Fast/setup
Public Access
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

added automatic Key Generation for Empty .env Keys

Browse Source
This commit is contained in:
Henrik Lorenzen
2025-12-03 20:38:40 +01:00
parent 61d94a264f
commit 14b3eb4559
9 changed files with 106 additions and 329 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
.env Normal file
View File

@@ -0,0 +1,3 @@
ROOT_URL=http://95.217.36.57:3000
DOCKER_GROUP_ID=989
DATA_MANAGER_DB_URL=postgresql://data_db:5432/user_data

21
README.md
View File

@@ -388,3 +388,24 @@ Do you want to build load_manager? (Y/n):
=> => unpacking to docker.io/fast/load_manager:latest
```
You can now run the built images using Docker commands, for example:
## Setup Gitea Version controls system
```bash
Do you want to set up Gitea (self-hosted git service)? (Y/n):
Cloning into 'lib'...
remote: Enumerating objects: 20, done.
remote: Counting objects: 100% (20/20), done.
remote: Compressing objects: 100% (15/15), done.
remote: Total 20 (delta 4), reused 0 (delta 0), pack-reused 0 (from 0)
Receiving objects: 100% (20/20), 6.30 KiB | 6.30 MiB/s, done.
Resolving deltas: 100% (4/4), done.
Enter the full path where you want to set up Fast (e.g., /opt/gitea):
```
After entering the path, the script will proceed to set up Gitea and ask if you want to start it immediately:
```bash
Gitea has been set up at /opt/gitea
```

11
bin/create_key.sh Executable file
View File

@@ -0,0 +1,11 @@
#!/bin/bash
# This generates an environmental variable safe key for use in various applications.
KEY_LENGTH=$1
if [[ -z "$KEY_LENGTH" ]]; then
KEY_LENGTH=32
fi
KEY=$(head -c $KEY_LENGTH /dev/urandom | base64 | tr -d '=+/ ' | cut -c1-$KEY_LENGTH)
echo $KEY

5
bin/generate_key.sh Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/bash
# This script generates a random 32-character alphanumeric key
KEY=$(tr -dc 'A-Za-z0-9' < /dev/urandom | head -c 32)
echo "$KEY"

17
bin/setup_env.sh
View File

@@ -1,5 +1,7 @@
#!/bin/bash
SETUP_DIR=$PWD
# check if FAST_PATH is set, if not exit with a message
if [ -z "$FAST_PATH" ]; then
echo "FAST_PATH is not set."
@@ -15,7 +17,7 @@ cd $FAST_PATH
ENV_FILE=".env"
# Define the keywords to look for (case-insensitive search for the value part)
KEYWORDS="(key|user|password|email)"
KEYWORDS="(KEY|USER|PASSWORD|EMAIL)"
# Define the secure placeholder value for non-interactive mode
SECURE_PLACEHOLDER="REPLACED_BY_SCRIPT"
@@ -63,7 +65,7 @@ while IFS= read -r line; do
VAR_VALUE_LOWER=$(echo "$VAR_VALUE_CLEANED" | tr '[:upper:]' '[:lower:]')
# 3. Check if the value contains a sensitive keyword
if [[ "$VAR_VALUE_LOWER" =~ $KEYWORDS ]]; then
if [[ "$VAR_NAME" =~ $KEYWORDS ]]; then
echo -e "\n⚠ Sensitive variable found: **$VAR_NAME**"
echo "Current value: $VAR_VALUE_RAW"
@@ -77,8 +79,15 @@ while IFS= read -r line; do
# if user entered an empty value, use the original value
if [ -z "$NEW_VALUE" ]; then
NEW_VALUE="$VAR_VALUE_CLEANED"
echo "No input provided. Keeping original value."
if [ -z "$VAR_VALUE_CLEANED" ]; then
echo "Original value is empty. Generating a new secure key using bin/create_key..."
NEW_VALUE=$($SETUP_DIR/bin/create_key.sh)
echo "Generated Key: $NEW_VALUE"
else
NEW_VALUE="$VAR_VALUE_CLEANED"
echo "No input provided. Keeping original value."
fi
fi
# Add quotes if value contains spaces

35
bin/setup_gitea.sh Executable file
View File

@@ -0,0 +1,35 @@
# clone the repository
git clone https://git.nxs.solutions/Fast/gitea.git lib
# ask the user for the location where to setup Fast
read -p "Enter the full path where you want to set up Fast (e.g., /opt/gitea): " GITEA_PATH
# if the user input is empty, use /opt/fast as default
if [ -z "$GITEA_PATH" ]; then
GITEA_PATH="/opt/gitea"
fi
# create the directory if it doesn't exist
sudo mkdir -p "$GITEA_PATH"
sudo cp -r lib/* $GITEA_PATH
sudo rm -r lib
sudo chown -R $USER:root $GITEA_PATH
echo "Gitea has been set up at $GITEA_PATH"
# write GITEA_PATH to fast .env
source $USER/.bashrc
if [ -z "$FAST_PATH" ]; then
echo "FAST_PATH is not set. Please run setup_fast.sh first."
exit 1
else
echo "GITEA_PATH=$GITEA_PATH" >> $FAST_PATH/.env
fi
cd $GITEA_PATH
./setup.sh
echo "Gitea setup script completed."

19
config/.env
View File

@@ -1,25 +1,25 @@
VERSION=1.0.0
LOG_LEVEL=DEBUG
RUNPOD_API_KEY=your_rupod_api_key_here
RUNPOD_API_KEY=
REDIS_URL=redis://redis:6379/0
TASK_MANAGER_URL=http://fastflask-nginx-1/task/api/v1
TASK_MANAGER_API_KEY=task_manager_api_key
TASK_MANAGER_API_KEY=
SECRET_DATABASE_URL=sqlite:////app/data/secret.db
SECRET_MANAGER_URL=http://fastflask-nginx-1/secret/api/v1
SECRET_MANAGER_API_KEY=secret_manager_api_key
SECRET_MANAGER_API_KEY=
POSTGRES_USER=your_postgres_user
POSTGRES_PASSWORD=your_postgres_password
POSTGRES_PASSWORD=
STORAGE_DIR=/app/data
ACCESS_DATABASE_URL=sqlite:////app/data/access.db
ACCESS_MANAGER_URL=http://fastflask-nginx-1/access/api/v1
ACCESS_MANAGER_API_KEY=access_manager_api_key
ACCESS_MANAGER_API_KEY=
PROMETHEUS_URL=http://prometheus:9090
@@ -27,20 +27,21 @@ EXOSCALE_API_KEY=your_exoscale_api_key_here
EXOSCALE_API_SECRET=your_exoscale_api_secret_here
STRIPE_SECRET_KEY_PROD=your_stripe_api_secret_here
STRIPE_SECRET_KEY=your_stripe_api_key_here
STRIPE_SECRET_KEY=your_stripe_api_secret_here
ADMIN_USERNAME=your_admin_username_here
ADMIN_PASSWORD=your_admin_password_here
ADMIN_PASSWORD=
ADMIN_EMAIL=your_admin@email.com
SMPT_SERVER=your_smtp_server.com
SMPT_PORT=465
JWT_SECRET_KEY=your_jwt_secret_key_here
JWT_SECRET_KEY=
SENDER_USER=your_smtp_username_here
SENDER_PASSWORD=your_smtp_password_here
SENDER_EMAIL=your_sender_email_here
ACTIVATION_URL=https://your.activation.url/here
PERSONAL_API_KEY=your_personal_api_key_here
PERSONAL_API_KEY=

316
setup.log
View File

@@ -1,316 +0,0 @@
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 https://download.docker.com/linux/debian trixie InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://deb.debian.org/debian-security trixie-security InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
Reading package lists...
Building dependency tree...
Reading state information...
2 packages can be upgraded. Run 'apt list --upgradable' to see them.
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
Upgrading:
docker-ce docker-ce-cli
Summary:
Upgrading: 2, Installing: 0, Removing: 0, Not Upgrading: 0
Download size: 37.3 MB
Space needed: 5,120 B / 436 GB available
Continue? [Y/n] Get:1 https://download.docker.com/linux/debian trixie/stable amd64 docker-ce-cli amd64 5:29.1.2-1~debian.13~trixie [16.3 MB]
Get:2 https://download.docker.com/linux/debian trixie/stable amd64 docker-ce amd64 5:29.1.2-1~debian.13~trixie [21.0 MB]
Fetched 37.3 MB in 0s (91.1 MB/s)
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 52343 files and directories currently installed.)
Preparing to unpack .../docker-ce-cli_5%3a29.1.2-1~debian.13~trixie_amd64.deb ...
Unpacking docker-ce-cli (5:29.1.2-1~debian.13~trixie) over (5:29.1.1-1~debian.13~trixie) ...
Preparing to unpack .../docker-ce_5%3a29.1.2-1~debian.13~trixie_amd64.deb ...
Unpacking docker-ce (5:29.1.2-1~debian.13~trixie) over (5:29.1.1-1~debian.13~trixie) ...
Setting up docker-ce-cli (5:29.1.2-1~debian.13~trixie) ...
Setting up docker-ce (5:29.1.2-1~debian.13~trixie) ...
Processing triggers for man-db (2.13.1-1) ...
Reading package lists...
Building dependency tree...
Reading state information...
tmux is already the newest version (3.5a-3).
neovim is already the newest version (0.10.4-8).
mosh is already the newest version (1.4.0-1+b2).
zoxide is already the newest version (0.9.7-1+b1).
starship is already the newest version (1.22.1-5).
git is already the newest version (1:2.47.3-0+deb13u1).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Reading package lists...
Building dependency tree...
Reading state information...
ca-certificates is already the newest version (20250419).
curl is already the newest version (8.14.1-2+deb13u2).
build-essential is already the newest version (12.12).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
2025-12-03 10:55:55 - Installing pre-requisites
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 https://download.docker.com/linux/debian trixie InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://deb.debian.org/debian-security trixie-security InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:8 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
Reading package lists...
Building dependency tree...
Reading state information...
All packages are up to date.
Reading package lists...
Building dependency tree...
Reading state information...
apt-transport-https is already the newest version (3.0.3).
ca-certificates is already the newest version (20250419).
curl is already the newest version (8.14.1-2+deb13u2).
gnupg is already the newest version (2.4.7-21).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 http://deb.debian.org/debian trixie-backports InRelease
Hit:4 http://deb.debian.org/debian-security trixie-security InRelease
Hit:5 https://download.docker.com/linux/debian trixie InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:8 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:9 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
Reading package lists...
Building dependency tree...
Reading state information...
All packages are up to date.
2025-12-03 10:55:58 - Repository configured successfully.
2025-12-03 10:55:58 - To install Node.js, run: apt install nodejs -y
2025-12-03 10:55:58 - You can use N|solid Runtime as a node.js alternative
2025-12-03 10:55:58 - To install N|solid Runtime, run: apt install nsolid -y

Reading package lists...
Building dependency tree...
Reading state information...
nodejs is already the newest version (25.2.0-1nodesource1).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Types: deb
URIs: https://download.docker.com/linux/debian
Suites: trixie
Components: stable
Signed-By: /etc/apt/keyrings/docker.asc
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 https://download.docker.com/linux/debian trixie InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://deb.debian.org/debian-security trixie-security InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:8 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
Reading package lists...
Building dependency tree...
Reading state information...
All packages are up to date.
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Reading package lists...
Building dependency tree...
Reading state information...
docker-ce is already the newest version (5:29.1.2-1~debian.13~trixie).
docker-ce-cli is already the newest version (5:29.1.2-1~debian.13~trixie).
containerd.io is already the newest version (2.2.0-2~debian.13~trixie).
docker-buildx-plugin is already the newest version (0.30.1-1~debian.13~trixie).
docker-compose-plugin is already the newest version (2.40.3-1~debian.13~trixie).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Docker has been installed and configured.
Hit:1 http://deb.debian.org/debian trixie InRelease
Hit:2 http://deb.debian.org/debian trixie-updates InRelease
Hit:3 https://download.docker.com/linux/debian trixie InRelease
Hit:4 http://deb.debian.org/debian trixie-backports InRelease
Hit:5 http://deb.debian.org/debian-security trixie-security InRelease
Hit:6 http://mirror.hetzner.com/debian/packages trixie InRelease
Hit:7 http://mirror.hetzner.com/debian/packages trixie-updates InRelease
Hit:8 https://deb.nodesource.com/node_25.x nodistro InRelease
Hit:9 http://mirror.hetzner.com/debian/packages trixie-backports InRelease
Hit:10 http://mirror.hetzner.com/debian/security trixie-security InRelease
Reading package lists...
