From ce5dfb10faf8de3f464ce534b1a2fa84b4e064ff Mon Sep 17 00:00:00 2001
From: Steven Foerster <sfoerster@gmail.com>
Date: Fri, 12 Mar 2021 18:04:21 +0000
Subject: [PATCH] Resolve "Mistborn default password parsing"

---
 scripts/install.sh                        | 29 ++++++++++-------------
 scripts/subinstallers/extra/guacamole.sh  |  2 +-
 scripts/subinstallers/extra/nextcloud.sh  |  2 +-
 scripts/subinstallers/extra/onlyoffice.sh |  2 +-
 scripts/subinstallers/extra/rocketchat.sh |  2 +-
 scripts/subinstallers/gen_prod_env.sh     |  6 ++---
 scripts/subinstallers/passwd.sh           | 22 +++++++++++++++++
 7 files changed, 41 insertions(+), 24 deletions(-)
 create mode 100755 scripts/subinstallers/passwd.sh

diff --git a/scripts/install.sh b/scripts/install.sh
index e79b838..a142ad9 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -59,13 +59,18 @@ echo -e "| |  | | \__ \ |_| |_) | (_) | |  | | | |"
 echo -e "|_|  |_|_|___/\__|_.__/ \___/|_|  |_| |_|"
 echo -e ""
 
-# INPUT default admin password
-if [ -z "${MISTBORN_DEFAULT_PASSWORD}" ]; then
-    read -p "(Mistborn) Set default admin password: " -s MISTBORN_DEFAULT_PASSWORD
-    echo
-else
-    echo "MISTBORN_DEFAULT_PASSWORD is already set"
-fi
+sudo rm -rf /opt/mistborn 2>/dev/null || true
+
+# clone to /opt and change directory
+echo "Cloning $GIT_BRANCH branch from mistborn repo"
+sudo git clone https://gitlab.com/cyber5k/mistborn.git -b $GIT_BRANCH /opt/mistborn
+sudo chown -R $USER:$USER /opt/mistborn
+pushd .
+cd /opt/mistborn
+git submodule update --init --recursive
+
+# MISTBORN_DEFAULT_PASSWORD
+source ./scripts/subinstallers/passwd.sh
 
 # Install Cockpit?
 if [ -z "${MISTBORN_INSTALL_COCKPIT}" ]; then
@@ -85,16 +90,6 @@ else
     echo "SSH key exists for $USER"
 fi
 
-sudo rm -rf /opt/mistborn 2>/dev/null || true
-
-# clone to /opt and change directory
-echo "Cloning $GIT_BRANCH branch from mistborn repo"
-sudo git clone https://gitlab.com/cyber5k/mistborn.git -b $GIT_BRANCH /opt/mistborn
-sudo chown -R $USER:$USER /opt/mistborn
-pushd .
-cd /opt/mistborn
-git submodule update --init --recursive
-
 # initial load update package list
 sudo apt-get update
 
diff --git a/scripts/subinstallers/extra/guacamole.sh b/scripts/subinstallers/extra/guacamole.sh
index 8c76a89..8df9d00 100755
--- a/scripts/subinstallers/extra/guacamole.sh
+++ b/scripts/subinstallers/extra/guacamole.sh
@@ -10,4 +10,4 @@ echo "POSTGRES_DB=guacamole_db" >> $GUAC_PROD_FILE
 echo "POSTGRES_DATABASE=guacamole_db" >> $GUAC_PROD_FILE
 echo "POSTGRES_USER=guac_user" >> $GUAC_PROD_FILE
 echo "POSTGRES_PASSWORD=$GUAC_PASSWORD" >> $GUAC_PROD_FILE
-echo "MISTBORN_DEFAULT_PASSWORD=\"$MISTBORN_DEFAULT_PASSWORD\"" >> $GUAC_PROD_FILE
\ No newline at end of file
+echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $GUAC_PROD_FILE
\ No newline at end of file
diff --git a/scripts/subinstallers/extra/nextcloud.sh b/scripts/subinstallers/extra/nextcloud.sh
index 101f93c..b1568b7 100755
--- a/scripts/subinstallers/extra/nextcloud.sh
+++ b/scripts/subinstallers/extra/nextcloud.sh
@@ -5,5 +5,5 @@ NEXTCLOUD_PROD_FILE="$1"
 #NEXTCLOUD_PASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
 NEXTCLOUD_PASSWORD="${MISTBORN_DEFAULT_PASSWORD}"
 echo "NEXTCLOUD_ADMIN_USER=mistborn" > $NEXTCLOUD_PROD_FILE
-echo "NEXTCLOUD_ADMIN_PASSWORD=\"$NEXTCLOUD_PASSWORD\"" >> $NEXTCLOUD_PROD_FILE
+echo "NEXTCLOUD_ADMIN_PASSWORD=$NEXTCLOUD_PASSWORD" >> $NEXTCLOUD_PROD_FILE
 echo "NEXTCLOUD_TRUSTED_DOMAINS=nextcloud.mistborn" >> $NEXTCLOUD_PROD_FILE
\ No newline at end of file
diff --git a/scripts/subinstallers/extra/onlyoffice.sh b/scripts/subinstallers/extra/onlyoffice.sh
index aa9f917..3fadeca 100755
--- a/scripts/subinstallers/extra/onlyoffice.sh
+++ b/scripts/subinstallers/extra/onlyoffice.sh
@@ -4,4 +4,4 @@
 ONLYOFFICE_PROD_FILE="$1"
 JWT_SECRET="${MISTBORN_DEFAULT_PASSWORD}"
 echo "JWT_ENABLED=true" > $ONLYOFFICE_PROD_FILE
-echo "JWT_SECRET=\"$JWT_SECRET\"" >> $ONLYOFFICE_PROD_FILE
\ No newline at end of file
+echo "JWT_SECRET=$JWT_SECRET" >> $ONLYOFFICE_PROD_FILE
\ No newline at end of file
diff --git a/scripts/subinstallers/extra/rocketchat.sh b/scripts/subinstallers/extra/rocketchat.sh
index f446683..6da1e2d 100755
--- a/scripts/subinstallers/extra/rocketchat.sh
+++ b/scripts/subinstallers/extra/rocketchat.sh
@@ -7,7 +7,7 @@ ROCKETCHAT_PASSWORD="${MISTBORN_DEFAULT_PASSWORD}"
 echo "ROCKETCHAT_USER=bot" > $ROCKETCHAT_PROD_FILE
 echo "ROCKETCHAT_ROOM=GENERAL" >> $ROCKETCHAT_PROD_FILE
 echo "BOT_NAME=bot" >> $ROCKETCHAT_PROD_FILE
-echo "ROCKETCHAT_PASSWORD=\"$ROCKETCHAT_PASSWORD\"" >> $ROCKETCHAT_PROD_FILE
+echo "ROCKETCHAT_PASSWORD=$ROCKETCHAT_PASSWORD" >> $ROCKETCHAT_PROD_FILE
 
