Entrypoint needed to create the user on the database

[j1cs]

Is't possible to create an entrypoint to create the database initialization as it's done in docker-mailserver-postfix?

[technicalguru]

Yes, I guess this could be done. But the installation procedure is complicated for Roundcube. That's why there was no effort put there in yet.

Also: Postfix does not contain any web component. That's why having an environment or secret with the database root password would be less risky (still it is recommended to remove this after initial setup). But Roundcube is faced via webserver. So people might forget about the root password and attackers would be able to steal it as the vector with PHP is pretty big.

[j1cs]

I understand.
What do you think about something very simple like create the user to avoid this:
DSN (write): NOT OK(SQLSTATE[HY000] [1045] Access denied for user 'roundcube'@'172.22.0.5' (using password: YES))
in the first start (installer step)

[technicalguru]

I will need some time to think about it. A solution could be to setup the database user when it's not there, using the root password - but when the user exists and the root password is still available then fail the container. this would avoid the vulnarability after setup.