├── VERSION ├── hooks ├── build └── post_push ├── LICENSE ├── docker_config.py ├── docker-compose.yml ├── Dockerfile ├── README.md └── entrypoint.sh /VERSION: -------------------------------------------------------------------------------- 1 | v0.2.3 -------------------------------------------------------------------------------- /hooks/build: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | VER=`cat VERSION` 3 | docker build --build-arg VERSION=$VER -t $IMAGE_NAME . 4 | -------------------------------------------------------------------------------- /hooks/post_push: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | VER=`cat VERSION` 3 | docker tag $DOCKER_REPO $DOCKER_REPO:$VER 4 | docker push $DOCKER_REPO:$VER 5 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2019 HSRNetwork 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /docker_config.py: -------------------------------------------------------------------------------- 1 | import os 2 | basedir = os.path.abspath(os.path.abspath(os.path.dirname(__file__))) 3 | 4 | ### BASIC APP CONFIG 5 | SALT = os.environ.get('SALT', '$2b$12$yLUMTIfl21FKJQpTkRQXCu') 6 | SECRET_KEY = os.environ.get('SECRET_KEY', 'MyAwesomeSecretKey') 7 | BIND_ADDRESS = os.environ.get('BIND_ADDRESS', '0.0.0.0') 8 | PORT = os.environ.get('PORT', '80') 9 | HSTS_ENABLED = False 10 | 11 | LOG_LEVEL = os.environ.get('LOG_LEVEL', 'info') 12 | LOG_FILE = '' 13 | 14 | ### DATABASE CONFIG 15 | SQLA_DB_USER = os.environ.get('SQLA_DB_USER', 'powerdns-svc-user') 16 | SQLA_DB_PASSWORD = os.environ.get('SQLA_DB_PASSWORD', 'powerdns-svc-user-pw') 17 | SQLA_DB_HOST = os.environ.get('SQLA_DB_HOST', 'powerdns-admin-mysql') 18 | SQLA_DB_PORT = os.environ.get('SQLA_DB_PORT', '3306') 19 | SQLA_DB_NAME = os.environ.get('SQLA_DB_NAME', 'powerdns-admin') 20 | SQLALCHEMY_TRACK_MODIFICATIONS = True 21 | 22 | ### DATBASE - MySQL 23 | SQLALCHEMY_DATABASE_URI = 'mysql://'+SQLA_DB_USER+':'+SQLA_DB_PASSWORD+'@'+SQLA_DB_HOST+':'+SQLA_DB_PORT+'/'+SQLA_DB_NAME 24 | 25 | ### DATABSE - SQLite 26 | # SQLALCHEMY_DATABASE_URI = 'sqlite:///' + os.path.join(basedir, 'pdns.db') 27 | 28 | # SAML Authnetication 29 | SAML_ENABLED = False 30 | SAML_ASSERTION_ENCRYPTED = True -------------------------------------------------------------------------------- /docker-compose.yml: -------------------------------------------------------------------------------- 1 | version: "3.7" 2 | 3 | services: 4 | powerdns-admin: 5 | image: hsrnetwork/powerdns-admin:latest 6 | hostname: powerdns-admin 7 | restart: unless-stopped 8 | ports: 9 | - "80:80" 10 | # To override the default config.py: 11 | #volumes: 12 | #- /path/to/configs/config.py:/powerdns-admin/config.py 13 | environment: 14 | SIGNUP_ENABLED: 'False' 15 | ADMIN_USER: admin 16 | ADMIN_USER_PASSWORD: 12345 17 | SALT: $$2b$$12$$gmPOvn57H16qlj5kJtJlH. 