Pi-Hole/docker-pi-hole
1
0
Fork 0
mirror of https://github.com/pi-hole/docker-pi-hole.git synced 2025-12-20 02:18:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1758 from pi-hole/secrets

Browse Source 
WEBPASSWORD_FILE is mounted to /run/secrets
This commit is contained in:
Adam Warner
2025-03-04 17:37:05 +00:00
committed by GitHub
parent e07a42cbd5 4fa81da1c9
commit c26f896ba1
3 changed files with 3 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -140,7 +140,7 @@ To explicitly set no password, set `FTLCONF_webserver_api_password: ''`.
| `FTLCONF_[SETTING]` | unset | As per documentation | Customize pihole.toml with settings described in the [API Documentation](https://docs.pi-hole.net/api).<br><br>Replace `.` with `_`, e.g for `dns.dnssec=true` use `FTLCONF_dns_dnssec: 'true'`.<br/>Array type configs should be delimited with `;`.|
| `PIHOLE_UID` | `1000` | Number | Overrides image's default pihole user id to match a host user id.<br/>**IMPORTANT**: id must not already be in use inside the container!|
| `PIHOLE_GID` | `1000` | Number | Overrides image's default pihole group id to match a host group id.<br/>**IMPORTANT**: id must not already be in use inside the container!|
| `WEBPASSWORD_FILE` | unset| `<Docker secret path>` | Set an Admin password using [Docker secrets](https://docs.docker.com/engine/swarm/secrets/). If `FTLCONF_webserver_api_password` is set, `WEBPASSWORD_FILE` is ignored. If `FTLCONF_webserver_api_password` is empty, and `WEBPASSWORD_FILE` is set to a valid readable file path, then `FTLCONF_webserver_api_password` will be set to the contents of `WEBPASSWORD_FILE`. |
| `WEBPASSWORD_FILE` | unset| `<Docker secret file>` | Set an Admin password using [Docker secrets](https://docs.docker.com/engine/swarm/secrets/). If `FTLCONF_webserver_api_password` is set, `WEBPASSWORD_FILE` is ignored. If `FTLCONF_webserver_api_password` is empty, and `WEBPASSWORD_FILE` is set to a valid readable file, then `FTLCONF_webserver_api_password` will be set to the contents of `WEBPASSWORD_FILE`. |
### Advanced Variables

4
src/bash_functions.sh
View File

@@ -189,9 +189,9 @@ migrate_v5_configs() {
}
setup_web_password() {
if [ -z "${FTLCONF_webserver_api_password+x}" ] && [ -n "${WEBPASSWORD_FILE}" ] && [ -r "${WEBPASSWORD_FILE}" ]; then
if [ -z "${FTLCONF_webserver_api_password+x}" ] && [ -n "${WEBPASSWORD_FILE}" ] && [ -r "/run/secrets/${WEBPASSWORD_FILE}" ]; then
echo " [i] Setting FTLCONF_webserver_api_password from file"
export FTLCONF_webserver_api_password=$(<"${WEBPASSWORD_FILE}")
export FTLCONF_webserver_api_password=$(<"/run/secrets/${WEBPASSWORD_FILE}")
fi
# If FTLCONF_webserver_api_password is not set

2
src/start.sh
View File

@@ -11,8 +11,6 @@ TRAP_TRIGGERED=0
start() {
local v5_volume=0
# The below functions are all contained in bash_functions.sh
# shellcheck source=/dev/null
. /usr/bin/bash_functions.sh