samply
/
bridgehead
mirror of https://github.com/samply/bridgehead.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: Moved LDM Password to /etc/bridgehead

This commit is contained in:
Torben Brenner 2022-10-26 10:48:55 +02:00 committed by p.delpy@dkfz-heidelberg.de
parent ee3ea2b514
commit ce386f5a2a
2 changed files with 11 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
ccp/docker-compose.yml
View File

@ -21,7 +21,7 @@ services:
- "traefik.http.routers.dashboard.service=api@internal" - "traefik.http.routers.dashboard.service=api@internal"
- "traefik.http.routers.dashboard.tls=true" - "traefik.http.routers.dashboard.tls=true"
- "traefik.http.routers.dashboard.middlewares=auth" - "traefik.http.routers.dashboard.middlewares=auth"
- "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}" - "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}"
ports: ports:
- 80:80 - 80:80
- 443:443 - 443:443
@ -65,7 +65,7 @@ services:
- "blaze-data:/app/data" - "blaze-data:/app/data"
labels: labels:
- "traefik.enable=true" - "traefik.enable=true"
- "traefik.http.middlewares.ccp-auth.basicauth.users=${bc_auth_users}" - "traefik.http.middlewares.ccp-auth.basicauth.users=${LDM_LOGIN}"
- "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)" - "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)"
- "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement" - "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement"
- "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080" - "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080"

13
lib/setup-bridgehead-units.sh
View File

@ -33,18 +33,17 @@ Cmnd_Alias BRIDGEHEAD${PROJECT^^} = \\
bridgehead ALL= NOPASSWD: BRIDGEHEAD${PROJECT^^} bridgehead ALL= NOPASSWD: BRIDGEHEAD${PROJECT^^}
EOF EOF
# TODO: Determine wether this should be located in setup-bridgehead (triggered through bridgehead install) or in update bridgehead (triggered every hour)
if [ -z "$LDM_LOGIN" ]; then
log "INFO" "Now generating a password for the local datamangement. Please safe the password for your ETL process!" log "INFO" "Now generating a password for the local datamangement. Please safe the password for your ETL process!"
generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)"
log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd" log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd"
parsed_passwd=$(docker run --rm -it httpd:latest htpasswd -nb $PROJECT $generated_passwd) parsed_passwd=$(docker run --rm -it httpd:latest htpasswd -nb $PROJECT $generated_passwd | tr -d '\n')
mkdir /etc/systemd/system/bridgehead@${PROJECT}.service.d
cat <<EOF > /etc/systemd/system/bridgehead@${PROJECT}.service.d/environment.conf
[Service]
Environment=bc_auth_users=${parsed_passwd}
EOF
log "INFO" "These credentials are now written to /etc/bridgehead/${PROJECT}.local.conf"
echo "LDM_LOGIN='${parsed_passwd}'" >> /etc/bridgehead/${PROJECT}.local.conf;
fi
log "INFO" "Register system units for bridgehead and bridgehead-update" log "INFO" "Register system units for bridgehead and bridgehead-update"
cp -v \ cp -v \