From bb427191b7923bc97775132182b8c3cd57646c35 Mon Sep 17 00:00:00 2001
From: Jason Levine <levineja@mail.nih.gov>
Date: Thu, 23 Feb 2017 14:40:00 -0500
Subject: add support for multiple munin usernames and passwords use openssl to
 generate htpasswd file remove apache2-utils dependency update readme
 regarding username/password support

---
 Dockerfile     |  2 +-
 README.md      | 10 +++++-----
 start-munin.sh | 15 ++++++++++++---
 3 files changed, 18 insertions(+), 9 deletions(-)
 mode change 100644 => 100755 start-munin.sh

diff --git a/Dockerfile b/Dockerfile
index 498e213..e3cacde 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,7 +5,7 @@ MAINTAINER Leo Unbekandt <leo@scalingo.com>
 RUN adduser --system --home /var/lib/munin --shell /bin/false --uid 1103 --group munin
 
 RUN apt-get update -qq && RUNLEVEL=1 DEBIAN_FRONTEND=noninteractive \
-    apt-get install -y -qq cron munin munin-node nginx apache2-utils wget heirloom-mailx patch spawn-fcgi libcgi-fast-perl
+    apt-get install -y -qq cron munin munin-node nginx wget heirloom-mailx patch spawn-fcgi libcgi-fast-perl
 RUN rm /etc/nginx/sites-enabled/default && mkdir -p /var/cache/munin/www && chown munin:munin /var/cache/munin/www && mkdir -p /var/run/munin && chown -R munin:munin /var/run/munin
 
 VOLUME /var/lib/munin
diff --git a/README.md b/README.md
index 783c2d5..7989a43 100644
--- a/README.md
+++ b/README.md
@@ -6,10 +6,10 @@ All the configuration is done through the environment.
 
 ### HTTP Credentials 
 
-These are the credentials used to authenticate the HTTP dashboard
+These are the credentials used to authenticate the HTTP dashboard; both take a space-delimited list
 
-* `MUNIN_USER`
-* `MUNIN_PASSWORD`
+* `MUNIN_USERS`
+* `MUNIN_PASSWORDS`
 
 ### SMTP info for alerts
 
@@ -60,8 +60,8 @@ docker run -d \
   -v /var/lib/munin:/var/lib/munin \
   -v /var/run/munin:/var/run/munin \
   -v /var/cache/munin:/var/cache/munin \
-  -e MUNIN_USER=http-user \
-  -e MUNIN_PASSWORD=secret-password \
+  -e MUNIN_USERS=http-user another-user \
+  -e MUNIN_PASSWORDS=secret-password other-users-password \
   -e SMTP_HOST=smtp.example.com \
   -e SMTP_PORT=587 \
   -e SMTP_USERNAME=smtp-username \
diff --git a/start-munin.sh b/start-munin.sh
old mode 100644
new mode 100755
index fda929c..4ab8e1c
--- a/start-munin.sh
+++ b/start-munin.sh
@@ -1,8 +1,8 @@
 #!/bin/bash
 NODES=${NODES:-}
 SNMP_NODES=${SNMP_NODES:-}
-MUNIN_USER=${MUNIN_USER:-user}
-MUNIN_PASSWORD=${MUNIN_PASSWORD:-password}
+MUNIN_USERS=${MUNIN_USERS:-user}
+MUNIN_PASSWORDS=${MUNIN_PASSWORDS:-password}
 MAIL_CONF_PATH='/var/lib/munin/.mailrc'
 SMTP_USE_TLS=${SMTP_USE_TLS:-false}
 SMTP_ALWAYS_SEND=${SMTP_ALWAYS_SEND:-true}
@@ -47,7 +47,16 @@ if  [ $rc -ne 0 -a -n "${ALERT_RECIPIENT}" -a -n "${ALERT_SENDER}" ] ; then
   fi
 fi
 
-[ -e /etc/munin/htpasswd.users ] || htpasswd -b -c /etc/munin/htpasswd.users "$MUNIN_USER" "$MUNIN_PASSWORD"
+# generate the Munin auth username/password file
+if [ ! -f /etc/munin/htpasswd.users ]; then
+  uc = 0
+  IFS=' ' read -ra ARR_USERS <<< "$MUNIN_USERS"
+  IFS=' ' read -ra ARR_PASSWORDS <<< "$MUNIN_PASSWORDS"
+  for u in "${ARR_USERS[@]}"; do
+    printf "${u}:`openssl passwd -apr1 ${ARR_PASSWORDS[uc]}`\n" >> /etc/munin/htpasswd.users
+    (( uc++ ))
+  done
+fi
 
 # generate node list
 for NODE in $NODES
-- 
cgit v1.2.3


From 09e12a6d4fc01f9252de5cbf869cfa55ea1aaf23 Mon Sep 17 00:00:00 2001
From: Jason Levine <levineja@mail.nih.gov>
Date: Mon, 27 Feb 2017 09:38:16 -0500
Subject: fix readme to reflect need to quote command-line, space-separated
 username/password env vars add backward compatibility for previous MUNIN_USER
 and MUNIN_PASSWORD env vars

---
 README.md      | 4 ++--
 start-munin.sh | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index 7989a43..d32553d 100644
--- a/README.md
+++ b/README.md
@@ -60,8 +60,8 @@ docker run -d \
   -v /var/lib/munin:/var/lib/munin \
   -v /var/run/munin:/var/run/munin \
   -v /var/cache/munin:/var/cache/munin \
-  -e MUNIN_USERS=http-user another-user \
-  -e MUNIN_PASSWORDS=secret-password other-users-password \
+  -e MUNIN_USERS='http-user another-user' \
+  -e MUNIN_PASSWORDS='secret-password other-users-password' \
   -e SMTP_HOST=smtp.example.com \
   -e SMTP_PORT=587 \
   -e SMTP_USERNAME=smtp-username \
diff --git a/start-munin.sh b/start-munin.sh
index 4ab8e1c..fef4449 100755
--- a/start-munin.sh
+++ b/start-munin.sh
@@ -1,8 +1,8 @@
 #!/bin/bash
 NODES=${NODES:-}
 SNMP_NODES=${SNMP_NODES:-}
-MUNIN_USERS=${MUNIN_USERS:-user}
-MUNIN_PASSWORDS=${MUNIN_PASSWORDS:-password}
+MUNIN_USERS=${MUNIN_USERS:-${MUNIN_USER:-user}}
+MUNIN_PASSWORDS=${MUNIN_PASSWORDS:-${MUNIN_PASSWORD:-password}}
 MAIL_CONF_PATH='/var/lib/munin/.mailrc'
 SMTP_USE_TLS=${SMTP_USE_TLS:-false}
 SMTP_ALWAYS_SEND=${SMTP_ALWAYS_SEND:-true}
-- 
cgit v1.2.3