From e75fd00870dcd47a848532abf999f7ec13bb0262 Mon Sep 17 00:00:00 2001
From: Tianon Gravi <admwiggin@gmail.com>
Date: Mon, 21 Nov 2016 14:28:47 -0800
Subject: [PATCH] Add "file_env" support, especially for Docker secrets

This adds explicit support for the following:

- `REDMINE_DB_MYSQL_FILE`
- `REDMINE_DB_POSTGRES_FILE`
- `REDMINE_DB_PORT_FILE`
- `REDMINE_DB_USERNAME_FILE`
- `REDMINE_DB_PASSWORD_FILE`
- `REDMINE_DB_DATABASE_FILE`
- `REDMINE_DB_ENCODING_FILE`
- `REDMINE_SECRET_KEY_BASE_FILE`
---
 3.1/docker-entrypoint.sh | 64 ++++++++++++++++++++++++++++------------
 3.2/docker-entrypoint.sh | 64 ++++++++++++++++++++++++++++------------
 3.3/docker-entrypoint.sh | 64 ++++++++++++++++++++++++++++------------
 docker-entrypoint.sh     | 64 ++++++++++++++++++++++++++++------------
 4 files changed, 180 insertions(+), 76 deletions(-)

diff --git a/3.1/docker-entrypoint.sh b/3.1/docker-entrypoint.sh
index ddf63f43..841989f0 100755
--- a/3.1/docker-entrypoint.sh
+++ b/3.1/docker-entrypoint.sh
@@ -1,31 +1,56 @@
 #!/bin/bash
 set -e
 
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
 case "$1" in
 	rails|rake|passenger)
 		if [ ! -f './config/database.yml' ]; then
-			if [ "$MYSQL_PORT_3306_TCP" ]; then
-				: "${REDMINE_DB_MYSQL:=mysql}"
-			elif [ "$POSTGRES_PORT_5432_TCP" ]; then
-				: "${REDMINE_DB_POSTGRES:=postgres}"
+			file_env 'REDMINE_DB_MYSQL'
+			file_env 'REDMINE_DB_POSTGRES'
+			
+			if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then
+				export REDMINE_DB_MYSQL='mysql'
+			elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then
+				export REDMINE_DB_POSTGRES='postgres'
 			fi
 			
 			if [ "$REDMINE_DB_MYSQL" ]; then
 				adapter='mysql2'
 				host="$REDMINE_DB_MYSQL"
-				: "${REDMINE_DB_PORT:=3306}"
-				: "${REDMINE_DB_USERNAME:=${MYSQL_ENV_MYSQL_USER:-root}}"
-				: "${REDMINE_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}}"
-				: "${REDMINE_DB_DATABASE:=${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}}"
-				: "${REDMINE_DB_ENCODING:=}"
+				file_env 'REDMINE_DB_PORT' '3306'
+				file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}"
+				file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}"
+				file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}"
+				file_env 'REDMINE_DB_ENCODING' ''
 			elif [ "$REDMINE_DB_POSTGRES" ]; then
 				adapter='postgresql'
 				host="$REDMINE_DB_POSTGRES"
-				: "${REDMINE_DB_PORT:=5432}"
-				: "${REDMINE_DB_USERNAME:=${POSTGRES_ENV_POSTGRES_USER:-postgres}}"
-				: "${REDMINE_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
-				: "${REDMINE_DB_DATABASE:=${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' '5432'
+				file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}"
+				file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}"
+				file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}"
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 			else
 				echo >&2
 				echo >&2 'warning: missing REDMINE_DB_MYSQL or REDMINE_DB_POSTGRES environment variables'
@@ -35,11 +60,11 @@ case "$1" in
 				
 				adapter='sqlite3'
 				host='localhost'
-				: "${REDMINE_DB_PORT:=}"
-				: "${REDMINE_DB_USERNAME:=redmine}"
-				: "${REDMINE_DB_PASSWORD:=}"
-				: "${REDMINE_DB_DATABASE:=sqlite/redmine.db}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' ''
+				file_env 'REDMINE_DB_USERNAME' 'redmine'
+				file_env 'REDMINE_DB_PASSWORD' ''
+				file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db'
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 				
 				mkdir -p "$(dirname "$REDMINE_DB_DATABASE")"
 				chown -R redmine:redmine "$(dirname "$REDMINE_DB_DATABASE")"
@@ -68,6 +93,7 @@ case "$1" in
 		bundle install --without development test
 		
