mirror of
https://github.com/pi-hole/docker-pi-hole.git
synced 2024-06-22 07:26:44 +02:00
Always use WEBPASSWORD env var if set
Signed-off-by: RD WebDesign <github@rdwebdesign.com.br>
This commit is contained in:
parent
9f9010edaa
commit
f9d990145a
|
@ -6,12 +6,12 @@ fix_capabilities() {
|
|||
# Testing on Docker 20.10.14 with no caps set shows the following caps available to the container:
|
||||
# Current: cap_chown,cap_dac_override,cap_fowner,cap_fsetid,cap_kill,cap_setgid,cap_setuid,cap_setpcap,cap_net_bind_service,cap_net_raw,cap_sys_chroot,cap_mknod,cap_audit_write,cap_setfcap=ep
|
||||
# FTL can also use CAP_NET_ADMIN and CAP_SYS_NICE. If we try to set them when they haven't been explicitly enabled, FTL will not start. Test for them first:
|
||||
|
||||
|
||||
/sbin/capsh --has-p=cap_chown && CAP_STR+=',CAP_CHOWN'
|
||||
/sbin/capsh --has-p=cap_net_bind_service && CAP_STR+=',CAP_NET_BIND_SERVICE'
|
||||
/sbin/capsh --has-p=cap_net_raw && CAP_STR+=',CAP_NET_RAW'
|
||||
/sbin/capsh --has-p=cap_net_admin && CAP_STR+=',CAP_NET_ADMIN' || DHCP_READY='false'
|
||||
/sbin/capsh --has-p=cap_sys_nice && CAP_STR+=',CAP_SYS_NICE'
|
||||
/sbin/capsh --has-p=cap_sys_nice && CAP_STR+=',CAP_SYS_NICE'
|
||||
|
||||
if [[ ${CAP_STR} ]]; then
|
||||
# We have the (some of) the above caps available to us - apply them to pihole-FTL
|
||||
|
@ -24,12 +24,12 @@ fix_capabilities() {
|
|||
DHCP_ACTIVE='false'
|
||||
change_setting "DHCP_ACTIVE" "false"
|
||||
fi
|
||||
|
||||
|
||||
if [[ $ret -ne 0 && "${DNSMASQ_USER:-pihole}" != "root" ]]; then
|
||||
echo "ERROR: Unable to set capabilities for pihole-FTL. Cannot run as non-root."
|
||||
echo " If you are seeing this error, please set the environment variable 'DNSMASQ_USER' to the value 'root'"
|
||||
exit 1
|
||||
fi
|
||||
fi
|
||||
else
|
||||
echo "WARNING: Unable to set capabilities for pihole-FTL."
|
||||
echo " Please ensure that the container has the required capabilities."
|
||||
|
@ -45,21 +45,21 @@ prepare_configs() {
|
|||
LIGHTTPD_GROUP="www-data"
|
||||
LIGHTTPD_CFG="lighttpd.conf.debian"
|
||||
installConfigs
|
||||
|
||||
|
||||
if [ ! -f "${setupVars}" ]; then
|
||||
install -m 644 /dev/null "${setupVars}"
|
||||
echo "Creating empty ${setupVars} file."
|
||||
fi
|
||||
|
||||
|
||||
set +e
|
||||
mkdir -p /var/run/pihole /var/log/pihole
|
||||
|
||||
|
||||
chown pihole:root /etc/lighttpd
|
||||
|
||||
|
||||
# In case of `pihole` UID being changed, re-chown the pihole scripts and pihole command
|
||||
chown -R pihole:root "${PI_HOLE_INSTALL_DIR}"
|
||||
chown pihole:root "${PI_HOLE_BIN_DIR}/pihole"
|
||||
|
||||
|
||||
set -e
|
||||
# Update version numbers
|
||||
pihole updatechecker
|
||||
|
@ -279,9 +279,21 @@ generate_password() {
|
|||
}
|
||||
|
||||
setup_web_password() {
|
||||
setup_var_exists "WEBPASSWORD" && return
|
||||
if [ -z "${WEBPASSWORD+x}" ] ; then
|
||||
# ENV WEBPASSWORD is not set
|
||||
|
||||
# Exit if setupvars already has a password
|
||||
setup_var_exists "WEBPASSWORD" && return
|
||||
|
||||
# Generate new password
|
||||
generate_password
|
||||
else
|
||||
# ENV WEBPASSWORD is set an will be used
|
||||
echo "Assigning password defined by Environment Variable"
|
||||
fi
|
||||
|
||||
PASS="$WEBPASSWORD"
|
||||
|
||||
PASS="$1"
|
||||
# Explicitly turn off bash printing when working with secrets
|
||||
{ set +x; } 2>/dev/null
|
||||
|
||||
|
|
4
start.sh
4
start.sh
|
@ -39,6 +39,7 @@ export PIHOLE_DOMAIN
|
|||
export DHCP_IPv6
|
||||
export DHCP_rapid_commit
|
||||
export WEBTHEME
|
||||
export WEBPASSWORD
|
||||
export CUSTOM_CACHE_SIZE
|
||||
|
||||
export adlistFile='/etc/pihole/adlists.list'
|
||||
|
@ -67,7 +68,6 @@ echo " ::: Starting docker specific checks & setup for docker pihole/pihole"
|
|||
|
||||
fix_capabilities
|
||||
load_web_password_secret
|
||||
generate_password
|
||||
validate_env || exit 1
|
||||
prepare_configs
|
||||
|
||||
|
@ -185,7 +185,7 @@ fi
|
|||
[[ -n "${DHCP_ACTIVE}" && ${DHCP_ACTIVE} == "true" ]] && echo "Setting DHCP server" && setup_dhcp
|
||||
|
||||
setup_web_port "$WEB_PORT"
|
||||
setup_web_password "$WEBPASSWORD"
|
||||
setup_web_password
|
||||
setup_temp_unit "$TEMPERATUREUNIT"
|
||||
setup_ui_layout "$WEBUIBOXEDLAYOUT"
|
||||
setup_admin_email "$ADMIN_EMAIL"
|
||||
|
|
Loading…
Reference in New Issue
Block a user