mirror of
https://github.com/samply/bridgehead.git
synced 2026-05-14 02:20:27 +02:00
Martin Jurk
47b793668a
* sites moved to etc itcc.comf * mainzelliste test * volume * fix image * db name chaged * ingest component test * clean up * maizelliste env db * test server ip * beam sockets * teswt socket and task * secure db and ml * refactor and patient endpoints * partner id * new refactor and encription key generation * db deleted * keyset to var/
27 lines
902 B
Bash
27 lines
902 B
Bash
#!/bin/bash
|
|
|
|
if [ -n "$ENABLE_OMICS" ];then
|
|
OVERRIDE+=" -f ./$PROJECT/modules/itcc-omics-ingest.yaml"
|
|
GENERATE_API_KEY="$(generate_simple_password 'omics')"
|
|
PATIENTLIST_POSTGRES_PASSWORD=="$(generate_simple_password 'mainzelliste')"
|
|
KEYSET=/var/bridgehead/mainzelliste/keyset_siv.json
|
|
if [ ! -f "$KEYSET" ]; then
|
|
mkdir -p "$(dirname "$KEYSET")"
|
|
KEY_ID=$(($(openssl rand -hex 4 | sed 's/^/0x/') & 0x7FFFFFFF))
|
|
VALUE=$({ printf '\x12\x40'; openssl rand 64; } | base64 | tr -d '\n')
|
|
jq -n --argjson id "$KEY_ID" --arg value "$VALUE" '{
|
|
primaryKeyId: $id,
|
|
key: [{
|
|
keyData: {
|
|
typeUrl: "type.googleapis.com/google.crypto.tink.AesSivKey",
|
|
value: $value,
|
|
keyMaterialType: "SYMMETRIC"
|
|
},
|
|
status: "ENABLED",
|
|
keyId: $id,
|
|
outputPrefixType: "TINK"
|
|
}]
|
|
}' > "$KEYSET"
|
|
chmod 600 "$KEYSET"
|
|
fi
|
|
fi |