18 | SECRET_KEY: I0o3qqd2eQE859gPpVCGm4EYW4fJTVnGnX2dJZ9YIejq20SJ77tW 19 | LOG_LEVEL: INFO 20 | SQLA_DB_HOST: powerdns-admin-mysql 21 | SQLA_DB_NAME: powerdns-admin 22 | SQLA_DB_USER: powerdns-admin-svc-user 23 | SQLA_DB_PASSWORD: powerdns-admin-svc-user-pw 24 | PDNS_HOST: pdns-server 25 | PDNS_API_KEY: changeme 26 | PDNS_VERSION: 4.1.10 27 | depends_on: 28 | - powerdns-admin-mysql 29 | healthcheck: 30 | test: ["CMD","wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1/"] 31 | timeout: 10s 32 | retries: 5 33 | 34 | powerdns-admin-mysql: 35 | image: mysql/mysql-server:8.0.21 36 | hostname: powerdns-admin-db 37 | restart: unless-stopped 38 | # To persist the mysql data: 39 | # volumes: 40 | # - /path/to/pdns-mysql/data:/var/lib/mysql 41 | environment: 42 | MYSQL_DATABASE: powerdns-admin 43 | MYSQL_USER: powerdns-admin-svc-user 44 | MYSQL_PASSWORD: powerdns-admin-svc-user-pw 45 | healthcheck: 46 | test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"] 47 | timeout: 10s 48 | retries: 5 49 | 50 | pdns-server: 51 | image: psitrax/powerdns:v4.3.0 52 | hostname: powerdns 53 | restart: unless-stopped 54 | ports: 55 | - "5300:53" 56 | - "5300:53/udp" 57 | command: > 58 | --api=yes 59 | --api-key=changeme 60 | --webserver-address=0.0.0.0 61 | --webserver-allow-from=0.0.0.0/0 62 | environment: 63 | MYSQL_HOST: pdns-server-mysql 64 | MYSQL_DB: powerdns 65 | MYSQL_USER: powerdns-svc-user 66 | MYSQL_PASS: powerdns-svc-user-pw 67 | depends_on: 68 | - pdns-server-mysql 69 | 70 | pdns-server-mysql: 71 | image: mysql/mysql-server:8.0.21 72 | hostname: powerdns-db 73 | restart: unless-stopped 74 | # To persist the mysql data: 75 | #volumes: 76 | #- /path/to/pdns-mysql/data:/var/lib/mysql 77 | environment: 78 | MYSQL_DATABASE: powerdns 79 | MYSQL_USER: powerdns-svc-user 80 | MYSQL_PASSWORD: powerdns-svc-user-pw 81 | # Required because otherwise the pdns-server crashes with Authentication plugin 'caching_sha2_password' cannot be loaded: Error loading shared library /usr/lib/mysql/plugin/caching_sha2_password.so: No such file or directory 82 | command: --default-authentication-plugin=mysql_native_password 83 | healthcheck: 84 | test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost"] 85 | timeout: 10s 86 | retries: 5 87 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | FROM alpine:3.12 AS builder 2 | LABEL maintainer="k@ndk.name" 3 | 4 | ARG BUILD_DEPENDENCIES="build-base \ 5 | libffi-dev \ 6 | libxml2-dev \ 7 | mariadb-connector-c-dev \ 8 | openldap-dev \ 9 | py3-pip \ 10 | python3-dev \ 11 | xmlsec-dev \ 12 | yarn \ 13 | git" 14 | 15 | ARG VERSION="v0.2.3" 16 | 17 | ENV LC_ALL=en_US.UTF-8 \ 18 | LANG=en_US.UTF-8 \ 19 | LANGUAGE=en_US.UTF-8 \ 20 | FLASK_APP=/build/powerdnsadmin/__init__.py 21 | 22 | # Get dependencies 23 | RUN apk add --no-cache ${BUILD_DEPENDENCIES} 24 | 25 | 26 | # Get the source from the master branch 27 | RUN git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /build/ 28 | RUN cd /build && git checkout tags/${VERSION} 29 | 30 | WORKDIR /build 31 | 32 | # Get application dependencies 33 | RUN pip install --upgrade pip && \ 34 | pip install -r requirements.txt 35 | 36 | # Prepare assets 37 | RUN yarn install --pure-lockfile --production && \ 38 | yarn cache clean && \ 39 | sed -i -r -e "s|'cssmin',\s?'cssrewrite'|'cssmin'|g" /build/powerdnsadmin/assets.py && \ 40 | flask assets build 41 | 42 | RUN mv /build/powerdnsadmin/static /tmp/static && \ 43 | mkdir /build/powerdnsadmin/static && \ 44 | cp -r /tmp/static/generated /build/powerdnsadmin/static && \ 45 | cp -r /tmp/static/assets /build/powerdnsadmin/static && \ 46 | cp -r /tmp/static/img /build/powerdnsadmin/static && \ 47 | find /tmp/static/node_modules -name 'fonts' -exec cp -r {} /build/powerdnsadmin/static \; && \ 48 | find /tmp/static/node_modules/icheck/skins/square -name '*.png' -exec cp {} /build/powerdnsadmin/static/generated \; 49 | 50 | RUN { \ 51 | echo "from flask_assets import Environment"; \ 52 | echo "assets = Environment()"; \ 53 | echo "assets.register('js_login', 'generated/login.js')"; \ 54 | echo "assets.register('js_validation', 'generated/validation.js')"; \ 55 | echo "assets.register('css_login', 'generated/login.css')"; \ 56 | echo "assets.register('js_main', 'generated/main.js')"; \ 57 | echo "assets.register('css_main', 'generated/main.css')"; \ 58 | } > /build/powerdnsadmin/assets.py 59 | 60 | # Move application 61 | RUN mkdir -p /app && \ 62 | cp -r /build/migrations/ /build/powerdnsadmin/ /build/run.py /app 63 | 64 | COPY docker_config.py /app/powerdnsadmin/default_config.py 65 | 66 | # Cleanup 67 | RUN pip install pip-autoremove && \ 68 | pip-autoremove cssmin -y && \ 69 | pip-autoremove jsmin -y && \ 70 | pip-autoremove pytest -y && \ 71 | pip uninstall -y pip-autoremove && \ 72 | apk del ${BUILD_DEPENDENCIES} 73 | 74 | 75 | # Build image 76 | FROM alpine:3.12 77 | 78 | ENV FLASK_APP=/app/powerdnsadmin/__init__.py 79 | 80 | RUN apk add --no-cache mariadb-connector-c postgresql-client py3-gunicorn py3-psycopg2 xmlsec tzdata bash mysql-client && \ 81 | addgroup -S pda && \ 82 | adduser -S -D --no-create-home -G pda pda && \ 83 | mkdir /data && \ 84 | chown pda:pda /data 85 | 86 | COPY --from=builder /usr/bin/flask /usr/bin/ 87 | COPY --from=builder /usr/lib/python3.8/site-packages /usr/lib/python3.8/site-packages/ 88 | COPY --from=builder --chown=pda:pda /app /app/ 89 | 90 | COPY entrypoint.sh /usr/bin/ 91 | RUN chmod 755 /usr/bin/entrypoint.sh 92 | 93 | WORKDIR /app 94 | 95 | EXPOSE 80/tcp 96 | HEALTHCHECK CMD ["wget","--output-document=-","--quiet","--tries=1","http://127.0.0.1/"] 97 | ENTRYPOINT ["bash", "/usr/bin/entrypoint.sh"] 98 | CMD ["gunicorn","powerdnsadmin:create_app()","--user","pda","--group","pda"] -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # PowerDNS Admin Web UI 2 | Dockerized version of https://github.com/ngoduykhanh/PowerDNS-Admin. 3 | 4 | The prebuilt Docker image can be found here: https://hub.docker.com/r/hsrnetwork/powerdns-admin 5 | 6 | ## Why this Docker 7 | Unfortunately PowerDNS-Admin does not offer a clean and especially easy way to configure a dockerized version of it's awsome software. There are some attempts (e.g. https://github.com/ngoduykhanh/PowerDNS-Admin/pull/535) to achieve this but to be honest it's still not what we would call an "easy to configure" Docker image. That's mainly because of the software itself which does not allow an easy configuration of some settings like PDNS API and local authentication. We chose to inject these settings via Docker environment variables directly into the PowerDNS-Admin database and therefore allow a staight forward configuration (even though it's kind of hacky) - PowerDNS-Admin forces us to do so. 8 | 9 | ## Prerequisites 10 | **Important**: Ensure all environment vaiables of the services inside the `docker-compose.yml` file are set according to your needs. If you run an already existing PowerDNS instance, just remove the `pdns-server` and `pdns-server-mysql` service from the `docker-compose.yml` file and point the `powerdns-admin` service to your PowerDNS instance. See in the chapters below to get an overview of all possible configuration environment variables. 