From 2cfee0176a5dd39f2fc7907324c5d9c54446c48e Mon Sep 17 00:00:00 2001
From: Martin Lablans <6804500+lablans@users.noreply.github.com>
Date: Fri, 4 Aug 2023 16:19:06 +0200
Subject: [PATCH] Generate DATASHIELD_CONNECT_SECRET automatically

---
 ccp/modules/datashield-setup.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ccp/modules/datashield-setup.sh b/ccp/modules/datashield-setup.sh
index 3ed0926..f5731af 100644
--- a/ccp/modules/datashield-setup.sh
+++ b/ccp/modules/datashield-setup.sh
@@ -4,6 +4,7 @@ if [ "$ENABLE_DATASHIELD" == true ]; then
   log INFO "DataSHIELD setup detected -- will start DataSHIELD services."
   OVERRIDE+=" -f ./$PROJECT/modules/datashield-compose.yml"
   OPAL_DB_PASSWORD="$(echo \"This is a salt string to generate one consistent password for Opal. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
+  DATASHIELD_CONNECT_SECRET="$(echo \"This is a salt string to generate one consistent password as the DataShield Connect secret. It is not required to be secret.\" | openssl rsautl -sign -inkey /etc/bridgehead/pki/${SITE_ID}.priv.pem | base64 | head -c 30)"
   if [ ! -e "/etc/bridgehead/trusted-ca-certs/opal-cert.pem" ]; then
     openssl req -x509 -newkey rsa:4096 -nodes -keyout /etc/bridgehead/trusted-ca-certs/opal-key.pem -out /etc/bridgehead/trusted-ca-certs/opal-cert.pem -days 3650 -subj "/CN=${HOST:-opal}/C=DE"
     chmod g+r /etc/bridgehead/trusted-ca-certs/opal-key.pem