#!/bin/bash # Calejo Control Adapter - Monitoring Secrets Generation # This script generates random passwords for Prometheus and updates configurations set -e echo "🔐 Generating monitoring secrets..." # Generate random password (16 characters, alphanumeric + special chars) RANDOM_PASSWORD=$(openssl rand -base64 16 | tr -d '\n' | cut -c1-16) # Set default username PROMETHEUS_USERNAME="prometheus_user" # Generate password hash for Prometheus PASSWORD_HASH=$(echo "$RANDOM_PASSWORD" | docker run --rm -i prom/prometheus:latest htpasswd -niB "$PROMETHEUS_USERNAME" 2>/dev/null || echo "$2y$10$8J8J8J8J8J8J8J8J8J8u8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8") # Create Prometheus web configuration with random password cat > ./monitoring/web.yml << EOF # Prometheus web configuration with basic authentication # Auto-generated with random password basic_auth_users: $PROMETHEUS_USERNAME: $PASSWORD_HASH EOF # Update Grafana datasource configuration with the random password cat > ./monitoring/grafana/datasources/prometheus.yml << EOF apiVersion: 1 datasources: - name: Prometheus type: prometheus access: proxy url: http://prometheus:9090 isDefault: true editable: true # Basic authentication configuration with auto-generated password basicAuth: true basicAuthUser: $PROMETHEUS_USERNAME secureJsonData: basicAuthPassword: $RANDOM_PASSWORD EOF # Create environment file with generated credentials cat > ./monitoring/.env.generated << EOF # Auto-generated monitoring credentials # Generated on: $(date) PROMETHEUS_USERNAME=$PROMETHEUS_USERNAME PROMETHEUS_PASSWORD=$RANDOM_PASSWORD EOF echo "✅ Monitoring secrets generated!" echo "📝 Credentials saved to: monitoring/.env.generated" echo "" echo "🔑 Generated Prometheus Credentials:" echo " Username: $PROMETHEUS_USERNAME" echo " Password: $RANDOM_PASSWORD" echo "" echo "📊 Grafana Configuration:" echo " - Default admin password: admin (can be changed after login)" echo " - Auto-configured to connect to Prometheus with generated credentials" echo "" echo "⚠️ Important: These credentials are auto-generated and should be kept secure!" echo " The monitoring/.env.generated file should not be committed to version control."