11 | 12 | ### DB Configuartion 13 | See inside the official `mysql/mysql-server` `docker-entrypoint.sh` file to check which environment variables are available to configure the mysql containers (https://github.com/mysql/mysql-docker/blob/mysql-server/8.0/docker-entrypoint.sh). 14 | 15 | To configure the DB connection for PowerDNS-Admin use the following environment variables: 16 | ```bash 17 | SQLA_DB_HOST: powerdns-admin-mysql 18 | SQLA_DB_NAME: powerdns-admin 19 | SQLA_DB_USER: powerdns-admin-svc-user 20 | SQLA_DB_PASSWORD: powerdns-admin-svc-user-pw 21 | SQLA_DB_PORT: 3306 22 | ``` 23 | **Important:** The values shown here are the defaults of this Docker image. 24 | 25 | ### PDNS 26 | Set the following environment variables to configure the connection to the PowerDNS: 27 | ```bash 28 | PDNS_HOST: pdns-server 29 | PDNS_API_KEY: changeme 30 | PDNS_PORT: 8081 31 | PDNS_VERSION: 4.3.0 32 | PDNS_PROTO: http 33 | ``` 34 | **Important:** The values shown here are the defaults of this Docker image. 35 | 36 | ### User Management 37 | You must set `SIGNUP_ENABLED` to `True` if you do **not** like to automatically create a service user. Otherwise the default behaviour of this Docker image is to set `SIGNUP_ENABLED` to `False` which means if you do not override the environment variables, the default credentials will be the following ones: 38 | 39 | ```bash 40 | ADMIN_USER: admin 41 | ADMIN_USER_PASSWORD: 12345 42 | ``` 43 | 44 | **Important:** Do not use `SIGNUP_ENABLED: True` and `ADMIN_USER: XXX`/`ADMIN_USER_PASSWORD: XXX` at the same time. The admin user will not be created and instead the first user you are going to create via WebUI will be assigned to the `Administrator` role. 45 | 46 | ### Log Level 47 | Change the `LOG_LEVEL` if you would like to change the log servity. The default is `info`. 48 | 49 | ### Gunicorn Settings 50 | It's possible to change the `gunicorn` worker number and timeout by setting: 51 | ```bash 52 | GUNICORN_WORKERS: 4 53 | GUINCORN_TIMEOUT: 120 54 | ``` 55 | **Important:** The values shown here are the defaults of this Docker image. 56 | 57 | ## Configuration Example 58 | The following examples should provide you an overview which environment variables are available to configure the service with Docker environment variables. 59 | 60 | ### Recommended Minimum Configuration 61 | ```yaml 62 | environment: 63 | ADMIN_USER: admin 64 | ADMIN_USER_PASSWORD: 12345 65 | SECRET_KEY: 66 | SALT: 67 | LOG_LEVEL: INFO 68 | SQLA_DB_HOST: powerdns-admin-mysql 69 | SQLA_DB_NAME: powerdns-admin 70 | SQLA_DB_USER: powerdns-admin-svc-user 71 | SQLA_DB_PASSWORD: powerdns-admin-svc-user-pw 72 | PDNS_HOST: pdns-server 73 | PDNS_API_KEY: changeme 74 | PDNS_VERSION: 4.3.0 75 | ``` 76 | 77 | ### All Possible Configurations 78 | ```yaml 79 | environment: 80 | # Use the capital letter "F"/"T" for "False"/"True" (limitation of PowerDNS-Admin) 81 | SIGNUP_ENABLED: 'False' 82 | ADMIN_USER: admin 83 | ADMIN_USER_PASSWORD: 12345 84 | SECRET_KEY: 85 | # Escape the "$" with an additional "$": SALT: '$$2b$$12$$m3g0pU8pdc4pGcgqKeFZOO' 86 | SALT: 87 | BIND_ADDRESS: 0.0.0.0 88 | PORT: 80 89 | GUINCORN_TIMEOUT: 120 90 | GUNICORN_WORKERS: 4 91 | LOG_LEVEL: INFO 92 | SQLA_DB_HOST: powerdns-admin-mysql 93 | SQLA_DB_NAME: