FIREBIRD_USER and FIREBIRD_PASSWORD environment variables

[fdcastel]

Both MySql and PostgreSQL images use (db)_USER and (db)_PASSWORD environment variables to create a new (super)user and to set that user's password.

Could we also add FIREBIRD_USER and FIREBIRD_PASSWORD likewise?

It could keep using SYSDBA and masterkey respectively as defaults, when the vars are not set.

[jacobalberty]

setting the password is easy enough, though I'm tempted to use ISC_PASSWORD ala SYSDBA.password. setting the sysdba user however I'm not sure that can just be changed. Trying to find more information on changing the superuser name.

I'm thinking about getting rid of 'masterkey' as a default here and creating a random 32 bit string, it'll be a bit inconvenient to extract it from the container but I could easily have it spit out the password to the docker logs when its first set. Not sure if that would be a security issue for other people though.

EDIT: I also see mysql can pull the data from the secrets system, this would be a good thing to tie in as well so the default password can be set by docker secrets.

[jacobalberty]

the passvar branch contains an implementation of ISC_PASSWORD, perhaps it would better be named ISC_SYSDBA_PASSWORD to keep in line with the mysql theme, I'm trying to see if I can find an upstream source for their file_env implementation to properly credit to support bringing secrets support in. The implementation here is incompatible with anything older than firebird 3.0.1 due to the use of create or alter user but it's necessary to include that for some rare edge cases that involve backwards compatibility with firebird 2.5 clients. If you wanted to use it with firebird 3.0 you could just change it to create user in docker-entrypoint.sh

[jacobalberty]

The tags latest, 3.0 and 3.0.1 have been update to include ISC_PASSWORD . I may revisit this later and allow creation of a default database with a name from FIREBIRD_DB owned by a regular user defined in FIREBIRD_USER with the password from FIREBIRD_PASS in a bit. But for now ISC_PASSWORD var cleans up the user creation issue a lot.

[gamesbook]

Can this patch be applied to the 2.x version as well?

[jacobalberty]

@gamesbook the firebird_user and firebird_password side is easy enough the sysdba password will take a bit of tweaking though as I use a language construct that doesn't exist there.

[gamesbook]

FIREBIRD_USER and FIREBIRD_PASSWORD will be sufficient.

[jacobalberty]

I'm doing testing on it now, I'll be pushing up the updated ones soon enough just need to finish testing, apply the travis rules and document it.

[jacobalberty]

it's all checked in and im tagging releases now, give docker about 45 minutes and all branches/tags will be on the hub with this change