finallycoffee/matrix-docker-ansible-deploy
5
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Move synapse-auto-compressor Postgres argument to an environment variable

Browse Source 
This provides an additional security benefit. The password won't leak in
the process list anymore.
This commit is contained in:
Slavi Pantaleev
2023-03-12 10:17:42 +02:00
parent 26d5719df4
commit 328d0d8a5f
4 changed files with 29 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
roles/custom/matrix-synapse-auto-compressor/templates/matrix-synapse-auto-compressor.service.j2
View File

@ -24,11 +24,13 @@ ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} create \
--read-only \
--user={{ matrix_user_uid }}:{{ matrix_user_gid }} \
--network={{ matrix_synapse_auto_compressor_container_network }} \
--env-file={{ matrix_synapse_auto_compressor_base_path }}/env \
--entrypoint=/bin/sh \
{% for arg in matrix_synapse_auto_compressor_container_extra_arguments %}
{{ arg }} \
{% endfor %}
{{ matrix_synapse_auto_compressor_container_image }} \
{{ matrix_synapse_auto_compressor_command }}
-c '{{ matrix_synapse_auto_compressor_command }}'
{% for network in matrix_synapse_auto_compressor_container_additional_networks %}
ExecStartPre={{ devture_systemd_docker_base_host_command_docker }} network connect {{ network }} matrix-synapse-auto-compressor