agala/server-initializer
1
0
Fork 0
mirror of https://github.com/elAgala/server-initializer.git synced 2026-02-14 05:06:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: prompt for prometheus & loki password for proper hashing

Browse Source
This commit is contained in:
elAgala
2025-07-10 02:28:18 -03:00
parent 379bdefea7
commit 2dd0edbd49
2 changed files with 22 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
web/install_caddy.sh
View File

@@ -29,14 +29,20 @@ function install_caddy() {
echo "[ WEB ]: Starting containers to generate keys..."
cd "$caddy_dir"
# Generate random Prometheus password
echo "[ WEB ]: Generating Prometheus password..."
PROMETHEUS_PASSWORD=$(openssl rand -base64 32)
# Prompt user for passwords and encrypt them using Caddy
echo "[ WEB ]: Setting up authentication passwords..."
echo -n "Enter password for Prometheus access: "
read -s prometheus_plain_password
echo
echo -n "Enter password for Loki access: "
read -s loki_plain_password
echo
# Create .env file with placeholder
cat > "$caddy_dir/.env" <<EOF
CROWDSEC_API_KEY=PLACEHOLDER_WILL_BE_REPLACED
PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
PROMETHEUS_PASSWORD=PLACEHOLDER_WILL_BE_REPLACED
LOKI_PASSWORD=PLACEHOLDER_WILL_BE_REPLACED
EOF
# Start containers
@@ -63,10 +69,17 @@ EOF
echo "[ WEB ]: Generating CrowdSec API key..."
CROWDSEC_API_KEY=$(sudo docker exec crowdsec cscli bouncers add caddy-bouncer -o raw)
# Update .env file with real API key
# Encrypt passwords using Caddy
echo "[ WEB ]: Encrypting Prometheus password..."
PROMETHEUS_PASSWORD=$(sudo docker exec caddy caddy hash-password --plaintext "$prometheus_plain_password")
echo "[ WEB ]: Encrypting Loki password..."
LOKI_PASSWORD=$(sudo docker exec caddy caddy hash-password --plaintext "$loki_plain_password")
# Update .env file with real API key and encrypted passwords
cat > "$caddy_dir/.env" <<EOF
CROWDSEC_API_KEY=$CROWDSEC_API_KEY
PROMETHEUS_PASSWORD=$PROMETHEUS_PASSWORD
LOKI_PASSWORD=$LOKI_PASSWORD
EOF
# Restart containers with new API key
@@ -77,6 +90,7 @@ EOF
echo "[ WEB ]: Caddy setup completed successfully!"
echo "[ WEB ]: Configuration location: $caddy_dir"
echo "[ WEB ]: CrowdSec API key: $CROWDSEC_API_KEY"
echo "[ WEB ]: Prometheus password: $PROMETHEUS_PASSWORD"
echo "[ WEB ]: Prometheus password: [ENCRYPTED AND STORED IN .env]"
echo "[ WEB ]: Loki password: [ENCRYPTED AND STORED IN .env]"
echo "[ WEB ]: Add your site configurations to: $caddy_dir/caddy/sites-enabled/"
}