From: Carolin Dohmen Date: Fri, 1 Mar 2024 15:19:04 +0000 (+0100) Subject: Only print config if debug flag is set X-Git-Tag: dnsdist-1.10.0-alpha0~17^2~1 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=d773b7bb99418026c3907ebd4b4e994a61fccecd;p=thirdparty%2Fpdns.git Only print config if debug flag is set Signed-off-by: Carolin Dohmen --- diff --git a/Docker-README.md b/Docker-README.md index 3e01d514ca..683423f03e 100644 --- a/Docker-README.md +++ b/Docker-README.md @@ -19,15 +19,16 @@ Other data involved in the Docker build process can be found at https://github.c The images are ready to run with limited functionality. At container startup, the startup.py wrapper (from the dockerdata directory linked above) checks for `PDNS_RECURSOR_API_KEY` / `PDNS_AUTH_API_KEY` / `DNSDIST_API_KEY` environment variables for the product you are running. -If such a variable is found, `/etc/powerdns-api.conf` or `/etc/dnsdist-api.conf` is written, enabling the webserver in all products, and the dnsdist console. +If such a variable is found, `/etc/powerdns/recursor.d/_api.conf` / `/etc/powerdns/pdns.d/_api.conf` / `/etc/dnsdist/conf.d/_api.conf` is written, enabling the webserver in all products, and the dnsdist console. For the dnsdist console, make sure that your API key is in a format suitable for the console (use `makeKey()`). The default configs shipped in the image (see dockerdata above) parse all files in `/etc/powerdns/pdns.d` / `/etc/powerdns/recursor.d` / `/etc/dnsdist/conf.d`. -The image also ships a symlink to the API config file inside those `.d` dirs. For Auth and Recursor, extra configuration can be passed on the command line, or via a volume mount into `/etc/powerdns` or the `.d` dir. For dnsdist, only the volume mount is applicable. -If you want to volume mount a config, but also take the keys from the environment, please take care to include the same `X-api.conf` symlink in your `.d` directory. +If you want to volume mount a config, but also take the keys from the environment, please take care to include the same `_api.conf` file in your `.d` directory. + +If you want to read the configuration for debugging purposes, you can run the containers with the `DEBUG_CONFIG` environment variable set to `'yes'`). This will print the full config on startup. Please keep in mind that this also includes credentials, therefore this setting should never be used in production environments. # Auth and databases @@ -76,4 +77,4 @@ args: ``` In the above example `/path/to/supervisord.conf` is the path where a configmap containing your supervisord configuration is mounted. -Further details about `supervisord` and how to configure it can be found here: http://supervisord.org/configuration.html \ No newline at end of file +Further details about `supervisord` and how to configure it can be found here: http://supervisord.org/configuration.html diff --git a/dockerdata/startup.py b/dockerdata/startup.py index e84055151a..114bc8d902 100755 --- a/dockerdata/startup.py +++ b/dockerdata/startup.py @@ -45,13 +45,16 @@ setConsoleACL('0.0.0.0/0') templateroot = '/etc/dnsdist/templates.d' templatedestination = '/etc/dnsdist/conf.d' +debug = os.getenv("DEBUG_CONFIG", 'no').lower() == 'yes' + apikey = os.getenv(apienvvar) if apikey is not None: webserver_conf = jinja2.Template(apiconftemplate).render(apikey=apikey) conffile = os.path.join(templatedestination, '_api.conf') with open(conffile, 'w') as f: f.write(webserver_conf) - print("Created {} with content:\n{}\n".format(conffile, webserver_conf)) + if debug: + print("Created {} with content:\n{}\n".format(conffile, webserver_conf)) templates = os.getenv('TEMPLATE_FILES') if templates is not None: @@ -63,6 +66,7 @@ if templates is not None: target = os.path.join(templatedestination, templateFile + '.conf') with open(target, 'w') as f: f.write(rendered) - print("Created {} with content:\n{}\n".format(target, rendered)) + if debug: + print("Created {} with content:\n{}\n".format(target, rendered)) os.execv(program, [program]+args+sys.argv[1:])