You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
154 lines
6.8 KiB
Bash
154 lines
6.8 KiB
Bash
#
|
|
# Author: Hari Sekhon
|
|
# Date: 2022-08-04 15:42:17 +0100 (Thu, 04 Aug 2022)
|
|
#
|
|
# vim:ts=4:sts=4:sw=4:et
|
|
#
|
|
# https://github.com/HariSekhon/DevOps-Bash-tools
|
|
#
|
|
# License: see accompanying Hari Sekhon LICENSE file
|
|
#
|
|
# If you're using my code you're welcome to connect with me on LinkedIn and optionally send me feedback to help steer this or other code I publish
|
|
#
|
|
# https://www.linkedin.com/in/HariSekhon
|
|
#
|
|
|
|
# https://octopus.com/docs/installation/octopus-server-linux-container/docker-compose-linux
|
|
|
|
# Define the password for the SQL database. This also must be set in the DB_CONNECTION_STRING value.
|
|
#
|
|
# XXX: warning - do not change this password after container's initial creation, otherwise results in the following error:
|
|
#
|
|
# Logon Error: 18456, Severity: 14, State: 8.
|
|
# Logon Login failed for user 'sa'. Reason: Password did not match that for the login provided. [CLIENT: <ip_x.x.x.x>]
|
|
#
|
|
# Would need to delete the containers and docker volumes to reset
|
|
#
|
|
# 2nd startup breaks similarly to above if doing this, can't set dynamically because it'll change each boot and mismatch
|
|
#SA_PASSWORD="$(openssl rand 16 | base64)"
|
|
#
|
|
# annoyingly long to figure out and type type
|
|
#SA_PASSWORD="$HOSTNAME-$USER-$PWD"
|
|
#
|
|
# python-dotenv fails to parse this
|
|
#echo "Generated password: '$SA_PASSWORD'"
|
|
#
|
|
# leaving blank results in:
|
|
#
|
|
# blank password results in error:
|
|
#
|
|
# ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is too short. The password must be at least 8 characters..
|
|
#
|
|
#SA_PASSWORD=
|
|
#
|
|
# trying ease of use results in this error:
|
|
#
|
|
# ERROR: Unable to set system administrator password: Password validation failed. The password does not meet SQL Server password policy requirements because it is not complex enough. The password must be at least 8 characters long and contain characters from three of the following four sets: Uppercase letters, Lowercase letters, Base 10 digits, and Symbols..
|
|
#
|
|
#SA_PASSWORD=testdbpass
|
|
#SA_PASSWORD=ComplexDBPassw0rd
|
|
# set to the same as what should have been the default password anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy
|
|
SA_PASSWORD=0ct@pu55!
|
|
|
|
# Tag for the Octopus Deploy Server image. Use "latest" to pull the latest image or specify a specific tag
|
|
#OCTOPUS_SERVER_TAG=latest
|
|
|
|
# Sql Server image. Set this variable to the version you wish to use. Default is to use the latest.
|
|
#SQL_IMAGE=mcr.microsoft.com/mssql/server
|
|
|
|
# The default created user username for login to the Octopus Server
|
|
#
|
|
# leaving blank results in this error when ADMIN_PASSWORD is set:
|
|
#
|
|
# ERROR: A new admin password was provided but no admin username was specified.
|
|
#
|
|
#ADMIN_USERNAME=
|
|
# should have been the default user anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy
|
|
ADMIN_USERNAME=admin
|
|
|
|
# It is highly recommended this value is changed as it's the default user password for login to the Octopus Server
|
|
#
|
|
# ease of use results in this error:
|
|
#
|
|
# Octopus.Shared.ControlledFailureException: The password was too weak. Please try including a mix of numbers, uppercase and lowercase letters, and special characters.
|
|
#
|
|
#ADMIN_PASSWORD=admin
|
|
#
|
|
# too much typing but what can you do...
|
|
# doesn't work - env var is taken literally and not evaluated
|
|
#ADMIN_PASSWORD="$SA_PASSWORD"
|
|
#
|
|
# empty results in:
|
|
#
|
|
# There are no authentication providers enabled. Learn about enabling authentication providers
|
|
#
|
|
#ADMIN_PASSWORD=
|
|
# should have been the default password anyway according to https://hub.docker.com/r/octopusdeploy/octopusdeploy
|
|
ADMIN_PASSWORD=0ct@pu55!
