fix(slink,fleet): append APP_ENV/APP_SECRET to .env, use setup_mariadb_db
- slink: APP_ENV and APP_SECRET not present in .env.example, sed patterns never matched → Symfony defaulted to dev mode → WebProfilerBundle crash (not installed with --no-dev). Now appends APP_ENV=prod + APP_SECRET. - fleet: use setup_mariadb_db helper instead of manual SQL, reference MARIADB_DB_PASS, depend on mariadb.service
This commit is contained in:
MickLesk
@@ -14,16 +14,7 @@ network_check
|
||||
update_os
|
||||
|
||||
setup_mariadb
|
||||
|
||||
msg_info "Setting up Database"
|
||||
FLEET_DB_PASS=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c 13)
|
||||
$STD mysql -u root <<EOSQL
|
||||
CREATE DATABASE fleet;
|
||||
CREATE USER 'fleet'@'localhost' IDENTIFIED BY '${FLEET_DB_PASS}';
|
||||
GRANT ALL PRIVILEGES ON fleet.* TO 'fleet'@'localhost';
|
||||
FLUSH PRIVILEGES;
|
||||
EOSQL
|
||||
msg_ok "Set up Database"
|
||||
MARIADB_DB_NAME="fleet" MARIADB_DB_USER="fleet" setup_mariadb_db
|
||||
|
||||
fetch_and_deploy_gh_release "fleet" "fleetdm/fleet" "prebuild" "latest" "/opt/fleet" "fleet_v*_linux.tar.gz"
|
||||
|
||||
@@ -34,7 +25,7 @@ cat <<EOF >/opt/fleet/.env
|
||||
FLEET_MYSQL_ADDRESS=127.0.0.1:3306
|
||||
FLEET_MYSQL_DATABASE=fleet
|
||||
FLEET_MYSQL_USERNAME=fleet
|
||||
FLEET_MYSQL_PASSWORD=${FLEET_DB_PASS}
|
||||
FLEET_MYSQL_PASSWORD=${MARIADB_DB_PASS}
|
||||
FLEET_SERVER_ADDRESS=0.0.0.0:8080
|
||||
FLEET_SERVER_TLS=false
|
||||
FLEET_AUTH_JWT_KEY=${JWT_KEY}
|
||||
@@ -51,8 +42,8 @@ msg_info "Creating Service"
|
||||
cat <<EOF >/etc/systemd/system/fleet.service
|
||||
[Unit]
|
||||
Description=Fleet
|
||||
After=network.target mysql.service
|
||||
Requires=mysql.service
|
||||
After=network.target mariadb.service
|
||||
Requires=mariadb.service
|
||||
|
||||
[Service]
|
||||
Type=simple
|
||||
|
||||
@@ -41,12 +41,15 @@ cd /opt/slink/services/api
|
||||
APP_SECRET=$(openssl rand -hex 16)
|
||||
ADMIN_PASS=$(openssl rand -base64 12 | tr -dc 'a-zA-Z0-9' | head -c12)
|
||||
JWT_PASS=$(openssl rand -hex 16)
|
||||
sed -i "s|^APP_SECRET=.*|APP_SECRET=${APP_SECRET}|" .env
|
||||
sed -i "s|^APP_ENV=.*|APP_ENV=prod|" .env
|
||||
{
|
||||
echo ""
|
||||
echo "APP_ENV=prod"
|
||||
echo "APP_SECRET=${APP_SECRET}"
|
||||
} >>".env"
|
||||
sed -i "s|^ADMIN_EMAIL=.*|ADMIN_EMAIL=admin@localhost|" .env
|
||||
sed -i "s|^ADMIN_PASSWORD=.*|ADMIN_PASSWORD=${ADMIN_PASS}|" .env
|
||||
sed -i "s|^JWT_PASSPHRASE=.*|JWT_PASSPHRASE=${JWT_PASS}|" .env
|
||||
sed -i "s|^CORS_ALLOW_ORIGIN=.*|CORS_ALLOW_ORIGIN='^https?://.*$'|" .env
|
||||
sed -i "s|^CORS_ALLOW_ORIGIN=.*|CORS_ALLOW_ORIGIN='^https?://.*\$'|" .env
|
||||
sed -i "s|sqlite:////app/var/data|sqlite:////opt/slink/services/api/var/data|g" .env
|
||||
export APP_ENV=prod
|
||||
mkdir -p /opt/slink/services/api/var/data
|
||||
|
||||
Reference in New Issue
Block a user