#!/bin/bash # support special char [!"`$%()[]{},.*+-:;<=>?_~/|] new_password=$(pwgen -ncCs 14 1)! sudo sleep 10s sudo sh -c 'echo "init-password started at" $(date -d now) 1>> /tmp/init_debug.txt' #1 database password init {% if init_db %} {% for db_names,dbs in init_db.items() %} {% if db_names == 'mysql' or db_names == 'mariadb' %} sudo sh -c 'echo "init mysql&mariadb started at" $(date -d now) 1>> /tmp/init_debug.txt' mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h ::1 password $new_password mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h 127.0.0.1 password $new_password mysqladmin -u{{dbs.admin}} -p{{dbs.password }} -h localhost password $new_password {% if dbs.users is defined and dbs.users is not none %} {% for dbs_app_user in dbs.users %} {% if mysql_version == '8.0' %} echo " SET PASSWORD FOR {{dbs_app_user}} = '$new_password'; " |mysql -uroot -p$new_password -h 127.0.0.1 echo " SET PASSWORD FOR {{dbs_app_user}}@localhost = '$new_password'; " |mysql -uroot -p$new_password -h 127.0.0.1 {% else %} echo " SET PASSWORD FOR {{dbs_app_user}} = PASSWORD('$new_password'); " |mysql -uroot -p$new_password -h 127.0.0.1 echo " SET PASSWORD FOR {{dbs_app_user}}@localhost = PASSWORD('$new_password'); " |mysql -uroot -p$new_password -h 127.0.0.1 {% endif %} {% endfor %} {% endif %} sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt {% endif %} {% if db_names == 'mongodb' %} sudo sh -c 'echo "init mongodb started at" $(date -d now) 1>> /tmp/init_debug.txt' echo " use admin db.changeUserPassword('{{dbs.admin}}', '${new_password}') exit " | mongo admin -u {{dbs.admin}} -p {{dbs.password}} {% if dbs.users is defined and dbs.users is not none %} {% for dbs_app_user in dbs.users %} echo " use admin db.changeUserPassword('{{dbs_app_user}}', '${new_password}') exit " | mongo admin -u {{dbs_app_user}} -p {{dbs.password}} {% endfor %} {% endif %} sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt {% endif %} {% if db_names == 'rethinkdb' %} sudo sh -c 'echo "init rethinkdb started at" $(date -d now) 1>> /tmp/init_debug.txt' sudo sh -c 'echo "{{dbs.password}}" > /tmp/pw' echo "r.db('rethinkdb').table('users').get('{{dbs.admin}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw {% if dbs.users is defined and dbs.users is not none %} {% for dbs_app_user in dbs.users %} echo "r.db('rethinkdb').table('users').get('{{dbs_app_user}}').update({'password': '$new_password'}).run()" | rethinkdb-repl --password-file /tmp/pw {% endfor %} {% endif %} sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt sudo rm -f /tmp/pw {% endif %} {% if db_names == 'postgresql' %} sudo sh -c 'echo "init postgresql started at" $(date -d now) 1>> /tmp/init_debug.txt' echo " ALTER USER {{dbs.admin}} WITH PASSWORD '${new_password}'; " | sudo -u {{dbs.admin}} psql {% if dbs.users is defined and dbs.users is not none %} {% for dbs_app_user in dbs.users %} echo " ALTER USER {{dbs_app_user}} WITH PASSWORD '${new_password}'; " | sudo -u {{dbs.admin}} psql {% endfor %} {% endif %} sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt {% endif %} {% if db_names == 'neo4j' %} sudo sh -c 'echo "init neo4j started at" $(date -d now) 1>> /tmp/init_debug.txt' # wait neo4j service started sleep 60 while [ $? -eq 0 ] do {% if neo4j_version <= '3.5' %} echo " CALL dbms.changePassword('${new_password}'); " | cypher-shell -u {{dbs.admin}} -p {{dbs.password}} {% else %} echo " ALTER CURRENT USER SET PASSWORD FROM '{{dbs.password}}' TO '${new_password}'; " | cypher-shell -u {{dbs.admin}} -p {{dbs.password}} -d system {% endif %} echo ":exit" |cypher-shell -u neo4j -p neo4j -d system done sudo sed -i "s/neo4j administrator password:{{dbs.password}}/neo4j administrator password:$new_password/g" /credentials/password.txt {% endif %} {% if db_names == 'redis' %} sudo sed -i "s/{{dbs.password}}/$new_password/g" /credentials/password.txt {% endif %} {% if dbs.config_paths is defined and dbs.config_paths is not none %} {% for path in dbs.config_paths %} sudo sed -i "s/{{dbs.password}}/$new_password/g" {{path}} {% endfor %} {% endif %} {% if dbs.commands is defined and dbs.commands is not none %} {% for cmd in dbs.commands %} {{cmd}} {% endfor %} {% endif %} {% endfor %} {% endif %} #2 application password init {% if init_application %} sudo sh -c 'echo "init application started at" $(date -d now) 1>> /tmp/init_debug.txt' {% for app_name,app_attr in init_application.items() %} {% if app_attr.config_paths is defined and app_attr.config_paths is not none %} {% for path in app_attr.config_paths %} sudo sed -i "s/{{app_attr.password}}/$new_password/g" {{path}} {% endfor %} {% endif %} {% if app_attr.commands is defined and app_attr.commands is not none %} {% for cmd in app_attr.commands %} {{cmd}} {% endfor %} {% endif %} sudo sed -i "s/{{ app_name }} administrator Password:.*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt {% endfor %} sudo sh -c 'echo "init application ended at" $(date -d now) 1>> /tmp/init_debug.txt' {% endif %} #3 docker password init {% if init_docker %} sudo sh -c 'echo "init docker started at" $(date -d now) 1>> /tmp/init_debug.txt' sudo systemctl restart docker {% for app_name,app_attr in init_docker.items() %} {% if app_attr.admin_password is defined and app_attr.admin_password is not none %} sudo sed -i "s/{{ app_name }} administrator Password: .*/{{ app_name }} administrator Password: $new_password/g" /credentials/password.txt {% endif %} {% if app_attr.db_password is defined and app_attr.db_password is not none %} sudo sed -i "s/database password:.*/database password:$new_password/g" /credentials/password.txt {% endif %} {% if app_attr.compose_path is defined and app_attr.compose_path is not none %} {% if app_attr.compose_down is not defined or app_attr.compose_down == True %} sudo docker compose -f {{app_attr.compose_path}} down -v sudo sleep 20s {% endif %} {% if app_attr.volumes is defined and app_attr.volumes is not none %} {% for volume in app_attr.volumes %} sudo rm -rf {{volume}} {% endfor %} {% endif %} {% if app_attr.compose_commands is defined and app_attr.compose_commands is not none %} {% for cmd in app_attr.compose_commands %} {{cmd}} {% endfor %} {% endif %} sudo docker compose -f {{app_attr.compose_path}} up -d --no-recreate sudo sleep 20s {% endif %} {% if app_attr.commands is defined and app_attr.commands is not none %} {% for cmd in app_attr.commands %} {{cmd}} {% endfor %} {% endif %} {% endfor %} sudo sh -c 'echo "init docker ended at" $(date -d now) 1>> /tmp/init_debug.txt' {% endif %}