diff --git a/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh b/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh index 6c6f8c05293a..df6ba18bf04e 100644 --- a/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh +++ b/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh @@ -77,6 +77,8 @@ export DRUPAL_PROFILE="${DRUPAL_PROFILE:-standard}" # only used during the first export DRUPAL_SITE_NAME="${DRUPAL_SITE_NAME:-My blog}" # only used during the first initialization export DRUPAL_SKIP_BOOTSTRAP="${DRUPAL_SKIP_BOOTSTRAP:-}" # only used during the first initialization export DRUPAL_ENABLE_MODULES="${DRUPAL_ENABLE_MODULES:-}" # only used during the first initialization +export DRUPAL_CONFIG_SYNC_DIR="${DRUPAL_CONFIG_SYNC_DIR:-}" +export DRUPAL_HASH_SALT="${DRUPAL_HASH_SALT:-}" # Drupal credentials export DRUPAL_USERNAME="${DRUPAL_USERNAME:-user}" # only used during the first initialization diff --git a/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh b/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh index d50ae4d74bcb..aa9cddb4046c 100644 --- a/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh +++ b/bitnami/drupal/8/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh @@ -143,13 +143,26 @@ drupal_initialize() { info "Configuring SMTP" drupal_configure_smtp fi - info "Flushing Drupal cache" - drupal_flush_cache else info "An already initialized Drupal database was provided, configuration will be skipped" + if is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE"; then + drupal_set_database_settings + else + drupal_set_database_ssl_settings + fi + + # Drupal expects a directory for storing site configuration + # For more info see https://www.drupal.org/docs/configuration-management + drupal_create_config_directory + + # Drupal needs a hash value to build one-time login links, cancel links, form tokens, etc. + drupal_set_hash_salt drupal_update_database fi + info "Flushing Drupal cache" + drupal_flush_cache + info "Persisting Drupal installation" persist_app "$app_name" "$DRUPAL_DATA_TO_PERSIST" else @@ -280,6 +293,41 @@ drupal_site_install() { fi } +######################## +# Drupal Create Config Directory +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +drupal_create_config_directory() { + local config_sync_dir="${DRUPAL_CONFIG_SYNC_DIR:-}" + if is_empty_value "$config_sync_dir"; then + config_sync_dir="${DRUPAL_BASE_DIR}/sites/default/files/config_$(generate_random_string -t alphanumeric -c 16)" + fi + ensure_dir_exists "$config_sync_dir" + drupal_conf_set "\$settings['config_sync_directory']" "$config_sync_dir" +} + +######################## +# Drupal Create Hash Salt +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +drupal_set_hash_salt() { + local hash_salt="${DRUPAL_HASH_SALT:-}" + if is_empty_value "$hash_salt"; then + hash_salt="$(generate_random_string -t alphanumeric -c 32)" + fi + drupal_conf_set "\$settings['hash_salt']" "$hash_salt" +} + ######################## # Execute Drush Tool # Globals: @@ -442,6 +490,21 @@ drupal_set_database_ssl_settings() { EOF } +drupal_set_database_settings() { + cat >>"$DRUPAL_CONF_FILE" < '${DRUPAL_DATABASE_NAME}', + 'username' => '${DRUPAL_DATABASE_USER}', + 'password' => '${DRUPAL_DATABASE_PASSWORD}', + 'prefix' => '', + 'host' => '${DRUPAL_DATABASE_HOST}', + 'port' => '${DRUPAL_DATABASE_PORT_NUMBER}', + 'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql', + 'driver' => 'mysql', +); +EOF +} + ######################## # Drupal remove duplicated database block from settings file # Globals: diff --git a/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh b/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh index 6c6f8c05293a..df6ba18bf04e 100644 --- a/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh +++ b/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/drupal-env.sh @@ -77,6 +77,8 @@ export DRUPAL_PROFILE="${DRUPAL_PROFILE:-standard}" # only