Fix pw generation again...

This commit is contained in:
Daniel Frank 2022-01-23 20:53:13 +01:00
parent 8638be01ac
commit 4b7bf5d4d0
Signed by: tokudan
GPG key ID: 063CCCAD04182D32
2 changed files with 8 additions and 8 deletions

View file

@ -38,12 +38,12 @@
exec 3>&1 >&2 exec 3>&1 >&2
mkdir -p /var/lib/grafana mkdir -p /var/lib/grafana
if [ ! -s /var/lib/grafana/admin.pw ]; then if [ ! -s /var/lib/grafana/admin.pw ]; then
tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32 > /var/lib/grafana/admin.pw ( tr -dc _A-Z-a-z-0-9 </dev/urandom || : ) | head -c32 > /var/lib/grafana/admin.pw
chmod 400 /var/lib/grafana/admin.pw chmod 400 /var/lib/grafana/admin.pw
chown grafana:grafana /var/lib/grafana/admin.pw chown grafana:grafana /var/lib/grafana/admin.pw
fi fi
if [ ! -s /var/lib/grafana/security.key ]; then if [ ! -s /var/lib/grafana/security.key ]; then
tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32 > /var/lib/grafana/security.key ( tr -dc _A-Z-a-z-0-9 </dev/urandom || : ) | head -c32 > /var/lib/grafana/security.key
chmod 400 /var/lib/grafana/security.key chmod 400 /var/lib/grafana/security.key
chown grafana:grafana /var/lib/grafana/security.key chown grafana:grafana /var/lib/grafana/security.key
fi fi

View file

@ -49,24 +49,24 @@
set -euo pipefail set -euo pipefail
if [ ! -s /var/lib/influxdb/admin.pw ]; then if [ ! -s /var/lib/influxdb/admin.pw ]; then
INIT=1 INIT=1
tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32 > /var/lib/influxdb/admin.pw ( tr -dc _A-Z-a-z-0-9 </dev/urandom || : ) | head -c32 > /var/lib/influxdb/admin.pw
chmod 400 /var/lib/influxdb/admin.pw chmod 400 /var/lib/influxdb/admin.pw
fi fi
if [ ! -s /var/lib/influxdb/knotendaten.pw ]; then if [ ! -s /var/lib/influxdb/knotendaten.pw ]; then
tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32 > /var/lib/influxdb/knotendaten.pw ( tr -dc _A-Z-a-z-0-9 </dev/urandom || : ) | head -c32 > /var/lib/influxdb/knotendaten.pw
chmod 400 /var/lib/influxdb/knotendaten.pw chmod 400 /var/lib/influxdb/knotendaten.pw
fi fi
if [ ! -s /var/lib/influxdb/grafana.pw ]; then if [ ! -s /var/lib/influxdb/grafana.pw ]; then
tr -dc _A-Z-a-z-0-9 </dev/urandom | head -c32 > /var/lib/influxdb/grafana.pw ( tr -dc _A-Z-a-z-0-9 </dev/urandom || : ) | head -c32 > /var/lib/influxdb/grafana.pw
chmod 400 /var/lib/influxdb/grafana.pw chmod 400 /var/lib/influxdb/grafana.pw
fi fi
until ${pkgs.curl}/bin/curl --connect-timeout 1 http://127.0.0.1:8086/ping; do until ${pkgs.curl}/bin/curl --connect-timeout 1 http://127.0.0.1:8086/ping; do
sleep 1 sleep 1
done done
if [ -v INIT ]; then if [ -v INIT ]; then
read -r adminpw < /var/lib/influxdb/admin.pw read -N 32 -r adminpw < /var/lib/influxdb/admin.pw
read -r knotendatenpw < /var/lib/influxdb/knotendaten.pw read -N 32 -r knotendatenpw < /var/lib/influxdb/knotendaten.pw
read -r grafanapw < /var/lib/influxdb/grafana.pw read -N 32 -r grafanapw < /var/lib/influxdb/grafana.pw
${config.services.influxdb.package}/bin/influx -execute "create user admin with password '$adminpw' WITH ALL PRIVILEGES" ${config.services.influxdb.package}/bin/influx -execute "create user admin with password '$adminpw' WITH ALL PRIVILEGES"
${config.services.influxdb.package}/bin/influx -username admin -password "$adminpw" -execute 'create database freifunk' ${config.services.influxdb.package}/bin/influx -username admin -password "$adminpw" -execute 'create database freifunk'
${config.services.influxdb.package}/bin/influx -username admin -password "$adminpw" -database freifunk -execute "grant all on freifunk to admin" ${config.services.influxdb.package}/bin/influx -username admin -password "$adminpw" -database freifunk -execute "grant all on freifunk to admin"