Initial commit: homelab configuration and documentation
This commit is contained in:
96
scripts/create_docker_secrets.sh
Executable file
96
scripts/create_docker_secrets.sh
Executable file
@@ -0,0 +1,96 @@
|
||||
#!/bin/bash
|
||||
# create_docker_secrets.sh - Create all Docker secrets for swarm stacks
|
||||
# Run this ONCE before deploying the fixed stack files
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# Colors
|
||||
GREEN='\033[0;32m'
|
||||
YELLOW='\033[1;33m'
|
||||
RED='\033[0;31m'
|
||||
NC='\033[0m'
|
||||
|
||||
echo -e "${YELLOW}Docker Secrets Creation Script${NC}"
|
||||
echo "This will create all required secrets for your swarm stacks."
|
||||
echo ""
|
||||
|
||||
# Check if running on swarm manager
|
||||
if ! docker node ls &>/dev/null; then
|
||||
echo -e "${RED}Error: This must be run on a Docker Swarm manager node${NC}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Function to create secret
|
||||
create_secret() {
|
||||
local SECRET_NAME=$1
|
||||
local SECRET_DESCRIPTION=$2
|
||||
local DEFAULT_VALUE=$3
|
||||
|
||||
if docker secret inspect "$SECRET_NAME" &>/dev/null; then
|
||||
echo -e "${YELLOW}⚠ Secret '$SECRET_NAME' already exists, skipping${NC}"
|
||||
return 0
|
||||
fi
|
||||
|
||||
echo -e "\n${GREEN}Creating secret: $SECRET_NAME${NC}"
|
||||
echo "$SECRET_DESCRIPTION"
|
||||
|
||||
if [[ -n "$DEFAULT_VALUE" ]]; then
|
||||
read -p "Enter value (default: $DEFAULT_VALUE): " SECRET_VALUE
|
||||
SECRET_VALUE=${SECRET_VALUE:-$DEFAULT_VALUE}
|
||||
else
|
||||
read -sp "Enter value (hidden): " SECRET_VALUE
|
||||
echo
|
||||
fi
|
||||
|
||||
if [[ -z "$SECRET_VALUE" ]]; then
|
||||
echo -e "${RED}Error: Secret value cannot be empty${NC}"
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo -n "$SECRET_VALUE" | docker secret create "$SECRET_NAME" -
|
||||
echo -e "${GREEN}✓ Created secret: $SECRET_NAME${NC}"
|
||||
}
|
||||
|
||||
echo "==================================="
|
||||
echo "Paperless Secrets"
|
||||
echo "==================================="
|
||||
|
||||
create_secret "paperless_db_password" \
|
||||
"Database password for Paperless PostgreSQL" \
|
||||
""
|
||||
|
||||
create_secret "paperless_secret_key" \
|
||||
"Django secret key for Paperless (50+ random characters)" \
|
||||
""
|
||||
|
||||
echo ""
|
||||
echo "==================================="
|
||||
echo "Grafana Secrets"
|
||||
echo "==================================="
|
||||
|
||||
create_secret "grafana_admin_password" \
|
||||
"Grafana admin password" \
|
||||
""
|
||||
|
||||
echo ""
|
||||
echo "==================================="
|
||||
echo "DuckDNS Secret"
|
||||
echo "==================================="
|
||||
|
||||
create_secret "duckdns_token" \
|
||||
"DuckDNS API token (from duckdns.org account)" \
|
||||
""
|
||||
|
||||
echo ""
|
||||
echo -e "${GREEN}==================================="
|
||||
echo "All secrets created successfully!"
|
||||
echo "===================================${NC}"
|
||||
echo ""
|
||||
echo "Verify secrets:"
|
||||
echo " docker secret ls"
|
||||
echo ""
|
||||
echo "To remove a secret (if needed):"
|
||||
echo " docker secret rm <secret_name>"
|
||||
echo ""
|
||||
echo "IMPORTANT: Secret values cannot be retrieved after creation."
|
||||
echo "Store them securely in a password manager!"
|
||||
Reference in New Issue
Block a user