-
-
Notifications
You must be signed in to change notification settings - Fork 72
Expand file tree
/
Copy path00-env
More file actions
executable file
·126 lines (111 loc) · 4.47 KB
/
00-env
File metadata and controls
executable file
·126 lines (111 loc) · 4.47 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/with-contenv bash
# shellcheck shell=bash
# From https://github.com/docker-library/mariadb/blob/master/docker-entrypoint.sh#L21-L41
# usage: file_env VAR [DEFAULT]
# ie: file_env 'XYZ_DB_PASSWORD' 'example'
# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
file_env() {
local var="$1"
local fileVar="${var}_FILE"
local def="${2:-}"
if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
exit 1
fi
local val="$def"
if [ "${!var:-}" ]; then
val="${!var}"
elif [ "${!fileVar:-}" ]; then
if [ ! -f "${!fileVar}" ]; then
echo >&2 "error: ${!fileVar} file not found for ${fileVar}"
exit 1
fi
val="$(<"${!fileVar}")"
fi
export "$var"="$val"
unset "$fileVar"
}
TZ=${TZ:-UTC}
MEMORY_LIMIT=${MEMORY_LIMIT:-256M}
UPLOAD_MAX_SIZE=${UPLOAD_MAX_SIZE:-16M}
CLEAR_ENV=${CLEAR_ENV:-yes}
OPCACHE_MEM_SIZE=${OPCACHE_MEM_SIZE:-128}
LISTEN_IPV6=${LISTEN_IPV6:-true}
REAL_IP_FROM=${REAL_IP_FROM:-0.0.0.0/32}
REAL_IP_HEADER=${REAL_IP_HEADER:-X-Forwarded-For}
LOG_IP_VAR=${LOG_IP_VAR:-remote_addr}
LOG_CROND=${LOG_CROND:-true}
APP_NAME=${APP_NAME:-addy.io}
#APP_KEY=${APP_KEY:-base64:Gh8/RWtNfXTmB09pj6iEflt/L6oqDf9ZxXIh4I9MS7A=}
APP_DEBUG=${APP_DEBUG:-false}
APP_URL=${APP_URL:-http://localhost}
#DB_HOST=${DB_HOST:-localhost}
DB_PORT=${DB_PORT:-3306}
DB_DATABASE=${DB_DATABASE:-anonaddy}
#DB_USERNAME=${DB_USERNAME:-anonaddy}
#DB_PASSWORD=${DB_PASSWORD:-asupersecretpassword}
DB_TIMEOUT=${DB_TIMEOUT:-60}
# Add support for DB connection over TLS
DB_SSL=${DB_SSL:-false}
if [ "$DB_SSL" = "true" ]; then
# if DB TLS connection is enabled, default MYSQL_ATTR_SSL_CA to /etc/ssl/certs/ca-certificates.crt
MYSQL_ATTR_SSL_CA=${MYSQL_ATTR_SSL_CA:-/etc/ssl/certs/ca-certificates.crt}
else
# if DB TLS connection is disabled, default MYSQL_ATTR_SSL_CA to null
MYSQL_ATTR_SSL_CA=${MYSQL_ATTR_SSL_CA:-}
fi
REDIS_HOST=${REDIS_HOST:-null}
#REDIS_PASSWORD=${REDIS_PASSWORD:-null}
REDIS_PORT=${REDIS_PORT:-6379}
#PUSHER_APP_ID=${PUSHER_APP_ID}
#PUSHER_APP_KEY=${PUSHER_APP_KEY}
#PUSHER_APP_SECRET=${PUSHER_APP_SECRET}
