#!/bin/bash # Interactive API Key Generation Script for LogServer # This script generates secure API keys and adds them to api-keys.yml # Determine where to put the api-keys.yml file determine_api_keys_location() { # 1. If api-keys.yml already exists in current folder, use it if [ -f "./api-keys.yml" ]; then echo "./api-keys.yml" return 0 fi # 2. If service.env exists in current folder, put keys here if [ -f "./service.env" ]; then echo "./api-keys.yml" return 0 fi # 3. If config folder exists, put keys there if [ -d "./config" ]; then echo "./config/api-keys.yml" return 0 fi # No valid location found return 1 } # Try to determine location if API_KEYS_FILE=$(determine_api_keys_location); then : # Location found, continue else echo -e "${RED}Error: Cannot determine where to place api-keys.yml${NC}" echo "" echo "This script must be run from one of these locations:" echo " 1. A deployed service directory (contains service.env)" echo " 2. The logserver template directory (contains config/ folder)" echo " 3. A directory with existing api-keys.yml file" echo "" echo "Current directory: $(pwd)" echo "Contents: $(ls -la 2>/dev/null | head -5)" exit 1 fi # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' NC='\033[0m' # No Color # Generate a secure random API key generate_key() { openssl rand -hex 32 2>/dev/null || cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1 } # Initialize api-keys.yml if it doesn't exist init_api_keys_file() { if [ ! -f "$API_KEYS_FILE" ]; then # Create directory if needed local dir=$(dirname "$API_KEYS_FILE") if [ ! -d "$dir" ]; then mkdir -p "$dir" echo -e "${GREEN}Created directory: $dir${NC}" fi echo "# API Keys for LogServer Authentication" > "$API_KEYS_FILE" echo "# Format: hostname:api_key" >> "$API_KEYS_FILE" echo "# Generated by generate-api-key.sh" >> "$API_KEYS_FILE" echo "" >> "$API_KEYS_FILE" echo "api_keys:" >> "$API_KEYS_FILE" echo -e "${GREEN}Created new api-keys.yml file at: $API_KEYS_FILE${NC}" else echo -e "${GREEN}Using existing api-keys.yml at: $API_KEYS_FILE${NC}" fi } # Check if hostname already has a key check_existing_key() { local hostname=$1 if grep -q "^ ${hostname}:" "$API_KEYS_FILE" 2>/dev/null; then return 0 fi return 1 } # Add key to api-keys.yml add_key_to_file() { local hostname=$1 local api_key=$2 echo " ${hostname}: ${api_key}" >> "$API_KEYS_FILE" } # Main script echo -e "${GREEN}=== LogServer API Key Generator ===${NC}" echo "" # Initialize file if needed init_api_keys_file # Interactive mode while true; do echo -e "${YELLOW}Enter hostname for the client (or 'done' to finish):${NC}" read -p "> " hostname if [ "$hostname" = "done" ] || [ -z "$hostname" ]; then break fi # Validate hostname - allow simple names, must start with alphanumeric if [[ ! "$hostname" =~ ^[a-zA-Z0-9]([a-zA-Z0-9._-]*[a-zA-Z0-9])?$ ]]; then echo -e "${RED}Invalid hostname format. Use only letters, numbers, dots, dashes, and underscores.${NC}" echo -e "${RED}Hostname must start and end with a letter or number.${NC}" continue fi # Check if key already exists if check_existing_key "$hostname"; then echo -e "${YELLOW}Key already exists for ${hostname}${NC}" read -p "Generate new key? (y/n): " overwrite if [ "$overwrite" != "y" ]; then continue fi # Remove old key sed -i "/^ ${hostname}:/d" "$API_KEYS_FILE" fi # Generate new key api_key=$(generate_key) # Add to file add_key_to_file "$hostname" "$api_key" echo -e "${GREEN}✓ Generated API key for ${hostname}${NC}" echo "" echo "Configuration for ${hostname}:" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "Add to client's service.env:" echo "" echo "LOGSERVER_HOST=$(hostname -I | awk '{print $1}')" echo "LOGSERVER_PORT=5044" echo "API_KEY=${api_key}" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "" # Option to add more read -p "Add another client? (y/n): " add_more if [ "$add_more" != "y" ]; then break fi done # Show summary echo "" echo -e "${GREEN}=== Summary ===${NC}" echo "API keys file: $API_KEYS_FILE" echo "Total clients configured: $(grep -c "^ " "$API_KEYS_FILE" 2>/dev/null || echo 0)" echo "" echo "To view all keys: cat $API_KEYS_FILE" echo "To revoke a key: Edit $API_KEYS_FILE and remove the line" echo "" # Show location-specific restart instructions if [[ "$API_KEYS_FILE" == "./api-keys.yml" ]] && [ -f "./service.env" ]; then # We're in a deployed service directory echo -e "${YELLOW}Remember to restart the service to apply changes:${NC}" echo " dropshell restart logserver" else # We're in the template directory echo -e "${YELLOW}Note: Deploy this template to use these keys:${NC}" echo " dropshell install logserver" fi