|
|
|
|
# Email associated with the default created user. If empty will default to octopus@example.local
|
|
ADMIN_EMAIL=
|
|
|
|
# Accept the Microsoft Sql Server Eula found here: https://go.microsoft.com/fwlink/?linkid=857698
|
|
#ACCEPT_EULA=Y
|
|
|
|
# Use of this Image means you must accept the Octopus Deploy Eula found here: https://octopus.com/company/legal
|
|
#ACCEPT_OCTOPUS_EULA=Y
|
|
|
|
# Unique Server Node Name - If left empty will default to the machine Name
|
|
OCTOPUS_SERVER_NODE_NAME=
|
|
|
|
# Database Connection String. If using database in sql server container, it is highly recommended to change the password.
|
|
#
|
|
# set in the docker compose file now to deduplicate via reuse of environment variable
|
|
#DB_CONNECTION_STRING=Server=db,1433;Database=OctopusDeploy;User=sa;Password=THE_SA_PASSWORD_DEFINED_ABOVE
|
|
|
|
# Your License key for Octopus Deploy. If left empty, it will try and create a free license key for you
|
|
OCTOPUS_SERVER_BASE64_LICENSE=
|
|
|
|
# Octopus Deploy uses a master key for encryption of your databse. If you're using an external database that's already been setup for Octopus Deploy,
|
|
# you can supply the master key to use it.
|
|
# If left blank, a new master key will be generated with the database creation.
|
|
# Create a new master key with the command: openssl rand 16 | base64
|
|
#
|
|
#
|
|
# if you don't set a Master key it seems to get generated each boot, resulting in this error:
|
|
#
|
|
# Octopus.Core.Security.MasterKey.MasterKeyMismatchException: Failed to decrypt the Octopus Server certificate. This usually indicates the wrong master key is being used to read encrypted data.
|
|
#
|
|
#
|
|
# must be a base64 string, otherwise results in this error:
|
|
#
|
|
# octopus-server_1 | The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
|
|
# octopus-server_1 | System.FormatException: The input is not a valid Base-64 string as it contains a non-base 64 character, more than two padding characters, or an illegal character among the padding characters.
|
|
#
|
|
#MASTER_KEY=TestKey_only_safe_if_limited_to_localhost
|
|
#
|
|
#
|
|
# results in error:
|
|
#
|
|
# octopus-server_1 | Specified key is not a valid size for this algorithm.
|
|
# octopus-server_1 | System.Security.Cryptography.CryptographicException: Specified key is not a valid size for this algorithm.
|
|
#
|
|
# echo TestKey_only_safe_if_limited_to_localhost | base64
|
|
#MASTER_KEY=VGVzdEtleV9vbmx5X3NhZmVfaWZfbGltaXRlZF90b19sb2NhbGhvc3QK
|
|
#
|
|
# openssl rand 16 | base64
|
|
MASTER_KEY=Wl3rNdWWe2VLVYAXY/sTsA==
|
|
|
|
# The API Key to set for the administrator. If this is set and no password is provided then a service account user will be created.
|
|
# If this is set and a password is also set then a standard user will be created.
|
|
#
|
|
# NOTE: There is a known issue when providing both the ADMIN_PASSWORD and ADMIN_API_KEY that prevents the Administrator from logging in.
|
|
# This will be resolved in a future version of Octopus. See: https://github.com/OctopusDeploy/Issues/issues/6629 for further details.
|
|
#
|
|
ADMIN_API_KEY=
|
|
|
|
# Docker-In-Docker is used to support worker container images. It can be disabled by setting DISABLE_DIND to Y.
|
|
# The container only requires the privileged setting if DISABLE_DIND is set to N.
|
|
DISABLE_DIND=Y
|
|
PRIVILEGED=false
|
|
|
|
# Octopus can be run either as the user root or as octopus.
|
|
OCTOPUS_USER=octopus
|