diff --git a/apps/api/src/lib.ts b/apps/api/src/lib.ts index c54753a84..dced7c145 100644 --- a/apps/api/src/lib.ts +++ b/apps/api/src/lib.ts @@ -23,7 +23,7 @@ export async function migrateServicesToNewTemplate() { } } async function umami(service: any) { - const { postgresqlUser, postgresqlPassword, postgresqlDatabase, umamiAdminPassword, hashSalt } = service.ghost + const { postgresqlUser, postgresqlPassword, postgresqlDatabase, umamiAdminPassword, hashSalt } = service.umami const secrets = [ diff --git a/apps/api/src/lib/services/handlers.ts b/apps/api/src/lib/services/handlers.ts index f5347f15f..2c1b5419e 100644 --- a/apps/api/src/lib/services/handlers.ts +++ b/apps/api/src/lib/services/handlers.ts @@ -692,7 +692,7 @@ export async function startService(request: FastifyRequest) { const teamId = request.user.teamId; const service = await getServiceFromDB({ id, teamId }); - const { type, version, destinationDockerId, destinationDocker, serviceSecret, serviceSetting, exposePort, persistentStorage } = + const { type, destinationDockerId, destinationDocker, persistentStorage } = service; const { workdir } = await createDirectories({ repository: type, buildId: id }); diff --git a/apps/api/src/lib/templates.ts b/apps/api/src/lib/templates.ts index 0f3cf0b89..3ee20c84c 100644 --- a/apps/api/src/lib/templates.ts +++ b/apps/api/src/lib/templates.ts @@ -1,7 +1,7 @@ export default [ { "templateVersion": "1.0.0", - "serviceDefaultVersion": "postgres:12-alpine", + "serviceDefaultVersion": "postgresql-v1.38.0", "name": "umami", "displayName": "Umami", "description": "Umami is a simple, easy to use, self-hosted web analytics solution. The goal is to provide you with a friendly privacy-focused alternative to Google Analytics.", @@ -15,6 +15,7 @@ export default [ "image": "ghcr.io/umami-software/umami:$$core_version", "volumes": [], "environment": [ + "ADMIN_PASSWORD=$$secret_admin_password", "DATABASE_URL=$$secret_database_url", "DATABASE_TYPE=postgresql", "HASH_SALT=$$secret_hash_salt", @@ -26,6 +27,10 @@ export default [ "$$id-postgresql": { "name": "PostgreSQL", "documentation": "Official docs are [here](https://umami.is/docs/getting-started)", + "build": { + context: "$$workdir", + dockerfile: "Dockerfile.$$id-postgresql" + }, "depends_on": [], "image": "postgres:12-alpine", "volumes": [ @@ -41,7 +46,8 @@ export default [ "files": [ { source: "$$workdir/schema.postgresql.sql", - destination: ` + destination: "/docker-entrypoint-initdb.d/schema.postgresql.sql", + content: ` -- CreateTable CREATE TABLE "account" ( "user_id" SERIAL NOT NULL, @@ -172,7 +178,7 @@ export default [ -- AddForeignKey ALTER TABLE "website" ADD FOREIGN KEY ("user_id") REFERENCES "account"("user_id") ON DELETE CASCADE ON UPDATE CASCADE; - insert into account (username, password, is_admin) values ('admin', '$$secret_admin_password', true);` + insert into account (username, password, is_admin) values ('admin', '$$hashed$$secret_admin_password', true);` }, ] } @@ -201,7 +207,7 @@ export default [ "description": "", }, { - "id": "$$config_postgres_password", + "id": "$$secret_postgres_password", "name": "POSTGRES_PASSWORD", "label": "PostgreSQL Password", "defaultValue": "$$generate_password", @@ -218,8 +224,11 @@ export default [ "id": "$$secret_admin_password", "name": "ADMIN_PASSWORD", "label": "Admin Password", - "defaultValue": "$$generate_hashed_password", + "defaultValue": "$$generate_password", "description": "", + "extras": { + "isVisibleOnUI": true, + } }, ] }, diff --git a/apps/api/src/routes/api/v1/services/handlers.ts b/apps/api/src/routes/api/v1/services/handlers.ts index 4ea79829c..f406ff5ce 100644 --- a/apps/api/src/routes/api/v1/services/handlers.ts +++ b/apps/api/src/routes/api/v1/services/handlers.ts @@ -12,6 +12,7 @@ import type { OnlyId } from '../../../../types'; import type { ActivateWordpressFtp, CheckService, CheckServiceDomain, DeleteServiceSecret, DeleteServiceStorage, GetServiceLogs, SaveService, SaveServiceDestination, SaveServiceSecret, SaveServiceSettings, SaveServiceStorage, SaveServiceType, SaveServiceVersion, ServiceStartStop, SetGlitchTipSettings, SetWordpressSettings } from './types'; import { supportedServiceTypesAndVersions } from '../../../../lib/services/supportedVersions'; import { configureServiceType, removeService } from '../../../../lib/services/common'; +import { hashPassword } from '../handlers'; export async function listServices(request: FastifyRequest) { try { @@ -169,7 +170,7 @@ export async function parseAndFindServiceTemplates(service: any, workdir?: strin if (service.serviceSecret.length > 0) { for (const secret of service.serviceSecret) { const { name, value } = secret - parsedTemplate = JSON.parse(JSON.stringify(parsedTemplate).replaceAll(`$$secret_${name.toLowerCase()}`, value)) + parsedTemplate = JSON.parse(JSON.stringify(parsedTemplate).replaceAll(`$$hashed$$secret_${name.toLowerCase()}`, bcrypt.hashSync(value, 10)).replaceAll(`$$secret_${name.toLowerCase()}`, value)) } } } @@ -223,11 +224,6 @@ export async function saveServiceType(request: FastifyRequest, variable.value = generatePassword({ length }); } else if (variable.defaultValue === '$$generate_passphrase') { variable.value = generatePassword({ length }); - } else if (variable.defaultValue === '$$generate_hashed_password') { - variable.value = bcrypt.hashSync( - generatePassword({ length }), - 10 - ); } } if (variableId.startsWith('$$config_')) {