Initial commit

2024-11-18 18:36:30 +01:00 · 2024-11-18 18:36:30 +01:00 · 91c5eb1d9d
commit 91c5eb1d9d
5 changed files with 319 additions and 0 deletions
--- a/init.sh
+++ b/init.sh
@ -0,0 +1,42 @@
+#!/usr/bin/env bash
+set -euf -o pipefail
+
+# Function to securely query user for a password, verify it, and return it for further use
+prompt_password() {
+	local purpose="$1"
+	local password password_confirm
+
+	while true; do
+		printf "Enter password for %s: " "$purpose"
+		read -rs password
+		printf "\nConfirm password for %s: " "$purpose"
+		read -rs password_confirm
+		printf "\n"
+
+		# Check if passwords match
+		if [[ "$password" == "$password_confirm" ]]; then
+			RETURNED_PASSWORD="$password"
+			printf "Password verified for %s.\n" "$purpose"
+			return 0
+		else
+			printf "Error: Passwords do not match. Please try again.\n" >&2
+		fi
+	done
+}
+
+# Trap SIGINT to exit gracefully if the user aborts with CTRL+C
+trap 'printf "\nOperation aborted by user.\n" >&2; rm .env; exit 1' SIGINT
+
+
+cd "$(dirname "$(realpath "$0")")"
+
+# Check if .env exists and exit if it is
+[[ -f ./.env ]] && echo ".env already exists. Exiting!" && exit 1 || true
+
+cat ./env.template >> .env
+echo "# SECRETS" >> .env
+echo "PG_PASS=$(openssl rand -base64 36 | tr -d '\n')" >> .env
+echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 60 | tr -d '\n')" >> .env
+prompt_password "AUTHENTIK_EMAIL__PASSWORD"; echo "AUTHENTIK_EMAIL__PASSWORD=${RETURNED_PASSWORD}" >> .env; unset RETURNED_PASSWORD
+prompt_password "GEOIPUPDATE_LICENSE_KEY"; echo "GEOIPUPDATE_LICENSE_KEY=${RETURNED_PASSWORD}" >> .env; unset RETURNED_PASSWORD
+echo "" >> .env