66 lines
1.6 KiB
Bash
Executable File
66 lines
1.6 KiB
Bash
Executable File
#!/usr/bin/env sh
|
|
set -eu
|
|
|
|
SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
|
|
INFRA_DIR=$(CDPATH= cd -- "$SCRIPT_DIR/.." && pwd)
|
|
ENV_FILE="$INFRA_DIR/.env"
|
|
|
|
if [ -f "$ENV_FILE" ]; then
|
|
echo "Refusing to overwrite existing $ENV_FILE" >&2
|
|
exit 1
|
|
fi
|
|
|
|
rand() {
|
|
openssl rand -base64 "$1" | tr -d '\n'
|
|
}
|
|
|
|
cat > "$ENV_FILE" <<EOF
|
|
# domains
|
|
AUTH_DOMAIN=auth.local.nodedc
|
|
LAUNCHER_DOMAIN=launcher.local.nodedc
|
|
TASK_DOMAIN=task.local.nodedc
|
|
|
|
# proxy
|
|
PLATFORM_HTTP_PORT=80
|
|
PLATFORM_PROXY_IMAGE=nodedc/plane-proxy:ru
|
|
LOCAL_LAUNCHER_UPSTREAM=host.docker.internal:5173
|
|
LOCAL_TASK_MANAGER_UPSTREAM=host.docker.internal:8090
|
|
|
|
# authentik image
|
|
AUTHENTIK_IMAGE=ghcr.io/goauthentik/server
|
|
AUTHENTIK_TAG=2026.2.2
|
|
|
|
# authentik database
|
|
PG_DB=authentik
|
|
PG_USER=authentik
|
|
PG_PASS=$(rand 36)
|
|
|
|
# authentik core
|
|
AUTHENTIK_SECRET_KEY=$(rand 60)
|
|
AUTHENTIK_ERROR_REPORTING__ENABLED=false
|
|
AUTHENTIK_BOOTSTRAP_EMAIL=admin@nodedc.local
|
|
AUTHENTIK_BOOTSTRAP_PASSWORD=$(rand 36)
|
|
AUTHENTIK_BOOTSTRAP_TOKEN=$(rand 36)
|
|
|
|
# launcher oidc
|
|
LAUNCHER_OIDC_ISSUER=http://auth.local.nodedc/application/o/launcher/
|
|
LAUNCHER_OIDC_CLIENT_ID=
|
|
LAUNCHER_OIDC_CLIENT_SECRET=
|
|
LAUNCHER_OIDC_REDIRECT_URI=http://launcher.local.nodedc/auth/callback
|
|
|
|
# plane oidc
|
|
PLANE_OIDC_ISSUER=http://auth.local.nodedc/application/o/task-manager/
|
|
PLANE_OIDC_CLIENT_ID=
|
|
PLANE_OIDC_CLIENT_SECRET=
|
|
PLANE_OIDC_REDIRECT_URI=http://task.local.nodedc/auth/oidc/callback
|
|
|
|
# security
|
|
SESSION_SECRET=$(rand 48)
|
|
COOKIE_DOMAIN=.local.nodedc
|
|
COOKIE_SECURE=false
|
|
EOF
|
|
|
|
chmod 600 "$ENV_FILE"
|
|
echo "Created $ENV_FILE"
|
|
echo "Open $ENV_FILE to read the generated local akadmin bootstrap credentials."
|