Launch script now retrieve secrets from encrypted secret archive.

2019-12-14 23:22:13 +01:00 · 2019-12-14 23:22:13 +01:00 · d7d49caeff
commit d7d49caeff
parent fb2a237c80
2 changed files with 7 additions and 2 deletions
--- a/2
+++ b/2
@ -1,2 +0,0 @@
-A secret must be defined before starting the stack :
-echo "FIXME" > .env
--- a/start_or_update.sh
+++ b/start_or_update.sh
@ -1,4 +1,11 @@
 #!/bin/bash
+test -z ${KEY} && { echo "KEY variable is not defined."; exit 1; }
+test -f ~/secrets.tar.gz.enc || curl -o ~/secrets.tar.gz.enc "https://cloud.scimetis.net/s/${KEY}/download?path=%2F&files=secrets.tar.gz.enc"
+openssl enc -aes-256-cbc -d -in ~/secrets.tar.gz.enc | tar -zxv --strip 2 secrets/docker-coturn-stack/secret
+sudo chown root. secret
+sudo chmod a-r secret
+sudo mv -f secret .env
+
 unset VERSION_COTURN
 VERSION_COTURN=$(git ls-remote https://git.scimetis.net/yohan/docker-coturn.git| head -1 | cut -f 1|cut -c -10) \
 sudo -E bash -c 'docker-compose up -d'