From ce386f5a2a156f41ea371d3e5262ea601c717b15 Mon Sep 17 00:00:00 2001 From: Torben Brenner Date: Wed, 26 Oct 2022 10:48:55 +0200 Subject: [PATCH] fix: Moved LDM Password to /etc/bridgehead --- ccp/docker-compose.yml | 4 ++-- lib/setup-bridgehead-units.sh | 19 +++++++++---------- 2 files changed, 11 insertions(+), 12 deletions(-) diff --git a/ccp/docker-compose.yml b/ccp/docker-compose.yml index 3074f31..dfc7d34 100644 --- a/ccp/docker-compose.yml +++ b/ccp/docker-compose.yml @@ -21,7 +21,7 @@ services: - "traefik.http.routers.dashboard.service=api@internal" - "traefik.http.routers.dashboard.tls=true" - "traefik.http.routers.dashboard.middlewares=auth" - - "traefik.http.middlewares.auth.basicauth.users=${bc_auth_users}" + - "traefik.http.middlewares.auth.basicauth.users=${LDM_LOGIN}" ports: - 80:80 - 443:443 @@ -65,7 +65,7 @@ services: - "blaze-data:/app/data" labels: - "traefik.enable=true" - - "traefik.http.middlewares.ccp-auth.basicauth.users=${bc_auth_users}" + - "traefik.http.middlewares.ccp-auth.basicauth.users=${LDM_LOGIN}" - "traefik.http.routers.blaze_ccp.rule=PathPrefix(`/ccp-localdatamanagement`)" - "traefik.http.middlewares.ccp_b_strip.stripprefix.prefixes=/ccp-localdatamanagement" - "traefik.http.services.blaze_ccp.loadbalancer.server.port=8080" diff --git a/lib/setup-bridgehead-units.sh b/lib/setup-bridgehead-units.sh index f99bab0..7518f3a 100755 --- a/lib/setup-bridgehead-units.sh +++ b/lib/setup-bridgehead-units.sh @@ -33,18 +33,17 @@ Cmnd_Alias BRIDGEHEAD${PROJECT^^} = \\ bridgehead ALL= NOPASSWD: BRIDGEHEAD${PROJECT^^} EOF -log "INFO" "Now generating a password for the local datamangement. Please safe the password for your ETL process!" -generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" +# TODO: Determine wether this should be located in setup-bridgehead (triggered through bridgehead install) or in update bridgehead (triggered every hour) +if [ -z "$LDM_LOGIN" ]; then + log "INFO" "Now generating a password for the local datamangement. Please safe the password for your ETL process!" + generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 20)" -log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd" -parsed_passwd=$(docker run --rm -it httpd:latest htpasswd -nb $PROJECT $generated_passwd) - -mkdir /etc/systemd/system/bridgehead@${PROJECT}.service.d -cat < /etc/systemd/system/bridgehead@${PROJECT}.service.d/environment.conf -[Service] -Environment=bc_auth_users=${parsed_passwd} -EOF + log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd" + parsed_passwd=$(docker run --rm -it httpd:latest htpasswd -nb $PROJECT $generated_passwd | tr -d '\n') + log "INFO" "These credentials are now written to /etc/bridgehead/${PROJECT}.local.conf" + echo "LDM_LOGIN='${parsed_passwd}'" >> /etc/bridgehead/${PROJECT}.local.conf; +fi log "INFO" "Register system units for bridgehead and bridgehead-update" cp -v \