feat: make script autonomous (run without prompts)

2026-02-13 21:06:16 +00:00 · 2026-02-13 04:42:46 -03:00
parent 27653aaca5
commit 5c84b78600
6 changed files with 33 additions and 23 deletions
--- a/CLAUDE.md
+++ b/CLAUDE.md
@@ -14,7 +14,7 @@ Server-initializer is a Docker-based server setup automation tool that provision

 ### Development and Testing
 ```bash
-# Build and test setup script in development mode
+# Build and test setup script in development mode (skips Docker operations)
 make dev

 # Build and keep container alive for testing
@@ -26,11 +26,15 @@ make build
 # Clean up test containers and images
 make clean

-# Build custom Caddy image with WAF and CrowdSec
+# Build custom Caddy image with WAF and CrowdSec (includes push to registry)
 make build-caddy
 ```

+The `--development` flag can be passed to `install.sh` to skip Docker-related operations during testing.
+
 ### Caddy Management (from deployed server)
+These commands should be run from within the `templates/caddy/full/` directory on the deployed server:
+
 ```bash
 # Restart Caddy with config reload  
 make caddy:restart
--- a/index.sh
+++ b/index.sh
@@ -3,8 +3,9 @@
 REPO_URL="https://github.com/elAgala/server-initializer"
 TARGET_DIR="/tmp/server-initializer"

-if [ -z "$1" ]; then
-  echo "[ ERROR ]: No username provided. Use ./index.sh <username>"
+ADMIN_USER="${1:-${ADMIN_USER:-}}"
+if [ -z "$ADMIN_USER" ]; then
+  echo "[ ERROR ]: No username provided. Pass as argument or set ADMIN_USER env var"
  exit 1
 fi

@@ -18,7 +19,7 @@ cd "$TARGET_DIR/src" || exit 1
 echo "[ INITIALIZER ]: Starting initialization"

 chmod +x ./install.sh
-./install.sh "$1"
+./install.sh "$ADMIN_USER"

 echo "[ INITIALIZER ]: Setup completed succesfully!"

--- a/src/user/create_deploy_user.sh
+++ b/src/user/create_deploy_user.sh
@@ -8,8 +8,9 @@ function create_deploy_user() {
  echo "[ USER ]: Starting user $username setup"
  mkdir -p $home_dir
  sudo useradd $username
-  echo "[ USER ]: Set a password for user [$username]:"
-  sudo passwd $username
+  password="${DEPLOY_PASSWORD:-$(openssl rand -base64 16)}"
+  echo "$username:$password" | sudo chpasswd
+  echo "[ USER ]: Password set for $username (use DEPLOY_PASSWORD env var to specify)"
  echo "[ USER ]: User [deploy] created succesfully"

  echo "[ USER ]: Adding user to groups"
--- a/src/user/create_user.sh
+++ b/src/user/create_user.sh
@@ -8,8 +8,9 @@ function create_user() {
  echo "[ USER ]: Starting user $username setup"
  mkdir -p $home_dir
  sudo useradd $username
-  echo "[ USER ]: Set a password for $username:"
-  sudo passwd "$username"
+  password="${ADMIN_PASSWORD:-$(openssl rand -base64 16)}"
+  echo "$username:$password" | sudo chpasswd
+  echo "[ USER ]: Password set for $username (use ADMIN_PASSWORD env var to specify)"
  echo "[ USER ]: User created succesfully"

  echo "[ USER ]: Adding user to groups"
--- a/src/user/ssh_config.sh
+++ b/src/user/ssh_config.sh
@@ -14,13 +14,18 @@ function config_ssh() {
  sudo chown -R "$username:$username" $ssh_dir
  echo "[ SSH ]: Created ~/.ssh/authorized_keys"

-  echo "[ SSH ]: Paste the public key for $username (leave empty to skip)"
-  read -r public_key
+  # Pick env var based on username: DEPLOY_SSH_KEY for deploy user, ADMIN_SSH_KEY for others
+  if [ "$username" = "deploy" ]; then
+    public_key="${DEPLOY_SSH_KEY:-}"
+  else
+    public_key="${ADMIN_SSH_KEY:-}"
+  fi
+
  if [ -n "$public_key" ]; then
    echo "$public_key" | sudo tee -a "$ssh_dir/authorized_keys" >/dev/null
    echo "[ SSH ]: Public key added to $ssh_dir/authorized_keys."
  else
-    echo "[ SSH ]: No public key provided, skipping..."
+    echo "[ SSH ]: WARNING: No SSH key provided for $username (set ADMIN_SSH_KEY / DEPLOY_SSH_KEY)"
  fi

  # Create SSH configuration file instead of modifying main sshd_config
--- a/src/web/install_caddy.sh
+++ b/src/web/install_caddy.sh
@@ -42,12 +42,8 @@ EOF
    sudo apt-get install -y apache2-utils

    echo "[ WEB ]: Setting up authentication passwords..."
-    echo -n "Enter password for Prometheus access: "
-    read -s prometheus_plain_password
-    echo
-    echo -n "Enter password for Loki access: "
-    read -s loki_plain_password
-    echo
+    prometheus_plain_password="${MONITORING_PROMETHEUS_PASSWORD:-$(openssl rand -base64 16)}"
+    loki_plain_password="${MONITORING_LOKI_PASSWORD:-$(openssl rand -base64 16)}"

    # Generate password hashes using htpasswd (no Caddy needed)
    echo "[ WEB ]: Hashing Prometheus password..."
@@ -96,8 +92,10 @@ EOF

  echo "[ WEB ]: Caddy setup completed successfully!"
  echo "[ WEB ]: Configuration location: $caddy_dir"
-  echo "[ WEB ]: CrowdSec API key: $CROWDSEC_API_KEY"
-  echo "[ WEB ]: Prometheus password: [ENCRYPTED AND STORED IN .env]"
-  echo "[ WEB ]: Loki password: [ENCRYPTED AND STORED IN .env]"
+  echo "[ WEB ]: ============================================"
+  echo "[ WEB ]: SAVE THESE - Plaintext monitoring passwords:"
+  echo "[ WEB ]:   Prometheus: $prometheus_plain_password"
+  echo "[ WEB ]:   Loki:       $loki_plain_password"
+  echo "[ WEB ]: ============================================"
  echo "[ WEB ]: Add your site configurations to: $caddy_dir/caddy/sites-enabled/"
 }