PUSHER_APP_CLUSTER=${PUSHER_APP_CLUSTER:-mt1}
ANONADDY_RETURN_PATH=${ANONADDY_RETURN_PATH:-null}
ANONADDY_ADMIN_USERNAME=${ANONADDY_ADMIN_USERNAME:-null}
ANONADDY_ENABLE_REGISTRATION=${ANONADDY_ENABLE_REGISTRATION:-true}
#ANONADDY_DOMAIN=${ANONADDY_DOMAIN:-null}
ANONADDY_HOSTNAME=${ANONADDY_HOSTNAME:-null}
ANONADDY_DNS_RESOLVER=${ANONADDY_DNS_RESOLVER:-127.0.0.1}
ANONADDY_ALL_DOMAINS=${ANONADDY_ALL_DOMAINS:-$ANONADDY_DOMAIN}
#ANONADDY_SECRET=${ANONADDY_SECRET:-long-random-string}
ANONADDY_LIMIT=${ANONADDY_LIMIT:-200}
ANONADDY_BANDWIDTH_LIMIT=${ANONADDY_BANDWIDTH_LIMIT:-104857600}
ANONADDY_NEW_ALIAS_LIMIT=${ANONADDY_NEW_ALIAS_LIMIT:-10}
ANONADDY_ADDITIONAL_USERNAME_LIMIT=${ANONADDY_ADDITIONAL_USERNAME_LIMIT:-10}
#ANONADDY_SIGNING_KEY_FINGERPRINT=${ANONADDY_SIGNING_KEY_FINGERPRINT:-your-signing-key-fingerprint}
#ANONADDY_DKIM_SIGNING_KEY=${ANONADDY_DKIM_SIGNING_KEY:-dkim-signing-key}
#ANONADDY_DKIM_SELECTOR=${ANONADDY_DKIM_SELECTOR:-default}
MAIL_FROM_NAME=${MAIL_FROM_NAME:-addy.io}
MAIL_FROM_ADDRESS=${MAIL_FROM_ADDRESS:-addy@${ANONADDY_DOMAIN}}
MAIL_ENCRYPTION=${MAIL_ENCRYPTION:-null}
POSTFIX_DEBUG=${POSTFIX_DEBUG:-false}
POSTFIX_MESSAGE_SIZE_LIMIT=${POSTFIX_MESSAGE_SIZE_LIMIT:-26214400}
POSTFIX_SMTPD_TLS=${POSTFIX_SMTPD_TLS:-false}
POSTFIX_SMTP_TLS=${POSTFIX_SMTP_TLS:-false}
POSTFIX_RELAYHOST_AUTH_ENABLE=${POSTFIX_RELAYHOST_AUTH_ENABLE:-false}
#POSTFIX_SPAMHAUS_DQS_KEY=${POSTFIX_SPAMHAUS_DQS_KEY:-null}
#POSTFIX_RELAYHOST_USERNAME=${POSTFIX_RELAYHOST_USERNAME:-null}
#POSTFIX_RELAYHOST_PASSWORD=${POSTFIX_RELAYHOST_PASSWORD:-null}
RSPAMD_ENABLE=${RSPAMD_ENABLE:-false}
#RSPAMD_WEB_PASSWORD=${RSPAMD_WEB_PASSWORD:-null}
RSPAMD_NO_LOCAL_ADDRS=${RSPAMD_NO_LOCAL_ADDRS:-false}
DKIM_PRIVATE_KEY=/data/dkim/${ANONADDY_DOMAIN}.private
SMTPD_MILTERS=""
if [ "$RSPAMD_ENABLE" = "true" ] && [ -f "$DKIM_PRIVATE_KEY" ]; then
SMTPD_MILTERS="inet:127.0.0.1:11332"
fi
# Keep them to check if users are still using an old configuration
DKIM_ENABLE=${DKIM_ENABLE:-false}
DMARC_ENABLE=${DMARC_ENABLE:-false}
file_env 'APP_KEY'
file_env 'DB_USERNAME' 'anonaddy'
file_env 'DB_PASSWORD'
file_env 'REDIS_PASSWORD'
file_env 'PUSHER_APP_SECRET'
file_env 'ANONADDY_SECRET'
file_env 'ANONADDY_SIGNING_KEY_FINGERPRINT'
file_env 'POSTFIX_RELAYHOST_USERNAME' 'null'
file_env 'POSTFIX_RELAYHOST_PASSWORD' 'null'
file_env 'RSPAMD_WEB_PASSWORD' 'null'