18 lines
545 B
Bash
18 lines
545 B
Bash
|
#!/bin/sh
|
||
|
|
||
|
set -euo pipefail
|
||
|
|
||
|
# Initialize random passwords if needed
|
||
|
|
||
|
if ! vault kv list [[ .vault.prefix ]]kv/service 2>/dev/null | grep -q -E '^[[ .bounca.instance ]]$'; then
|
||
|
vault kv put [[ .vault.prefix ]]kv/service/[[ .bounca.instance ]] \
|
||
|
django_secret=$(pwgen -s -n 50 1)
|
||
|
fi
|
||
|
|
||
|
for PWD in django_secret; do
|
||
|
if ! vault kv get -field ${PWD} [[ .vault.prefix ]]kv/service/[[ .bounca.instance ]] >/dev/null 2>&1; then
|
||
|
vault kv patch [[ .vault.prefix ]]kv/service/[[ .bounca.instance ]] \
|
||
|
${PWD}=$(pwgen -s -n 50 1)
|
||
|
fi
|
||
|
done
|