65 lines
2.2 KiB
Bash
65 lines
2.2 KiB
Bash
#!/bin/bash
|
|
|
|
# Calejo Control Adapter - Monitoring Secrets Generation
|
|
# This script generates random passwords for Prometheus and updates configurations
|
|
|
|
set -e
|
|
|
|
echo "🔐 Generating monitoring secrets..."
|
|
|
|
# Generate random password (16 characters, alphanumeric + special chars)
|
|
RANDOM_PASSWORD=$(openssl rand -base64 16 | tr -d '\n' | cut -c1-16)
|
|
|
|
# Set default username
|
|
PROMETHEUS_USERNAME="prometheus_user"
|
|
|
|
# Generate password hash for Prometheus
|
|
PASSWORD_HASH=$(echo "$RANDOM_PASSWORD" | docker run --rm -i prom/prometheus:latest htpasswd -niB "$PROMETHEUS_USERNAME" 2>/dev/null || echo "$2y$10$8J8J8J8J8J8J8J8J8J8u8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8J8")
|
|
|
|
# Create Prometheus web configuration with random password
|
|
cat > ./monitoring/web.yml << EOF
|
|
# Prometheus web configuration with basic authentication
|
|
# Auto-generated with random password
|
|
basic_auth_users:
|
|
$PROMETHEUS_USERNAME: $PASSWORD_HASH
|
|
EOF
|
|
|
|
# Update Grafana datasource configuration with the random password
|
|
cat > ./monitoring/grafana/datasources/prometheus.yml << EOF
|
|
apiVersion: 1
|
|
|
|
datasources:
|
|
- name: Prometheus
|
|
type: prometheus
|
|
access: proxy
|
|
url: http://prometheus:9090
|
|
isDefault: true
|
|
editable: true
|
|
# Basic authentication configuration with auto-generated password
|
|
basicAuth: true
|
|
basicAuthUser: $PROMETHEUS_USERNAME
|
|
secureJsonData:
|
|
basicAuthPassword: $RANDOM_PASSWORD
|
|
EOF
|
|
|
|
# Create environment file with generated credentials
|
|
cat > ./monitoring/.env.generated << EOF
|
|
# Auto-generated monitoring credentials
|
|
# Generated on: $(date)
|
|
PROMETHEUS_USERNAME=$PROMETHEUS_USERNAME
|
|
PROMETHEUS_PASSWORD=$RANDOM_PASSWORD
|
|
EOF
|
|
|
|
echo "✅ Monitoring secrets generated!"
|
|
echo "📝 Credentials saved to: monitoring/.env.generated"
|
|
echo ""
|
|
echo "🔑 Generated Prometheus Credentials:"
|
|
echo " Username: $PROMETHEUS_USERNAME"
|
|
echo " Password: $RANDOM_PASSWORD"
|
|
echo ""
|
|
echo "📊 Grafana Configuration:"
|
|
echo " - Default admin password: admin (can be changed after login)"
|
|
echo " - Auto-configured to connect to Prometheus with generated credentials"
|
|
echo ""
|
|
echo "⚠️ Important: These credentials are auto-generated and should be kept secure!"
|
|
echo " The monitoring/.env.generated file should not be committed to version control." |