orztv
commited on
Commit
·
c3a9fbe
1
Parent(s):
79a02fb
update
Browse files- Dockerfile +4 -3
- docker/startup.sh +11 -6
Dockerfile
CHANGED
|
@@ -28,8 +28,9 @@ RUN adduser -D -u 1000 nocodb && \
|
|
| 28 |
# 使用 secret 获取 S3 bucket 名称和访问密钥
|
| 29 |
RUN --mount=type=secret,id=NC_S3_BUCKET_NAME,mode=0444,required=true \
|
| 30 |
--mount=type=secret,id=NC_S3_ACCESS_SECRET,mode=0444,required=true \
|
| 31 |
-
echo "S3_BUCKET_NAME=$(cat /run/secrets/NC_S3_BUCKET_NAME)" >> /
|
| 32 |
-
echo "S3_ACCESS_SECRET=$(cat /run/secrets/NC_S3_ACCESS_SECRET)" >> /
|
|
|
|
| 33 |
|
| 34 |
# 复制启动脚本和 Node.js 示例程序并设置权限
|
| 35 |
COPY docker/startup.sh /usr/src/appEntry/startup.sh
|
|
@@ -59,7 +60,7 @@ ENV LITESTREAM_S3_SKIP_VERIFY=false \
|
|
| 59 |
LITESTREAM_S3_ACCESS_KEY_ID=${NC_S3_ACCESS_KEY}
|
| 60 |
|
| 61 |
# 从临时文件中读取 secret 值并设置为环境变量
|
| 62 |
-
ENV $(
|
| 63 |
|
| 64 |
EXPOSE 8080
|
| 65 |
|
|
|
|
| 28 |
# 使用 secret 获取 S3 bucket 名称和访问密钥
|
| 29 |
RUN --mount=type=secret,id=NC_S3_BUCKET_NAME,mode=0444,required=true \
|
| 30 |
--mount=type=secret,id=NC_S3_ACCESS_SECRET,mode=0444,required=true \
|
| 31 |
+
echo "export S3_BUCKET_NAME=$(cat /run/secrets/NC_S3_BUCKET_NAME)" >> /etc/profile.d/s3_env.sh && \
|
| 32 |
+
echo "export S3_ACCESS_SECRET=$(cat /run/secrets/NC_S3_ACCESS_SECRET)" >> /etc/profile.d/s3_env.sh && \
|
| 33 |
+
chmod +x /etc/profile.d/s3_env.sh
|
| 34 |
|
| 35 |
# 复制启动脚本和 Node.js 示例程序并设置权限
|
| 36 |
COPY docker/startup.sh /usr/src/appEntry/startup.sh
|
|
|
|
| 60 |
LITESTREAM_S3_ACCESS_KEY_ID=${NC_S3_ACCESS_KEY}
|
| 61 |
|
| 62 |
# 从临时文件中读取 secret 值并设置为环境变量
|
| 63 |
+
ENV $(source /etc/profile.d/s3_env.sh && env | grep '^S3_' | xargs)
|
| 64 |
|
| 65 |
EXPOSE 8080
|
| 66 |
|
docker/startup.sh
CHANGED
|
@@ -1,21 +1,26 @@
|
|
| 1 |
#!/bin/sh
|
| 2 |
set -e
|
| 3 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 4 |
log() {
|
| 5 |
echo "[$(date +'%Y-%m-%d %H:%M:%S')] $1"
|
| 6 |
}
|
| 7 |
|
| 8 |
log "检查 secret 环境变量:"
|
| 9 |
-
log "S3_ACCESS_SECRET: $S3_ACCESS_SECRET"
|
| 10 |
-
log "S3_BUCKET_NAME: $S3_BUCKET_NAME"
|
| 11 |
|
| 12 |
# 设置 Litestream 相关的环境变量
|
| 13 |
-
export LITESTREAM_S3_BUCKET=$S3_BUCKET_NAME
|
| 14 |
-
export LITESTREAM_S3_SECRET_ACCESS_KEY=$S3_ACCESS_SECRET
|
| 15 |
|
| 16 |
log "Litestream 环境变量:"
|
| 17 |
-
log "LITESTREAM_S3_BUCKET: $LITESTREAM_S3_BUCKET"
|
| 18 |
-
log "LITESTREAM_S3_SECRET_ACCESS_KEY: $LITESTREAM_S3_SECRET_ACCESS_KEY"
|
| 19 |
|
| 20 |
log "启动 PostgreSQL..."
|
| 21 |
pg_ctl -D /usr/app/data/pgdata -l /usr/app/data/pgdata/logfile start
|
|
|
|
| 1 |
#!/bin/sh
|
| 2 |
set -e
|
| 3 |
|
| 4 |
+
# 加载环境变量
|
| 5 |
+
if [ -f /etc/profile.d/s3_env.sh ]; then
|
| 6 |
+
. /etc/profile.d/s3_env.sh
|
| 7 |
+
fi
|
| 8 |
+
|
| 9 |
log() {
|
| 10 |
echo "[$(date +'%Y-%m-%d %H:%M:%S')] $1"
|
| 11 |
}
|
| 12 |
|
| 13 |
log "检查 secret 环境变量:"
|
| 14 |
+
log "S3_ACCESS_SECRET: ${S3_ACCESS_SECRET:-未设置}"
|
| 15 |
+
log "S3_BUCKET_NAME: ${S3_BUCKET_NAME:-未设置}"
|
| 16 |
|
| 17 |
# 设置 Litestream 相关的环境变量
|
| 18 |
+
export LITESTREAM_S3_BUCKET=${S3_BUCKET_NAME:-}
|
| 19 |
+
export LITESTREAM_S3_SECRET_ACCESS_KEY=${S3_ACCESS_SECRET:-}
|
| 20 |
|
| 21 |
log "Litestream 环境变量:"
|
| 22 |
+
log "LITESTREAM_S3_BUCKET: ${LITESTREAM_S3_BUCKET:-未设置}"
|
| 23 |
+
log "LITESTREAM_S3_SECRET_ACCESS_KEY: ${LITESTREAM_S3_SECRET_ACCESS_KEY:-未设置}"
|
| 24 |
|
| 25 |
log "启动 PostgreSQL..."
|
| 26 |
pg_ctl -D /usr/app/data/pgdata -l /usr/app/data/pgdata/logfile start
|