Página inicial Explorar Ajuda
Registrar Entrar
ANALYTIKDATA
/
automated-office
4
0
Fork 0
Arquivos Issues 0 Pull Requests 0 Wiki
Tree: 40ee243a42
Branches Tags
automated-offic...
/
docs
/
context
/
scripts
/
setup_environment.sh

setup_environment.sh 4.5 KB
Histórico Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146 
  1. #!/bin/bash
    2. 

  2. set -e
    3. 

  3. 

  4. # Ensure we're in the project root directory
    5. 

  5. PROJECT_ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)"
    6. 

  6. cd "${PROJECT_ROOT}"
    7. 

  7. 

  8. # Define directories relative to project root
    9. 

  9. CREDENTIALS_DIR="config/credentials"
    10. 

  10. DOCKER_DIR="docker"
    11. 

  11. KEYCLOAK_SCRIPTS_DIR="scripts/setup/keycloak"
    12. 

  12. ANSIBLE_PLAYBOOK="ansible/site.yml"
    13. 

  13. ANSIBLE_INVENTORY="ansible/inventory/staging/hosts"
    14. 

  14. 

  15. # Create necessary directories
    16. 

  16. mkdir -p "${CREDENTIALS_DIR}"
    17. 

  17. mkdir -p "${DOCKER_DIR}"
    18. 

  18. mkdir -p "${KEYCLOAK_SCRIPTS_DIR}"
    19. 

  19. 

  20. # Function to generate secure passwords
    21. 

  21. generate_password() {
    22. 

  22.     openssl rand -base64 24 | tr -dc 'a-zA-Z0-9' | head -c 24
    23. 

  23. }
    24. 

  24. 

  25. # Date for documentation
    26. 

  26. SETUP_DATE=$(date '+%Y-%m-%d_%H-%M-%S')
    27. 

  27. 

  28. # Generate passwords
    29. 

  29. KEYCLOAK_ADMIN_PASSWORD=$(generate_password)
    30. 

  30. KC_DB_PASSWORD=$(generate_password)
    31. 

  31. TESTADMIN_PASSWORD=$(generate_password)
    32. 

  32. TESTUSER_PASSWORD=$(generate_password)
    33. 

  33. NEXTCLOUD_DB_ROOT_PASSWORD=$(generate_password)
    34. 

  34. NEXTCLOUD_DB_USER=$(generate_password)
    35. 

  35. NEXTCLOUD_DB_PASSWORD=$(generate_password)
    36. 

  36. NEXTCLOUD_ADMIN_USER=$(generate_password)
    37. 

  37. NEXTCLOUD_ADMIN_PASSWORD=$(generate_password)
    38. 

  38. KEYCLOAK_NEXTCLOUD_CLIENT_SECRET=$(generate_password)
    39. 

  39. 

  40. # Create .env file in docker directory
    41. 

  41. cat > "${DOCKER_DIR}/.env" << EOL
    42. 

  42. # Generated on ${SETUP_DATE}
    43. 

  43. # Keycloak Admin
    44. 

  44. KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
    45. 

  45. 

  46. # Keycloak Database
    47. 

  47. KC_DB_USERNAME=keycloak
    48. 

  48. KC_DB_PASSWORD=${KC_DB_PASSWORD}
    49. 

  49. 

  50. # Nextcloud Database
    51. 

  51. NEXTCLOUD_DB_ROOT_PASSWORD=${NEXTCLOUD_DB_ROOT_PASSWORD}
    52. 

  52. NEXTCLOUD_DB_USER=${NEXTCLOUD_DB_USER}
    53. 

  53. NEXTCLOUD_DB_PASSWORD=${NEXTCLOUD_DB_PASSWORD}
    54. 

  54. NEXTCLOUD_ADMIN_USER=${NEXTCLOUD_ADMIN_USER}
    55. 

  55. NEXTCLOUD_ADMIN_PASSWORD=${NEXTCLOUD_ADMIN_PASSWORD}
    56. 

  56. EOL
    57. 

  57. 

  58. # Create .env file for keycloak setup script
    59. 

  59. cat > "${KEYCLOAK_SCRIPTS_DIR}/.env" << EOL
    60. 

  60. # Generated on ${SETUP_DATE}
    61. 

  61. KEYCLOAK_URL=https://auth.mrx8086.com
    62. 

  62. KEYCLOAK_ADMIN_USER=admin
    63. 

  63. KEYCLOAK_ADMIN_PASSWORD=${KEYCLOAK_ADMIN_PASSWORD}
    64. 

  64. NEXTCLOUD_CLIENT_ID=nextcloud
    65. 

  65. PAPERLESS_CLIENT_ID=paperless
    66. 

  66. NODERED_CLIENT_ID=nodered
    67. 

  67. TESTADMIN_PASSWORD=${TESTADMIN_PASSWORD}
    68. 

  68. TESTUSER_PASSWORD=${TESTUSER_PASSWORD}
    69. 

  69. KEYCLOAK_NEXTCLOUD_CLIENT_SECRET=${KEYCLOAK_NEXTCLOUD_CLIENT_SECRET}
    70. 

  70. EOL
    71. 

  71. 

