github_mirrors/websoft9
1
0
Fork 0
mirror of https://github.com/Websoft9/websoft9.git synced 2025-01-25 02:38:42 +08:00
Code Issues Packages Projects Releases Wiki Activity
42efce6479
websoft9/apps/roles/role_init/templates/init.sh.jinja2

200 lines
6.6 KiB
Plaintext
Raw Normal View History

create common roles
2022-07-11 14:03:55 +08:00
#!/bin/bash
# support special char [!"`$%()[]{},.*+-:;<=>?_~/|]
new_password=$(pwgen -ncCs 14 1)!
sudo sleep 10s
sudo sh -c 'echo "init-password started at" $(date -d now) 1>> /tmp/init_debug.txt'
#1 database password init
{% if init_db %}
{% for db_names,dbs in init_db.items() %}
{% if db_names == 'mysql' or db_names == 'mariadb' %}
sudo sh -c 'echo "init mysql&mariadb started at" $(date -d now) 1>> /tmp/init_debug.txt'
mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h ::1 password $new_password
mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h 127.0.0.1 password $new_password
mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h localhost password $new_password
{% if dbs.users is defined and dbs.users is not none %}
{% for dbs_app_user in dbs.users %}
{% if mysql_version == '8.0' %}
echo "
SET PASSWORD FOR {{dbs_app_user}} = '$new_password';
" |mysql -uroot -p$new_password -h 127.0.0.1
echo "
SET PASSWORD FOR {{dbs_app_user}}@localhost = '$new_password';
" |mysql -uroot -p$new_password -h 127.0.0.1
{% else %}
echo "
SET PASSWORD FOR {{dbs_app_user}} = PASSWORD('$new_password');
" |mysql -uroot -p$new_password -h 127.0.0.1
echo "
SET PASSWORD FOR {{dbs_app_user}}@localhost = PASSWORD('$new_password');
" |mysql -uroot -p$new_password -h 127.0.0.1
{% endif %}
{% endfor %}
{% endif %}
sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
{% endif %}
{% if db_names == 'mongodb' %}
sudo sh -c 'echo "init mongodb started at" $(date -d now) 1>> /tmp/init_debug.txt'
echo "
use admin
db.changeUserPassword('{{dbs.admin}}', '${new_password}')
exit
" | mongo admin -u {{dbs.admin}} -p {{dbs.password}}
{% if dbs.users is defined and dbs.users is not none %}
{% for dbs_app_user in dbs.users %}
echo "
use admin
db.changeUserPassword('{{dbs_app_user}}', '${new_password}')
exit
" | mongo admin -u {{dbs_app_user}} -p {{dbs.password}}
{% endfor %}
{% endif %}
sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
{% endif %}
{% if db_names == 'rethinkdb' %}
sudo sh -c 'echo "init rethinkdb started at" $(date -d now) 1>> /tmp/init_debug.txt'
sudo sh -c 'echo "{{dbs.password}}" > /tmp/pw'
echo "r.db('rethinkdb').table('users').get('{{dbs.admin}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw
{% if dbs.users is defined and dbs.users is not none %}
{% for dbs_app_user in dbs.users %}
echo "r.db('rethinkdb').table('users').get('{{dbs_app_user}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw
{% endfor %}
{% endif %}
sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
sudo rm -f /tmp/pw
{% endif %}
{% if db_names == 'postgresql' %}
sudo sh -c 'echo "init postgresql started at" $(date -d now) 1>> /tmp/init_debug.txt'
echo "
ALTER USER {{dbs.admin}} WITH PASSWORD '${new_password}';
" | sudo -u {{dbs.admin}} psql
{% if dbs.users is defined and dbs.users is not none %}
{% for dbs_app_user in dbs.users %}
echo "
ALTER USER {{dbs_app_user}} WITH PASSWORD '${new_password}';
" | sudo -u {{dbs.admin}} psql
{% endfor %}
{% endif %}
sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
{% endif %}
{% if db_names == 'neo4j' %}
