env/hedgedoc/setup

#!/bin/bash
die() { echo >&2 "$@" ; exit 1 ; }

DIRNAME="$(dirname $0)"
cd "$DIRNAME"
source ../env.production || die "no top levle env?"
source env.production || die "no local env?"

docker-compose down

# regenerate the client secrets
CLIENT_SECRET="$(openssl rand -hex 20)"
SESSION_SECRET="$(openssl rand -hex 20)"

rm -f env.secrets
cat <<EOF > env.secrets
CMD_OAUTH2_CLIENT_SECRET=$CLIENT_SECRET
CMD_SESSION_SECRET=$SESSION_SECRET
EOF

../keycloak/client-delete hedgedoc

../keycloak/client-create <<EOF || die "unable to create hedgedoc client"
{
	"clientId": "hedgedoc",
	"rootUrl": "https://$HEDGEDOC_HOSTNAME",
	"adminUrl": "https://$HEDGEDOC_HOSTNAME",
	"redirectUris": [ "https://$HEDGEDOC_HOSTNAME/*" ],
	"webOrigins": [ "https://$HEDGEDOC_HOSTNAME" ],
	"clientAuthenticatorType": "client-secret",
	"secret": "$CLIENT_SECRET",
	"defaultClientScopes": [
		"web-origins",
		"acr",
		"profile",
		"roles",
		"id",
		"email"
	],
	"optionalClientScopes": [
		"address",
		"phone",
		"offline_access",
		"microprofile-jwt"
	]
}
EOF


docker-compose up -d || die "unable to start container"
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago			`#!/bin/bash`
			`die() { echo >&2 "$@" ; exit 1 ; }`

			`DIRNAME="$(dirname $0)"`
			`cd "$DIRNAME"`
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`source ../env.production \|\| die "no top levle env?"`
			`source env.production \|\| die "no local env?"`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`docker-compose down`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`# regenerate the client secrets`
			`CLIENT_SECRET="$(openssl rand -hex 20)"`
			`SESSION_SECRET="$(openssl rand -hex 20)"`
hedgedoc: setup needs the keycloak password 3 years ago
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`rm -f env.secrets`
			`cat <<EOF > env.secrets`
			`CMD_OAUTH2_CLIENT_SECRET=$CLIENT_SECRET`
			`CMD_SESSION_SECRET=$SESSION_SECRET`
			`EOF`

			`../keycloak/client-delete hedgedoc`

			`../keycloak/client-create <<EOF \|\| die "unable to create hedgedoc client"`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago			`{`
			`"clientId": "hedgedoc",`
			`"rootUrl": "https://$HEDGEDOC_HOSTNAME",`
			`"adminUrl": "https://$HEDGEDOC_HOSTNAME",`
			`"redirectUris": [ "https://$HEDGEDOC_HOSTNAME/*" ],`
			`"webOrigins": [ "https://$HEDGEDOC_HOSTNAME" ],`
			`"clientAuthenticatorType": "client-secret",`
nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago			`"secret": "$CLIENT_SECRET",`
overhaul the env.production files, add more nginx wrappers, split things into setup scripts 3 years ago			`"defaultClientScopes": [`
			`"web-origins",`
			`"acr",`
			`"profile",`
			`"roles",`
			`"id",`
			`"email"`
			`],`
			`"optionalClientScopes": [`
			`"address",`
			`"phone",`
			`"offline_access",`
			`"microprofile-jwt"`
			`]`
			`}`
			`EOF`

nginx renewal fixes, oauth mastodon setup, secret restructure, etc 3 years ago
			`docker-compose up -d \|\| die "unable to start container"`