-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathgenerateSecrets.sh
More file actions
executable file
·46 lines (38 loc) · 1.42 KB
/
generateSecrets.sh
File metadata and controls
executable file
·46 lines (38 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
#!/bin/bash
# Exit script immediately on any error
set -euo pipefail
# Check if Docker is installed and executable
if ! command -v docker &> /dev/null; then
echo "Docker is required but not installed. Install it from: https://docs.docker.com/install/"
exit 1
fi
# Define variables for secret files and path
secretfiles=("karnak_postgres_password")
secretpath="secrets/"
secretKarnakLoginPassword="karnak_login_password"
echo "Generating secrets..."
# Create secrets directory if it doesn't exist
mkdir -p "$secretpath"
# Pull the busybox Docker image to use for generating secrets
docker pull busybox
# Generate random secrets
for secretfile in "${secretfiles[@]}"; do
docker run --rm busybox sh -c "dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64" > "$secretpath/$secretfile"
done
# Prompt the user to set the web portal password
while true; do
# First password prompt (silent)
read -rsp "Enter the web portal password: " firstPasswordEntry
echo
# Confirm password prompt (silent)
read -rsp "Confirm the password: " secondPasswordEntry
echo
if [[ "$firstPasswordEntry" == "$secondPasswordEntry" ]]; then
echo "$firstPasswordEntry" > "$secretpath/$secretKarnakLoginPassword"
chmod 600 "$secretpath/$secretKarnakLoginPassword" # Restrict file permissions
echo "The password for the Karnak web portal has been set successfully."
break
else
echo "The passwords do not match. Please try again."
fi
done