sudo sh -c 'echo "init neo4j started at" $(date -d now) 1>> /tmp/init_debug.txt'
# wait neo4j service started
sleep 60
while [ $? -eq 0 ]
do
{% if neo4j_version <= '3.5' %}
echo "
CALL dbms.changePassword('${new_password}');
" | cypher-shell -u {{dbs.admin}} -p {{dbs.password}}
{% else %}
echo "
ALTER CURRENT USER SET PASSWORD FROM '{{dbs.password}}' TO '${new_password}';
" | cypher-shell -u {{dbs.admin}} -p {{dbs.password}} -d system
{% endif %}
echo ":exit" |cypher-shell -u neo4j -p neo4j -d system
done
sudo sed -i "s/neo4j administrator password:{{dbs.password}}/neo4j administrator password:$new_password/g" /credentials/password.txt
{% endif %}
{% if db_names == 'redis' %}
sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt
{% endif %}
{% if dbs.config_paths is defined and dbs.config_paths is not none %}
{% for path in dbs.config_paths %}
sudo sed -i "s/{{dbs.password}}/$new_password/g" {{path}}
{% endfor %}
{% endif %}
{% if dbs.commands is defined and dbs.commands is not none %}
{% for cmd in dbs.commands %}
{{cmd}}
{% endfor %}
{% endif %}
{% endfor %}
{% endif %}
#2 application password init
{% if init_application %}
sudo sh -c 'echo "init application started at" $(date -d now) 1>> /tmp/init_debug.txt'
{% for app_name,app_attr in init_application.items() %}
{% if app_attr.config_paths is defined and app_attr.config_paths is not none %}
{% for path in app_attr.config_paths %}
sudo sed -i "s/{{app_attr.password}}/$new_password/g" {{path}}
{% endfor %}
{% endif %}
{% if app_attr.commands is defined and app_attr.commands is not none %}
{% for cmd in app_attr.commands %}
{{cmd}}
{% endfor %}
{% endif %}
sudo sed -i "s/{{ app_name }} administrator Password:.*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt
{% endfor %}
sudo sh -c 'echo "init application ended at" $(date -d now) 1>> /tmp/init_debug.txt'
{% endif %}
#3 docker password init
{% if init_docker %}
sudo sh -c 'echo "init docker started at" $(date -d now) 1>> /tmp/init_debug.txt'
sudo systemctl restart docker
{% for app_name,app_attr in init_docker.items() %}
{% if app_attr.admin_password is defined and app_attr.admin_password is not none %}
sudo sed -i "s/{{ app_name }} administrator Password: .*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt
{% endif %}
{% if app_attr.db_password is defined and app_attr.db_password is not none %}
sudo sed -i "s/database password:.*/database password:$new_password/g" /credentials/password.txt
{% endif %}
{% if app_attr.compose_path is defined and app_attr.compose_path is not none %}
{% if app_attr.compose_down is not defined or app_attr.compose_down == True %}
sudo docker compose -f {{app_attr.compose_path}} down -v
sudo sleep 20s
{% endif %}
{% if app_attr.volumes is defined and app_attr.volumes is not none %}
{% for volume in app_attr.volumes %}
sudo rm -rf {{volume}}
{% endfor %}
{% endif %}
{% if app_attr.compose_commands is defined and app_attr.compose_commands is not none %}
{% for cmd in app_attr.compose_commands %}
{{cmd}}
{% endfor %}
{% endif %}
sudo docker compose -f {{app_attr.compose_path}} up -d --no-recreate
sudo sleep 20s
{% endif %}
{% if app_attr.commands is defined and app_attr.commands is not none %}
{% for cmd in app_attr.commands %}
{{cmd}}
{% endfor %}
{% endif %}
{% endfor %}
sudo sh -c 'echo "init docker ended at" $(date -d now) 1>> /tmp/init_debug.txt'
{% endif %}
Reference in New Issue Copy Permalink