kelin/EZ-Homelab
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: store Authelia credentials in persistent location

Browse Source 
- setup-homelab.sh: Store temp files in /opt/stacks/.setup-temp instead of /tmp
- deploy-homelab.sh: Read credentials from new persistent location
- reset-test-environment.sh: Clean up new temp directory

This fixes the issue where credentials were inaccessible when deploy script
runs via 'su -' (login shell) from setup script, as /tmp files created by
root are not accessible across the su boundary.
This commit is contained in:
kelin
2026-01-14 00:03:34 -05:00
parent 8b2f534c3c
commit 56604b77e9
3 changed files with 18 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
scripts/deploy-homelab.sh
View File

@@ -179,9 +179,9 @@ log_info "Configuring Authelia for domain: $DOMAIN..."
sed -i "s/your-domain.duckdns.org/${DOMAIN}/g" /opt/stacks/core/authelia/configuration.yml
# Configure Authelia admin user from setup script
if [ -f /tmp/authelia_admin_credentials.tmp ] && [ -f /tmp/authelia_password_hash.tmp ]; then
if [ -f /opt/stacks/.setup-temp/authelia_admin_credentials.tmp ] && [ -f /opt/stacks/.setup-temp/authelia_password_hash.tmp ]; then
log_info "Loading Authelia admin credentials from setup script..."
source /tmp/authelia_admin_credentials.tmp
source /opt/stacks/.setup-temp/authelia_admin_credentials.tmp
if [ -n "$ADMIN_USER" ] && [ -n "$ADMIN_EMAIL" ]; then
log_success "Using credentials: $ADMIN_USER ($ADMIN_EMAIL)"
@@ -209,7 +209,7 @@ EOF
export ADMIN_EMAIL
python3 << 'PYTHON_EOF'
# Read password hash from file to completely avoid bash variable expansion
with open('/tmp/authelia_password_hash.tmp', 'r') as f:
with open('/opt/stacks/.setup-temp/authelia_password_hash.tmp', 'r') as f:
password_hash = f.read().strip()
import os
@@ -252,8 +252,11 @@ PYTHON_EOF
log_info "Password also saved to: /opt/stacks/core/authelia/ADMIN_PASSWORD.txt"
echo ""
# Clean up credentials file
rm -f /tmp/authelia_admin_credentials.tmp
# Clean up credentials files from setup script
rm -f /opt/stacks/.setup-temp/authelia_admin_credentials.tmp
rm -f /opt/stacks/.setup-temp/authelia_password_hash.tmp
rmdir /opt/stacks/.setup-temp 2>/dev/null || true
log_info "Cleaned up temporary setup files"
else
log_warning "Incomplete credentials from setup script"
log_info "Using template users_database.yml - please configure manually"