feature: Added generate-compose script.

Author: sundargs2000

.config

@@ -0,0 +1,10 @@
+[MANDATORY]
+SETTING_EXTERNAL_HOST = localhost.localdomain
+SETTING_ZULIP_ADMINISTRATOR = [email protected]
+
+[SECRETS]
+POSTGRES_PASSWORD = REPLACE_WITH_SECURE_POSTGRES_PASSWORD
+MEMCACHED_PASSWORD = REPLACE_WITH_SECURE_MEMCACHED_PASSWORD
+RABBITMQ_DEFAULT_PASS = REPLACE_WITH_SECURE_RABBITMQ_PASSWORD
+REDIS_PASSWORD = REPLACE_WITH_SECURE_REDIS_PASSWORD
+SECRETS_secret_key = REPLACE_WITH_SECURE_SECRET_KEY

docker-compose.yml docker-compose.yml.in

@@ -76,8 +76,8 @@ services:
       SECRETS_memcached_password: 'REPLACE_WITH_SECURE_MEMCACHED_PASSWORD'
       SECRETS_redis_password: 'REPLACE_WITH_SECURE_REDIS_PASSWORD'
       SECRETS_secret_key: 'REPLACE_WITH_SECURE_SECRET_KEY'
-      SETTING_EXTERNAL_HOST: 'localhost.localdomain'
-      SETTING_ZULIP_ADMINISTRATOR: '[email protected]'
+      SETTING_EXTERNAL_HOST: 'REPLACE_WITH_EXTERNAL_HOST'
+      SETTING_ZULIP_ADMINISTRATOR: 'REPLACE_WITH_ADMIN_EMAIL'
       SETTING_EMAIL_HOST: ''  # e.g. smtp.example.com
       SETTING_EMAIL_HOST_USER: '[email protected]'
       SETTING_EMAIL_PORT: '587'

scripts/generate-compose

@@ -0,0 +1,38 @@
+#!/usr/bin/env python3
+import configparser
+import secrets
+
+compose_template = open('docker-compose.yml.in', 'r').read()
+
+config = configparser.ConfigParser()
+config.read('.config')
+
+modified_compose = compose_template.replace('REPLACE_WITH_EXTERNAL_HOST', config['MANDATORY']['SETTING_EXTERNAL_HOST'])
+modified_compose = modified_compose.replace('REPLACE_WITH_ADMIN_EMAIL', config['MANDATORY']['SETTING_ZULIP_ADMINISTRATOR'])
+
+if config['SECRETS']['POSTGRES_PASSWORD'] == 'REPLACE_WITH_SECURE_POSTGRES_PASSWORD':
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_POSTGRES_PASSWORD', secrets.token_hex(32))
+else:
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_POSTGRES_PASSWORD', config['SECRETS']['POSTGRES_PASSWORD'])
+
+if config['SECRETS']['MEMCACHED_PASSWORD'] == 'REPLACE_WITH_SECURE_MEMCACHED_PASSWORD':
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_MEMCACHED_PASSWORD', secrets.token_hex(32))
+else:
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_MEMCACHED_PASSWORD', config['SECRETS']['MEMCACHED_PASSWORD'])
+
+if config['SECRETS']['RABBITMQ_DEFAULT_PASS'] == 'REPLACE_WITH_SECURE_RABBITMQ_PASSWORD':
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_RABBITMQ_PASSWORD', secrets.token_hex(32))
+else:
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_RABBITMQ_PASSWORD', config['SECRETS']['RABBITMQ_DEFAULT_PASS'])
+
+if config['SECRETS']['REDIS_PASSWORD'] == 'REPLACE_WITH_SECURE_REDIS_PASSWORD':
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_REDIS_PASSWORD', secrets.token_hex(32))
+else:
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_REDIS_PASSWORD', config['SECRETS']['REDIS_PASSWORD'])
+
+if config['SECRETS']['SECRETS_secret_key'] == 'REPLACE_WITH_SECURE_SECRET_KEY':
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_SECRET_KEY', ''.join(secrets.choice('abcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*(-_=+)') for i in range(50)))
+else:
+    modified_compose = modified_compose.replace('REPLACE_WITH_SECURE_SECRET_KEY', config['SECRETS']['SECRETS_secret_key'])
+
+open('docker-compose.yml', 'w').write(modified_compose)