Example config changes and bootstrap file to help init system

bootstrap.sh

@@ -0,0 +1,35 @@
+#!/bin/sh
+
+# Simple script to bootstrap making secrets encryption keys etc
+
+echo "Please input usbkey absolute directory path:"
+read USBKEYSLOCATION_INPUT
+echo "Please input ansible configuration absolute directory path (Path that this script is parent of):"
+read ANSIBLECONF_DIR_INPUT
+USBKEYSLOCATION=$(realpath $USBKEYSLOCATION_INPUT)
+ANSIBLECONF_DIR=$(realpath $ANSIBLECONF_DIR_INPUT)
+
+echo Checking if path $USBKEYSLOCATION exists...
+if [ ! -d $USBKEYSLOCATION ]; then
+	echo USB Directory Path provided does not exist!
+	exit 1
+fi	
+if [ ! -d $ANSIBLECONF_DIR ]; then
+	echo Ansible Directory Path provided does not exist!
+	exit 1
+fi	
+if [ ! -f $ANSIBLECONF_DIR/serversecrets.enc ]; then
+	echo Server secrets does not exist yet! Please copy/edit the serversecrets.example configuration.
+	exit 1
+fi	
+
+echo Path $USBKEYSLOCATION exists! Proceeding...
+echo Now proceeding to generate server/service secret encryption keys...
+mkdir -p $USBKEYSLOCATION/$(hostname)
+openssl rand -base64 1390 > $USBKEYSLOCATION/$(hostname)/serversecrets
+openssl rand -base64 1390 > $USBKEYSLOCATION/$(hostname)/servicesecrets
+
+echo Now proceeding to encrypt the serversecrets file... 
+ansible-vault encrypt $ANSIBLECONF_DIR/serversecrets.enc --vault-password-file $USBKEYSLOCATION/$(hostname)/serversecrets
+
+ansible-playbook -e @$ANSIBLECONF_DIR/serversecrets.enc --vault-password-file $USBKEYSLOCATION/$(hostname)/serversecrets $ANSIBLECONFI_DIR/server-setup.yml;

serversecrets.example

@@ -7,47 +7,47 @@ ansibleconf_directory: ~/Client-Ansible-Setup
 # Services Directory - Where all service data and docker configuration will be deployed
 services_directory: /services
 
-domain_name: ***.com
+domain_name: temp.com
 
 # Primarily used in resources
-proxy_server_hostname: ***
-proxy_server_username: ***
+proxy_server_hostname: temp
+proxy_server_username: temp
 proxy_server_ip: 127.0.0.1
 proxy_server_ssh_port: 22
 proxy_server_vpn_port: 51820
 
 # VPN Config
 # VPN Server Private Key
-vpn_server_privkey: *** 
+vpn_server_privkey: temp 
 
 # VPN Server Public Key
-vpn_server_pubkey: *** 
+vpn_server_pubkey: temp 
 
 # VPN Client Private Keys
-mail_service_privkey: *** 
-git_service_privkey: ***
-invidious_service_privkey: *** 
-searxng_service_privkey: *** 
-nextcloud_service_privkey: *** 
-chat_service_privkey: *** 
-minecraft_service_privkey: *** 
-icinga2_backend_privkey: ***
-cockpit_backend_privkey: ***
-user_privkey: ***
+mail_service_privkey: temp 
+git_service_privkey: temp
+invidious_service_privkey: temp 
+searxng_service_privkey: temp 
+nextcloud_service_privkey: temp 
+chat_service_privkey: temp 
+minecraft_service_privkey: temp 
+icinga2_backend_privkey: temp
+cockpit_backend_privkey: temp
+user_privkey: temp
 
 # VPN Client Public Keys
-mail_service_pubkey: *** 
-git_service_pubkey: ***
-invidious_service_pubkey: ***
-searxng_service_pubkey: ***
-nextcloud_service_pubkey: ***
-chat_service_pubkey: ***
-minecraft_service_pubkey: ***
-icinga2_backend_pubkey: ***
-cockpit_backend_pubkey: ***
-user_pubkey: ***
+mail_service_pubkey: temp 
+git_service_pubkey: temp
+invidious_service_pubkey: temp
+searxng_service_pubkey: temp
+nextcloud_service_pubkey: temp
+chat_service_pubkey: temp
+minecraft_service_pubkey: temp
+icinga2_backend_pubkey: temp
+cockpit_backend_pubkey: temp
+user_pubkey: temp
 
 # USB Encryption Key
-usbkey_uuid: ***
-usbkey_mountdir: /mnt
-usbkey_keysdir: /mnt/keys
+usbkey_uuid: temp
+usbkey_mountdir: /media/KeyUSB
+usbkey_keysdir: /media/KeyUSB/Keys