23 lines
657 B
Bash
Executable File
23 lines
657 B
Bash
Executable File
#!/bin/sh
|
|
|
|
set -euo pipefail
|
|
|
|
# Initialize random passwords if needed
|
|
|
|
if ! vault kv list kv/service 2>/dev/null | grep -q -E '^postgres$'; then
|
|
vault kv put kv/service/postgres \
|
|
pg_pwd=$(pwgen -s -n 50 1) \
|
|
api_pwd=$(pwgen -s -n 50 1) \
|
|
monitor_pwd=$(pwgen -s -n 50 1) \
|
|
replicator_pwd=$(pwgen -s -n 50 1) \
|
|
rewind_pwd=$(pwgen -s -n 50 1) \
|
|
vault_initial_pwd=$(pwgen -s -n 50 1)
|
|
fi
|
|
|
|
for PWD in pg_pwd api_pwd monitor_pwd replicator_pwd rewind_pwd vault_initial_pwd; do
|
|
if ! vault kv get -field ${PWD} kv/service/postgres >/dev/null 2>&1; then
|
|
vault kv patch kv/service/postgres \
|
|
${PWD}=$(pwgen -s -n 50 1)
|
|
fi
|
|
done
|