makefile: move secrets out of ./data into ./secrets

single-dockerfile
Ubuntu 2 years ago
parent 9d6c61672c
commit 6ba4003dd6
  1. 10
      Makefile

@ -20,7 +20,7 @@ help:
UC = $(shell echo '$1' | tr '[:lower:]' '[:upper:]')
DOCKER = \
$(foreach m,$(MODULES),. data/$m/secrets && ) \
$(foreach m,$(MODULES),. secrets/$m && ) \
docker-compose \
--env-file env.production \
$(foreach m,$(MODULES),--file ./$m.yaml) \
@ -52,28 +52,28 @@ matrix-logs:
$(DOCKER) logs --tail 100 -f matrix-synapse
nextcloud-logs:
$(DOCKER) logs -f nextcloud
nginx-build: data/nginx/secrets
nginx-build: secrets/nginx
$(DOCKER) build nginx
certdir = ./data/certbot/conf/live/${DOMAIN_NAME}
run: secrets-setup
secrets-setup: $(foreach m,$(MODULES),data/$m/secrets)
secrets-setup: $(foreach m,$(MODULES),secrets/$m)
# Create the per-subdomain secrets if they don't exist
# not every service requires all of these features, but create them anyway
GET_MODULE = $(call UC,$(word 2,$(subst /, ,$@)))
RAND = $$(openssl rand -hex $1)
data/%/secrets:
secrets/%:
mkdir -p $(dir $@)
echo >$@ "# DO NOT CHECK IN"
echo >>$@ "export $(GET_MODULE)_ADMIN_PASSWORD=$(call RAND,8)"
echo >>$@ "export $(GET_MODULE)_CLIENT_SECRET=$(call RAND,20)"
echo >>$@ "export $(GET_MODULE)_SESSION_SECRET=$(call RAND,20)"
data/gitea/secrets: data/gitea/host-setup.done
secrets/gitea: data/gitea/host-setup.done
data/gitea/host-setup.done:
sudo ./gitea/host-setup.sh
mkdir -p $(dir $@)

Loading…
Cancel
Save