mirror of
https://github.com/openfaas/faas.git
synced 2025-06-09 08:46:48 +00:00
6b7f2fc0a1
The deployment script will enable basic-auth by default to help avoid people deploying to a public IP with no protection from malicious actors. - In deploy_stash.sh /dev/random can hang on some systems, so using urandom will give a better experience, if less "random" data. For the purposes of creating an initial basic auth password this is sufficient. - Alpine Linux does not have the shasum command, but sha256sum. - Tested on MacOS with and without --no-auth flag. - Does not apply for armhf or powershell. BASIC_AUTH env-var added by Vivek Syngh @viveksyngh Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
55 lines
1.3 KiB
Bash
Executable File
55 lines
1.3 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
if ! [ -x "$(command -v docker)" ]; then
|
|
echo 'Unable to find docker command, please install Docker (https://www.docker.com/) and retry' >&2
|
|
exit 1
|
|
fi
|
|
|
|
export BASIC_AUTH="true"
|
|
|
|
sha_cmd="shasum -a 256"
|
|
if ! command -v shasum >/dev/null; then
|
|
sha_cmd="sha256sum"
|
|
fi
|
|
|
|
while [ ! $# -eq 0 ]
|
|
do
|
|
case "$1" in
|
|
--no-auth | -n)
|
|
export BASIC_AUTH="false"
|
|
;;
|
|
--help | -h)
|
|
echo "Usage: \n [default]\tdeploy the OpenFaaS core services\n --no-auth [-n]\tdisable basic authentication.\n --help\tdisplays this screen"
|
|
exit
|
|
;;
|
|
esac
|
|
shift
|
|
done
|
|
|
|
# Secrets should be created even if basic-auth is disabled.
|
|
echo "Attempting to create credentials for gateway.."
|
|
echo "admin" | docker secret create basic-auth-user -
|
|
secret=$(head -c 16 /dev/urandom| $sha_cmd | cut -d " " -f 1)
|
|
echo "$secret" | docker secret create basic-auth-password -
|
|
if [ $? = 0 ];
|
|
then
|
|
echo "[Credentials]\n username: admin \n password: $secret\n echo -n "$secret" | faas-cli login --username=admin --password-stdin"
|
|
else
|
|
echo "[Credentials]\n already exist, not creating"
|
|
fi
|
|
|
|
if [ $BASIC_AUTH = "true" ];
|
|
then
|
|
echo ""
|
|
echo "Enabling basic authentication for gateway.."
|
|
echo ""
|
|
else
|
|
echo ""
|
|
echo "Disabling basic authentication for gateway.."
|
|
echo ""
|
|
fi
|
|
|
|
echo "Deploying OpenFaaS core services"
|
|
|
|
docker stack deploy func --compose-file docker-compose.yml
|