diff --git a/server/setup-database.js b/server/setup-database.js index 248208662..4192b74ba 100644 --- a/server/setup-database.js +++ b/server/setup-database.js @@ -7,6 +7,32 @@ const Database = require("./database"); const { allowDevAllOrigin } = require("./util-server"); const mysql = require("mysql2/promise"); +/** + * Reads a configuration value from an environment variable or a Docker secrets file. + * If both the direct env var and the _FILE variant are set, an error is thrown. + * @param {string} envName The base name of the environment variable (e.g., "UPTIME_KUMA_DB_PASSWORD") + * @returns {string|undefined} The value from the env var, file contents (trimmed), or undefined if neither is set + * @throws {Error} If both the direct env var and the _FILE variant are set + */ +function getEnvOrFile(envName) { + const directValue = process.env[envName]; + const fileValue = process.env[envName + "_FILE"]; + + if (directValue && fileValue) { + throw new Error(`Both ${envName} and ${envName}_FILE are set. Please use only one.`); + } + + if (fileValue) { + try { + return fs.readFileSync(fileValue, "utf8").trim(); + } catch (err) { + throw new Error(`Failed to read ${envName}_FILE at ${fileValue}: ${err.message}`); + } + } + + return directValue; +} + /** * A standalone express app that is used to setup a database * It is used when db-config.json and kuma.db are not found or invalid @@ -75,8 +101,8 @@ class SetupDatabase { dbConfig.hostname = process.env.UPTIME_KUMA_DB_HOSTNAME; dbConfig.port = process.env.UPTIME_KUMA_DB_PORT; dbConfig.dbName = process.env.UPTIME_KUMA_DB_NAME; - dbConfig.username = process.env.UPTIME_KUMA_DB_USERNAME; - dbConfig.password = process.env.UPTIME_KUMA_DB_PASSWORD; + dbConfig.username = getEnvOrFile("UPTIME_KUMA_DB_USERNAME"); + dbConfig.password = getEnvOrFile("UPTIME_KUMA_DB_PASSWORD"); Database.writeDBConfig(dbConfig); }