 # docker environment
 echo "MISTBORN_BIND_IP=${MISTBORN_BIND_IP}" >> $ROCKETCHAT_PROD_FILE
\ No newline at end of file
diff --git a/scripts/subinstallers/gen_prod_env.sh b/scripts/subinstallers/gen_prod_env.sh
index 73028f2..d185c32 100755
--- a/scripts/subinstallers/gen_prod_env.sh
+++ b/scripts/subinstallers/gen_prod_env.sh
@@ -15,8 +15,8 @@ echo "DJANGO_ADMIN_URL=admin/" >> $DJANGO_PROD_FILE
 echo "USE_DOCKER=yes" >> $DJANGO_PROD_FILE
 echo "REDIS_URL=redis://redis:6379/0" >> $DJANGO_PROD_FILE
 echo "CELERY_FLOWER_USER=prod" >> $DJANGO_PROD_FILE
-echo "CELERY_FLOWER_PASSWORD=\"$MISTBORN_DEFAULT_PASSWORD\"" >> $DJANGO_PROD_FILE
-echo "MISTBORN_DEFAULT_PASSWORD=\"$MISTBORN_DEFAULT_PASSWORD\"" >> $DJANGO_PROD_FILE
+echo "CELERY_FLOWER_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $DJANGO_PROD_FILE
+echo "MISTBORN_DEFAULT_PASSWORD=$MISTBORN_DEFAULT_PASSWORD" >> $DJANGO_PROD_FILE
 echo "#MAILGUN_API_KEY=" >> $DJANGO_PROD_FILE
 echo "#MAILGUN_API_URL=" >> $DJANGO_PROD_FILE
 echo "#SENTRY_DNS=" >> $DJANGO_PROD_FILE
@@ -41,5 +41,5 @@ PIHOLE_PROD_FILE="./.envs/.production/.pihole"
 #WEBPASSWORD=$(python3 -c "import secrets; import string; print(f''.join([secrets.choice(string.ascii_letters+string.digits) for x in range(32)]))")
 WEBPASSWORD="$1"
 echo "TZ=\"America/New York\"" > $PIHOLE_PROD_FILE
-echo "WEBPASSWORD=\"$WEBPASSWORD\"" >> $PIHOLE_PROD_FILE
+echo "WEBPASSWORD=$WEBPASSWORD" >> $PIHOLE_PROD_FILE
 chmod 600 $PIHOLE_PROD_FILE
diff --git a/scripts/subinstallers/passwd.sh b/scripts/subinstallers/passwd.sh
new file mode 100755
index 0000000..417926b
--- /dev/null
+++ b/scripts/subinstallers/passwd.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+# INPUT default admin password
+while [ -z "${MISTBORN_DEFAULT_PASSWORD}" ]; do
+    echo
+    echo "(Mistborn) The default admin password may only container alphanumeric characters and _"
+    read -p "(Mistborn) Set default admin password: " -s MISTBORN_DEFAULT_PASSWORD
+    echo
+
+    if [[ ${MISTBORN_DEFAULT_PASSWORD} =~ ^[A-Za-z0-9_]+$ ]]; then
+    # it matches
+        echo "(Mistborn) Password is accepted"
+    else
+        unset MISTBORN_DEFAULT_PASSWORD
+        echo "(Mistborn) Try again"
+    fi
+
+done
+
+echo
+echo "MISTBORN_DEFAULT_PASSWORD is set"
+echo