86 lines
2.5 KiB
Bash
Executable File
86 lines
2.5 KiB
Bash
Executable File
#!/bin/bash
|
||
# ==============================================================================
|
||
# Production Secrets Setup Script
|
||
# ==============================================================================
|
||
# This script creates Docker Secrets on the production server from .env values
|
||
# Run this ONCE during initial setup on the production server.
|
||
# ==============================================================================
|
||
|
||
set -e
|
||
|
||
echo "🔐 Docker Secrets Setup for Production"
|
||
echo "======================================"
|
||
echo ""
|
||
|
||
# Check if running on production server
|
||
if [ ! -f /home/deploy/framework/.env ]; then
|
||
echo "❌ ERROR: /home/deploy/framework/.env not found"
|
||
echo " Please ensure .env file exists on production server"
|
||
exit 1
|
||
fi
|
||
|
||
# Check if Docker Swarm is initialized
|
||
if ! docker info | grep -q "Swarm: active"; then
|
||
echo "❌ ERROR: Docker Swarm is not initialized"
|
||
echo " Run: docker swarm init"
|
||
exit 1
|
||
fi
|
||
|
||
echo "📋 Reading secrets from .env file..."
|
||
cd /home/deploy/framework
|
||
|
||
# Function to create secret from .env
|
||
create_secret() {
|
||
local secret_name=$1
|
||
local env_key=$2
|
||
|
||
# Extract value from .env
|
||
local value=$(grep "^${env_key}=" .env | cut -d'=' -f2- | sed 's/^"\(.*\)"$/\1/')
|
||
|
||
if [ -z "$value" ]; then
|
||
echo "⚠️ WARNING: ${env_key} not found in .env, skipping ${secret_name}"
|
||
return
|
||
fi
|
||
|
||
# Check if secret already exists
|
||
if docker secret ls --format "{{.Name}}" | grep -q "^${secret_name}$"; then
|
||
echo "ℹ️ Secret '${secret_name}' already exists, skipping..."
|
||
return
|
||
fi
|
||
|
||
# Create secret
|
||
echo "$value" | docker secret create "$secret_name" - 2>/dev/null
|
||
|
||
if [ $? -eq 0 ]; then
|
||
echo "✅ Created secret: ${secret_name}"
|
||
else
|
||
echo "❌ Failed to create secret: ${secret_name}"
|
||
fi
|
||
}
|
||
|
||
echo ""
|
||
echo "🔑 Creating Docker Secrets..."
|
||
echo ""
|
||
|
||
# Create all required secrets
|
||
create_secret "db_password" "DB_PASSWORD"
|
||
create_secret "app_key" "APP_KEY"
|
||
create_secret "vault_encryption_key" "VAULT_ENCRYPTION_KEY"
|
||
create_secret "shopify_webhook_secret" "SHOPIFY_WEBHOOK_SECRET"
|
||
create_secret "rapidmail_password" "RAPIDMAIL_PASSWORD"
|
||
|
||
echo ""
|
||
echo "📊 Verifying Secrets..."
|
||
echo ""
|
||
|
||
docker secret ls
|
||
|
||
echo ""
|
||
echo "✅ Secrets setup completed!"
|
||
echo ""
|
||
echo "Next steps:"
|
||
echo " 1. Deploy the stack: docker stack deploy -c docker-compose.prod.yml framework"
|
||
echo " 2. Monitor deployment: watch docker stack ps framework"
|
||
echo " 3. Check logs: docker service logs framework_web"
|
||
echo ""
|