From c924a47188a1afb195cb98a8a69ca6ac4db857e1 Mon Sep 17 00:00:00 2001
From: Badlop <badlop@process-one.net>
Date: Fri, 27 Dec 2024 21:46:03 +0100
Subject: [PATCH] Container: Improve entrypoint script: register account, or
 set random

If password variable is set, register that account.
Example kubernetes yaml file in podman:

    env:
    - name: EJABBERD_MACRO_ADMIN
      value: administrator@example.org
    - name: REGISTER_ADMIN_PASSWORD
      value: somePass0rd

If admin and password are not set,
grant admin rights only to a random account name.
Notice that admin rights are granted to that variable in the default
ejabberd.yml, so if the account is not created, somebody else could do.
---
 .github/container/Dockerfile           | 22 ++++++++++++++++++++++
 .github/container/ejabberd.yml.example |  2 +-
 2 files changed, 23 insertions(+), 1 deletion(-)

diff --git a/.github/container/Dockerfile b/.github/container/Dockerfile
index d389251c7..bb8bdf9e5 100644
--- a/.github/container/Dockerfile
+++ b/.github/container/Dockerfile
@@ -125,6 +125,28 @@ RUN home_root_dir=$(echo $HOME | sed 's|\(.*\)/.*|\1 |') \
     && echo -e \
         "#!/bin/sh \
         \n[ -z \$ERLANG_NODE_ARG ] && export ERLANG_NODE_ARG=ejabberd@localhost \
+        \nexport EMA=\"\$EJABBERD_MACRO_ADMIN\" \
+        \nexport HOST=\"\${EJABBERD_MACRO_HOST:-localhost}\" \
+        \nif [ -n \"\$EMA\" ] \
+        \nthen \
+        \n    if [ \"\$EMA\" != \"\${EMA%%@*}\" ] \
+        \n    then \
+        \n        export USERNAME=\"\${EMA%%@*}\" \
+        \n        export HOST=\"\${EMA##*@}\" \
+        \n    else \
+        \n        export USERNAME=\"\$EMA\" \
+        \n        export SHOW_WARNING=\"true\" \
+        \n    fi \
+        \nelif [ -n \"\$REGISTER_ADMIN_PASSWORD\" ] \
+        \nthen \
+        \n    export USERNAME=\"admin\" \
+        \nelse \
+        \n    export USERNAME=\"\$(od -A n -N 8 -t x8 /dev/urandom)\" \
+        \nfi \
+        \nexport EJABBERD_MACRO_ADMIN=\"\$USERNAME@\$HOST\" \
+        \n[ -n \"\$SHOW_WARNING\" ] && echo \"WARNING: The EJABBERD_MACRO_ADMIN environment variable was set to '\$EMA', but it should include the host... I'll overwrite it to become '\$EJABBERD_MACRO_ADMIN'.\" \
+        \n[ -n \"\$CTL_ON_CREATE\" ] && export SEPARATOR=\";\" \
+        \n[ -n \"\$REGISTER_ADMIN_PASSWORD\" ] && export CTL_ON_CREATE=\"register \${EJABBERD_MACRO_ADMIN%%@*} \${EJABBERD_MACRO_ADMIN##*@} \$REGISTER_ADMIN_PASSWORD \$SEPARATOR \$CTL_ON_CREATE\" \
         \nexport CONFIG_DIR=/$HOME/conf \
         \nexport LOGS_DIR=/$HOME/logs \
         \nexport SPOOL_DIR=/$HOME/database \
diff --git a/.github/container/ejabberd.yml.example b/.github/container/ejabberd.yml.example
index ba6e08fbb..72ac292aa 100644
--- a/.github/container/ejabberd.yml.example
+++ b/.github/container/ejabberd.yml.example
@@ -16,7 +16,7 @@
 
 define_macro:
   HOST: localhost
-  ADMIN: "admin@localhost"
+  ## ADMIN: ... # set by /usr/local/bin/ejabberdctl
   PORT_C2S: 5222
   PORT_C2S_TLS: 5223
   PORT_S2S: 5269