-
Notifications
You must be signed in to change notification settings - Fork 115
/
Copy pathupdate_credentials.sh
71 lines (57 loc) · 2.58 KB
/
update_credentials.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
#!/bin/bash
# Credits to https://github.com/meggsimum/geoserver-docker/ and https://github.com/kartoza/docker-geoserver
echo "Updating GeoServer Credentials ..."
if [ ${DEBUG} ]; then
set -e
set -x
fi;
# copy over default security folder to data dir (if not existing)
if [ ! -d "${GEOSERVER_DATA_DIR}/security" ]; then
cp -r "${CATALINA_HOME}/webapps/geoserver/data/security" "${GEOSERVER_DATA_DIR}/"
fi
GEOSERVER_ADMIN_USER=${GEOSERVER_ADMIN_USER:-admin}
GEOSERVER_ADMIN_PASSWORD=${GEOSERVER_ADMIN_PASSWORD:-geoserver}
# templates to use as base for replacement
USERS_XML_ORIG="${CATALINA_HOME}/webapps/geoserver/data/security/usergroup/default/users.xml"
echo "USING USERS XML ORIGINAL:" $USERS_XML_ORIG
ROLES_XML_ORIG="${CATALINA_HOME}/webapps/geoserver/data/security/role/default/roles.xml"
echo "USING ROLES XML ORIGINAL:" $ROLES_XML_ORIG
# final users.xml file GeoServer data dir
USERS_XML=${USERS_XML:-"${GEOSERVER_DATA_DIR}/security/usergroup/default/users.xml"}
echo "SETTING USERS XML:" $USERS_XML
# final roles.xml file GeoServer data dir
ROLES_XML=${ROLES_XML:-"${GEOSERVER_DATA_DIR}/security/role/default/roles.xml"}
echo "SETTING ROLES XML:" . $ROLES_XML
CLASSPATH="$CATALINA_HOME/webapps/geoserver/WEB-INF/lib/"
# tmp files
TMP_USERS=/tmp/users.xml
TMP_ROLES=/tmp/roles.xml
make_hash(){
NEW_PASSWORD=$1
(echo "digest1:" && java -classpath $(find $CLASSPATH -regex ".*jasypt-[0-9]\.[0-9]\.[0-9].*jar") org.jasypt.intf.cli.JasyptStringDigestCLI digest.sh algorithm=SHA-256 saltSizeBytes=16 iterations=100000 input="$NEW_PASSWORD" verbose=0) | tr -d '\n'
}
# create PW hash for given password
PWD_HASH=$(make_hash $GEOSERVER_ADMIN_PASSWORD)
# USERS.XML SETUP
# <user enabled="true" name="admin" password="digest1:D9miJH/hVgfxZJscMafEtbtliG0ROxhLfsznyWfG38X2pda2JOSV4POi55PQI4tw"/>
cat $USERS_XML_ORIG | sed -e "s/ name=\".*\" / name=\"${GEOSERVER_ADMIN_USER}\" /" | sed -e "s|password=\".*\"/|password=\"${PWD_HASH}\"\/|" > $TMP_USERS
if [ $? -eq 0 ]
then
mv $TMP_USERS $USERS_XML
echo "Successfully replaced $USERS_XML"
else
echo "CAUTION: Abort update_credentials.sh due to error while creating users.xml. File at $USERS_XML keeps untouched"
exit
fi
# ROLES.XML SETUP
# <userRoles username="admin">
cat $ROLES_XML_ORIG | sed -e "s/ username=\".*\"/ username=\"${GEOSERVER_ADMIN_USER}\"/" > $TMP_ROLES
if [ $? -eq 0 ]
then
mv $TMP_ROLES $ROLES_XML
echo "Successfully replaced $ROLES_XML"
else
echo "CAUTION: Abort update_credentials.sh due to error while creating roles.xml. File at $ROLES_XML keeps untouched"
exit
fi
echo "... DONE updating GeoServer Credentials ..."