karsten
/
tenantgenerator
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
tenantgenerator/tenant/utils/generate_secrets_file.py

82 lines
3.0 KiB
Python
Raw Blame History

import random
import os
import ruamel.yaml
import string
import subprocess
yaml = ruamel.yaml.YAML()
def generate_random_string(length):
characters = string.ascii_letters + string.digits
return "".join(random.choice(characters) for i in range(length))
def generate_secrets_file(secrets_file, git_sync_password):
with open(secrets_file, "w", encoding="utf-8") as file:
yaml.dump(
{
"elasticsearch": {
"config": {
"rbac": {
"builtinUsers": {
"apm_system": generate_random_string(8),
"beats_system": generate_random_string(8),
"elastic": generate_random_string(8),
"kibana_system": generate_random_string(8),
"logstash_system": generate_random_string(8),
"remote_monitoring_user": generate_random_string(8),
},
"customUsers": {
"logstash_internal": {
"password": generate_random_string(8)
},
"logstash_writer": {
"password": generate_random_string(8)
},
"prometheus": {"password": "monitor"},
},
}
}
},
"kibana": {
"config": {
"encryption": {
"common": generate_random_string(32),
"reporting": generate_random_string(32),
"savedObjects": generate_random_string(32),
}
}
},
"logstash": {
"gitSync": {"password": git_sync_password},
"password": generate_random_string(32),
},
"oauthProxy": {
"clientSecret": generate_random_string(20),
"cookie_secret": generate_random_string(32),
},
"tls": {
"externalCertificates": {
"kibana": {"tls_key": "ImportMeFromSopsFile"}
},
"keystorePassword": generate_random_string(8),
"truststorePassword": generate_random_string(8),
},
},
file,
)
try:
subprocess.run(
[
"sops",
"-e",
"--in-place",
"--age=age1gpnes7752n47qutltpy0trtz0wvdgtuudluuxde6efjysmrw03sqlp34z4",
secrets_file,
],
check=True,
)
except subprocess.CalledProcessError as e:
print(f"Error: {e.returncode}\n{e.stderr}")
Reference in New Issue View Git Blame Copy Permalink