fix: store Authelia credentials in persistent location

- setup-homelab.sh: Store temp files in /opt/stacks/.setup-temp instead of /tmp
- deploy-homelab.sh: Read credentials from new persistent location
- reset-test-environment.sh: Clean up new temp directory

This fixes the issue where credentials were inaccessible when deploy script
runs via 'su -' (login shell) from setup script, as /tmp files created by
root are not accessible across the su boundary.
This commit is contained in:
2026-01-14 00:03:34 -05:00
parent 8b2f534c3c
commit 56604b77e9
3 changed files with 18 additions and 7 deletions

View File

@@ -351,12 +351,18 @@ log_success "Password hash generated and will be applied during deployment"
# Store the admin credentials for the deployment script
# Password hash is already in /tmp/authelia_password_hash.tmp (written directly from Docker)
# This avoids bash variable expansion issues with $ characters in argon2 hashes
# Store in /opt/stacks/ which is accessible across user contexts
mkdir -p /opt/stacks/.setup-temp
{
echo "ADMIN_USER=$ADMIN_USER"
echo "ADMIN_EMAIL=$ADMIN_EMAIL"
echo "ADMIN_PASSWORD=$ADMIN_PASSWORD"
} > /tmp/authelia_admin_credentials.tmp
chmod 600 /tmp/authelia_admin_credentials.tmp
} > /opt/stacks/.setup-temp/authelia_admin_credentials.tmp
chmod 600 /opt/stacks/.setup-temp/authelia_admin_credentials.tmp
# Copy password hash to persistent location
cp /tmp/authelia_password_hash.tmp /opt/stacks/.setup-temp/authelia_password_hash.tmp
chmod 600 /opt/stacks/.setup-temp/authelia_password_hash.tmp
log_info "Credentials saved for deployment script"
echo ""