 		if [ ! -s config/secrets.yml ]; then
+			file_env 'REDMINE_SECRET_KEY_BASE'
 			if [ "$REDMINE_SECRET_KEY_BASE" ]; then
 				cat > 'config/secrets.yml' <<-YML
 					$RAILS_ENV:
diff --git a/3.2/docker-entrypoint.sh b/3.2/docker-entrypoint.sh
index ddf63f43..841989f0 100755
--- a/3.2/docker-entrypoint.sh
+++ b/3.2/docker-entrypoint.sh
@@ -1,31 +1,56 @@
 #!/bin/bash
 set -e
 
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
 case "$1" in
 	rails|rake|passenger)
 		if [ ! -f './config/database.yml' ]; then
-			if [ "$MYSQL_PORT_3306_TCP" ]; then
-				: "${REDMINE_DB_MYSQL:=mysql}"
-			elif [ "$POSTGRES_PORT_5432_TCP" ]; then
-				: "${REDMINE_DB_POSTGRES:=postgres}"
+			file_env 'REDMINE_DB_MYSQL'
+			file_env 'REDMINE_DB_POSTGRES'
+			
+			if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then
+				export REDMINE_DB_MYSQL='mysql'
+			elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then
+				export REDMINE_DB_POSTGRES='postgres'
 			fi
 			
 			if [ "$REDMINE_DB_MYSQL" ]; then
 				adapter='mysql2'
 				host="$REDMINE_DB_MYSQL"
-				: "${REDMINE_DB_PORT:=3306}"
-				: "${REDMINE_DB_USERNAME:=${MYSQL_ENV_MYSQL_USER:-root}}"
-				: "${REDMINE_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}}"
-				: "${REDMINE_DB_DATABASE:=${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}}"
-				: "${REDMINE_DB_ENCODING:=}"
+				file_env 'REDMINE_DB_PORT' '3306'
+				file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}"
+				file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}"
+				file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}"
+				file_env 'REDMINE_DB_ENCODING' ''
 			elif [ "$REDMINE_DB_POSTGRES" ]; then
 				adapter='postgresql'
 				host="$REDMINE_DB_POSTGRES"
-				: "${REDMINE_DB_PORT:=5432}"
-				: "${REDMINE_DB_USERNAME:=${POSTGRES_ENV_POSTGRES_USER:-postgres}}"
-				: "${REDMINE_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
-				: "${REDMINE_DB_DATABASE:=${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' '5432'
+				file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}"
+				file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}"
+				file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}"
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 			else
 				echo >&2
 				echo >&2 'warning: missing REDMINE_DB_MYSQL or REDMINE_DB_POSTGRES environment variables'
@@ -35,11 +60,11 @@ case "$1" in
 				
 				adapter='sqlite3'
 				host='localhost'
-				: "${REDMINE_DB_PORT:=}"
-				: "${REDMINE_DB_USERNAME:=redmine}"
-				: "${REDMINE_DB_PASSWORD:=}"
-				: "${REDMINE_DB_DATABASE:=sqlite/redmine.db}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' ''
+				file_env 'REDMINE_DB_USERNAME' 'redmine'
+				file_env 'REDMINE_DB_PASSWORD' ''
+				file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db'
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 				
 				mkdir -p "$(dirname "$REDMINE_DB_DATABASE")"
 				chown -R redmine:redmine "$(dirname "$REDMINE_DB_DATABASE")"
@@ -68,6 +93,7 @@ case "$1" in
 		bundle install --without development test
 		
 		if [ ! -s config/secrets.yml ]; then
+			file_env 'REDMINE_SECRET_KEY_BASE'
 			if [ "$REDMINE_SECRET_KEY_BASE" ]; then
 				cat > 'config/secrets.yml' <<-YML
 					$RAILS_ENV:
diff --git a/3.3/docker-entrypoint.sh b/3.3/docker-entrypoint.sh
index ddf63f43..841989f0 100755
--- a/3.3/docker-entrypoint.sh
+++ b/3.3/docker-entrypoint.sh
@@ -1,31 +1,56 @@
 #!/bin/bash
 set -e
 