powerdns-admin 94 | SQLA_DB_USER: powerdns-admin-svc-user 95 | SQLA_DB_PASSWORD: powerdns-admin-svc-user-pw 96 | SQLA_DB_PORT: 3306 97 | PDNS_HOST: pdns-server 98 | PDNS_API_KEY: changeme 99 | PDNS_PORT: 8081 100 | PDNS_VERSION: 4.3.0 101 | PDNS_PROTO: http 102 | ``` 103 | 104 | ## Getting Started 105 | ```bash 106 | docker-compose up -d 107 | ``` 108 | 109 | ## Versioning 110 | The versioning of this image should be alligned with the [versioning of ngoduykhanh/PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin/tags). If [ngoduykhanh/PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin) releases a new version, we should simply update our `VERSION` file with the regarding Git tag in order to build an updated Docker image version. Since the value from the `VERSION` file is taken as `--build-arg VERSION`, the automated Docker Hub build should automatically use the specified [ngoduykhanh/PowerDNS-Admin](https://github.com/ngoduykhanh/PowerDNS-Admin) release. -------------------------------------------------------------------------------- /entrypoint.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | set -e 3 | 4 | ADMIN_USER_PASSWORD_HASHED= 5 | 6 | # Webserver settings 7 | if [[ -z ${BIND_ADDRESS} ]]; then 8 | BIND_ADDRESS=0.0.0.0; 9 | fi 10 | 11 | if [[ -z ${PORT} ]]; then 12 | PORT=80; 13 | fi 14 | 15 | if [[ -z ${LOG_LEVEL} ]]; then 16 | LOG_LEVEL=info; 17 | fi 18 | 19 | if [[ -z ${GUNICORN_TIMEOUT} ]]; then 20 | GUNICORN_TIMEOUT=120; 21 | fi 22 | 23 | if [[ -z ${GUNICORN_WORKERS} ]]; then 24 | GUNICORN_WORKERS=4; 25 | fi 26 | 27 | # PowerDNS settings 28 | if [[ -z ${PDNS_HOST} ]]; then 29 | PDNS_HOST=pdns-server; 30 | fi 31 | 32 | if [[ -z ${PDNS_API_KEY} ]]; then 33 | PDNS_API_KEY=changeme; 34 | fi 35 | 36 | if [[ -z ${PDNS_PORT} ]]; then 37 | PDNS_PORT=8081; 38 | fi 39 | 40 | if [[ -z ${PDNS_PROTO} ]]; then 41 | PDNS_PROTO=http; 42 | fi 43 | 44 | if [[ -z ${PDNS_VERSION} ]]; then 45 | PDNS_VERSION=4.1.10; 46 | fi 47 | 48 | # SQL settings 49 | if [[ -z ${SQLA_DB_HOST} ]]; then 50 | SQLA_DB_HOST=powerdns-admin-mysql; 51 | fi 52 | 53 | if [[ -z ${SQLA_DB_NAME} ]]; then 54 | SQLA_DB_NAME=powerdns-admin; 55 | fi 56 | 57 | if [[ -z ${SQLA_DB_USER} ]]; then 58 | SQLA_DB_USER=powerdns-admin-svc-user; 59 | fi 60 | 61 | if [[ -z ${SQLA_DB_PASSWORD} ]]; then 62 | SQLA_DB_PASSWORD=powerdns-admin-svc-user-pw; 63 | fi 64 | 65 | if [[ -z ${SQLA_DB_PORT} ]]; then 66 | SQLA_DB_PORT=3306; 67 | fi 68 | 69 | # User authentication settings 70 | if [[ -z ${SIGNUP_ENABLED} ]]; then 71 | SIGNUP_ENABLED=False; 72 | fi 73 | 74 | if [[ -z ${ADMIN_USER} && ${SIGNUP_ENABLED} == "False" ]]; then 75 | ADMIN_USER=admin; 76 | echo "A ADMIN_USER must be configured if you disable signup. Defaulting: $ADMIN_USER". 77 | fi 78 | 79 | if [[ -z ${ADMIN_USER_PASSWORD} ]]; then 80 | ADMIN_USER_PASSWORD=12345 81 | echo "A ADMIN_USER_PASSWORD must be configured if you disable signup. Default: $ADMIN_USER_PASSWORD". 