search

GhostManager / Ghostwriter

The SpecterOps project management and reporting engine
https://ghostwriter.wiki
BSD 3-Clause "New" or "Revised" License
1.23k stars 174 forks source link

Docker COPY ignoring .env file #384

Closed ArgentEnergy closed 2 weeks ago

ArgentEnergy commented 5 months ago

In the config/settings/base.py file, there was mention of a .env file that can be used to add environment variables for configuration in Ghostwriter. I noticed that the current code doesn't allow .env files to be used as the Docker COPY command will not copy over the .env to the container in order to find the environment variables in the file.

I had to remove the entry **/.env in .dockerignore to allow the .env file to be copied to the container to allow custom environment variables outside the code.

chrismaddalena commented 5 months ago

Hey @ArgentEnergy, that's normal. The DotEnv file doesn't need to be copied into any of the containers. Docker looks for and loads a DotEnv file when it brings up the containers. Any variables in the file will be loaded as environment variables inside the containers. The configuration options you see in base.py that reference an environment variable will pull those values.

So the values are set inside the DotEnv file but the file doesn't need to be in the container. Docker loads the DotEnv file, sets the environment variables inside the container, Django checks for the variables in the container, and then Django pulls the value there.

You can see this happen in the Docker yml files. For example, in production.yml you can see this line for the Django container:

- POSTGRES_DB=${POSTGRES_DB}
- POSTGRES_HOST=${POSTGRES_HOST}
- POSTGRES_PASSWORD=${POSTGRES_PASSWORD}

The values inside the curl braces are environment variables. If Docker finds POSTGRES_DB inside the DotEnv file, it creates a POSTGRES_DB environment variable with the value.

ArgentEnergy commented 5 months ago

If I understand correctly, then I think my mistake was that I created in base.py CUSTOM_VAR = env('CUSTOM_VAR') but I didn't update the Docker yaml files with those custom environment variables. I was under the assumption that just updating the .env file under the GW root directory with my custom environment variables would work. That is why I then went the route of having the .env file being copied into the container which made the deploy work with my custom environment variables.

chrismaddalena commented 5 months ago

Ahh, that makes sense. Yes, you are correct. If you customize the files under ghostwriter.config.settings to add a new environment variable, you will also want to:

  1. Add the environment variable to the DotEnv file
  2. Add the environment variable under the environment key in the production.yml file
  3. Repeat 2 for multiple services if if you need the variable accessible inside multiple containers
ArgentEnergy commented 5 months ago

@chrismaddalena Thanks for the clarification. I reverted my changes in the dockerignore file and followed your steps and it worked. Is this documented anywhere for other people to know?

chrismaddalena commented 5 months ago

It may be, but I'll add it to the list of documentation to add to the wiki.

github-actions[bot] commented 1 month ago

This issue has been labeled as stale because it has been open for 30 days with no activity.

github-actions[bot] commented 2 weeks ago

This issue is closed because it has been inactive for 14 days since being labeled stale. Feel free to re-open the issue with a comment. If this needs further discussion (e.g., a feature request), it might be better to open a topic under the Discussions tab.