diff --git a/srcs/.env b/srcs/.env new file mode 100644 index 0000000..e419ce1 --- /dev/null +++ b/srcs/.env @@ -0,0 +1 @@ +DATABASE_PWD=SuperComplexDatabasePassword diff --git a/srcs/docker-compose.yml b/srcs/docker-compose.yml index b9dca18..19f7028 100644 --- a/srcs/docker-compose.yml +++ b/srcs/docker-compose.yml @@ -20,16 +20,24 @@ services: depends_on: mariadb: condition: service_healthy + secrets: + - database-pwd mariadb: build: ./requirements/mariadb volumes: - db:/db:rw + secrets: + - database-pwd volumes: www: db: +secrets: + database-pwd: + environment: "DATABASE_PWD" + ### services ### # image: # build: diff --git a/srcs/requirements/mariadb/Dockerfile b/srcs/requirements/mariadb/Dockerfile index 16f1044..0e42e8a 100644 --- a/srcs/requirements/mariadb/Dockerfile +++ b/srcs/requirements/mariadb/Dockerfile @@ -10,7 +10,6 @@ RUN mkdir -p /etc/my.cnf.d/ COPY conf/mariadb-server.cnf /etc/my.cnf.d/mariadb-server.cnf COPY run.sh /run.sh -# TODO(secret) RUN addgroup -S www && adduser -S www www RUN mkdir /db RUN chmod -R 666 /db diff --git a/srcs/requirements/mariadb/run.sh b/srcs/requirements/mariadb/run.sh index d18bd1d..1319dd1 100755 --- a/srcs/requirements/mariadb/run.sh +++ b/srcs/requirements/mariadb/run.sh @@ -15,11 +15,18 @@ then echo chmod -R 777 /db mariadb-install-db --user=www --datadir=/db - # TODO(secret) + echo "creating database..." + DATABASE_PWD="$(cat /run/secrets/database-pwd)" + if ! [[ "$DATABASE_PWD" =~ ^[a-zA-Z0-9_]+$ ]] + then + echo "the DB password must contain only letters, digits or '_'." + echo + exit 1 + fi echo ' FLUSH PRIVILEGES; CREATE DATABASE wp; - GRANT ALL PRIVILEGES ON wp.* TO wwsw IDENTIFIED BY "ultraPassword"; + GRANT ALL PRIVILEGES ON wp.* TO www IDENTIFIED BY "'$DATABASE_PWD'"; FLUSH PRIVILEGES; ' | mariadbd -u root --bootstrap echo diff --git a/srcs/requirements/wordpress/conf/wwwmore/wp-config.php b/srcs/requirements/wordpress/conf/wwwmore/wp-config.php index b86e80c..157cff5 100644 --- a/srcs/requirements/wordpress/conf/wwwmore/wp-config.php +++ b/srcs/requirements/wordpress/conf/wwwmore/wp-config.php @@ -26,7 +26,7 @@ define( 'DB_NAME', 'wp' ); define( 'DB_USER', 'www' ); /** Database password */ -define( 'DB_PASSWORD', 'ultraPassword' ); # TODO(secret) +define( 'DB_PASSWORD', `cat /run/secrets/database-pwd` ); /** Database hostname */ define( 'DB_HOST', 'mariadb:3306' );