Building dependency tree...
Reading state information...
All packages are up to date.
Reading package lists...
Building dependency tree...
Reading state information...
Calculating upgrade...
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Reading package lists...
Building dependency tree...
Reading state information...
ufw is already the newest version (0.36.2-9).
Summary:
Upgrading: 0, Installing: 0, Removing: 0, Not Upgrading: 0
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Skipping adding existing rule
Skipping adding existing rule (v6)
Firewall is active and enabled on system startup
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), deny (routed)
New profiles: skip
To Action From
-- ------ ----
22/tcp ALLOW IN Anywhere
80/tcp ALLOW IN Anywhere
443/tcp ALLOW IN Anywhere
2222/tcp ALLOW IN Anywhere
60000:61000/udp ALLOW IN Anywhere
22/tcp (v6) ALLOW IN Anywhere (v6)
80/tcp (v6) ALLOW IN Anywhere (v6)
443/tcp (v6) ALLOW IN Anywhere (v6)
2222/tcp (v6) ALLOW IN Anywhere (v6)
60000:61000/udp (v6) ALLOW IN Anywhere (v6)
Removing .git directory to detach from the original repository...
FAST_PATH already exists in .bashrc.
Overwriting FAST_PATH in .bashrc...
FAST_PATH updated in .bashrc and sourced.
Fast has been set up at /opt/fast
Environment file copied to /opt/fast/.env
Mode: 🟢 Interactive (Will prompt for input)
--- .env File Security Checker ---
Searching for sensitive variables in .env...
-----------------------------------
⚠️ Sensitive variable found: **RUNPOD_API_KEY**
Current value: your_rupod_api_key_here
my_runpod_api_key
Action: Manual update applied.
⚠️ Sensitive variable found: **TASK_MANAGER_API_KEY**
Current value: task_manager_api_key
asd
Action: Manual update applied.
⚠️ Sensitive variable found: **SECRET_MANAGER_API_KEY**
Current value: secret_manager_api_key
aa
Action: Manual update applied.
⚠️ Sensitive variable found: **POSTGRES_USER**
Current value: your_postgres_user
admin
Action: Manual update applied.
⚠️ Sensitive variable found: **POSTGRES_PASSWORD**
Current value: your_postgres_password
my_admin_postgres_pwd
Action: Manual update applied.
⚠️ Sensitive variable found: **ACCESS_MANAGER_API_KEY**
Current value: access_manager_api_key
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **EXOSCALE_API_KEY**
Current value: your_exoscale_api_key_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **STRIPE_SECRET_KEY**
Current value: your_stripe_api_key_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_USERNAME**
Current value: your_admin_username_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_PASSWORD**
Current value: your_admin_password_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **ADMIN_EMAIL**
Current value: your_admin@email.com
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **JWT_SECRET_KEY**
Current value: your_jwt_secret_key_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_USER**
Current value: your_smtp_username_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_PASSWORD**
Current value: your_smtp_password_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **SENDER_EMAIL**
Current value: your_sender_email_here
No input provided. Keeping original value.
Action: Manual update applied.
⚠️ Sensitive variable found: **PERSONAL_API_KEY**
Current value: your_personal_api_key_here

8
setup.sh
View File

@@ -33,5 +33,13 @@ if [[ "$START_BUILD" == "y" || "$START_BUILD" == "Y" || $START_BUILD == "" ]]; t
$PWD/bin/start_build.sh
fi
# Ask user if they want to install Gitea now for self-hosted git
read -p "Do you want to set up Gitea (self-hosted git service)? (Y/n): " SETUP_GITEA
if [[ "$SETUP_GITEA" == "y" || "$SETUP_GITEA" == "Y" || $SETUP_GITEA == "" ]]; then
$PWD/bin/setup_gitea.sh
fi
sudo apt autoremove -y