Example and makes it simpler to have safer passwords.

Fixes wernight#18.
pacepace · Aug 13, 2018 · fc44853 · fc44853
1 parent c59cb7a
commit fc44853
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 1 deletion.
diff --git a/Dockerfile b/Dockerfile
@@ -31,6 +31,8 @@ RUN set -ex \
         pyopenssl \
         requests[security] \
         youtube-dl \
+ && mkdir -p /var/lib/mopidy/.config/mopidy \
+ && ln -s /config/ /var/lib/mopidy/.config/mopidy \
     # Clean-up
  && apt-get purge --auto-remove -y \
         curl \
@@ -42,7 +44,7 @@ RUN set -ex \
 COPY entrypoint.sh /entrypoint.sh
 
 # Default configuration.
-COPY mopidy.conf /var/lib/mopidy/.config/mopidy/mopidy.conf
+COPY mopidy.conf /config/mopidy.conf
 
 # Copy the pulse-client configuratrion.
 COPY pulse-client.conf /etc/pulse/client.conf

diff --git a/README.md b/README.md
@@ -119,6 +119,50 @@ Most arguments are optional (see some examples below):
       * For *Google Music* use your Google account (if you have *2-Step Authentication*, generate an [app specific password](https://security.google.com/settings/security/apppasswords)).
       * For *SoundCloud*, just [get a token](https://www.mopidy.com/authenticate/) after registering.
 
+NOTE: Any user on your system may run `ps aux` and see the command-line you're running, so your passwords may be exposed.
+A safer option if it's a concern, is using putting these passwords in a Mopidy configuration file based on [mopidy.conf](mopidy.conf):
+
+    [core]
+    data_dir = /var/lib/mopidy
+
+    [local]
+    media_dir = /var/lib/mopidy/media
+
+    [audio]
+    output = tee name=t ! queue ! autoaudiosink t. ! queue ! udpsink host=0.0.0.0 port=5555
+
+    [m3u]
+    playlists_dir = /var/lib/mopidy/playlists
+
+    [http]
+    hostname = 0.0.0.0
+
+    [mpd]
+    hostname = 0.0.0.0
+
+    [spotify]
+    username=USERNAME
+    password=PASSWORD
+
+    [gmusic]
+    username=USERNAME
+    password=PASSWORD
+
+    [soundcloud]
+    auth_token=TOKEN
+
+Then run it:
+
+    $ docker run -d \
+        $PUT_HERE_EXRA_DOCKER_ARGUMENTS_FOR_AUDIO_TO_WORK \
+        -v "$PWD/media:/var/lib/mopidy/media:ro" \
+        -v "$PWD/local:/var/lib/mopidy/local" \
+        -v "$PWD/mopidy.conf:/config/mopidy.conf" \
+        -p 6600:6600 -p 6680:6680 \
+        --user $UID:$GID \
+        wernight/mopidy
+
+
 ##### Example using HTTP client to stream local files
 
  1. Give read access to your audio files to user **84044**, group **84044**, or all users (e.g., `$ chgrp -R 84044 $PWD/media && chmod -R g+rX $PWD/media`).