Remove .env file creation

README.md

@@ -6,6 +6,16 @@
 
 ## Changes
 
+Versions higher than 23.6.2 no longer use an in-container `.env` file for
+environment variable management. Instead, the preferred approach is to manage
+them directly with the container runtime (e.g. Docker's `-e`). This is to
+simplify troubleshooting if and when errors occur. The most important change is
+that `${APP_KEY}` is no longer provided for you, instead it is up to the
+operator to ensure this value is present. Versions prior to this supplied
+`${APP_KEY}` (with a default of `SomeRandomStringWith32Characters`. A full
+reference of available environment variables is available in the [Bookstack
+repository](https://github.com/BookStackApp/BookStack/blob/development/.env.example.complete)
+
 The version 23.6.0 is broken due to a bad `.env` configuration created by the
 entrypoint script. This is fixed in version 23.6.0-1.
 
@@ -100,6 +110,14 @@ Networking changed in Docker v1.9, so you need to do one of the following steps.
 
     `APP_URL=http://example.com`
 
+    The following environment variables are required for Bookstack to start:
+    - `APP_KEY`
+    - `APP_URL`
+    - `DB_HOST` (in the form `${hostname_or_ip_address}:${port}`)
+    - `DB_DATABASE`
+    - `DB_USERNAME`
+    - `DB_PASSWORD`
+
 ### Volumes
 
 To access your `.env` file and important bookstack folders on your host system
@@ -115,7 +133,7 @@ your run command:
 In case of a windows host machine the .env file has to be already created in the
 host directory otherwise a folder named .env will be created.
 
-After these steps you can visit [http://localhost:8080](http://localhost:8080) .
+After these steps you can visit [http://localhost:8080](http://localhost:8080).
 You can login with username `[email protected]` and password `password`.
 
 ## Inspiration

docker-compose.test.yml

@@ -21,6 +21,7 @@ services:
     - mysql
     environment:
     - APP_URL=http://localhost:${DEV_PORT:-8080}
+    - APP_KEY=SomeRandomString
     - DB_HOST=mysql:3306
     - DB_DATABASE=bookstack
     - DB_USERNAME=bookstack

docker-compose.yml

@@ -21,6 +21,10 @@ services:
     - DB_PASSWORD=secret
     #set the APP_ to the URL of bookstack without without a trailing slash APP_URL=https://example.com
     - APP_URL=http://example.com
+    # APP_KEY is used for encryption where needed, so needs to be persisted to
+    # preserve decryption abilities.
+    # Can run `php artisan key:generate` to generate a key
+    - APP_KEY=SomeRandomString
     volumes:
     - uploads:/var/www/bookstack/public/uploads
     - storage-uploads:/var/www/bookstack/storage/uploads

docker-entrypoint.sh

@@ -3,91 +3,38 @@ set -e
 
 echoerr() { echo "$@" 1>&2; }
 
+check_vars_exist() {
+  var_names=("$@")
+
+  for var_name in "${var_names[@]}"; do
+    if [ -z "${!var_name}" ]; then
+      echoerr "error: missing ${var_name} environment variable"
+      exit 1
+    fi
+  done
+}
+
 # Split out host and port from DB_HOST env variable
 IFS=":" read -r DB_HOST_NAME DB_PORT <<< "$DB_HOST"
 DB_PORT=${DB_PORT:-3306}
 
