[Feature]: Allow using password files in multi-user setup

[marvinruder]

What problem are you looking to solve?

When using PASSWORD_FILE= instead of PASSWORD= in a .conf file, setup fails with ERROR: Missing one or more of the following variables; unable to create user.

Describe the solution that you have in mind

When setting up the user in https://github.com/mbentley/docker-timemachine/blob/706acad9ceb3c7b8109ae76c1c3c7724a17cb542/entrypoint.sh#L98, before checking the environment variables but after the .conf file with the PASSWORD_FILE variable was loaded, run password_var_or_file() so that the PASSWORD variable is populated using the specified file’s contents.

Additional Context

No response

[mbentley]

Merged #138. New builds should be available up on Docker Hub now to verify functionality is working as expected.

[marvinruder]

Works as expected on my end. Thanks!

[mbentley]

So the change in #138 broke functionality of loading a single password from a file. This is because in the entrypoint, it's already executing the function password_var_or_file on line 210 which means that it populates the PASSWORD variable from loading the file so that when it gets to the create_smb_user function and runs password_var_or_file again, both the PASSWORD_FILE and PASSWORD variables are set, causing the process to error out.

[mbentley]

@marvinruder - just curious if you could provide an example of how you are using the multi-user setup that was working for you after #138 was merged. I am now not sure I am following how it would have worked in a multi-user setup with a password file as whatever it is, it is needs to be re-implemented.

[marvinruder]

Sure:

/config/mruder.conf (path in the container):

TM_USERNAME=mruder                                                                                                                               
TM_GROUPNAME=mruder
PASSWORD_FILE=/run/secrets/mruder
SHARE_NAME=mruder
VOLUME_SIZE_LIMIT=
TM_UID=1012
TM_GID=1010

(other user configs work the same way)

docker-compose.yml:

version: "3.8"

services:
  timemachine:
    image: mbentley/timemachine:smb
    restart: unless-stopped
    network_mode: host
    environment:
      CUSTOM_USER: true
      EXTERNAL_CONF: /config
      HIDE_SHARES: yes
      SET_PERMISSIONS: false
    ulimits:
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - /var/mnt/storage/smb:/opt
      - /var/cache/timemachine:/var/cache/samba
      - ./timemachine/lib:/var/lib/samba
      - ./timemachine/run:/run/samba
      - ./timemachine/passwd:/etc/passwd
      - ./timemachine/group:/etc/group
      - ./timemachine/shadow:/etc/shadow
      - ./timemachine/config:/config
    secrets:
      - mruder

secrets:
  mruder:
    file: ./timemachine/mruder.txt

And mruder.txt contains the plaintext password.

[mbentley]

Thanks! I think I figured out how to deal with this. Try this image, if you could: mbentley/timemachine:test

The changes in that image can be found here: https://github.com/mbentley/docker-timemachine/pull/141

[mbentley]

Curious if you have had an opportunity to test the test image by chance.

[mbentley]

I went ahead and merged this assuming that my changes are good based on the test case provided.

[marvinruder]

Just tested it, works fine for me as well. Thanks for the fix!

[mbentley]

Good deal, thanks!