secrets.tgz.aes

2020-10-24 10:58:51 +02:00 · 2020-10-24 10:58:51 +02:00 · 93732560c3
commit 93732560c3
parent da44aa7e4a
2 changed files with 28 additions and 0 deletions
--- a/secrets.tgz.aes/README.md
+++ b/secrets.tgz.aes/README.md
@ -0,0 +1,14 @@
+# Decrypt /secrets/secrets.tgz.aes
+
+## Prerequisites
+* bash
+* curl
+* openssl
+
+## Dockerfile:
+```
+ADD ./snippets/secrets.tgz.aes/decrypt_secrets.sh /app/decrypt_secrets.sh
+```
+
+## Environment
+* SECRETSKEY (required)
--- a/secrets.tgz.aes/decrypt_secrets.sh
+++ b/secrets.tgz.aes/decrypt_secrets.sh
@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -z "${SECRETSKEY+x}" ]; then
+  echo "ENV[SECRETSKEY] not set! Continue without secrets..."
+else
+  if [ -f /secrets/secrets.tgz.aes ]; then
+    cd /secrets \
+    && openssl aes-256-cbc -in secrets.tgz.aes -out secrets.tgz -d -k "${SECRETSKEY}" \
+    && tar xvzf secrets.tgz
+  else
+    echo "/secrets/secrets.tgz.aes not found!"
+    exit 1
+  fi
+fi