#!/bin/bash # ============================================================================== # Production Secrets Setup Script # ============================================================================== # This script creates Docker Secrets on the production server from .env values # Run this ONCE during initial setup on the production server. # ============================================================================== set -e echo "🔐 Docker Secrets Setup for Production" echo "======================================" echo "" # Check if running on production server if [ ! -f /home/deploy/framework/.env ]; then echo "❌ ERROR: /home/deploy/framework/.env not found" echo " Please ensure .env file exists on production server" exit 1 fi # Check if Docker Swarm is initialized if ! docker info | grep -q "Swarm: active"; then echo "❌ ERROR: Docker Swarm is not initialized" echo " Run: docker swarm init" exit 1 fi echo "📋 Reading secrets from .env file..." cd /home/deploy/framework # Function to create secret from .env create_secret() { local secret_name=$1 local env_key=$2 # Extract value from .env local value=$(grep "^${env_key}=" .env | cut -d'=' -f2- | sed 's/^"\(.*\)"$/\1/') if [ -z "$value" ]; then echo "⚠ī¸ WARNING: ${env_key} not found in .env, skipping ${secret_name}" return fi # Check if secret already exists if docker secret ls --format "{{.Name}}" | grep -q "^${secret_name}$"; then echo "ℹī¸ Secret '${secret_name}' already exists, skipping..." return fi # Create secret echo "$value" | docker secret create "$secret_name" - 2>/dev/null if [ $? -eq 0 ]; then echo "✅ Created secret: ${secret_name}" else echo "❌ Failed to create secret: ${secret_name}" fi } echo "" echo "🔑 Creating Docker Secrets..." echo "" # Create all required secrets create_secret "db_password" "DB_PASSWORD" create_secret "app_key" "APP_KEY" create_secret "vault_encryption_key" "VAULT_ENCRYPTION_KEY" create_secret "shopify_webhook_secret" "SHOPIFY_WEBHOOK_SECRET" create_secret "rapidmail_password" "RAPIDMAIL_PASSWORD" echo "" echo "📊 Verifying Secrets..." echo "" docker secret ls echo "" echo "✅ Secrets setup completed!" echo "" echo "Next steps:" echo " 1. Deploy the stack: docker stack deploy -c docker-compose.prod.yml framework" echo " 2. Monitor deployment: watch docker stack ps framework" echo " 3. Check logs: docker service logs framework_web" echo ""