crappyrules
/
mistborn
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Mistborn is your own virtual private cloud platform and WebUI that manages self hosted services, and secures them with firewall, Wireguard VPN w/ PiHole-DNSCrypt, and IP filtering. Optional SIEM+IDS. Supports 2FA, Nextcloud, Jitsi, Home Assistant, +
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
144 Commits
15 Branches
0 Tags
962 KiB
Tree: 7faf9f3e09
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7faf9f3e09'
${ noResults }
mistborn/scripts/subinstallers/gen_prod_env.sh

97 lines
5.9 KiB
Raw Normal View History Unescape

Resolve "Jitsi - "You have beend disconnected" - Only on iOS devices, PC's fine"
5 years ago
#!/bin/bash
Docker
6 years ago
Resolve "Error when fetching wireguard config after Post-Install"
6 years ago
figlet "Mistborn: Container Credentials"
Docker
6 years ago
# generate production .env file for Django
mkdir -p ./.envs/.production
DJANGO_PROD_FILE="./.envs/.production/.django"
DJANGO_SECRET_KEY=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(50)]))")
#CELERY_FLOWER_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
MISTBORN_DEFAULT_PASSWORD="$1"
echo "DJANGO_SETTINGS_MODULE=config.settings.production" > $DJANGO_PROD_FILE
echo "DJANGO_SECRET_KEY=$DJANGO_SECRET_KEY" >> $DJANGO_PROD_FILE
echo "DJANGO_ADMIN_URL=admin/" >> $DJANGO_PROD_FILE
echo "USE_DOCKER=yes" >> $DJANGO_PROD_FILE
echo "REDIS_URL=redis://redis:6379/0" >> $DJANGO_PROD_FILE
echo "CELERY_FLOWER_USER=prod" >> $DJANGO_PROD_FILE
echo "CELERY_FLOWER_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $DJANGO_PROD_FILE
echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $DJANGO_PROD_FILE
echo "#MAILGUN_API_KEY=" >> $DJANGO_PROD_FILE
echo "#MAILGUN_API_URL=" >> $DJANGO_PROD_FILE
echo "#SENTRY_DNS=" >> $DJANGO_PROD_FILE
cockpit env
6 years ago
echo "MISTBORN_INSTALL_COCKPIT=$MISTBORN_INSTALL_COCKPIT" >> $DJANGO_PROD_FILE
Resolve "Multifactor Authentication"
5 years ago
echo "MISTBORN_PORTAL_IP=10.2.3.1" >> $DJANGO_PROD_FILE
echo "MISTBORN_PORTAL_PORT=5000" >> $DJANGO_PROD_FILE
Docker
6 years ago
# generate production .env file for postgresql
POSTGRES_PROD_FILE="./.envs/.production/.postgres"
POSTGRES_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
echo "POSTGRES_HOST=postgres" > $POSTGRES_PROD_FILE
echo "POSTGRES_PORT=5432" >> $POSTGRES_PROD_FILE
echo "POSTGRES_DB=mistborn" >> $POSTGRES_PROD_FILE
echo "POSTGRES_USER=prod" >> $POSTGRES_PROD_FILE
echo "POSTGRES_PASSWORD=$POSTGRES_PASSWORD" >> $POSTGRES_PROD_FILE
# generate production .env file for pihole
PIHOLE_PROD_FILE="./.envs/.production/.pihole"
#WEBPASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
WEBPASSWORD="$1"
echo "TZ=\"America/New York\"" > $PIHOLE_PROD_FILE
echo "WEBPASSWORD=$WEBPASSWORD" >> $PIHOLE_PROD_FILE
# generate rocketchat .env files
ROCKETCHAT_PROD_FILE="./.envs/.production/.rocketchat"
#ROCKETCHAT_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
ROCKETCHAT_PASSWORD="$1"
echo "ROCKETCHAT_USER=bot" > $ROCKETCHAT_PROD_FILE
echo "ROCKETCHAT_ROOM=GENERAL" >> $ROCKETCHAT_PROD_FILE
echo "BOT_NAME=bot" >> $ROCKETCHAT_PROD_FILE
echo "ROCKETCHAT_PASSWORD=$ROCKETCHAT_PASSWORD" >> $ROCKETCHAT_PROD_FILE
# generate nextcloud .env files
NEXTCLOUD_PROD_FILE="./.envs/.production/.nextcloud"
#NEXTCLOUD_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
NEXTCLOUD_PASSWORD="$1"
echo "NEXTCLOUD_ADMIN_USER=mistborn" > $NEXTCLOUD_PROD_FILE
echo "NEXTCLOUD_ADMIN_PASSWORD=$NEXTCLOUD_PASSWORD" >> $NEXTCLOUD_PROD_FILE
echo "NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mistborn" >> $NEXTCLOUD_PROD_FILE
# generate onlyoffice .env files
ONLYOFFICE_PROD_FILE="./.envs/.production/.onlyoffice"
JWT_SECRET="$1"
echo "JWT_ENABLED=true" > $ONLYOFFICE_PROD_FILE
echo "JWT_SECRET=$JWT_SECRET" >> $ONLYOFFICE_PROD_FILE
# generate bitwarden .env files
BITWARDEN_PROD_FILE="./.envs/.production/.bitwarden"
echo "WEBSOCKET_ENABLED=true" > $BITWARDEN_PROD_FILE
echo "SIGNUPS_ALLOWED=true" >> $BITWARDEN_PROD_FILE
Resolve "Investigate adding Jitsi Meet as an extra service"
6 years ago
# JITSI
JITSI_PROD_FILE="./.envs/.production/.jitsi"
cp ./scripts/conf/jitsi.env $JITSI_PROD_FILE
mkdir -p ./.envs/.production/.jitsi-cfg/{web/letsencrypt,transcripts,prosody,jicofo,jvb}
mimic behavior of gen_passwords
5 years ago
sed -i "s/JICOFO_COMPONENT_SECRET.*/JICOFO_COMPONENT_SECRET=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
sed -i "s/JICOFO_AUTH_PASSWORD.*/JICOFO_AUTH_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
sed -i "s/JVB_AUTH_PASSWORD.*/JVB_AUTH_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
sed -i "s/JIGASI_XMPP_PASSWORD.*/JIGASI_XMPP_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
sed -i "s/JIBRI_RECORDER_PASSWORD.*/JIBRI_RECORDER_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
sed -i "s/JIBRI_XMPP_PASSWORD.*/JIBRI_XMPP_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")/" "$JITSI_PROD_FILE"
Resolve "Add Apache Guacamole service"
5 years ago
# Guacamole
GUAC_PROD_FILE="./.envs/.production/.guacamole"
GUAC_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
echo "POSTGRES_HOST=guac_postgres" > $GUAC_PROD_FILE
echo "POSTGRES_HOSTNAME=guac_postgres" > $GUAC_PROD_FILE
echo "POSTGRES_PORT=5432" >> $GUAC_PROD_FILE
echo "POSTGRES_DB=guacamole_db" >> $GUAC_PROD_FILE
echo "POSTGRES_DATABASE=guacamole_db" >> $GUAC_PROD_FILE
echo "POSTGRES_USER=guac_user" >> $GUAC_PROD_FILE
echo "POSTGRES_PASSWORD=$GUAC_PASSWORD" >> $GUAC_PROD_FILE
tweaks
5 years ago
echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $GUAC_PROD_FILE
# Scirius
SCIRIUS_PROD_FILE="./.envs/.production/.scirius"
SCIRIUS_SECRET_KEY=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(50)]))")
echo "SECRET_KEY=$SCIRIUS_SECRET_KEY" > $SCIRIUS_PROD_FILE