femiwiki: Rename the names of secrets (#872)

* femiwiki: Move secret.php to secrets.php * femiwiki: Use general names for DB-related variables * Remove back-compat from image
femiwiki · Oct 6, 2024 · bb69973 · bb69973
1 parent a9d0cc1
commit bb69973
Show file tree

Hide file tree

Showing 8 changed files with 20 additions and 16 deletions.
diff --git a/.github/workflows/docker-femiwiki.yml b/.github/workflows/docker-femiwiki.yml
@@ -23,7 +23,7 @@ jobs:
 
       - name: Edit configuration
         run: |
-          mv development/secret.php.example development/secret.php
+          mv development/secrets.php.example development/secrets.php
           mv dockers/femiwiki/LocalSettings.php development
           mv dockers/femiwiki/Hotfix.php development
           sed -i -r 's~ghcr\.io\/femiwiki\/femiwiki:.+~ghcr\.io\/femiwiki\/femiwiki:docker-test~' docker-compose.yml

diff --git a/.gitignore b/.gitignore
@@ -1,5 +1,6 @@
-# secret
+# Maybe contains secrets
 /development/secret.php
+/development/secrets.php
 /development/LocalSettings.php
 /development/Hotfix.php
 /development/analytics-credentials-file.json

diff --git a/README.md b/README.md
@@ -49,7 +49,7 @@ Caddy를 실행할 경우에는 Caddyfile을 `/srv/femiwiki.com/Caddyfile`로
 ```bash
 docker swarm init
 
-cp development/secret.php.example development/secret.php
+cp development/secrets.php.example development/secrets.php
 cp dockers/mediawiki/LocalSettings.php development/
 cp dockers/femiwiki/Hotfix.php development/
 
@@ -96,7 +96,7 @@ of the [GNU Affero General Public License v3.0] or any later version. See
 [docker swarm]: https://docs.docker.com/engine/swarm/
 [docker composer]: https://docs.docker.com/compose/
 [femiwiki/ami]: https://github.com/femiwiki/ami
-[secret.php]: development/secret.php.example
+[secrets.php]: development/secrets.php.example
 [how to deploy weekly femiwiki to production]: https://github.com/femiwiki/femiwiki/blob/main/how-to-deploy-weekly-femi-wiki-to-production.md
 [php-fpm]: https://php-fpm.org/
 [caddy]: https://caddyserver.com/

diff --git a/development/secret.php.example → development/secrets.php.example b/development/secret.php.example → development/secrets.php.example
@@ -1,9 +1,9 @@
 <?php
 
 // Database settings
-$wgDBserver = getenv( 'NOMAD_UPSTREAM_ADDR_mysql' ) ?: 'mysql';
-$wgDBuser = 'DB_USERNAME';
-$wgDBpassword = 'DB_PASSWORD';
+$wgDBserver = getenv( 'WG_DB_SERVER' ) ?: 'mysql';
+$wgDBuser = getenv( 'WG_DB_USER' ) ?: 'DB_USERNAME';
+$wgDBpassword = getenv( 'WG_DB_PASSWORD' ) ?: 'DB_PASSWORD';
 
 // SMTP Password
 $wgSMTP['password'] = 'SMTP_PASSWORD';

diff --git a/docker-compose.yml b/docker-compose.yml
@@ -23,7 +23,7 @@ services:
   fastcgi:
     image: ghcr.io/femiwiki/femiwiki:latest
     volumes:
-      # Mount secret.php, LocalSettings.php and site-list.xml
+      # Mount secrets.php, LocalSettings.php and site-list.xml
       - ./development:/a:ro
       - l18n_cache:/tmp/cache
     environment:
@@ -40,12 +40,12 @@ services:
     environment:
       - MYSQL_ROOT_PASSWORD=localfemiwikipassword
       - MYSQL_DATABASE=femiwiki
-      - MYSQL_USER=DB_USERNAME # secret.php.example에 적힌 기본값
-      - MYSQL_PASSWORD=DB_PASSWORD # secret.php.example에 적힌 기본값
+      - MYSQL_USER=DB_USERNAME # secrets.php.example에 적힌 기본값
+      - MYSQL_PASSWORD=DB_PASSWORD # secrets.php.example에 적힌 기본값
     networks:
       default:
         aliases:
-          - DB_HOSTNAME # secret.php.example에 적힌 기본값
+          - DB_HOSTNAME # secrets.php.example에 적힌 기본값
   memcached:
     image: memcached:1-alpine
 

diff --git a/dockers/femiwiki/LocalSettings.php b/dockers/femiwiki/LocalSettings.php
@@ -1018,7 +1018,10 @@
 //
 // Load secret.php
 //
-require_once '/a/secret.php';
+if ( file_exists( '/a/secret.php' ) ) {
+	require_once '/a/secret.php';
+}
+require_once '/a/secrets.php';
 
 //
 // Overwrite server url

diff --git a/dockers/femiwiki/run b/dockers/femiwiki/run
@@ -9,9 +9,9 @@ echo 'Starting Femiwiki ...'
 # Run Install.php
 if [ -z "${MEDIAWIKI_SKIP_INSTALL:-}" ]; then
   echo 'Start installing Mediawiki ...'
-  DB_HOSTNAME="$(php -r 'require "/a/secret.php"; echo $wgDBserver;')"
-  DB_USERNAME="$(php -r 'require "/a/secret.php"; echo $wgDBuser;')"
-  DB_PASSWORD="$(php -r 'require "/a/secret.php"; echo $wgDBpassword;')"
+  DB_HOSTNAME="$(php -r 'require "/a/secrets.php"; echo $wgDBserver;')"
+  DB_USERNAME="$(php -r 'require "/a/secrets.php"; echo $wgDBuser;')"
+  DB_PASSWORD="$(php -r 'require "/a/secrets.php"; echo $wgDBpassword;')"
   php /srv/femiwiki.com/maintenance/install.php \
     --lang ko \
     --scriptpath '/w' \

diff --git a/dockers/mediawiki/Dockerfile b/dockers/mediawiki/Dockerfile
@@ -24,5 +24,5 @@ COPY cron/generate-sitemap \
 RUN mkdir -p /mediawiki/sitemap &&\
     chown www-data:www-data /mediawiki/sitemap
 
-# secret.php should be mounted to '/a/secret.php'
+# secrets.php should be mounted to '/a/secrets.php'
 VOLUME /a