From 55f60c60d28fc00160f928745713766312958071 Mon Sep 17 00:00:00 2001
From: Rich Bayliss <rich@resin.io>
Date: Tue, 6 Nov 2018 16:19:21 +0000
Subject: [PATCH] env: Pass superuser credentials in the environment

Allows the credentials to be passed via the environment in order
that the application can create the user on start up.

Change-type: patch
Signed-off-by: Rich Bayliss <rich@balena.io>
---
 compose/services.yml |  2 ++
 scripts/make-env     |  4 +++-
 scripts/quickstart   | 17 +++++++++++++----
 3 files changed, 18 insertions(+), 5 deletions(-)

diff --git a/compose/services.yml b/compose/services.yml
index 2d14bc3..f76b2fb 100644
--- a/compose/services.yml
+++ b/compose/services.yml
@@ -53,6 +53,8 @@ services:
       VPN_HOST: vpn.${OPENBALENA_HOST_NAME}
       VPN_PORT: 443
       VPN_SERVICE_API_KEY: ${OPENBALENA_VPN_SERVICE_API_KEY}
+      SUPERUSER_EMAIL: ${OPENBALENA_SUPERUSER_EMAIL}
+      SUPERUSER_PASSWORD: ${OPENBALENA_SUPERUSER_PASSWORD}
 
   registry:
     extends:
diff --git a/scripts/make-env b/scripts/make-env
index 8e61ba8..53bd4a4 100755
--- a/scripts/make-env
+++ b/scripts/make-env
@@ -19,7 +19,7 @@ usage() {
   echo
 }
 
-for var in DOMAIN ROOT_CA ROOT_CRT ROOT_KEY JWT_CRT JWT_KEY JWT_KID VPN_CA VPN_CRT VPN_KEY VPN_DH; do
+for var in DOMAIN ROOT_CA ROOT_CRT ROOT_KEY JWT_CRT JWT_KEY JWT_KID VPN_CA VPN_CRT VPN_KEY VPN_DH SUPERUSER_EMAIL SUPERUSER_PASSWORD; do
   if [ -z "${!var-}" ]; then
     usage
     exit 1
@@ -85,4 +85,6 @@ export OPENBALENA_API_VPN_SERVICE_API_KEY=$(randstr 32)
 export OPENBALENA_REGISTRY_SECRET_KEY=$(randstr 32)
 export OPENBALENA_SSH_AUTHORIZED_KEYS=
 export NODE_EXTRA_CA_CERTS="$ROOT_CA"
+export OPENBALENA_SUPERUSER_EMAIL=$SUPERUSER_EMAIL
+export OPENBALENA_SUPERUSER_PASSWORD=$SUPERUSER_PASSWORD
 STR
diff --git a/scripts/quickstart b/scripts/quickstart
index 26006bc..d07a8f7 100755
--- a/scripts/quickstart
+++ b/scripts/quickstart
@@ -9,20 +9,24 @@ CERTS_DIR="${CONFIG_DIR}/certs"
 DOMAIN=openbalena.local
 
 usage() {
-  echo "usage: $0 [-h] [-p] [-d DOMAIN]"
+  echo "usage: $0 [-h] [-p] [-d DOMAIN] -U EMAIL -P PASSWORD"
   echo
-  echo "  -p         patch hosts - patch the host /etc/hosts file"
-  echo "  -d DOMAIN  the domain name this deployment will run as, eg. example.com. Default is 'openbalena.local'"
+  echo "  -p           patch hosts - patch the host /etc/hosts file"
+  echo "  -d DOMAIN    the domain name this deployment will run as, eg. example.com. Default is 'openbalena.local'"
+  echo "  -U EMAIL     the email address of the superuser account, used to login to your install from the Balena CLI"
+  echo "  -P PASSWORD  the password to use for the superuser account."
   echo
 }
 
 show_help=false
 patch_hosts=false
-while getopts ":hpd:" opt; do
+while getopts ":hpd:U:P:" opt; do
   case "${opt}" in
     h) show_help=true;;
     p) patch_hosts=true;;
     d) DOMAIN="${OPTARG}";;
+    U) SUPERUSER_EMAIL="${OPTARG}";;
+    P) SUPERUSER_PASSWORD="${OPTARG}";;
     *)
       echo "Invalid argument: -${OPTARG}"
       usage
@@ -32,6 +36,11 @@ while getopts ":hpd:" opt; do
 done
 shift $((OPTIND-1))
 
+if [ -z "${SUPERUSER_EMAIL}" ] || [ -z "${SUPERUSER_PASSWORD}" ]; then
+  usage
+  exit 1
+fi
+
 if [ "$show_help" = "true" ]; then
   usage
   exit 1