From 4fd96795cd494e1bc0e601767382f63a57bf0ba9 Mon Sep 17 00:00:00 2001 From: janskiba Date: Fri, 22 Dec 2023 10:54:13 +0000 Subject: [PATCH] fix: Use strong pw for opal --- ccp/modules/datashield-setup.sh | 4 ++-- lib/functions.sh | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ccp/modules/datashield-setup.sh b/ccp/modules/datashield-setup.sh index 604fcc8..c600657 100644 --- a/ccp/modules/datashield-setup.sh +++ b/ccp/modules/datashield-setup.sh @@ -3,8 +3,8 @@ if [ "$ENABLE_DATASHIELD" == true ]; then log INFO "DataSHIELD setup detected -- will start DataSHIELD services." OVERRIDE+=" -f ./$PROJECT/modules/datashield-compose.yml" - EXPORTER_OPAL_PASSWORD="$(generate_simple_password \"exporter in Opal\")" - TOKEN_MANAGER_OPAL_PASSWORD="$(generate_simple_password \"Token Manager in Opal\")" + EXPORTER_OPAL_PASSWORD="$(generate_password \"exporter in Opal\")" + TOKEN_MANAGER_OPAL_PASSWORD="$(generate_password \"Token Manager in Opal\")" OPAL_DB_PASSWORD="$(echo \"Opal DB\" | generate_simple_password)" OPAL_ADMIN_PASSWORD="$(generate_password \"admin password for Opal\")" RSTUDIO_ADMIN_PASSWORD="$(generate_password \"admin password for R-Studio\")" diff --git a/lib/functions.sh b/lib/functions.sh index b89de60..c098cf4 100644 --- a/lib/functions.sh +++ b/lib/functions.sh @@ -334,7 +334,7 @@ generate_password(){ local random_special=${special:$n:1} local combined_text="This is a salt string to generate one consistent password for ${seed_text}. It is not required to be secret." - local main_password=$(echo "${combined_text}" | openssl rsautl -sign -inkey "/etc/bridgehead/pki/${SITE_ID}.priv.pem" 2> /dev/null | base64 | head -c 26) + local main_password=$(echo "${combined_text}" | openssl rsautl -sign -inkey "/etc/bridgehead/pki/${SITE_ID}.priv.pem" 2> /dev/null | base64 | head -c 26 | sed 's/\//A/g') echo "${main_password}${random_digit}${random_upper}${random_lower}${random_special}" }