-if [ ! -f ".env" ]; then
-  if [[ "${DB_HOST}" ]]; then
-  cat > ".env" <<EOF
-      # Environment
-      APP_ENV=production
-      APP_DEBUG=${APP_DEBUG:-false}
-      APP_KEY=${APP_KEY:-SomeRandomStringWith32Characters}
-
-      # The below url has to be set if using social auth options
-      # or if you are not using BookStack at the root path of your domain.
-      APP_URL=${APP_URL:-null}
-
-      # Database details
-      DB_HOST=${DB_HOST:-localhost}
-      DB_DATABASE=${DB_DATABASE:-bookstack}
-      DB_USERNAME=${DB_USERNAME:-bookstack}
-      DB_PASSWORD=${DB_PASSWORD:-password}
-
-      # Cache and session
-      CACHE_DRIVER=file
-      SESSION_DRIVER=file
-      # If using Memcached, comment the above and uncomment these
-      #CACHE_DRIVER=memcached
-      #SESSION_DRIVER=memcached
-      QUEUE_DRIVER=sync
-
-      # Memcached settings
-      # If using a UNIX socket path for the host, set the port to 0
-      # This follows the following format: HOST:PORT:WEIGHT
-      # For multiple servers separate with a comma
-      MEMCACHED_SERVERS=127.0.0.1:11211:100
-
-      # Storage
-      STORAGE_TYPE=${STORAGE_TYPE:-local}
-      # Amazon S3 Config
-      STORAGE_S3_KEY=${STORAGE_S3_KEY:-false}
-      STORAGE_S3_SECRET=${STORAGE_S3_SECRET:-false}
-      STORAGE_S3_REGION=${STORAGE_S3_REGION:-false}
-      STORAGE_S3_BUCKET=${STORAGE_S3_BUCKET:-false}
-      # Storage URL
-      # Used to prefix image urls for when using custom domains/cdns
-      STORAGE_URL=${STORAGE_URL:-false}
-
-      # General auth
-      AUTH_METHOD=${AUTH_METHOD:-standard}
-
-      # Social Authentication information. Defaults as off.
-      GITHUB_APP_ID=${GITHUB_APP_ID:-false}
-      GITHUB_APP_SECRET=${GITHUB_APP_SECRET:-false}
-      GOOGLE_APP_ID=${GOOGLE_APP_ID:-false}
-      GOOGLE_APP_SECRET=${GOOGLE_APP_SECRET:-false}
-
-      # External services such as Gravatar
-      DISABLE_EXTERNAL_SERVICES=${DISABLE_EXTERNAL_SERVICES:-false}
-
-      # LDAP Settings
-      LDAP_SERVER=${LDAP_SERVER:-false}
-      LDAP_BASE_DN=${LDAP_BASE_DN:-false}
-      LDAP_DN=${LDAP_DN:-false}
-      LDAP_PASS=${LDAP_PASS:-false}
-      LDAP_USER_FILTER=${LDAP_USER_FILTER:-false}
-      LDAP_VERSION=${LDAP_VERSION:-false}
-      LDAP_ID_ATTRIBUTE=${LDAP_ID_ATTRIBUTE:-false}
-      LDAP_TLS_INSECURE=${LDAP_TLS_INSECURE:-false}
-      LDAP_DISPLAY_NAME_ATTRIBUTE=${LDAP_DISPLAY_NAME_ATTRIBUTE:-false}
-
-      # Mail settings
-      MAIL_DRIVER=${MAIL_DRIVER:-smtp}
-      MAIL_HOST=${MAIL_HOST:-localhost}
-      MAIL_PORT=${MAIL_PORT:-1025}
-      MAIL_USERNAME=${MAIL_USERNAME:-null}
-      MAIL_PASSWORD=${MAIL_PASSWORD:-null}
-      MAIL_ENCRYPTION=${MAIL_ENCRYPTION:-null}
-      # URL used for social login redirects, NO TRAILING SLASH
-EOF
-    else
-        echo >&2 'error: missing DB_HOST environment variable'
-        exit 1
-    fi
+# Ensure these is no local .env file
+if [ -f ".env" ]; then
+  mv .env .env.bak
+  echoerr ".env file detected - moved to .env.bak"
+  echoerr "Please update your configuration to use environment variables in the container!"
 fi
 
+# Check a number of essential variables are set
+check_vars_exist \
+  APP_KEY \
+  APP_URL \
+  DB_DATABASE \
+  DB_HOST \
+  DB_PASSWORD \
+  DB_PORT \
+  DB_USERNAME
+
 echoerr "wait-for-db: waiting for ${DB_HOST_NAME}:${DB_PORT}"
 
 timeout 15 bash <<EOT
@@ -105,9 +52,6 @@ else
   echoerr "wait-for-db: timeout out after 15 seconds waiting for ${DB_HOST_NAME}:${DB_PORT}"
 fi
 
-echo "Generating Key..."
-php artisan key:generate --show
-
 echo "Starting Migration..."
 php artisan migrate --force