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
 case "$1" in
 	rails|rake|passenger)
 		if [ ! -f './config/database.yml' ]; then
-			if [ "$MYSQL_PORT_3306_TCP" ]; then
-				: "${REDMINE_DB_MYSQL:=mysql}"
-			elif [ "$POSTGRES_PORT_5432_TCP" ]; then
-				: "${REDMINE_DB_POSTGRES:=postgres}"
+			file_env 'REDMINE_DB_MYSQL'
+			file_env 'REDMINE_DB_POSTGRES'
+			
+			if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then
+				export REDMINE_DB_MYSQL='mysql'
+			elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then
+				export REDMINE_DB_POSTGRES='postgres'
 			fi
 			
 			if [ "$REDMINE_DB_MYSQL" ]; then
 				adapter='mysql2'
 				host="$REDMINE_DB_MYSQL"
-				: "${REDMINE_DB_PORT:=3306}"
-				: "${REDMINE_DB_USERNAME:=${MYSQL_ENV_MYSQL_USER:-root}}"
-				: "${REDMINE_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}}"
-				: "${REDMINE_DB_DATABASE:=${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}}"
-				: "${REDMINE_DB_ENCODING:=}"
+				file_env 'REDMINE_DB_PORT' '3306'
+				file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}"
+				file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}"
+				file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}"
+				file_env 'REDMINE_DB_ENCODING' ''
 			elif [ "$REDMINE_DB_POSTGRES" ]; then
 				adapter='postgresql'
 				host="$REDMINE_DB_POSTGRES"
-				: "${REDMINE_DB_PORT:=5432}"
-				: "${REDMINE_DB_USERNAME:=${POSTGRES_ENV_POSTGRES_USER:-postgres}}"
-				: "${REDMINE_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
-				: "${REDMINE_DB_DATABASE:=${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' '5432'
+				file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}"
+				file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}"
+				file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}"
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 			else
 				echo >&2
 				echo >&2 'warning: missing REDMINE_DB_MYSQL or REDMINE_DB_POSTGRES environment variables'
@@ -35,11 +60,11 @@ case "$1" in
 				
 				adapter='sqlite3'
 				host='localhost'
-				: "${REDMINE_DB_PORT:=}"
-				: "${REDMINE_DB_USERNAME:=redmine}"
-				: "${REDMINE_DB_PASSWORD:=}"
-				: "${REDMINE_DB_DATABASE:=sqlite/redmine.db}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' ''
+				file_env 'REDMINE_DB_USERNAME' 'redmine'
+				file_env 'REDMINE_DB_PASSWORD' ''
+				file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db'
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 				
 				mkdir -p "$(dirname "$REDMINE_DB_DATABASE")"
 				chown -R redmine:redmine "$(dirname "$REDMINE_DB_DATABASE")"
@@ -68,6 +93,7 @@ case "$1" in
 		bundle install --without development test
 		
 		if [ ! -s config/secrets.yml ]; then
+			file_env 'REDMINE_SECRET_KEY_BASE'
 			if [ "$REDMINE_SECRET_KEY_BASE" ]; then
 				cat > 'config/secrets.yml' <<-YML
 					$RAILS_ENV:
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index ddf63f43..841989f0 100755
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -1,31 +1,56 @@
 #!/bin/bash
 set -e
 
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	local val="$def"
+	if [ "${!var:-}" ]; then
+		val="${!var}"
+	elif [ "${!fileVar:-}" ]; then
+		val="$(< "${!fileVar}")"
+	fi
+	export "$var"="$val"
+	unset "$fileVar"
+}
+
 case "$1" in
 	rails|rake|passenger)
 		if [ ! -f './config/database.yml' ]; then
-			if [ "$MYSQL_PORT_3306_TCP" ]; then
-				: "${REDMINE_DB_MYSQL:=mysql}"
-			elif [ "$POSTGRES_PORT_5432_TCP" ]; then
-				: "${REDMINE_DB_POSTGRES:=postgres}"
+			file_env 'REDMINE_DB_MYSQL'
+			file_env 'REDMINE_DB_POSTGRES'
+			
+			if [ "$MYSQL_PORT_3306_TCP" ] && [ -z "$REDMINE_DB_MYSQL" ]; then
+				export REDMINE_DB_MYSQL='mysql'
+			elif [ "$POSTGRES_PORT_5432_TCP" ] && [ -z "$REDMINE_DB_POSTGRES" ]; then
+				export REDMINE_DB_POSTGRES='postgres'
 			fi
 			
