# # Author: Hari Sekhon # Date: 2022-08-04 15:42:17 +0100 (Thu, 04 Aug 2022) # # vim:ts=4:sts=4:sw=4:et # # https://github.com/HariSekhon/DevOps-Bash-tools # # License: see accompanying Hari Sekhon LICENSE file # # If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish # # https://www.linkedin.com/in/HariSekhon # # https://octopus.com/docs/installation/octopus-server-linux-container/docker-compose-linux # # https://hub.docker.com/r/octopusdeploy/octopusdeploy # Define the password for the SQL database. This also must be set in the DB_CONNECTION_STRING value. # # XXX: warning - do not change this password after container's initial creation, otherwise results in the following error: # # Logon Error: 18456, Severity: 14, State: 8. # Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: ] # # Would need to delete the containers and docker volumes to reset # # 2nd startup breaks similarly to above if doing this, can't set dynamically because it'll change each boot and mismatch #SA_PASSWORD="$(openssl rand 16 | base64)" # # annoyingly long to figure out and type type #SA_PASSWORD="$HOSTNAME-$USER-$PWD" # # python-dotenv fails to parse this #echo "Generated password: '$SA_PASSWORD'" # # leaving blank results in: # # blank password results in error: # # ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is too short. The password must be at least 8 characters.. # #SA_PASSWORD= # # trying ease of use results in this error: # # ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is not complex enough. The password must be at least 8 characters long and contain characters from three of the following four sets: Uppercase letters, Lowercase letters, Base 10 digits, and Symbols.. # #SA_PASSWORD=testdbpass #SA_PASSWORD=ComplexDBPassw0rd # set to the same as what should have been the default password anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy SA_PASSWORD=0ct@pu55! # Tag for the Octopus Deploy Server image. Use "latest" to pull the latest image or specify a specific tag #OCTOPUS_SERVER_TAG=latest # Sql Server image. Set this variable to the version you wish to use. Default is to use the latest. #SQL_IMAGE=mcr.microsoft.com/mssql/server # The default created user username for login to the Octopus Server # # leaving blank results in this error when ADMIN_PASSWORD is set: # # ERROR: A new admin password was provided but no admin username was specified. # #ADMIN_USERNAME= # should have been the default user anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy ADMIN_USERNAME=admin # It is highly recommended this value is changed as it's the default user password for login to the Octopus Server # # ease of use results in this error: # # Octopus.Shared.ControlledFailureException: The password was too weak. Please try including a mix of numbers, uppercase and lowercase letters, and special characters. # #ADMIN_PASSWORD=admin # # too much typing but what can you do... # doesn't work - env var is taken literally and not evaluated #ADMIN_PASSWORD="$SA_PASSWORD" # # empty results in: # # There are no authentication providers enabled. Learn about enabling authentication providers # #ADMIN_PASSWORD= # should have been the default password anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy ADMIN_PASSWORD=0ct@pu55! # Email associated with the default created user. If empty will default to octopus@example.local ADMIN_EMAIL= # Accept the Microsoft Sql Server Eula found here: https://go.microsoft.com/fwlink/?linkid=857698 #ACCEPT_EULA=Y # Use of this Image means you must accept the Octopus Deploy Eula found here: https://octopus.com/company/legal #ACCEPT_OCTOPUS_EULA=Y # Unique Server Node Name - If left empty will default to the machine Name OCTOPUS_SERVER_NODE_NAME= # Database Connection String. If using database in sql server container, it is highly recommended to change the password. # # set in the docker compose file now to deduplicate via reuse of environment variable #DB_CONNECTION_STRING=Server=db,1433;Database=OctopusDeploy;User=sa;Password=THE_SA_PASSWORD_DEFINED_ABOVE # Your License key for Octopus Deploy. If left empty, it will try and create a free license key for you OCTOPUS_SERVER_BASE64_LICENSE= # Octopus Deploy uses a master key for encryption of your databse. If you're using an external database that's already been setup for Octopus Deploy, # you can supply the master key to use it. # If left blank, a new master key will be generated with the database creation. # Create a new master key with the command: openssl rand 16 | base64 # # # if you don't set a Master key it seems to get generated each boot, resulting in this error: # # Octopus.Core.Security.MasterKey.MasterKeyMismatchException: Failed to decrypt the Octopus Server certificate. This usually indicates the wrong master key is being used to read encrypted data. # # # must be a base64 string, otherwise results in this error: # # octopus-server_1 | The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. # octopus-server_1 | System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters. # #MASTER_KEY=TestKey_only_safe_if_limited_to_localhost # # # results in error: # # octopus-server_1 | Specified key is not a valid size for this algorithm. # octopus-server_1 | System.Security.Cryptography.CryptographicException: Specified key is not a valid size for this algorithm. # # echo TestKey_only_safe_if_limited_to_localhost | base64 #MASTER_KEY=VGVzdEtleV9vbmx5X3NhZmVfaWZfbGltaXRlZF90b19sb2NhbGhvc3QK # # openssl rand 16 | base64 MASTER_KEY=Wl3rNdWWe2VLVYAXY/sTsA== # The API Key to set for the administrator. If this is set and no password is provided then a service account user will be created. # If this is set and a password is also set then a standard user will be created. # # NOTE: There is a known issue when providing both the ADMIN_PASSWORD and ADMIN_API_KEY that prevents the Administrator from logging in. # This will be resolved in a future version of Octopus. See: https://github.com/OctopusDeploy/Issues/issues/6629 for further details. # ADMIN_API_KEY= # Docker-In-Docker is used to support worker container images. It can be disabled by setting DISABLE_DIND to Y. # The container only requires the privileged setting if DISABLE_DIND is set to N. DISABLE_DIND=Y PRIVILEGED=false # Octopus can be run either as the user root or as octopus. OCTOPUS_USER=octopus