From f20c5259229a372d6b877ab551f03a25ed8b47a6 Mon Sep 17 00:00:00 2001
From: Mina Nagy Zaki <mnzaki@gmail.com>
Date: Tue, 29 Nov 2022 13:05:54 +0100
Subject: [PATCH] added support for .env files

---
 .env.example       | 21 +++++++++++++++++++++
 docker-compose.yml | 45 +++++++++++++++++++++++----------------------
 2 files changed, 44 insertions(+), 22 deletions(-)
 create mode 100644 .env.example

diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000000..53eafdfaa3
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,21 @@
+ZULIP_ADMINISTRATOR=admin@exapmle.com
+EXTERNAL_HOST=localhost.localdomain
+ZULIP_AUTH_BACKENDS=EmailAuthBackend
+ZULIP_PUSH_NOTIFICATION_BOUNCER_URL=
+
+EMAIL_HOST=
+EMAIL_HOST_USER=noreply@example.com
+EMAIL_PASSWORD=123456789
+EMAIL_PORT=587
+EMAIL_USE_SSL=False
+EMAIL_USE_TLS=True
+
+ZULIP_GIT_URL=https://github.com/zulip/zulip.git
+ZULIP_GIT_REF=5.7
+
+SECRET_KEY=REPLACE_WITH_SECURE_SECRET_KEY
+POSTGRES_PASSWORD=REPLACE_WITH_SECURE_POSTGRES_PASSWORD
+REDIS_PASSWORD=REPLACE_WITH_SECURE_REDIS_PASSWORD
+MEMCACHED_PASSWORD=REPLACE_WITH_SECURE_MEMCACHED_PASSWORD
+RABBITMQ_DEFAULT_USER=zulip
+RABBITMQ_DEFAULT_PASS=REPLACE_WITH_SECURE_RABBITMQ_PASSWORD
diff --git a/docker-compose.yml b/docker-compose.yml
index fcaba44f7c..b225176afb 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,4 +1,4 @@
-version: "2"
+version: "2.1"
 services:
   database:
     image: "zulip/zulip-postgresql:14"
@@ -9,7 +9,7 @@ services:
       # Note that you need to do a manual `ALTER ROLE` query if you
       # change this on a system after booting the postgres container
       # the first time on a host.  Instructions are available in README.md.
-      POSTGRES_PASSWORD: "REPLACE_WITH_SECURE_POSTGRES_PASSWORD"
+      POSTGRES_PASSWORD: "${POSTGRES_PASSWORD:-REPLACE_WITH_SECURE_POSTGRES_PASSWORD}"
     volumes:
       - "postgresql-14:/var/lib/postgresql/data:rw"
   memcached:
@@ -26,13 +26,13 @@ services:
     environment:
       SASL_CONF_PATH: "/home/memcache/memcached.conf"
       MEMCACHED_SASL_PWDB: "/home/memcache/memcached-sasl-db"
-      MEMCACHED_PASSWORD: "REPLACE_WITH_SECURE_MEMCACHED_PASSWORD"
+      MEMCACHED_PASSWORD: "${MEMCACHED_PASSWORD:-REPLACE_WITH_SECURE_MEMCACHED_PASSWORD}"
   rabbitmq:
     image: "rabbitmq:3.7.7"
     restart: unless-stopped
     environment:
       RABBITMQ_DEFAULT_USER: "zulip"
-      RABBITMQ_DEFAULT_PASS: "REPLACE_WITH_SECURE_RABBITMQ_PASSWORD"
+      RABBITMQ_DEFAULT_PASS: "${RABBITMQ_DEFAULT_PASS:-REPLACE_WITH_SECURE_RABBITMQ_PASSWORD}"
     volumes:
       - "rabbitmq:/var/lib/rabbitmq:rw"
   redis:
@@ -45,7 +45,7 @@ services:
         echo "requirepass '$$REDIS_PASSWORD'" > /etc/redis.conf
         exec redis-server /etc/redis.conf
     environment:
-      REDIS_PASSWORD: "REPLACE_WITH_SECURE_REDIS_PASSWORD"
+      REDIS_PASSWORD: "${REDIS_PASSWORD:-REPLACE_WITH_SECURE_REDIS_PASSWORD}"
     volumes:
       - "redis:/data:rw"
   zulip:
@@ -55,8 +55,8 @@ services:
       context: .
