From 0eb4e4a34c90f414d219db8dbc1954c4fa299cab Mon Sep 17 00:00:00 2001 From: Allan Eising Date: Sun, 1 Jun 2025 16:45:42 +0200 Subject: [PATCH] Update docker --- .dockerignore | 3 +++ docker/Dockerfile.admin | 7 ++++--- docker/admin.entrypoint.sh | 15 +++++++++++++++ src/sshecret/crypto.py | 2 +- 4 files changed, 23 insertions(+), 4 deletions(-) create mode 100755 docker/admin.entrypoint.sh diff --git a/.dockerignore b/.dockerignore index 2bbf71d..df7cdae 100644 --- a/.dockerignore +++ b/.dockerignore @@ -5,3 +5,6 @@ **/__pycache__ .ruff_cache **/.testing +packages/sshecret-admin/sshecret_admin.db +packages/sshecret-admin/sshecret_admin-key +packages/sshecret-admin/keepass.kdbx diff --git a/docker/Dockerfile.admin b/docker/Dockerfile.admin index e138636..9f61ab9 100644 --- a/docker/Dockerfile.admin +++ b/docker/Dockerfile.admin @@ -16,6 +16,9 @@ FROM python:3.13-slim-bookworm COPY --from=builder --chown=app:app /build/dist /opt/sshecret +COPY packages/sshecret-admin /opt/sshecret-admin +COPY docker/admin.entrypoint.sh /entrypoint.sh + RUN pip install /opt/sshecret/sshecret-*.whl RUN pip install /opt/sshecret/sshecret_admin-*.whl @@ -25,6 +28,4 @@ VOLUME /opt/sshecret-admin WORKDIR /opt/sshecret-admin -ENTRYPOINT [ "sshecret-admin" ] - -CMD ["run", "--host", "0.0.0.0"] +CMD ["/entrypoint.sh"] diff --git a/docker/admin.entrypoint.sh b/docker/admin.entrypoint.sh new file mode 100755 index 0000000..13cb839 --- /dev/null +++ b/docker/admin.entrypoint.sh @@ -0,0 +1,15 @@ +#!/usr/bin/env bash + +fail() { + printf '%s\n' "$1" >&2 ## Send message to stderr. + exit "${2-1}" ## Return a code specified by $2, or 1 by default. +} + +[[ -d migrations ]] || fail "Error: Must be run from the backend directory." + +export SSHECRET_ADMIN_DATABASE="/opt/sshecret-admin/sshecret_admin.db" +export SSHECRET_ADMIN_PASSWORD_MANAGER_DIRECTORY="/opt/sshecret-admin" + +alembic upgrade head + +sshecret-admin run --host 0.0.0.0 diff --git a/src/sshecret/crypto.py b/src/sshecret/crypto.py index d3be32e..11aab01 100644 --- a/src/sshecret/crypto.py +++ b/src/sshecret/crypto.py @@ -124,7 +124,7 @@ def create_private_rsa_key(filename: Path, password: str | None = None) -> None: A password may be provided for secure storage. """ if filename.exists(): - raise RuntimeError("Error: private key file already exists.") + raise RuntimeError(f"Error: private key file already exists at {filename}.") LOG.debug("Generating private RSA key at %s", filename) private_key = generate_private_key() encryption_algorithm = serialization.NoEncryption()