admin/deploy-felhom-compose
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docker-setup.sh: add --hub-customer/--hub-password flags for Hub config download

Browse Source 
When both flags are provided, the wizard downloads a pre-configured
controller.yaml from the Hub API, extracts key variables for subsequent
setup steps, and skips the interactive wizard entirely. Falls back to
manual wizard on failure.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
authentik Default Admin
2026-02-20 13:36:44 +01:00
parent 2eccac4b6d
commit ff8b42bfd8
2 changed files with 52 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
CHANGELOG.md
+7
View File
@@ -1,5 +1,12 @@
## Changelog ## Changelog
### What was just completed (2026-02-20 session 62)
- **docker-setup.sh — Hub Config Download:**
- Added `--hub-customer` and `--hub-password` CLI flags for downloading pre-configured controller.yaml from Felhom Hub
- Added `HUB_URL` global variable (default: `https://hub.felhom.eu`)
- Hub download logic at start of `run_config_wizard()`: downloads YAML via `curl` with `X-Retrieval-Password` header, validates response, extracts key variables (domain, CF tokens, email), sets global variables for subsequent setup steps
- Falls back to interactive wizard if download fails or credentials not provided
### What was just completed (2026-02-20 session 61) ### What was just completed (2026-02-20 session 61)
- **v0.19.0 — Deployed App Removal + Missing Field Injection:** - **v0.19.0 — Deployed App Removal + Missing Field Injection:**
scripts/docker-setup.sh
+45
View File
@@ -135,6 +135,9 @@ DRY_RUN=false
SELF_SIGNED_CERT=false SELF_SIGNED_CERT=false
DEBUG_MODE=false DEBUG_MODE=false
CUSTOMER_ID="" CUSTOMER_ID=""
HUB_CUSTOMER_ID=""
HUB_PASSWORD=""
HUB_URL="https://hub.felhom.eu"
# Directories # Directories
DOCKER_DATA_DIR="/opt/docker" DOCKER_DATA_DIR="/opt/docker"
@@ -301,6 +304,12 @@ parse_args() {
--customer) --customer)
require_arg "$1" "${2:-}" require_arg "$1" "${2:-}"
CUSTOMER_ID="$2"; shift 2 ;; CUSTOMER_ID="$2"; shift 2 ;;
--hub-customer)
require_arg "$1" "${2:-}"
HUB_CUSTOMER_ID="$2"; shift 2 ;;
--hub-password)
require_arg "$1" "${2:-}"
HUB_PASSWORD="$2"; shift 2 ;;
--self-signed-cert) SELF_SIGNED_CERT=true; shift ;; --self-signed-cert) SELF_SIGNED_CERT=true; shift ;;
--skip-filebrowser) SKIP_FILEBROWSER=true; shift ;; --skip-filebrowser) SKIP_FILEBROWSER=true; shift ;;
--dry-run) DRY_RUN=true; shift ;; --dry-run) DRY_RUN=true; shift ;;
@@ -1487,6 +1496,42 @@ run_config_wizard() {
return return
fi fi
# --- Hub download mode ---
# If hub credentials are provided, download pre-configured YAML and skip wizard
if [[ -n "$HUB_CUSTOMER_ID" && -n "$HUB_PASSWORD" ]]; then
log_info "Downloading configuration from Felhom Hub for customer: $HUB_CUSTOMER_ID"
mkdir -p "${CONTROLLER_DIR}"
local tmp_yaml="${CONTROLLER_DIR}/controller.yaml.tmp"
local http_code
http_code=$(curl -fsSL -o "$tmp_yaml" -w "%{http_code}" \
"${HUB_URL}/api/v1/config/${HUB_CUSTOMER_ID}" \
-H "X-Retrieval-Password: ${HUB_PASSWORD}" \
2>/dev/null) || true
if [[ "$http_code" == "200" ]] && [[ -s "$tmp_yaml" ]] && grep -q '^customer:' "$tmp_yaml"; then
mv "$tmp_yaml" "${CONTROLLER_DIR}/controller.yaml"
chmod 600 "${CONTROLLER_DIR}/controller.yaml"
log_success "Configuration downloaded for customer: $HUB_CUSTOMER_ID"
# Extract key variables that later steps depend on
WIZ_CUSTOMER_ID="$HUB_CUSTOMER_ID"
WIZ_DOMAIN=$(grep -oP '^\s+domain:\s*"\K[^"]+' "${CONTROLLER_DIR}/controller.yaml" || echo "")
WIZ_CF_TUNNEL_TOKEN=$(grep -oP '^\s+cf_tunnel_token:\s*"\K[^"]+' "${CONTROLLER_DIR}/controller.yaml" || echo "")
WIZ_CF_API_TOKEN=$(grep -oP '^\s+cf_api_token:\s*"\K[^"]+' "${CONTROLLER_DIR}/controller.yaml" || echo "")
WIZ_EMAIL=$(grep -oP '^\s+email:\s*"\K[^"]+' "${CONTROLLER_DIR}/controller.yaml" || echo "")
# Update global variables that other steps depend on
BASE_DOMAIN="${WIZ_DOMAIN}"
CUSTOMER_ID="${WIZ_CUSTOMER_ID}"
CF_DNS_API_TOKEN="${WIZ_CF_API_TOKEN}"
ACME_EMAIL="${WIZ_EMAIL}"
return # Skip interactive wizard
else
rm -f "$tmp_yaml"
log_warn "Hub download failed (HTTP ${http_code}). Falling back to manual configuration."
fi
fi
# Pre-seed from CLI flags # Pre-seed from CLI flags
local def_customer="${CUSTOMER_ID}" local def_customer="${CUSTOMER_ID}"
local def_domain="${BASE_DOMAIN}" local def_domain="${BASE_DOMAIN}"