31 lines
1.2 KiB
Bash
31 lines
1.2 KiB
Bash
#!/bin/sh
|
|
set -e
|
|
|
|
echo "Processing Oathkeeper configuration templates..."
|
|
|
|
# Substitute environment variables in oathkeeper.yml
|
|
envsubst < /etc/oathkeeper/oathkeeper.yml.template > /etc/oathkeeper/oathkeeper.yml
|
|
rm /etc/oathkeeper/oathkeeper.yml.template
|
|
echo "✓ Processed Oathkeeper config"
|
|
|
|
# Substitute environment variables for access rules
|
|
envsubst < /etc/oathkeeper/access-rules/django.yml.template > /etc/oathkeeper/access-rules/django.yml
|
|
rm /etc/oathkeeper/access-rules/django.yml.template
|
|
echo "✓ Processed Django access rules"
|
|
envsubst < /etc/oathkeeper/access-rules/kratos-public.yml.template > /etc/oathkeeper/access-rules/kratos-public.yml
|
|
rm /etc/oathkeeper/access-rules/kratos-public.yml.template
|
|
echo "✓ Processed Kratos public access rules"
|
|
envsubst < /etc/oathkeeper/access-rules/kratos-admin.yml.template > /etc/oathkeeper/access-rules/kratos-admin.yml
|
|
rm /etc/oathkeeper/access-rules/kratos-admin.yml.template
|
|
echo "✓ Processed Kratos admin access rules"
|
|
|
|
echo "✓ Processed Oathkeeper access rules"
|
|
|
|
# Set proper ownership for ory user
|
|
chown -R ory:ory /etc/oathkeeper
|
|
|
|
echo "Starting Oathkeeper as ory user..."
|
|
|
|
# Switch to ory user and execute the CMD passed to the container
|
|
exec su-exec ory oathkeeper "$@"
|