[PR #4901] [MERGED] Fix alpine-tinyauth env configuration parsing logic #5342

New Issue

saavagebueno · 2025-11-20T07:05:31-05:00

saavagebueno commented

2025-11-20 07:05:31 -05:00

📋 Pull Request Information

Original PR: https://github.com/community-scripts/ProxmoxVE/pull/4901
Author: @gokussjx
Created: 6/1/2025
Status: ✅ Merged
Merged: 6/2/2025
Merged by: @MickLesk

Base: main ← Head: main

📝 Commits (1)

4b33d17 Fix tinyauth configuration parsing

📊 Changes

1 file changed (+9 additions, -1 deletions)

View changed files

📝 install/alpine-tinyauth-install.sh (+9 -1)

📄 Description

✍️ Description

Tinyauth relies on key-value configurations provided in .env file or via CLI, as shown here.
For the env file, the values are expected to be in the form:

GENERIC_SCOPES=openid email profile groups
GENERIC_NAME=Pocket ID

However, the alpine-tinyauth script from Proxmox Helper Scripts sets up incorrect parsing logic, causing values to be read as so (set -x snippet below):

'GENERIC_SCOPES=openid' email profile groups
'GENERIC_NAME=Pocket' ID

The problem is due to xargs usage, which delimits by spaces, causing the rest of the value to be ignored. Specifically, this is the buggy piece:

export \$(grep -v '^#' /opt/tinyauth/.env | xargs)

This leads to tinyauth failing to function normally despite successful starts (since the values being set is enough to get it to start, but them being incorrect is a runtime issue).

The proposed solution uses read to parse each line and exports the value (while also skipping comments, maintaining parity). This solution is portable POSIX compliant.

BEFORE:

AFTER:

Link: # N/A

✅ Prerequisites (X in brackets)

Self-review completed – Code follows project standards.
Tested thoroughly – Changes work as expected.
No security risks – No hardcoded secrets, unnecessary privilege escalations, or permission issues.

🛠️ Type of Change (X in brackets)

🐞 Bug fix – Resolves an issue without breaking functionality.
✨ New feature – Adds new, non-breaking functionality.
💥 Breaking change – Alters existing functionality in a way that may require updates.
🆕 New script – A fully functional and tested script or script set.
🌍 Website update – Changes to website-related JSON files or metadata.
🔧 Refactoring / Code Cleanup – Improves readability or maintainability without changing functionality.
📝 Documentation update – Changes to README, AppName.md, CONTRIBUTING.md, or other docs.

