Skip to content

Always use WEBPASSWORD env var if set #1106

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jun 6, 2022
Merged

Always use WEBPASSWORD env var if set #1106

merged 4 commits into from
Jun 6, 2022

Conversation

rdwebdesign
Copy link
Member

Description

If WEBPASSWORD env variable is set, it will be used.
A new password will be created only if WEBPASSWORD is not set and no password is found in setupVars.conf.

Motivation and Context

Fix #1087

How Has This Been Tested?

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.

@PromoFaux PromoFaux force-pushed the use_env_webpassword branch from 7cef129 to 6b9a4e6 Compare June 6, 2022 19:14
@sonarqubecloud
Copy link

sonarqubecloud bot commented Jun 6, 2022

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 1 Code Smell

No Coverage information No Coverage information
0.0% 0.0% Duplication

@PromoFaux PromoFaux mentioned this pull request Jun 6, 2022
Closed
@PromoFaux PromoFaux self-requested a review June 6, 2022 19:42
@PromoFaux PromoFaux merged commit 5b0ea12 into dev Jun 6, 2022
@PromoFaux PromoFaux deleted the use_env_webpassword branch June 6, 2022 19:43
Paraphraser added a commit to Paraphraser/IOTstack that referenced this pull request Jan 22, 2023
@Paraphraser
2023-01-22 Pi-hole admin password changes - master branch - PR 1 of 3
3ee797f 
Circa July 9, 2022 [docker-pi-hole PR 1106](pi-hole/docker-pi-hole#1106)
made some significant changes to how the admin password is handled. The
only documentation for this change was in
[Changelog 2022.07](https://github.com/pi-hole/docker-pi-hole/releases/tag/2022.07):

> Always use WEBPASSWORD env var if set by @rdwebdesign in #1106

This change was reported on [Discord](https://discord.com/channels/638610460567928832/638610461109256194/1066408650077388860).

To summarise the new behaviour:

1. If `WEBPASSWORD` is not set on first launch, a random password is
generated.
2. If `WEBPASSWORD` is not set on second-or-subsequent launch, whatever
password was already in effect is re-used. This also applies when there
is no admin password.
3. If `WEBPASSWORD` is defined but has a null value, any pre-existing
password is cleared and the Web UI bypasses the login screen.
4. If `WEBPASSWORD` is defined and has a value, that value is always
used to update the admin password stored internally.

This PR adjusts the IOTstack Pi-hole template to default to the third
option above (ie no admin password). This avoids the need for any
"build" process and the need to set/generate any password, and obviates
the need for the associated Python scripts which have been removed.

A comment is added to the service definition template directing users
to the IOTstack wiki page where the behaviour of `WEBPASSWORD` is
documented in full.

This change should only affect new users.

Any existing users who had followed the previous procedure of selecting
Pi-hole, choosing a password or allowing one to be generated, and
bringing up the container would have an admin password matching the
value of `WEBPASSWORD`.

Any existing users who had reset their password via:

```
$ docker exec pihole pihole -a -p myNewPassword
```

will either have:

1. Changed their service definition to match. The July 9 2022 changes
would already be enforcing  `WEBPASSWORD` on each launch.
2. Not changed their service definition to match. The July 9 2022
changes would already have reverted to the value of `WEBPASSWORD`.
3. Removed `WEBPASSWORD` from their list of environment variables. The
July 9 2022 changes would continue to use the existing password.

This PR also takes the opportunity to:

1. Re-align the service definition entries.
2. Adopt new-style TZ which either accepts a value from `~/IOTstack/.env`
or defaults to `Etc/UTC`.
3. Add a comment pointing to the Pi-hole documentation for its supported
environment variables.

IOTstack Pi-hole documentation updated.

Signed-off-by: Phill Kelley <[email protected]>
@Paraphraser Paraphraser mentioned this pull request Jan 22, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@PromoFaux PromoFaux PromoFaux approved these changes

Assignees

No one assigned

Labels

Help Wanted needs testing

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@rdwebdesign @PromoFaux