
|
||||
OO_STORAGE_SECRET={{ with secret "kv/service/onlyoffice" }}{{ .Data.data.storage_secret }}{{ end }}
|
||||
TZ=Europe/Paris
|
||||
_EOT
|
||||
destination = "secrets/.env"
|
||||
|
@ -143,8 +143,8 @@ _EOT
|
|||
OO_DB_NAME='onlyoffice'
|
||||
OO_DB_HOST=127.0.0.1
|
||||
OO_DB_PORT=5432
|
||||
OO_DB_USER={{ with secret "/database/creds/onlyoffice" }}{{ .Data.username }}{{ end }}
|
||||
OO_DB_PASS={{ with secret "/database/creds/onlyoffice" }}{{ .Data.password }}{{ end }}
|
||||
OO_DB_USER={{ with secret "database/creds/onlyoffice" }}{{ .Data.username }}{{ end }}
|
||||
OO_DB_PASS={{ with secret "database/creds/onlyoffice" }}{{ .Data.password }}{{ end }}
|
||||
_EOT
|
||||
destination = "secrets/.db.env"
|
||||
uid = 100000
|
||||
|
@ -189,7 +189,7 @@ _EOT
|
|||
user = 1053
|
||||
|
||||
config {
|
||||
image = "danielberteaud/wait-for:24.2-1"
|
||||
image = "danielberteaud/wait-for:24.3-1"
|
||||
readonly_rootfs = true
|
||||
pids_limit = 20
|
||||
}
|
||||
|
|
|
@ -5,7 +5,7 @@ set -euo pipefail
|
|||
# vim: syntax=sh
|
||||
|
||||
export LC_ALL=C
|
||||
VAULT_KV_PATH=/kv/service/onlyoffice
|
||||
VAULT_KV_PATH=kv/service/onlyoffice
|
||||
RAND_CMD="tr -dc A-Za-z0-9\-_\/=~\.+ < /dev/urandom | head -c 50"
|
||||
if ! vault kv list $(dirname ${VAULT_KV_PATH}) 2>/dev/null | grep -q -E "^$(basename ${VAULT_KV_PATH})\$"; then
|
||||
vault kv put ${VAULT_KV_PATH} \
|
||||
|
|
|
@ -1,8 +1,8 @@
|
|||
path "/kv/data/service/onlyoffice" {
|
||||
path "kv/data/service/onlyoffice" {
|
||||
capabilities = ["read"]
|
||||
}
|
||||
|
||||
path "/database/creds/onlyoffice" {
|
||||
path "database/creds/onlyoffice" {
|
||||
capabilities = ["read"]
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue