numbus/numbus-server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Made secrets variables more reliable 2.

Browse Source
This commit is contained in:
Raphaël Billet
2025-11-27 11:37:15 +01:00
parent 4a1f25d781
commit 51ba15df8b
2 changed files with 51 additions and 51 deletions
Download Patch File Download Diff File Expand all files Collapse all files
deploy.sh
+15 -15
View File
@@ -175,21 +175,21 @@ files_generation() {
envsubst < config-files/sops-nix/.sops.yaml > extra-files/etc/nixos/.sops.yaml
echo -e "\n ✅ Generating secure random database passwords..."
HOME_ASSISTANT_MQTT_USER=$(openssl rand -base64 29 | tr -d "\123456789=+/" | cut -c1-10)
HOME_ASSISTANT_MQTT_PASSWORD=$(openssl rand -base64 29 | tr -d "\=+/" | cut -c1-64)
PASSBOLT_MYSQL_DATABASE=$(openssl rand -base64 29 | tr -d "\123456789=+/" | cut -c1-10)
PASSBOLT_MYSQL_USER=$(openssl rand -base64 29 | tr -d "\123456789=+/" | cut -c1-10)
PASSBOLT_MYSQL_PASSWORD=$(openssl rand -base64 29 | tr -d "\=+/" | cut -c1-64)
FTLCONF_WEBSERVER_PASSWORD=$(openssl rand -base64 29 | tr -d "\=+/" | cut -c1-64)
DATA_DISK_1=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
DATA_DISK_2=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
DATA_DISK_3=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
DATA_DISK_4=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
DATA_DISK_5=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
DATA_DISK_6=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
PARITY_DISK_1=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
PARITY_DISK_2=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
PARITY_DISK_3=$(openssl rand -base64 300 | tr -d "\=+/" | cut -c1-300)
HOME_ASSISTANT_MQTT_USER="$(openssl rand -hex 10)"
HOME_ASSISTANT_MQTT_PASSWORD="$(openssl rand -base64 32 | tr -d '\=+/')"
PASSBOLT_MYSQL_DATABASE="$(openssl rand -hex 10)"
PASSBOLT_MYSQL_USER="$(openssl rand -hex 10)"
PASSBOLT_MYSQL_PASSWORD="$(openssl rand -base64 32 | tr -d '\=+/')"
FTLCONF_WEBSERVER_PASSWORD="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_1="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_2="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_3="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_4="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_5="$(openssl rand -base64 32 | tr -d '\=+/')"
DATA_DISK_6="$(openssl rand -base64 32 | tr -d '\=+/')"
PARITY_DISK_1="$(openssl rand -base64 32 | tr -d '\=+/ ')"
PARITY_DISK_2="$(openssl rand -base64 32 | tr -d '\=+/ ')"
PARITY_DISK_3="$(openssl rand -base64 32 | tr -d '\=+/ ')"
echo -e "\n ✅ Encrypting secrets in the correct file..."
envsubst < "config-files/sops-nix/secrets.yaml" | sops encrypt --filename-override secrets.yaml \