You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@trafficcontrol.apache.org by de...@apache.org on 2018/06/14 18:05:22 UTC

[trafficcontrol] 10/20: perl script to create sql for new user with encrypted password.

This is an automated email from the ASF dual-hosted git repository.

dewrich pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/trafficcontrol.git

commit 36d86a9feeb918e113d19f00fd09d916db227dc9
Author: Dan Kirkwood <da...@gmail.com>
AuthorDate: Thu Apr 19 20:23:44 2018 +0000

    perl script to create sql for new user with encrypted password.
---
 infrastructure/cdn-in-a-box/traffic_ops/run.sh |  1 +
 traffic_ops/app/db/adduser.pl                  | 28 ++++++++++++++++++++++++++
 2 files changed, 29 insertions(+)

diff --git a/infrastructure/cdn-in-a-box/traffic_ops/run.sh b/infrastructure/cdn-in-a-box/traffic_ops/run.sh
index 46821c5..be60d71 100755
--- a/infrastructure/cdn-in-a-box/traffic_ops/run.sh
+++ b/infrastructure/cdn-in-a-box/traffic_ops/run.sh
@@ -63,6 +63,7 @@ export PATH=/usr/local/go/bin:/opt/traffic_ops/go/bin:$PATH
 export GOPATH=/opt/traffic_ops/go
 
 cd $TO_DIR && ./db/admin.pl --env=production reset || echo "DB reset failed!"
+./db/adduser.pl $TO_ADMIN_USER $TO_ADMIN_PASSWORD | psql -U$DB_USER -h$DB_SERVER $DB_NAME || echo "adding traffic_ops admin user failed!"
 
 cd $TO_DIR && $TO_DIR/local/bin/hypnotoad script/cdn
 exec tail -f /var/log/traffic_ops/traffic_ops.log
diff --git a/traffic_ops/app/db/adduser.pl b/traffic_ops/app/db/adduser.pl
new file mode 100755
index 0000000..eacf6ae
--- /dev/null
+++ b/traffic_ops/app/db/adduser.pl
@@ -0,0 +1,28 @@
+#!/usr/bin/env perl
+
+use strict;
+use Crypt::ScryptKDF qw{ scrypt_hash };
+
+if ($#ARGV < 2) {
+    die "Usage: $ARGV[0] <username> <password> <role>\n";
+}
+
+my $username = shift // 'admin';
+my $password = shift or die "Password is required\n";
+my $role = shift // 'admin';
+
+# Skip the insert if the admin 'username' is already there.
+my $hashed_passwd = hash_pass( $password );
+print <<"ADMIN";
+insert into tm_user (username, role, local_passwd, confirm_local_passwd)
+    values  ('$username',
+            (select id from role where name = '$role'),
+            '$hashed_passwd',
+            '$hashed_passwd' )
+    ON CONFLICT (username) DO NOTHING;
+ADMIN
+
+sub hash_pass {
+    my $pass = shift;
+    return scrypt_hash($pass, \64, 16384, 8, 1, 64);
+}

-- 
To stop receiving notification emails like this one, please contact
dewrich@apache.org.