 			if [ "$REDMINE_DB_MYSQL" ]; then
 				adapter='mysql2'
 				host="$REDMINE_DB_MYSQL"
-				: "${REDMINE_DB_PORT:=3306}"
-				: "${REDMINE_DB_USERNAME:=${MYSQL_ENV_MYSQL_USER:-root}}"
-				: "${REDMINE_DB_PASSWORD:=${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}}"
-				: "${REDMINE_DB_DATABASE:=${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}}"
-				: "${REDMINE_DB_ENCODING:=}"
+				file_env 'REDMINE_DB_PORT' '3306'
+				file_env 'REDMINE_DB_USERNAME' "${MYSQL_ENV_MYSQL_USER:-root}"
+				file_env 'REDMINE_DB_PASSWORD' "${MYSQL_ENV_MYSQL_PASSWORD:-${MYSQL_ENV_MYSQL_ROOT_PASSWORD:-}}"
+				file_env 'REDMINE_DB_DATABASE' "${MYSQL_ENV_MYSQL_DATABASE:-${MYSQL_ENV_MYSQL_USER:-redmine}}"
+				file_env 'REDMINE_DB_ENCODING' ''
 			elif [ "$REDMINE_DB_POSTGRES" ]; then
 				adapter='postgresql'
 				host="$REDMINE_DB_POSTGRES"
-				: "${REDMINE_DB_PORT:=5432}"
-				: "${REDMINE_DB_USERNAME:=${POSTGRES_ENV_POSTGRES_USER:-postgres}}"
-				: "${REDMINE_DB_PASSWORD:=${POSTGRES_ENV_POSTGRES_PASSWORD}}"
-				: "${REDMINE_DB_DATABASE:=${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' '5432'
+				file_env 'REDMINE_DB_USERNAME' "${POSTGRES_ENV_POSTGRES_USER:-postgres}"
+				file_env 'REDMINE_DB_PASSWORD' "${POSTGRES_ENV_POSTGRES_PASSWORD}"
+				file_env 'REDMINE_DB_DATABASE' "${POSTGRES_ENV_POSTGRES_DB:-${REDMINE_DB_USERNAME:-}}"
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 			else
 				echo >&2
 				echo >&2 'warning: missing REDMINE_DB_MYSQL or REDMINE_DB_POSTGRES environment variables'
@@ -35,11 +60,11 @@ case "$1" in
 				
 				adapter='sqlite3'
 				host='localhost'
-				: "${REDMINE_DB_PORT:=}"
-				: "${REDMINE_DB_USERNAME:=redmine}"
-				: "${REDMINE_DB_PASSWORD:=}"
-				: "${REDMINE_DB_DATABASE:=sqlite/redmine.db}"
-				: "${REDMINE_DB_ENCODING:=utf8}"
+				file_env 'REDMINE_DB_PORT' ''
+				file_env 'REDMINE_DB_USERNAME' 'redmine'
+				file_env 'REDMINE_DB_PASSWORD' ''
+				file_env 'REDMINE_DB_DATABASE' 'sqlite/redmine.db'
+				file_env 'REDMINE_DB_ENCODING' 'utf8'
 				
 				mkdir -p "$(dirname "$REDMINE_DB_DATABASE")"
 				chown -R redmine:redmine "$(dirname "$REDMINE_DB_DATABASE")"
@@ -68,6 +93,7 @@ case "$1" in
 		bundle install --without development test
 		
 		if [ ! -s config/secrets.yml ]; then
+			file_env 'REDMINE_SECRET_KEY_BASE'
 			if [ "$REDMINE_SECRET_KEY_BASE" ]; then
 				cat > 'config/secrets.yml' <<-YML
 					$RAILS_ENV: