28 lines
826 B
Bash
Executable File
28 lines
826 B
Bash
Executable File
#!/bin/sh
|
|
|
|
set -euo pipefail
|
|
|
|
# vim: syntax=sh
|
|
|
|
export LC_ALL=C
|
|
VAULT_KV_PATH=/kv/service/postgres
|
|
RAND_CMD="tr -dc A-Za-z0-9\-_\/=~\.+ < /dev/urandom | head -c 50"
|
|
if ! vault kv list $(dirname ${VAULT_KV_PATH}) 2>/dev/null | grep -q -E "^$(basename ${VAULT_KV_PATH})\$"; then
|
|
vault kv put ${VAULT_KV_PATH} \
|
|
pg_pwd="$(sh -c "${RAND_CMD}")" \
|
|
api_pwd="$(sh -c "${RAND_CMD}")" \
|
|
monitor_pwd="$(sh -c "${RAND_CMD}")" \
|
|
replicator_pwd="$(sh -c "${RAND_CMD}")" \
|
|
rewind_pwd="$(sh -c "${RAND_CMD}")" \
|
|
vault_initial_pwd="$(sh -c "${RAND_CMD}")" \
|
|
|
|
fi
|
|
for SECRET in pg_pwd api_pwd monitor_pwd replicator_pwd rewind_pwd vault_initial_pwd; do
|
|
if ! vault kv get -field ${SECRET} ${VAULT_KV_PATH} >/dev/null 2>&1; then
|
|
vault kv patch ${VAULT_KV_PATH} \
|
|
${SECRET}=$(sh -c "${RAND_CMD}")
|
|
fi
|
|
done
|
|
|
|
|