overleaf/server-ce/init_scripts/00_regen_sharelatex_secrets.sh

#!/bin/bash
set -e -o pipefail

# generate secrets and defines them as environment variables
# https://github.com/phusion/baseimage-docker#centrally-defining-your-own-environment-variables

WEB_API_PASSWORD_FILE=/etc/container_environment/WEB_API_PASSWORD
STAGING_PASSWORD_FILE=/etc/container_environment/STAGING_PASSWORD # HTTP auth for history-v1
V1_HISTORY_PASSWORD_FILE=/etc/container_environment/V1_HISTORY_PASSWORD
CRYPTO_RANDOM_FILE=/etc/container_environment/CRYPTO_RANDOM

if [ ! -f "$WEB_API_PASSWORD_FILE" ] || [ ! -f "$STAGING_PASSWORD_FILE" ] || [ ! -f "$CRYPTO_RANDOM_FILE" ]; then

    echo "generating random secrets"

    SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -d '\n+/')
    echo ${SECRET} > ${WEB_API_PASSWORD_FILE}

    SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -d '\n+/')
    echo ${SECRET} > ${STAGING_PASSWORD_FILE}
    echo ${SECRET} > ${V1_HISTORY_PASSWORD_FILE}

    SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null | base64 -w 0 | rev | cut -b 2- | rev | tr -d '\n+/')
    echo ${SECRET} > ${CRYPTO_RANDOM_FILE}
fi
[init] bail out in case the db access fails (#123) * [init] bail out in case the db access fails Signed-off-by: Jakob Ackermann <das7pad@outlook.com> * [misc] bail out in case any command in an init_script failed NOTE: sh does not support `-o pipefail`. Signed-off-by: Jakob Ackermann <das7pad@outlook.com> 2020-02-13 07:33:56 -05:00			`#!/bin/bash`
			`set -e -o pipefail`
Initial Dockerfile image build 2015-02-06 12:01:50 -05:00
Set CRYPTO_RANDOM as environment variable at startup time (#134) 2020-01-28 01:16:23 -05:00			`# generate secrets and defines them as environment variables`
			`# https://github.com/phusion/baseimage-docker#centrally-defining-your-own-environment-variables`

			`WEB_API_PASSWORD_FILE=/etc/container_environment/WEB_API_PASSWORD`
Merge pull request #11346 from overleaf/msm-config-history-v1-sp Configuration changes for FPH in CE/SP GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231 2023-01-20 06:06:26 -05:00			`STAGING_PASSWORD_FILE=/etc/container_environment/STAGING_PASSWORD # HTTP auth for history-v1`
			`V1_HISTORY_PASSWORD_FILE=/etc/container_environment/V1_HISTORY_PASSWORD`
Set CRYPTO_RANDOM as environment variable at startup time (#134) 2020-01-28 01:16:23 -05:00			`CRYPTO_RANDOM_FILE=/etc/container_environment/CRYPTO_RANDOM`

Merge pull request #11346 from overleaf/msm-config-history-v1-sp Configuration changes for FPH in CE/SP GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231 2023-01-20 06:06:26 -05:00			`if [ ! -f "$WEB_API_PASSWORD_FILE" ] \|\| [ ! -f "$STAGING_PASSWORD_FILE" ] \|\| [ ! -f "$CRYPTO_RANDOM_FILE" ]; then`
Set CRYPTO_RANDOM as environment variable at startup time (#134) 2020-01-28 01:16:23 -05:00
			`echo "generating random secrets"`

			`SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null \| base64 -w 0 \| rev \| cut -b 2- \| rev \| tr -d '\n+/')`
			`echo ${SECRET} > ${WEB_API_PASSWORD_FILE}`

Merge pull request #11346 from overleaf/msm-config-history-v1-sp Configuration changes for FPH in CE/SP GitOrigin-RevId: 990eb0fa6158d4815740413da085759d2cc5e231 2023-01-20 06:06:26 -05:00			`SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null \| base64 -w 0 \| rev \| cut -b 2- \| rev \| tr -d '\n+/')`
			`echo ${SECRET} > ${STAGING_PASSWORD_FILE}`
			`echo ${SECRET} > ${V1_HISTORY_PASSWORD_FILE}`

Set CRYPTO_RANDOM as environment variable at startup time (#134) 2020-01-28 01:16:23 -05:00			`SECRET=$(dd if=/dev/urandom bs=1 count=32 2>/dev/null \| base64 -w 0 \| rev \| cut -b 2- \| rev \| tr -d '\n+/')`
			`echo ${SECRET} > ${CRYPTO_RANDOM_FILE}`
			`fi`