secrets.tgz.aes

secrets.tgz.aes/README.md

@@ -0,0 +1,14 @@
+# Decrypt /secrets/secrets.tgz.aes
+
+## Prerequisites
+* bash
+* curl
+* openssl
+
+## Dockerfile:
+```
+ADD ./snippets/secrets.tgz.aes/decrypt_secrets.sh /app/decrypt_secrets.sh
+```
+
+## Environment
+* SECRETSKEY (required)

secrets.tgz.aes/decrypt_secrets.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+if [ -z "${SECRETSKEY+x}" ]; then
+  echo "ENV[SECRETSKEY] not set! Continue without secrets..."
+else
+  if [ -f /secrets/secrets.tgz.aes ]; then
+    cd /secrets \
+    && openssl aes-256-cbc -in secrets.tgz.aes -out secrets.tgz -d -k "${SECRETSKEY}" \
+    && tar xvzf secrets.tgz
+  else
+    echo "/secrets/secrets.tgz.aes not found!"
+    exit 1
+  fi
+fi