hvg-dev/blog
1
0
Fork 0
Code Actions Activity

+ ADD managing scripts

Browse Source
This commit is contained in:
felegy
2025-12-15 10:34:04 +00:00
parent 4b022855ea
commit e34cb21af8
2 changed files with 93 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

74
.devops/scripts/create-application.sh Normal file
View File

@@ -0,0 +1,74 @@
#!/usr/bin/env bash
# Usage: ./generate application.sh <application-name>
# Example: ./generate application.sh hvgblog-7koznapi > .env.hvgblog-7koznapi
script_dir=$(dirname "$0")
APPLICATION_NAME=${1:-"dev"}
if [ -z "$APPLICATION_NAME" ]; then
echo "Usage: $0 <application-name>"
exit 1
fi
SALT_PATTERN=${SALT_PATTERN:-':alnum:!"#$%&()*+,-./:;<=>?@[\]^_`{|}~'}
SALT_LENGTH=${SALT_LENGTH:-64}
PASS_PATTERN=${PASS_PATTERN:-':alnum:'}
PASS_LENGTH=${PASS_LENGTH:-16}
APPLICATION_NAMESPACE=${APPLICATION_NAMESPACE:-'hvg-dev'}
APPLICATION_DOMAIN=${APPLICATION_DOMAIN:-'hvgblog.hu'}
APPLICATION_HOST=${APPLICATION_HOST:-"${APPLICATION_NAME}.${APPLICATION_DOMAIN}"}
APPLICATION_EMAIL=${APPLICATION_EMAIL:-'blogadmin@hvg.hu'}
CERT=${SEAL_CERT_TMP:-$(mktemp)}
if [ -z "$SEAL_CERT" ]; then
echo "SEAL_CERT is not set, fetching..." | tee /dev/stderr
kubeseal --fetch-cert > "$CERT"
else
regex='(https?|ftp|file)://[-[:alnum:]\+&@#/%?=~_|!:,.;]*[-[:alnum:]\+&@#/%=~_|]'
if [[ $SEAL_CERT =~ $regex ]]; then
echo "SEAL_CERT looks like a URL, fetching..." | tee /dev/stderr
curl -sSL "$SEAL_CERT" -o "$CERT"
else
if [ -f "$SEAL_CERT" ]; then
echo "SEAL_CERT looks like a file path, using..." | tee /dev/stderr
cp "$SEAL_CERT" "$CERT"
else
echo "SEAL_CERT is not a valid URL or file path, exiting." | tee /dev/stderr
exit 1
fi
fi
fi
seal() {
local value=$1
echo -n "$value" |
kubeseal --cert "$CERT" --from-file=/dev/stdin --raw --scope cluster-wide
}
gen_salt() {
cat /dev/urandom | tr -dc "$SALT_PATTERN" | fold -w $SALT_LENGTH | head -n 1 | sed 's/\n//'
}
gen_pass() {
cat /dev/urandom | tr -dc "$PASS_PATTERN" | fold -w $PASS_LENGTH | head -n 1 | sed 's/\n//'
}
get_parameter() {
local key=$1
echo "${parameters[$key]}"
}
dump_parameters() {
echo "parameters:"
for key in "${!parameters[@]}"; do
echo " - name: $key"
echo " value: ${parameters[$key]}"
done
}
. "$script_dir/parameters.tmp"
dump_parameters | tee

19
.devops/scripts/parameters.tmp Normal file
View File

@@ -0,0 +1,19 @@
declare -A parameters=( \
[db.name]=$APPLICATION_NAME \
[db.username]=$APPLICATION_NAME \
[db.sealedPassword]=$(seal $(gen_pass)) \
[env.BLOG_SLUG]=$APPLICATION_NAME \
[env.WP_HOME]="https://${APPLICATION_HOST}" \
[env.WP_SITEURL]="https://${APPLICATION_HOST}/wp" \
[env.ADMIN_EMAIL]=$APPLICATION_EMAIL \
[env.S3_UPLOADS_BUCKET]="hvgblog/${APPLICATION_NAME}" \
[env.S3_UPLOADS_BUCKET_URL]="https://cdn.${APPLICATION_DOMAIN}/${APPLICATION_NAME}" \
[sealedSecretEnv.AUTH_KEY]=$(seal $(gen_salt)) \
[sealedSecretEnv.AUTH_SALT]=$(seal $(gen_salt)) \
[sealedSecretEnv.LOGGED_IN_KEY]=$(seal $(gen_salt)) \
[sealedSecretEnv.LOGGED_IN_SALT]=$(seal $(gen_salt)) \
[sealedSecretEnv.NONCE_KEY]=$(seal $(gen_salt)) \
[sealedSecretEnv.NONCE_SALT]=$(seal $(gen_salt)) \
[sealedSecretEnv.SECURE_AUTH_KEY]=$(seal $(gen_salt)) \
[sealedSecretEnv.SECURE_AUTH_SALT]=$(seal $(gen_salt)) \
)