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/community-scripts/ProxmoxVE/pull/4901 **Author:** [@gokussjx](https://github.com/gokussjx) **Created:** 6/1/2025 **Status:** ✅ Merged **Merged:** 6/2/2025 **Merged by:** [@MickLesk](https://github.com/MickLesk) **Base:** `main` ← **Head:** `main` --- ### 📝 Commits (1) - [`4b33d17`](https://github.com/community-scripts/ProxmoxVE/commit/4b33d1726dffff24195a348d808f0ba5c42ee61e) Fix tinyauth configuration parsing ### 📊 Changes **1 file changed** (+9 additions, -1 deletions) <details> <summary>View changed files</summary> 📝 `install/alpine-tinyauth-install.sh` (+9 -1) </details> ### 📄 Description  ## ✍️ Description Tinyauth relies on key-value configurations provided in `.env` file or via CLI, as shown [here](https://tinyauth.app/docs/reference/configuration.html). For the env file, the values are expected to be in the form: ``` GENERIC_SCOPES=openid email profile groups GENERIC_NAME=Pocket ID ``` However, the alpine-tinyauth script from Proxmox Helper Scripts sets up incorrect parsing logic, causing values to be read as so (`set -x` snippet below): ``` 'GENERIC_SCOPES=openid' email profile groups 'GENERIC_NAME=Pocket' ID ``` The problem is due to `xargs` usage, which delimits by spaces, causing the rest of the value to be ignored. Specifically, this is the buggy piece: ``` export \$(grep -v '^#' /opt/tinyauth/.env | xargs) ``` This leads to tinyauth failing to function normally despite successful starts (since the values being set is enough to get it to start, but them being incorrect is a runtime issue). The proposed solution uses `read` to parse each line and exports the value (while also skipping comments, maintaining parity). This solution is portable POSIX compliant. **BEFORE**: <img src="https://github.com/user-attachments/assets/8c751c0d-0223-442f-ad1d-777b0d91ab01" width="454" height="412"> <img src="https://github.com/user-attachments/assets/1e35aa22-2569-4c47-857a-a147a507677b" width="454" height="361"> **AFTER**: <img src="https://github.com/user-attachments/assets/b7b44476-fbeb-465f-bf61-34c37a9e70b0" width="454" height="529"> <img src="https://github.com/user-attachments/assets/0d94fd37-aae8-4d54-b7f1-6fef2d33c491" width="454" height="354"> ## 🔗 Related PR / Issue Link: # N/A ## ✅ Prerequisites (**X** in brackets) - [X] **Self-review completed** – Code follows project standards. - [X] **Tested thoroughly** – Changes work as expected. - [X] **No security risks** – No hardcoded secrets, unnecessary privilege escalations, or permission issues. --- ## 🛠️ Type of Change (**X** in brackets) - [X] 🐞 **Bug fix** – Resolves an issue without breaking functionality. - [ ] ✨ **New feature** – Adds new, non-breaking functionality. - [ ] 💥 **Breaking change** – Alters existing functionality in a way that may require updates. - [ ] 🆕 **New script** – A fully functional and tested script or script set. - [ ] 🌍 **Website update** – Changes to website-related JSON files or metadata. - [ ] 🔧 **Refactoring / Code Cleanup** – Improves readability or maintainability without changing functionality. - [ ] 📝 **Documentation update** – Changes to `README`, `AppName.md`, `CONTRIBUTING.md`, or other docs. --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>

saavagebueno added the pull-request label 2025-11-20 07:05:31 -05:00

Sign in to join this conversation.

Branches Tags

main

github-action-update-changelog

add-script-espconnect-1778581752

add_pin_fix_ved

fix/manifold

arm64-build-support

add-script-authentik-1778581423

bump-node

add-script-cliproxyapi-1778581722

add-script-docuseal-1778581763

add-script-lobehub-1778581523

arm64-port-1

add-script-lychee-1778528797

feat/investbrain-trusted-proxies-hint

fix/reactive-resume-pdf-14278

fix/cronmaster-eof-14411

fix/npm-nginx-conf-override-14396

fix/termix-nginx-pid-14410

revert-14353-openresty

crazywolf13-qbittorrent-fix

add-script-shlink-1778444244

add-script-solidtime-1778443700

MickLesk-patch-11

github-action-archive-changelog

copilot/fix-pnpm-tools-func-install-version-10

fix/flowiseai-use-pnpm

fix/meilisearch-import-dump-bash-error

fix/erpnext-redis-queue-startup

fix/wishlist-pnpm-version

feat/setup-nltk-function

fix/dispatcharr-uwsgi

fix/termix-nginx-pid

feat/update-apps-improvements

add-script-hoodik-1778049495

fix/pelican-panel-backup-dir

fix/adguardhome-sync-ifconfig

fix/rustdeskserver-version-display

add-script-matomo-1777915580

copilot/fix-databasus-start-issue

add-script-librechat-1777915563

fix/databasus-mongo-tools-pnpm

fix/get-latest-gh-tag-pagination

fix/gitlab-support-syntax

fix/peanut-v6-auth-disabled-hint

fix/pangolin-pin-version-and-migrate

feat/post-install-script-hook

fix/pbs-pve-sed-missing-sources-list

revert-14133-gitlab_support

gitlab_support

add-script-tubearchivist-1777535096

fix/alpine-remove-deb-checks

feat/core-hardening-proxmoxve

improve/build-func-performance-cleanup

preflight_tests

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: SVI/ProxmoxVE#5342