       args:
         # Change these if you want to build zulip from a different repo/branch
-        ZULIP_GIT_URL: https://github.com/zulip/zulip.git
-        ZULIP_GIT_REF: "5.7"
+        ZULIP_GIT_URL: "${ZULIP_GIT_URL:-https://github.com/zulip/zulip.git}"
+        ZULIP_GIT_REF: "${ZULIP_GIT_REF:-5.7}"
         # Set this up if you plan to use your own CA certificate bundle for building
         # CUSTOM_CA_CERTIFICATES:
     ports:
@@ -70,31 +70,32 @@ services:
       SETTING_MEMCACHED_LOCATION: "memcached:11211"
       SETTING_RABBITMQ_HOST: "rabbitmq"
       SETTING_REDIS_HOST: "redis"
-      SECRETS_email_password: "123456789"
+      SECRETS_email_password: "${EMAIL_PASSWORD:-123456789}"
       # These should match RABBITMQ_DEFAULT_PASS, POSTGRES_PASSWORD,
       # MEMCACHED_PASSWORD, and REDIS_PASSWORD above.
-      SECRETS_rabbitmq_password: "REPLACE_WITH_SECURE_RABBITMQ_PASSWORD"
-      SECRETS_postgres_password: "REPLACE_WITH_SECURE_POSTGRES_PASSWORD"
-      SECRETS_memcached_password: "REPLACE_WITH_SECURE_MEMCACHED_PASSWORD"
-      SECRETS_redis_password: "REPLACE_WITH_SECURE_REDIS_PASSWORD"
-      SECRETS_secret_key: "REPLACE_WITH_SECURE_SECRET_KEY"
-      SETTING_EXTERNAL_HOST: "localhost.localdomain"
-      SETTING_ZULIP_ADMINISTRATOR: "admin@example.com"
-      SETTING_EMAIL_HOST: "" # e.g. smtp.example.com
-      SETTING_EMAIL_HOST_USER: "noreply@example.com"
-      SETTING_EMAIL_PORT: "587"
+      SECRETS_rabbitmq_password: "${RABBITMQ_DEFAULT_PASS:-REPLACE_WITH_SECURE_RABBITMQ_PASSWORD}"
+      SECRETS_postgres_password: "${POSTGRES_PASSWORD:-REPLACE_WITH_SECURE_POSTGRES_PASSWORD}"
+      SECRETS_memcached_password: "${MEMCACHED_PASSWORD:-REPLACE_WITH_SECURE_MEMCACHED_PASSWORD}"
+      SECRETS_redis_password: "${REDIS_PASSWORD:-REPLACE_WITH_SECURE_REDIS_PASSWORD}"
+      SECRETS_secret_key: "${SECRET_KEY:-REPLACE_WITH_SECURE_SECRET_KEY}"
+      SETTING_EXTERNAL_HOST: "${EXTERNAL_HOST:-localhost.localdomain}"
+      SETTING_ZULIP_ADMINISTRATOR: "${ZULIP_ADMINISTRATOR:-admin@example.com}"
+      SETTING_EMAIL_HOST: "${EMAIL_HOST}" # e.g. smtp.example.com
+      SETTING_EMAIL_HOST_USER: "${EMAIL_HOST_USER:-noreply@example.com}"
+      SETTING_EMAIL_PORT: "${EMAIL_PORT:-587}"
       # It seems that the email server needs to use ssl or tls and can't be used without it
-      SETTING_EMAIL_USE_SSL: "False"
-      SETTING_EMAIL_USE_TLS: "True"
-      ZULIP_AUTH_BACKENDS: "EmailAuthBackend"
+      SETTING_EMAIL_USE_SSL: "${EMAIL_USE_SSL:-False}"
+      SETTING_EMAIL_USE_TLS: "${EMAIL_USE_TLS:-True}"
+      ZULIP_AUTH_BACKENDS: "${ZULIP_AUTH_BACKENDS:-EmailAuthBackend}"
       # Uncomment this when configuring the mobile push notifications service
-      # SETTING_PUSH_NOTIFICATION_BOUNCER_URL: 'https://push.zulipchat.com'
+      SETTING_PUSH_NOTIFICATION_BOUNCER_URL: "${ZULIP_PUSH_NOTIFICATION_BOUNCER_URL}"
     volumes:
       - "zulip:/data:rw"
     ulimits:
       nofile:
         soft: 1000000
         hard: 1048576
+
 volumes:
   zulip:
   postgresql-14: