From 22550cdb1de6265ccbf4822cee470d67e8e841c4 Mon Sep 17 00:00:00 2001
From: admire <admire@kartoza.com>
Date: Thu, 10 Jun 2021 18:27:48 +0200
Subject: [PATCH] wip - passwords

---
 Dockerfile                   |  2 +-
 scripts/docker-entrypoint.sh |  1 -
 scripts/env-data.sh          | 18 ++++++++++++------
 scripts/setup-conf.sh        |  1 +
 scripts/setup-user.sh        |  3 +++
 5 files changed, 17 insertions(+), 8 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index ee92c04..38a576b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -128,7 +128,7 @@ RUN chmod +x *.sh
 # this dockerfile directly.
 RUN set -eux \
     && /scripts/setup.sh
-
+RUN echo 'figlet -t "Kartoza Docker PostGIS"' >> ~/.bashrc
 VOLUME /var/lib/postgresql
 
 ENTRYPOINT /scripts/docker-entrypoint.sh
diff --git a/scripts/docker-entrypoint.sh b/scripts/docker-entrypoint.sh
index 3ae2e42..92e44d0 100755
--- a/scripts/docker-entrypoint.sh
+++ b/scripts/docker-entrypoint.sh
@@ -15,7 +15,6 @@ source /scripts/setup-ssl.sh
 
 source /scripts/setup-pg_hba.sh
 # Function to add figlet
-advertise
 figlet -t "Kartoza Docker PostGIS"
 
 POSTGRES_PASS=$(cat /tmp/PGPASSWORD.txt)
diff --git a/scripts/env-data.sh b/scripts/env-data.sh
index ca3c389..a755e41 100644
--- a/scripts/env-data.sh
+++ b/scripts/env-data.sh
@@ -20,6 +20,7 @@ PGSTAT_TMP="/var/run/postgresql/"
 PG_PID="/var/run/postgresql/${POSTGRES_MAJOR_VERSION}-main.pid"
 
 
+
 # Read data from secrets into env variables.
 
 # usage: file_env VAR [DEFAULT]
@@ -386,7 +387,7 @@ until su - postgres -c "${PG_BASEBACKUP} -X stream -h ${REPLICATE_FROM} -p ${REP
 }
 
 function pg_password() {
-  SETUP_LOCKFILE="${EXTRA_CONF_DIR}/.pass.lock"
+  SETUP_LOCKFILE="/settings/.pgpasspass.lock"
   if [ -z "${POSTGRES_PASS}"  ] && [ ! -f ${SETUP_LOCKFILE} ]; then
 	  POSTGRES_PASS=$(openssl rand -base64 15)
 	  touch ${SETUP_LOCKFILE}
@@ -397,10 +398,15 @@ function pg_password() {
 
 }
 
-function advertise() {
-  SETUP_LOCKFILE="${EXTRA_CONF_DIR}/.bash.lock"
-  if [[ ! -f ${SETUP_LOCKFILE} ]]; then
-    echo 'figlet -t "Kartoza Docker PostGIS"' >> ~/.bashrc
-    touch ${SETUP_LOCKFILE}
+function replication_password() {
+  SETUP_LOCKFILE="/settings/.replicationpass.lock"
+  if [ -z "${REPLICATION_PASS}"  ] && [ ! -f ${SETUP_LOCKFILE} ]; then
+	  REPLICATION_PASS=$(openssl rand -base64 15)
+	  touch ${SETUP_LOCKFILE}
+	  echo "$REPLICATION_PASS" >> /tmp/REPLPASSWORD.txt
+	else
+	  echo "$REPLICATION_PASS" >> /tmp/REPLPASSWORD.txt
   fi
+
 }
+
diff --git a/scripts/setup-conf.sh b/scripts/setup-conf.sh
index a96fe90..680117e 100644
--- a/scripts/setup-conf.sh
+++ b/scripts/setup-conf.sh
@@ -3,6 +3,7 @@
 source /scripts/env-data.sh
 
 SETUP_LOCKFILE="${ROOT_CONF}/.postgresql.conf.lock"
+create_dir /settings
 if [ -f "${SETUP_LOCKFILE}" ]; then
 	return 0
 fi
diff --git a/scripts/setup-user.sh b/scripts/setup-user.sh
index 0c630bf..d296e3f 100644
--- a/scripts/setup-user.sh
+++ b/scripts/setup-user.sh
@@ -27,6 +27,9 @@ if [ -z "$RESULT" ]; then
 fi
 su - postgres -c "psql postgres -c \"$COMMAND USER $POSTGRES_USER WITH SUPERUSER ENCRYPTED PASSWORD '$POSTGRES_PASS';\""
 
+replication_password
+REPLICATION_PASS=$(cat /tmp/REPLPASSWORD.txt)
+
 echo "Creating replication user $REPLICATION_USER"
 RESULT_REPLICATION=`su - postgres -c "psql postgres -t -c \"SELECT 1 FROM pg_roles WHERE rolname = '$REPLICATION_USER'\""`
 COMMANDS="ALTER"