70585358b8
All checks were successful
Test and Publish Templates / test-and-publish (push) Successful in 44s
172 lines
5.2 KiB
Bash
Executable File
172 lines
5.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Interactive API Key Generation Script for LogServer
|
|
# This script generates secure API keys and adds them to api-keys.yml
|
|
|
|
# Determine where to put the api-keys.yml file
|
|
determine_api_keys_location() {
|
|
# 1. If api-keys.yml already exists in current folder, use it
|
|
if [ -f "./api-keys.yml" ]; then
|
|
echo "./api-keys.yml"
|
|
return 0
|
|
fi
|
|
|
|
# 2. If service.env exists in current folder, put keys here
|
|
if [ -f "./service.env" ]; then
|
|
echo "./api-keys.yml"
|
|
return 0
|
|
fi
|
|
|
|
# 3. If config folder exists, put keys there
|
|
if [ -d "./config" ]; then
|
|
echo "./config/api-keys.yml"
|
|
return 0
|
|
fi
|
|
|
|
# No valid location found
|
|
return 1
|
|
}
|
|
|
|
# Try to determine location
|
|
if API_KEYS_FILE=$(determine_api_keys_location); then
|
|
: # Location found, continue
|
|
else
|
|
echo -e "${RED}Error: Cannot determine where to place api-keys.yml${NC}"
|
|
echo ""
|
|
echo "This script must be run from one of these locations:"
|
|
echo " 1. A deployed service directory (contains service.env)"
|
|
echo " 2. The logserver template directory (contains config/ folder)"
|
|
echo " 3. A directory with existing api-keys.yml file"
|
|
echo ""
|
|
echo "Current directory: $(pwd)"
|
|
echo "Contents: $(ls -la 2>/dev/null | head -5)"
|
|
exit 1
|
|
fi
|
|
|
|
# Colors for output
|
|
RED='\033[0;31m'
|
|
GREEN='\033[0;32m'
|
|
YELLOW='\033[1;33m'
|
|
NC='\033[0m' # No Color
|
|
|
|
# Generate a secure random API key
|
|
generate_key() {
|
|
openssl rand -hex 32 2>/dev/null || cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 64 | head -n 1
|
|
}
|
|
|
|
# Initialize api-keys.yml if it doesn't exist
|
|
init_api_keys_file() {
|
|
if [ ! -f "$API_KEYS_FILE" ]; then
|
|
# Create directory if needed
|
|
local dir=$(dirname "$API_KEYS_FILE")
|
|
if [ ! -d "$dir" ]; then
|
|
mkdir -p "$dir"
|
|
echo -e "${GREEN}Created directory: $dir${NC}"
|
|
fi
|
|
|
|
echo "# API Keys for LogServer Authentication" > "$API_KEYS_FILE"
|
|
echo "# Format: hostname:api_key" >> "$API_KEYS_FILE"
|
|
echo "# Generated by generate-api-key.sh" >> "$API_KEYS_FILE"
|
|
echo "" >> "$API_KEYS_FILE"
|
|
echo "api_keys:" >> "$API_KEYS_FILE"
|
|
echo -e "${GREEN}Created new api-keys.yml file at: $API_KEYS_FILE${NC}"
|
|
else
|
|
echo -e "${GREEN}Using existing api-keys.yml at: $API_KEYS_FILE${NC}"
|
|
fi
|
|
}
|
|
|
|
# Check if hostname already has a key
|
|
check_existing_key() {
|
|
local hostname=$1
|
|
if grep -q "^ ${hostname}:" "$API_KEYS_FILE" 2>/dev/null; then
|
|
return 0
|
|
fi
|
|
return 1
|
|
}
|
|
|
|
# Add key to api-keys.yml
|
|
add_key_to_file() {
|
|
local hostname=$1
|
|
local api_key=$2
|
|
echo " ${hostname}: ${api_key}" >> "$API_KEYS_FILE"
|
|
}
|
|
|
|
# Main script
|
|
echo -e "${GREEN}=== LogServer API Key Generator ===${NC}"
|
|
echo ""
|
|
|
|
# Initialize file if needed
|
|
init_api_keys_file
|
|
|
|
# Interactive mode
|
|
while true; do
|
|
echo -e "${YELLOW}Enter hostname for the client (or 'done' to finish):${NC}"
|
|
read -p "> " hostname
|
|
|
|
if [ "$hostname" = "done" ] || [ -z "$hostname" ]; then
|
|
break
|
|
fi
|
|
|
|
# Validate hostname - allow simple names, must start with alphanumeric
|
|
if [[ ! "$hostname" =~ ^[a-zA-Z0-9]([a-zA-Z0-9._-]*[a-zA-Z0-9])?$ ]]; then
|
|
echo -e "${RED}Invalid hostname format. Use only letters, numbers, dots, dashes, and underscores.${NC}"
|
|
echo -e "${RED}Hostname must start and end with a letter or number.${NC}"
|
|
continue
|
|
fi
|
|
|
|
# Check if key already exists
|
|
if check_existing_key "$hostname"; then
|
|
echo -e "${YELLOW}Key already exists for ${hostname}${NC}"
|
|
read -p "Generate new key? (y/n): " overwrite
|
|
if [ "$overwrite" != "y" ]; then
|
|
continue
|
|
fi
|
|
# Remove old key
|
|
sed -i "/^ ${hostname}:/d" "$API_KEYS_FILE"
|
|
fi
|
|
|
|
# Generate new key
|
|
api_key=$(generate_key)
|
|
|
|
# Add to file
|
|
add_key_to_file "$hostname" "$api_key"
|
|
|
|
echo -e "${GREEN}✓ Generated API key for ${hostname}${NC}"
|
|
echo ""
|
|
echo "Configuration for ${hostname}:"
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
echo "Add to client's service.env:"
|
|
echo ""
|
|
echo "LOGSERVER_HOST=$(hostname -I | awk '{print $1}')"
|
|
echo "LOGSERVER_PORT=5044"
|
|
echo "API_KEY=${api_key}"
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
echo ""
|
|
|
|
# Option to add more
|
|
read -p "Add another client? (y/n): " add_more
|
|
if [ "$add_more" != "y" ]; then
|
|
break
|
|
fi
|
|
done
|
|
|
|
# Show summary
|
|
echo ""
|
|
echo -e "${GREEN}=== Summary ===${NC}"
|
|
echo "API keys file: $API_KEYS_FILE"
|
|
echo "Total clients configured: $(grep -c "^ " "$API_KEYS_FILE" 2>/dev/null || echo 0)"
|
|
echo ""
|
|
echo "To view all keys: cat $API_KEYS_FILE"
|
|
echo "To revoke a key: Edit $API_KEYS_FILE and remove the line"
|
|
echo ""
|
|
|
|
# Show location-specific restart instructions
|
|
if [[ "$API_KEYS_FILE" == "./api-keys.yml" ]] && [ -f "./service.env" ]; then
|
|
# We're in a deployed service directory
|
|
echo -e "${YELLOW}Remember to restart the service to apply changes:${NC}"
|
|
echo " dropshell restart logserver"
|
|
else
|
|
# We're in the template directory
|
|
echo -e "${YELLOW}Note: Deploy this template to use these keys:${NC}"
|
|
echo " dropshell install logserver"
|
|
fi |