From 79ac19937f501c6e5e8bcc813dced763579ad782 Mon Sep 17 00:00:00 2001
From: orblazer <orblazer.minecraft@gmail.com>
Date: Wed, 29 Apr 2020 02:07:45 +0200
Subject: [PATCH] Add possibility to use secrets in environment variables
 (#512)

---
 README.md                      | 16 +++++++++++++---
 start-finalSetup05EnvVariables |  6 ++++++
 2 files changed, 19 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 49751e05..13e2a4d1 100644
--- a/README.md
+++ b/README.md
@@ -277,6 +277,8 @@ Optionally you can also define a prefix to only match predefined enviroment vari
 
 `ENV_VARIABLE_PREFIX="CFG_"` <-- this is the default prefix
 
+If you want use file for value (like when use secrets) you can add suffix `_FILE` to your variable name (in  run command).
+
 There are some limitations to what characters you can use.
 
 | Type  | Allowed Characters  |
@@ -323,7 +325,7 @@ services:
       # and here are the actual variables
       CFG_DB_HOST: "http://localhost:3306"
       CFG_DB_NAME: "minecraft"
-      CFG_DB_PASSWORD: "ug23u3bg39o-ogADSs"
+      CFG_DB_PASSWORD_FILE: "/run/secrets/db_password"
     restart: always
   rcon:
     image: itzg/rcon
@@ -336,8 +338,16 @@ services:
 volumes:
   mc:
   rcon:
+
+secrets:
+  db_password:
+    file: ./db_password
 ```
 
+The content of `db_password`:
+
+    ug23u3bg39o-ogADSs
+
 ## Running a Bukkit/Spigot server
 
 Enable Bukkit/Spigot server mode by adding a `-e TYPE=BUKKIT -e VERSION=1.8` or `-e TYPE=SPIGOT -e VERSION=1.8` to your command-line.
@@ -470,7 +480,7 @@ in either persistent volumes or a downloadable archive.
 A [Tuinity](https://github.com/Spottedleaf/Tuinity) server, which is a fork of Paper aimed at improving server performance at high playercounts.
 
     -e TYPE=TUINITY
-    
+
 > **NOTE** only `VERSION=LATEST` is supported
 
 ## Running a Magma server
@@ -478,7 +488,7 @@ A [Tuinity](https://github.com/Spottedleaf/Tuinity) server, which is a fork of P
 A [Magma](https://magmafoundation.org/) server, which is a combination of Forge and PaperMC, can be used with
 
     -e TYPE=MAGMA
-    
+
 > **NOTE** there are limited base versions supported, so you will also need to  set `VERSION`, such as "1.12.2"
 
 ## Running a Server with a Feed-The-Beast (FTB) / CurseForge modpack
diff --git a/start-finalSetup05EnvVariables b/start-finalSetup05EnvVariables
index 8f08d30a..90a85d52 100644
--- a/start-finalSetup05EnvVariables
+++ b/start-finalSetup05EnvVariables
@@ -10,6 +10,12 @@ if [ "${REPLACE_ENV_VARIABLES^^}" = "TRUE" ]; then
     if [[ "$name" = $ENV_VARIABLE_PREFIX* ]] \
         && [[ $value =~ ^[0-9a-zA-Z_:/=?.+\-]*$ ]] \
         && [[ $name =~ ^[0-9a-zA-Z_\-]*$ ]]; then
+      # Read content from file environment
+      if [[ $name = *"_FILE" ]] && [[ -f $value ]]; then
+        name="${name/_FILE/}"
+        value=$(<$value)
+      fi
+
       log "Replacing $name with $value ..."
       find /data/ -type f \
           \( -name "*.yml" -or -name "*.yaml" -or -name "*.txt" -or -name "*.cfg" \