SetAllPass a disparu ! Reste le secretgen à refaire + revoir les valeurs "liées" par setallpass. Rien n'est testé pour le moment.
This commit is contained in:
87
bin/createDBUsers.sh
Normal file
87
bin/createDBUsers.sh
Normal file
@@ -0,0 +1,87 @@
|
||||
#!/bin/bash
|
||||
|
||||
KAZ_ROOT=$(cd $(dirname $0)/..; pwd)
|
||||
. "${KAZ_ROOT}/bin/.commonFunctions.sh"
|
||||
setKazVars
|
||||
|
||||
# pour mise au point
|
||||
# SIMU=echo
|
||||
|
||||
# Améliorations à prévoir
|
||||
# - donner en paramètre les services concernés (pour limité les modifications)
|
||||
# - pour les DB si on déclare un nouveau login, alors les privilèges sont créé mais les anciens pas révoqués
|
||||
|
||||
. "${DOCKERS_ENV}"
|
||||
. "${KAZ_KEY_DIR}/SetAllPass.sh"
|
||||
|
||||
createMysqlUser(){
|
||||
# $1 = envName
|
||||
# $2 = containerName of DB
|
||||
|
||||
. $KAZ_BIN_DIR/getPasswords.sh $1
|
||||
|
||||
rootPass="$1_MYSQL_ROOT_PASSWORD"
|
||||
dbName="$1_MYSQL_DATABASE"
|
||||
userName="$1_MYSQL_USER"
|
||||
userPass="$1_MYSQL_PASSWORD"
|
||||
|
||||
# seulement si pas de mdp pour root
|
||||
# pb oeuf et poule (il faudrait les anciennes valeurs) :
|
||||
# * si rootPass change, faire à la main
|
||||
# * si dbName change, faire à la main
|
||||
checkDockerRunning "$2" "$2" || return
|
||||
echo "change DB pass on docker $2"
|
||||
echo "grant all privileges on ${!dbName}.* to '${!userName}' identified by '${!userPass}';" | \
|
||||
docker exec -i $2 bash -c "mysql --user=root --password=${!rootPass}"
|
||||
}
|
||||
|
||||
|
||||
|
||||
framadateUpdate(){
|
||||
[[ "${COMP_ENABLE}" =~ " framadate " ]] || return
|
||||
if [ ! -f "${DOCK_LIB}/volumes/framadate_dateConfig/_data/config.php" ]; then
|
||||
return 0
|
||||
fi
|
||||
.$KAZ_BIN_DIR/getPasswords.sh framadateDB framadateServ
|
||||
|
||||
checkDockerRunning "${framadateServName}" "Framadate" &&
|
||||
${SIMU} docker exec -ti "${framadateServName}" bash -c -i "htpasswd -bc /var/framadate/admin/.htpasswd ${framadateServ_HTTPD_USER} ${framadateServ_HTTPD_PASSWORD}"
|
||||
${SIMU} sed -i \
|
||||
-e "s/^#*const DB_USER[ ]*=.*$/const DB_USER= '${framadateDB_MYSQL_USER}';/g" \
|
||||
-e "s/^#*const DB_PASSWORD[ ]*=.*$/const DB_PASSWORD= '${framadateDB_MYSQL_PASSWORD}';/g" \
|
||||
"${DOCK_LIB}/volumes/framadate_dateConfig/_data/config.php"
|
||||
}
|
||||
|
||||
jirafeauUpdate(){
|
||||
[[ "${COMP_ENABLE}" =~ " jirafeau " ]] || return
|
||||
if [ ! -f "${DOCK_LIB}/volumes/jirafeau_fileConfig/_data/config.local.php" ]; then
|
||||
return 0
|
||||
fi
|
||||
. $KAZ_BIN_DIR/getPasswords.sh jirafeauServ
|
||||
SHA=$(echo -n "${jirafeauServ_HTTPD_PASSWORD}" | sha256sum | cut -d \ -f 1)
|
||||
${SIMU} sed -i \
|
||||
-e "s/'admin_password'[ ]*=>[ ]*'[^']*'/'admin_password' => '${SHA}'/g" \
|
||||
"${DOCK_LIB}/volumes/jirafeau_fileConfig/_data/config.local.php"
|
||||
}
|
||||
|
||||
####################
|
||||
# main
|
||||
|
||||
createMysqlUser "etherpadDB" "${etherpadDBName}"
|
||||
createMysqlUser "framadateDB" "${framadateDBName}"
|
||||
createMysqlUser "giteaDB" "${gitDBName}"
|
||||
createMysqlUser "mattermostDB" "${mattermostDBName}"
|
||||
createMysqlUser "nextcloudDB" "${nextcloudDBName}"
|
||||
createMysqlUser "roundcubeDB" "${roundcubeDBName}"
|
||||
createMysqlUser "sympaDB" "${sympaDBName}"
|
||||
createMysqlUser "vigiloDB" "${vigiloDBName}"
|
||||
createMysqlUser "wpDB" "${wordpressDBName}"
|
||||
createMysqlUser "vaultwardenDB" "${vaultwardenDBName}"
|
||||
createMysqlUser "castopodDB" "${castopodDBName}"
|
||||
createMysqlUser "spipDB" "${spipDBName}"
|
||||
createMysqlUser "mastodonDB" "${mastodonDBName}"
|
||||
|
||||
|
||||
framadateUpdate
|
||||
jirafeauUpdate
|
||||
exit 0
|
Reference in New Issue
Block a user