commit df12f5ba954a18603f1c69baa9efb2edd04bf15d Author: Philip Gaber Date: Mon May 19 11:43:06 2025 +0200 init: Two tools that help to print the derived passwords in oD diff --git a/README.md b/README.md new file mode 100644 index 0000000..2f8fd77 --- /dev/null +++ b/README.md @@ -0,0 +1,27 @@ +# Allgemein + +Diese beiden mini Tools sollen dabei helfen um die abgeleiteten Passworte aus dem Master Passwort Algorithmus der in oD verwendet wird nachzuvollziehen. + +Mögliche Einsatzgebiete: + +- Migrationen +- Troubleshooting + +# Go Version + +Die beiden Argumente `appName` und `appAccountName` können aus der `secrets.yaml.gotmpl` aus +`opendesk.repo/hemlfile/environments/default` entnommen werden. + +```sh +go run generate.go [masterPassword] +go run generate.go nubus Administrator +go run generate.go nubus Administrator CoolesMasterPW1377! +``` + +# Old Helm/helmfile Version + +Erst in `helmfile.yaml` und `charts/pw/templates/configmap.yaml` die passenden Einträge setzen und dann: + +```sh +./generate.sh CoolesMasterPW1337! +``` \ No newline at end of file diff --git a/charts/pw/Chart.yaml b/charts/pw/Chart.yaml new file mode 100644 index 0000000..7128fb9 --- /dev/null +++ b/charts/pw/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v2 +name: myapp +version: 0.1.0 +description: A minimal dummy chart for helmfile templating. diff --git a/charts/pw/templates/configmap.yaml b/charts/pw/templates/configmap.yaml new file mode 100644 index 0000000..adf8b1b --- /dev/null +++ b/charts/pw/templates/configmap.yaml @@ -0,0 +1,8 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: myapp-config +data: + ldapSecret: {{ .Values.ldapSecret }} + administratorPassword: {{ .Values.administratorPassword }} + matrixUserVerificationService: {{ .Values.matrixUserVerificationService }} diff --git a/generate.go b/generate.go new file mode 100644 index 0000000..f5982d2 --- /dev/null +++ b/generate.go @@ -0,0 +1,51 @@ +package main + +import ( + "github.com/Masterminds/sprig/v3" + "os" + "text/template" + "fmt" +) + +func main() { + + helpText := `Usage: program [masterPassword] + +Parameters: + appName Application name (same as in secrets.yaml.gotmpl) + appAccountName Application account name (same as in secrets.yaml.gotmpl) + masterPassword Master password (optional)` + + args := os.Args[1:] + var masterPassword string + var appName string + var appAccountName string + + if len(args) == 2 { + appName = args[0] + appAccountName = args[1] + masterPassword = "sovereign-workplace" + } else if len(args) == 3 { + appName = args[0] + appAccountName = args[1] + masterPassword = args[2] + } else { + fmt.Printf(helpText) + } + + tmpl, err := template.New("password").Funcs(sprig.FuncMap()).Parse(`{{ derivePassword 1 "long" .MasterPassword .AppName .AppAccountName | sha1sum | quote }}`) + + if err != nil { + panic(err) + } + + err = tmpl.Execute(os.Stdout, map[string]string{ + "MasterPassword": masterPassword, + "AppName": appName, + "AppAccountName": appAccountName, + }) + if err != nil { + panic(err) + } + os.Stdout.Sync() +} diff --git a/generate.sh b/generate.sh new file mode 100755 index 0000000..429e957 --- /dev/null +++ b/generate.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +export MASTER_PASSWORD=$1 +helmfile template \ No newline at end of file diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..2b21e48 --- /dev/null +++ b/go.mod @@ -0,0 +1,20 @@ +module b1-systems.de/m/v2 + +go 1.23.0 + +toolchain go1.23.9 + +require golang.org/x/crypto v0.38.0 + +require ( + dario.cat/mergo v1.0.1 // indirect + github.com/Masterminds/goutils v1.1.1 // indirect + github.com/Masterminds/semver/v3 v3.3.0 // indirect + github.com/Masterminds/sprig/v3 v3.3.0 // indirect + github.com/google/uuid v1.6.0 // indirect + github.com/huandu/xstrings v1.5.0 // indirect + github.com/mitchellh/copystructure v1.2.0 // indirect + github.com/mitchellh/reflectwalk v1.0.2 // indirect + github.com/shopspring/decimal v1.4.0 // indirect + github.com/spf13/cast v1.7.0 // indirect +) diff --git a/go.sum b/go.sum new file mode 100644 index 0000000..ef40825 --- /dev/null +++ b/go.sum @@ -0,0 +1,24 @@ +dario.cat/mergo v1.0.1 h1:Ra4+bf83h2ztPIQYNP99R6m+Y7KfnARDfID+a+vLl4s= +dario.cat/mergo v1.0.1/go.mod h1:uNxQE+84aUszobStD9th8a29P2fMDhsBdgRYvZOxGmk= +github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI= +github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU= +github.com/Masterminds/semver/v3 v3.3.0 h1:B8LGeaivUe71a5qox1ICM/JLl0NqZSW5CHyL+hmvYS0= +github.com/Masterminds/semver/v3 v3.3.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= +github.com/Masterminds/sprig/v3 v3.3.0 h1:mQh0Yrg1XPo6vjYXgtf5OtijNAKJRNcTdOOGZe3tPhs= +github.com/Masterminds/sprig/v3 v3.3.0/go.mod h1:Zy1iXRYNqNLUolqCpL4uhk6SHUMAOSCzdgBfDb35Lz0= +github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= +github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/huandu/xstrings v1.5.0 h1:2ag3IFq9ZDANvthTwTiqSSZLjDc+BedvHPAp5tJy2TI= +github.com/huandu/xstrings v1.5.0/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE= +github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw= +github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s= +github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ= +github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw= +github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= +github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= +github.com/spf13/cast v1.7.0 h1:ntdiHjuueXFgm5nzDRdOS4yfT43P5Fnud6DH50rz/7w= +github.com/spf13/cast v1.7.0/go.mod h1:ancEpBxwJDODSW/UG4rDrAqiKolqNNh2DX3mk86cAdo= +golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8= +golang.org/x/crypto v0.38.0/go.mod h1:MvrbAqul58NNYPKnOra203SB9vpuZW0e+RRZV+Ggqjw= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/helmfile.yaml b/helmfile.yaml new file mode 100644 index 0000000..22610ba --- /dev/null +++ b/helmfile.yaml @@ -0,0 +1,7 @@ +releases: + - name: pw + chart: ./charts/pw + values: + - ldapSecret: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "cn=admin" "ldap" | sha1sum | quote }} + - administratorPassword: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "nubus" "Administrator" | sha1sum | quote }} + - matrixUserVerificationService: {{ derivePassword 1 "long" (env "MASTER_PASSWORD" | default "sovereign-workplace") "matrix-user-verification-service" "password" | sha1sum | quote }}