  72. # Create encrypted credentials documentation
    73. 

  73. cat > "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt" << EOL
    74. 

  74. Setup Date: ${SETUP_DATE}
    75. 

  75. 

  76. Keycloak Admin Credentials:
    77. 

  77. Username: admin
    78. 

  78. Password: ${KEYCLOAK_ADMIN_PASSWORD}
    79. 

  79. 

  80. Keycloak Database Credentials:
    81. 

  81. Username: keycloak
    82. 

  82. Password: ${KC_DB_PASSWORD}
    83. 

  83. 

  84. Test Admin Credentials:
    85. 

  85. Password: ${TESTADMIN_PASSWORD}
    86. 

  86. 

  87. Test User Credentials:
    88. 

  88. Password: ${TESTUSER_PASSWORD}
    89. 

  89. 

  90. Nextcloud Database Credentials:
    91. 

  91. Root Password: ${NEXTCLOUD_DB_ROOT_PASSWORD}
    92. 

  92. User: ${NEXTCLOUD_DB_USER}
    93. 

  93. Password: ${NEXTCLOUD_DB_PASSWORD}
    94. 

  94. 

  95. Nextcloud Admin Credentials:
    96. 

  96. Username: ${NEXTCLOUD_ADMIN_USER}
    97. 

  97. Password: ${NEXTCLOUD_ADMIN_PASSWORD}
    98. 

  98. EOL
    99. 

  99. 

  100. # Encrypt credentials file
    101. 

  101. gpg --symmetric --cipher-algo AES256 "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"
    102. 

  102. rm "${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt"
    103. 

  103. 

  104. echo "Environment setup completed!"
    105. 

  105. echo "Credentials have been saved and encrypted in: ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"
    106. 

  106. echo ".env file for docker-compose has been created in: ${DOCKER_DIR}/.env"
    107. 

  107. echo ".env file for setup_realm.js has been created in: ${KEYCLOAK_SCRIPTS_DIR}/.env"
    108. 

  108. echo ""
    109. 

  109. echo "To view credentials, use:"
    110. 

  110. echo "gpg -d ${CREDENTIALS_DIR}/credentials_${SETUP_DATE}.txt.gpg"
    111. 

  111. 

  112. echo ">>> Nextcloud Konfiguration..."
    113. 

  113. 

  114. # Verify if variable is set from earlier in the script
    115. 

  115. echo ">>> Debug: Checking original variable..."
    116. 

  116. echo ">>> Debug: KEYCLOAK_NEXTCLOUD_CLIENT_SECRET = ${KEYCLOAK_NEXTCLOUD_CLIENT_SECRET}"
    117. 

  117. 

  118. # Try reading from .env file if variable is empty
    119. 

  119. if [ -z "${KEYCLOAK_NEXTCLOUD_CLIENT_SECRET}" ]; then
    120. 

  120.     echo ">>> Debug: Variable is empty, trying to read from .env file..."
    121. 

  121.     KEYCLOAK_NEXTCLOUD_CLIENT_SECRET=$(grep KEYCLOAK_NEXTCLOUD_CLIENT_SECRET "${KEYCLOAK_SCRIPTS_DIR}/.env" | cut -d '=' -f2)
    122. 

  122.     echo ">>> Debug: Value from .env file = ${KEYCLOAK_NEXTCLOUD_CLIENT_SECRET}"
    123. 

  123. fi
    124. 

  124. 

  125. # Ensure we have a value
    126. 

  126. if [ -z "${KEYCLOAK_NEXTCLOUD_CLIENT_SECRET}" ]; then
    127. 

  127.     echo ">>> Error: Could not get client secret value"
    128. 

  128.     exit 1
    129. 

  129. fi
    130. 

  130. 

  131. # Escape special characters in the secret for JSON
    132. 

  132. ESCAPED_SECRET=$(echo "$KEYCLOAK_NEXTCLOUD_CLIENT_SECRET" | sed 's/["\]/\\&/g')
    133. 

  133. echo ">>> Debug: Escaped secret = $ESCAPED_SECRET"
    134. 

  134. 

  135. # Create the extra vars
    136. 

  136. EXTRA_VARS="{\"client_secret\": \"$ESCAPED_SECRET\"}"
    137. 

  137. echo ">>> Debug: Extra vars = $EXTRA_VARS"
    138. 

  138. 

  139. # Run Ansible with the extra vars
    140. 

  140. sudo ansible-playbook \
    141. 

  141.     -i "$ANSIBLE_INVENTORY" \
    142. 

  142.     "$ANSIBLE_PLAYBOOK" \
    143. 

  143.     --extra-vars "$EXTRA_VARS" \
    144. 

  144.     -v
    145. 

  145. 

  146. echo ">>> Fertig"
    147.