-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy pathgen-configs.sh
More file actions
executable file
·104 lines (85 loc) · 2.94 KB
/
gen-configs.sh
File metadata and controls
executable file
·104 lines (85 loc) · 2.94 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
#!/bin/bash
####### Script for generating docker secret files and configs.
####### If the docker is in swarm mode, it will also generate the docker swarm secrets.
#######
set -e
if ! [ -f ./.env ]
then
echo ".env file is missing"
exit 1
fi
set -a
. ./.env
set +a
# Function to generate a random secret in base64 format without padding and '+'
function generate_secret() {
local filename=$2
local var_name=$1
if [ -s "$filename" ]; then
export "$var_name"=$(<"$filename")
else
local secret=$(openssl rand -base64 16 | tr -d '=+/')
echo -n "$secret" > "$filename"
export "$var_name"="$secret"
fi
}
if [ "$1" == "clean" ]; then
# Create secrets from files
for SECRET_FILE in $(ls ./secrets)
do
SECRET_NAME="$(basename $SECRET_FILE)"
echo -n "Removing secret: ${PROJECT_NAME}_${SECRET_NAME}"
docker secret rm "${PROJECT_NAME}_${SECRET_NAME}" || true
done
# Create configs from files
for CONFIG_FILE in $(ls ./configs)
do
CONFIG_NAME=$(basename $CONFIG_FILE)
echo -n "Removing config: ${PROJECT_NAME}_${CONFIG_NAME}"
docker config rm "${PROJECT_NAME}_${CONFIG_NAME}" || true
done
set -x
rm -rf ./configs;
rm -rf ./secrets;
set +x;
exit 0
fi
## create dir if not present.
mkdir -p ./configs;
mkdir -p ./secrets;
# Generate random secrets
export POSTGRES_USER=postgres
export DBSYNC_DATABASE="${PROJECT_NAME}_dbsync"
# Save secrets to files
echo -n $POSTGRES_USER > ./secrets/postgres_user
echo -n "$DBSYNC_DATABASE" > ./secrets/dbsync_database
# generate or load the secret
generate_secret "POSTGRES_PASSWORD" "./secrets/postgres_password"
## loop over templates and update them.
for CONFIG_FILE in $(ls ./configs_template)
do
echo -n "Config ${PROJECT_NAME}_${CONFIG_FILE}: "
./scripts/envsubst.py < "./configs_template/$CONFIG_FILE" > "./configs/${CONFIG_FILE}"
done
for SECRET_FILE in $(ls ./secrets_template)
do
echo -n "Secret ${PROJECT_NAME}_${SECRET_FILE}: "
./scripts/envsubst.py < "./secrets_template/$SECRET_FILE" > "./secrets/${SECRET_FILE}"
done
################################################################################
################ Create secret/config for swarm ###############################
################################################################################
docker info | grep 'Swarm: active' > /dev/null 2>/dev/null || exit 0
# Create secrets from files
ls ./secrets | while IFS= read -r SECRET_FILE; do
SECRET_NAME=$(basename "$SECRET_FILE")
echo -n "Secret: ${PROJECT_NAME}_${SECRET_NAME}: "
cat "./secrets/$SECRET_NAME" | (docker secret create "${PROJECT_NAME}_${SECRET_NAME}" -) || true
done
# Create configs from files
for CONFIG_FILE in $(ls ./configs)
do
CONFIG_NAME=$(basename $CONFIG_FILE)
echo -n "Config: ${PROJECT_NAME}_${CONFIG_NAME}: "
cat "./configs/$CONFIG_NAME" | (docker config create "${PROJECT_NAME}_${CONFIG_NAME}" -) || true
done