82 | fi 83 | 84 | if [[ ${SIGNUP_ENABLED} == "False" ]]; then 85 | # Hash the PW 86 | ADMIN_USER_PASSWORD_HASHED=$(python3 -c "import os; import bcrypt; print(bcrypt.hashpw(str(os.getenv('ADMIN_USER_PASSWORD', '12345')).encode(), bcrypt.gensalt()).decode())") 87 | fi 88 | 89 | # Wait for us to be able to connect to mysql before proceeding 90 | echo "===> Waiting for $SQLA_DB_HOST mysql service" 91 | until nc -zv \ 92 | $SQLA_DB_HOST \ 93 | $SQLA_DB_PORT; 94 | do 95 | echo "mysql ($SQLA_DB_HOST) is unavailable - sleeping 5 seconds" 96 | sleep 5 97 | done 98 | 99 | echo "===> DB management" 100 | # DB Migration directory 101 | DB_MIGRATION_DIR='/app/migrations' 102 | # Go in Workdir 103 | cd /app 104 | 105 | if [ ! -d "${DB_MIGRATION_DIR}" ]; then 106 | echo "---> Running DB Init" 107 | su pda -s /bin/sh -c "flask db init --directory ${DB_MIGRATION_DIR}" 108 | su pda -s /bin/sh -c "flask db migrate -m 'Init DB' --directory ${DB_MIGRATION_DIR}" 109 | su pda -s /bin/sh -c "flask db upgrade --directory ${DB_MIGRATION_DIR}" 110 | ./init_data.py 111 | else 112 | echo "---> Running DB Migration" 113 | set +e 114 | su pda -s /bin/sh -c "flask db migrate -m 'Upgrade DB Schema' --directory ${DB_MIGRATION_DIR}" 115 | su pda -s /bin/sh -c "flask db upgrade --directory ${DB_MIGRATION_DIR}" 116 | set -e 117 | fi 118 | 119 | echo "===> Update PDNS API connection info" 120 | # Initial setting if not available in the DB 121 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_url', '${PDNS_PROTO}://${PDNS_HOST}:${PDNS_PORT}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_url') LIMIT 1;" 122 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_api_key', '${PDNS_API_KEY}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_api_key') LIMIT 1;" 123 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'pdns_version', '${PDNS_VERSION}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'pdns_version') LIMIT 1;" 124 | if [[ ${SIGNUP_ENABLED} == "False" ]]; then 125 | echo "===> Update default admin account" 126 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'local_db_enabled', 'True') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'local_db_enabled') LIMIT 1;" 127 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO setting (name, value) SELECT * FROM (SELECT 'signup_enabled', '${SIGNUP_ENABLED}') AS tmp WHERE NOT EXISTS (SELECT name FROM setting WHERE name = 'signup_enabled') LIMIT 1;" 128 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "INSERT INTO user (username, password, firstname, lastname, email, otp_secret, role_id, confirmed) SELECT * FROM (SELECT '${ADMIN_USER}' as username, '${ADMIN_USER_PASSWORD_HASHED}' as password, 'admin' as firstname, 'admin' as lastname, 'admin@example.com' as email, NULL as otp_secret, 1 as role_id, FALSE as confirmed) AS tmp WHERE NOT EXISTS (SELECT username FROM user WHERE username = '${ADMIN_USER}') LIMIT 1;" 129 | fi 130 | 131 | # Update pdns api setting if environment variable is changed. 132 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_PROTO}://${PDNS_HOST}:${PDNS_PORT}' WHERE name='pdns_api_url';" 133 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_API_KEY}' WHERE name='pdns_api_key';" 134 | mysql -h${SQLA_DB_HOST} -u${SQLA_DB_USER} -p${SQLA_DB_PASSWORD} -P${SQLA_DB_PORT} ${SQLA_DB_NAME} -e "UPDATE setting SET value='${PDNS_VERSION}' WHERE name='pdns_version';" 135 | 136 | GUNICORN_ARGS="-t ${GUNICORN_TIMEOUT} --workers ${GUNICORN_WORKERS} --bind ${BIND_ADDRESS}:${PORT} --log-level ${LOG_LEVEL}" 137 | if [ "$1" == gunicorn ]; then 138 | exec "$@" $GUNICORN_ARGS 139 | else 140 | exec "$@" 141 | fi 142 | --------------------------------------------------------------------------------