used during the first export DRUPAL_SITE_NAME="${DRUPAL_SITE_NAME:-My blog}" # only used during the first initialization export DRUPAL_SKIP_BOOTSTRAP="${DRUPAL_SKIP_BOOTSTRAP:-}" # only used during the first initialization export DRUPAL_ENABLE_MODULES="${DRUPAL_ENABLE_MODULES:-}" # only used during the first initialization +export DRUPAL_CONFIG_SYNC_DIR="${DRUPAL_CONFIG_SYNC_DIR:-}" +export DRUPAL_HASH_SALT="${DRUPAL_HASH_SALT:-}" # Drupal credentials export DRUPAL_USERNAME="${DRUPAL_USERNAME:-user}" # only used during the first initialization diff --git a/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh b/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh index d50ae4d74bcb..d8666c01a0c8 100644 --- a/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh +++ b/bitnami/drupal/9/debian-10/rootfs/opt/bitnami/scripts/libdrupal.sh @@ -143,13 +143,26 @@ drupal_initialize() { info "Configuring SMTP" drupal_configure_smtp fi - info "Flushing Drupal cache" - drupal_flush_cache else info "An already initialized Drupal database was provided, configuration will be skipped" + if is_empty_value "$DRUPAL_DATABASE_TLS_CA_FILE"; then + drupal_set_database_settings + else + drupal_set_database_ssl_settings + fi + + # Drupal expects a directory for storing site configuration + # For more info see https://www.drupal.org/docs/configuration-management + drupal_create_config_directory + + # Drupal needs a hash value to build one-time login links, cancel links, form tokens, etc. + drupal_set_hash_salt drupal_update_database fi + info "Flushing Drupal cache" + drupal_flush_cache + info "Persisting Drupal installation" persist_app "$app_name" "$DRUPAL_DATA_TO_PERSIST" else @@ -280,6 +293,41 @@ drupal_site_install() { fi } +######################## +# Drupal Create Config Directory +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +drupal_create_config_directory() { + local config_sync_dir="${DRUPAL_CONFIG_SYNC_DIR:-}" + if is_empty_value "$config_sync_dir"; then + config_sync_dir="${DRUPAL_BASE_DIR}/sites/default/files/config_$(generate_random_string -t alphanumeric -c 16)" + fi + ensure_dir_exists "$config_sync_dir" + drupal_conf_set "\$settings['config_sync_directory']" "$config_sync_dir" +} + +######################## +# Drupal Create Hash Salt +# Globals: +# * +# Arguments: +# None +# Returns: +# None +######################### +drupal_set_hash_salt() { + local hash_salt="${DRUPAL_HASH_SALT:-}" + if is_empty_value "$hash_salt"; then + hash_salt="$(generate_random_string -t alphanumeric -c 32)" + fi + drupal_conf_set "\$settings['hash_salt']" "$hash_salt" +} + ######################## # Execute Drush Tool # Globals: @@ -442,6 +490,22 @@ drupal_set_database_ssl_settings() { EOF } +drupal_set_database_settings() { + cat >>"$DRUPAL_CONF_FILE" < '${DRUPAL_DATABASE_NAME}', + 'username' => '${DRUPAL_DATABASE_USER}', + 'password' => '${DRUPAL_DATABASE_PASSWORD}', + 'prefix' => '', + 'host' => '${DRUPAL_DATABASE_HOST}', + 'port' => '${DRUPAL_DATABASE_PORT_NUMBER}', + 'namespace' => 'Drupal\\Core\\Database\\Driver\\mysql', + 'driver' => 'mysql', +); +EOF +} + + ######################## # Drupal remove duplicated database block from settings file # Globals: diff --git a/bitnami/drupal/README.md b/bitnami/drupal/README.md index d9a6a5b76343..d148ade1e221 100644 --- a/bitnami/drupal/README.md +++ b/bitnami/drupal/README.md @@ -228,6 +228,8 @@ Available environment variables: - `DRUPAL_USERNAME`: Drupal application username. Default: **user** - `DRUPAL_PASSWORD`: Drupal application password. Default: **bitnami** - `DRUPAL_EMAIL`: Drupal application email. Default: **user@example.com** + - `DRUPAL_CONFIG_SYNC_DIR`: Drupal configuration file directory. Default: **sites/default/files/config_${RANDOM_STRING}** + - `DRUPAL_HASH_SALT`: Salt used for hardening against SQL injection. Default: **A random string** ##### Use an existing database