· 6 years ago · May 11, 2019, 10:20 AM
1#!/bin/bash
2set -eu -o pipefail
3
4gen_priv() {
5 openssl genrsa 2048 2> /dev/null
6}
7
8gen_pub() {
9 echo "${1}" | openssl rsa -pubout 2> /dev/null
10}
11
12indent() {
13 echo "$1" | sed 's/^/ /'
14}
15
16
17API_SECRET=$(head -c 66 /dev/urandom | base64)
18API_AES=$(head -c 24 /dev/urandom | base64 | head -c 16)
19DEVS_SECRET=$(head -c 66 /dev/urandom | base64)
20
21CREDENTIALS_PRIV=$(gen_priv)
22CREDENTIALS_PUB=$(gen_pub "${CREDENTIALS_PRIV}")
23SERVICES_PRIV=$(gen_priv)
24SERVICES_PUB=$(gen_pub "${SERVICES_PRIV}")
25cat <<EOF
26---
27hostname: null
28license_code: null
29ssl:
30 is_configured: false
31redis: 'redis://localhost:6379/0'
32db:
33 name: 'platform'
34 user: 'platform'
35 password: 'insecure password'
36 host: '127.0.0.1'
37 port: '5432'
38api:
39 secret_key: '${API_SECRET}'
40 aes_key: '${API_AES}'
41devs:
42 secret_key: '${DEVS_SECRET}'
43pki:
44 credentials:
45 private: |
46$(indent "${CREDENTIALS_PRIV}")
47 public: |
48$(indent "${CREDENTIALS_PUB}")
49 services:
50 private: |
51$(indent "${SERVICES_PRIV}")
52 public: |
53$(indent "${SERVICES_PUB}")
54EOF