From 065b58140f0f162210a3375bd85e5301db6d1872 Mon Sep 17 00:00:00 2001
From: Steven Foerster <steven@cyber5k.com>
Date: Fri, 26 Feb 2021 16:36:50 -0500
Subject: [PATCH] set default password

---
 scripts/env/guacamole_init.sh               | 7 +++++++
 scripts/services/Mistborn-guacamole.service | 1 +
 scripts/subinstallers/gen_prod_env.sh       | 4 +++-
 3 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/scripts/env/guacamole_init.sh b/scripts/env/guacamole_init.sh
index 4f265da..fbdf813 100755
--- a/scripts/env/guacamole_init.sh
+++ b/scripts/env/guacamole_init.sh
@@ -3,3 +3,10 @@
 mkdir -p /opt/mistborn_volumes/extra/guacamole/init/ || true
 chmod -R +x /opt/mistborn_volumes/extra/guacamole/init/
 docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > /opt/mistborn_volumes/extra/guacamole/init/initdb.sql
+
+# reset default password in init.db
+SALT=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice('0123456789ABCDEF') for x in range(32)]))")
+GUAC_PASSWORD_HASHED=$(echo -n "${MISTBORN_DEFAULT_PASSWORD}${SALT}" | sha256sum | awk '{print $1}' | tr a-z A-Z)
+
+sed -i "s/\'FE24ADC5E11E2B25288D1704ABE67A79E342ECC26064CE69C5B3177795A82264\'/\'$SALT\'/" /opt/mistborn_volumes/extra/guacamole/init/initdb.sql
+sed -i "s/\'CA458A7D494E3BE824F5E1E175A1556C0F8EEF2C2D7DF3633BEC4A29C4411960\'/\'$GUAC_PASSWORD_HASHED\'/" /opt/mistborn_volumes/extra/guacamole/init/initdb.sql
\ No newline at end of file
diff --git a/scripts/services/Mistborn-guacamole.service b/scripts/services/Mistborn-guacamole.service
index 9576cbc..be4f9f1 100644
--- a/scripts/services/Mistborn-guacamole.service
+++ b/scripts/services/Mistborn-guacamole.service
@@ -9,6 +9,7 @@ Restart=always
 User=root
 Group=docker
 PermissionsStartOnly=true
+EnvironmentFile=/opt/mistborn/.envs/.production/.guacamole
 ExecStartPre=/opt/mistborn/scripts/env/guacamole_init.sh
 # Shutdown container (if running) when unit is stopped
 ExecStartPre=/usr/local/bin/docker-compose -f /opt/mistborn/extra/guacamole.yml down
diff --git a/scripts/subinstallers/gen_prod_env.sh b/scripts/subinstallers/gen_prod_env.sh
index 818f64b..bc06297 100755
--- a/scripts/subinstallers/gen_prod_env.sh
+++ b/scripts/subinstallers/gen_prod_env.sh
@@ -83,8 +83,10 @@ sed -i "s/JIBRI_XMPP_PASSWORD.*/JIBRI_XMPP_PASSWORD=$(python3 -c "import secrets
 GUAC_PROD_FILE="./.envs/.production/.guacamole"
 GUAC_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
 echo "POSTGRES_HOST=guac_postgres" > $GUAC_PROD_FILE
+echo "POSTGRES_HOSTNAME=guac_postgres" > $GUAC_PROD_FILE
 echo "POSTGRES_PORT=5432" >> $GUAC_PROD_FILE
 echo "POSTGRES_DB=guacamole_db" >> $GUAC_PROD_FILE
 echo "POSTGRES_DATABASE=guacamole_db" >> $GUAC_PROD_FILE
 echo "POSTGRES_USER=guac_user" >> $GUAC_PROD_FILE
-echo "POSTGRES_PASSWORD=$GUAC_PASSWORD" >> $GUAC_PROD_FILE
\ No newline at end of file
+echo "POSTGRES_PASSWORD=$GUAC_PASSWORD" >> $GUAC_PROD_FILE
+echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $GUAC_PROD_FILE
\ No newline at end of file