Example config changes and bootstrap file to help init system

2024-06-26 18:59:27 +01:00 · 2024-06-26 18:59:27 +01:00 · a354b347ff
parent dbd762b448
commit a354b347ff
2 changed files with 63 additions and 28 deletions
--- a/bootstrap.sh
+++ b/bootstrap.sh
@ -0,0 +1,35 @@
 #!/bin/sh
 # Simple script to bootstrap making secrets encryption keys etc
 echo "Please input usbkey absolute directory path:"
 read USBKEYSLOCATION_INPUT
 echo "Please input ansible configuration absolute directory path (Path that this script is parent of):"
 read ANSIBLECONF_DIR_INPUT
 USBKEYSLOCATION=$(realpath $USBKEYSLOCATION_INPUT)
 ANSIBLECONF_DIR=$(realpath $ANSIBLECONF_DIR_INPUT)
 echo Checking if path $USBKEYSLOCATION exists...
 if [ ! -d $USBKEYSLOCATION ]; then
 	echo USB Directory Path provided does not exist!
 	exit 1
 fi	
 if [ ! -d $ANSIBLECONF_DIR ]; then
 	echo Ansible Directory Path provided does not exist!
 	exit 1
 fi	
 if [ ! -f $ANSIBLECONF_DIR/serversecrets.enc ]; then
 	echo Server secrets does not exist yet! Please copy/edit the serversecrets.example configuration.
 	exit 1
 fi	
 echo Path $USBKEYSLOCATION exists! Proceeding...
 echo Now proceeding to generate server/service secret encryption keys...
 mkdir -p $USBKEYSLOCATION/$(hostname)
 openssl rand -base64 1390 > $USBKEYSLOCATION/$(hostname)/serversecrets
 openssl rand -base64 1390 > $USBKEYSLOCATION/$(hostname)/servicesecrets
 echo Now proceeding to encrypt the serversecrets file... 
 ansible-vault encrypt $ANSIBLECONF_DIR/serversecrets.enc --vault-password-file $USBKEYSLOCATION/$(hostname)/serversecrets
 ansible-playbook -e @$ANSIBLECONF_DIR/serversecrets.enc --vault-password-file $USBKEYSLOCATION/$(hostname)/serversecrets $ANSIBLECONFI_DIR/server-setup.yml;
--- a/serversecrets.example
+++ b/serversecrets.example
@ -7,47 +7,47 @@ ansibleconf_directory: ~/Client-Ansible-Setup
 # Services Directory - Where all service data and docker configuration will be deployed
 services_directory: /services
-domain_name: ***.com
+domain_name: temp.com
 # Primarily used in resources
-proxy_server_hostname: ***
+proxy_server_hostname: temp
-proxy_server_username: ***
+proxy_server_username: temp
 proxy_server_ip: 127.0.0.1
 proxy_server_ssh_port: 22
 proxy_server_vpn_port: 51820
 # VPN Config
 # VPN Server Private Key
-vpn_server_privkey: *** 
+vpn_server_privkey: temp 
 # VPN Server Public Key
-vpn_server_pubkey: *** 
+vpn_server_pubkey: temp 
 # VPN Client Private Keys
-mail_service_privkey: *** 
+mail_service_privkey: temp 
-git_service_privkey: ***
+git_service_privkey: temp
-invidious_service_privkey: *** 
+invidious_service_privkey: temp 
-searxng_service_privkey: *** 
+searxng_service_privkey: temp 
-nextcloud_service_privkey: *** 
+nextcloud_service_privkey: temp 
-chat_service_privkey: *** 
+chat_service_privkey: temp 
-minecraft_service_privkey: *** 
+minecraft_service_privkey: temp 
-icinga2_backend_privkey: ***
+icinga2_backend_privkey: temp
-cockpit_backend_privkey: ***
+cockpit_backend_privkey: temp
-user_privkey: ***
+user_privkey: temp
 # VPN Client Public Keys
-mail_service_pubkey: *** 
+mail_service_pubkey: temp 
-git_service_pubkey: ***
+git_service_pubkey: temp
-invidious_service_pubkey: ***
+invidious_service_pubkey: temp
-searxng_service_pubkey: ***
+searxng_service_pubkey: temp
-nextcloud_service_pubkey: ***
+nextcloud_service_pubkey: temp
-chat_service_pubkey: ***
+chat_service_pubkey: temp
-minecraft_service_pubkey: ***
+minecraft_service_pubkey: temp
-icinga2_backend_pubkey: ***
+icinga2_backend_pubkey: temp
-cockpit_backend_pubkey: ***
+cockpit_backend_pubkey: temp
-user_pubkey: ***
+user_pubkey: temp
 # USB Encryption Key
-usbkey_uuid: ***
+usbkey_uuid: temp
-usbkey_mountdir: /mnt
+usbkey_mountdir: /media/KeyUSB
-usbkey_keysdir: /mnt/keys
+usbkey_keysdir: /media/KeyUSB/Keys