save_credentials.sh

#!/usr/bin/env bash
set -Eeuo pipefail

# Save Credentials Script
# Extracts and saves credentials from installation JSON to a file

SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"

usage() {
  cat >&2 <<'EOF'
Usage:
  bash save_credentials.sh --json <json-string> [options]
  bash save_credentials.sh --json-file <path> [options]

Required (one of):
  --json <string>             JSON string from installation output
  --json-file <path>          Path to file containing JSON

Options:
  --output <path>             Output file path (default: credentials/<hostname>.json)
  --format                    Pretty-print JSON output

Examples:
  # Save from JSON string
  bash save_credentials.sh --json '{"ctid":123,...}'

  # Save from file
  bash save_credentials.sh --json-file /tmp/install_output.json

  # Custom output location
  bash save_credentials.sh --json-file output.json --output my-credentials.json
EOF
}

# Parse arguments
JSON_STRING=""
JSON_FILE=""
OUTPUT_FILE=""
FORMAT=0

while [[ $# -gt 0 ]]; do
  case "$1" in
    --json) JSON_STRING="${2:-}"; shift 2 ;;
    --json-file) JSON_FILE="${2:-}"; shift 2 ;;
    --output) OUTPUT_FILE="${2:-}"; shift 2 ;;
    --format) FORMAT=1; shift 1 ;;
    --help|-h) usage; exit 0 ;;
    *) echo "Unknown option: $1 (use --help)" >&2; exit 1 ;;
  esac
done

# Get JSON content
if [[ -n "$JSON_FILE" ]]; then
  [[ -f "$JSON_FILE" ]] || { echo "File not found: $JSON_FILE" >&2; exit 1; }
  JSON_STRING=$(cat "$JSON_FILE")
elif [[ -z "$JSON_STRING" ]]; then
  echo "Error: Either --json or --json-file is required" >&2
  usage
  exit 1
fi

# Validate JSON
if ! echo "$JSON_STRING" | python3 -m json.tool >/dev/null 2>&1; then
  echo "Error: Invalid JSON" >&2
  exit 1
fi

# Extract hostname
HOSTNAME=$(echo "$JSON_STRING" | grep -oP '"hostname"\s*:\s*"\K[^"]+' || echo "")
[[ -n "$HOSTNAME" ]] || { echo "Error: Could not extract hostname from JSON" >&2; exit 1; }

# Set output file if not specified
if [[ -z "$OUTPUT_FILE" ]]; then
  OUTPUT_FILE="${SCRIPT_DIR}/credentials/${HOSTNAME}.json"
fi

# Create credentials directory if needed
mkdir -p "$(dirname "$OUTPUT_FILE")"

# Create credentials JSON with updateable fields
cat > "$OUTPUT_FILE" <<EOF
{
  "container": {
    "ctid": $(echo "$JSON_STRING" | grep -oP '"ctid"\s*:\s*\K[0-9]+'),
    "hostname": "$(echo "$JSON_STRING" | grep -oP '"hostname"\s*:\s*"\K[^"]+')",
    "fqdn": "$(echo "$JSON_STRING" | grep -oP '"fqdn"\s*:\s*"\K[^"]+')",
    "ip": "$(echo "$JSON_STRING" | grep -oP '"ip"\s*:\s*"\K[^"]+')",
    "vlan": $(echo "$JSON_STRING" | grep -oP '"vlan"\s*:\s*\K[0-9]+')
  },
  "urls": {
    "n8n_internal": "$(echo "$JSON_STRING" | grep -oP '"n8n_internal"\s*:\s*"\K[^"]+')",
    "n8n_external": "$(echo "$JSON_STRING" | grep -oP '"n8n_external"\s*:\s*"\K[^"]+')",
    "postgrest": "$(echo "$JSON_STRING" | grep -oP '"postgrest"\s*:\s*"\K[^"]+')",
    "chat_webhook": "$(echo "$JSON_STRING" | grep -oP '"chat_webhook"\s*:\s*"\K[^"]+')",
    "chat_internal": "$(echo "$JSON_STRING" | grep -oP '"chat_internal"\s*:\s*"\K[^"]+')",
    "upload_form": "$(echo "$JSON_STRING" | grep -oP '"upload_form"\s*:\s*"\K[^"]+')",
    "upload_form_internal": "$(echo "$JSON_STRING" | grep -oP '"upload_form_internal"\s*:\s*"\K[^"]+')"
  },
  "postgres": {
    "host": "$(echo "$JSON_STRING" | grep -oP '"postgres"[^}]*"host"\s*:\s*"\K[^"]+')",
    "port": $(echo "$JSON_STRING" | grep -oP '"postgres"[^}]*"port"\s*:\s*\K[0-9]+'),
    "db": "$(echo "$JSON_STRING" | grep -oP '"postgres"[^}]*"db"\s*:\s*"\K[^"]+')",
    "user": "$(echo "$JSON_STRING" | grep -oP '"postgres"[^}]*"user"\s*:\s*"\K[^"]+')",
    "password": "$(echo "$JSON_STRING" | grep -oP '"postgres"[^}]*"password"\s*:\s*"\K[^"]+')"
  },
  "supabase": {
    "url": "$(echo "$JSON_STRING" | grep -oP '"supabase"[^}]*"url"\s*:\s*"\K[^"]+' | head -1)",
    "url_external": "$(echo "$JSON_STRING" | grep -oP '"url_external"\s*:\s*"\K[^"]+')",
    "anon_key": "$(echo "$JSON_STRING" | grep -oP '"anon_key"\s*:\s*"\K[^"]+')",
    "service_role_key": "$(echo "$JSON_STRING" | grep -oP '"service_role_key"\s*:\s*"\K[^"]+')",
    "jwt_secret": "$(echo "$JSON_STRING" | grep -oP '"jwt_secret"\s*:\s*"\K[^"]+')"
  },
  "ollama": {
    "url": "$(echo "$JSON_STRING" | grep -oP '"ollama"[^}]*"url"\s*:\s*"\K[^"]+')",
    "model": "$(echo "$JSON_STRING" | grep -oP '"ollama"[^}]*"model"\s*:\s*"\K[^"]+')",
    "embedding_model": "$(echo "$JSON_STRING" | grep -oP '"embedding_model"\s*:\s*"\K[^"]+')"
  },
  "n8n": {
    "encryption_key": "$(echo "$JSON_STRING" | grep -oP '"n8n"[^}]*"encryption_key"\s*:\s*"\K[^"]+')",
    "owner_email": "$(echo "$JSON_STRING" | grep -oP '"owner_email"\s*:\s*"\K[^"]+')",
    "owner_password": "$(echo "$JSON_STRING" | grep -oP '"owner_password"\s*:\s*"\K[^"]+')",
    "secure_cookie": $(echo "$JSON_STRING" | grep -oP '"secure_cookie"\s*:\s*\K(true|false)')
  },
  "log_file": "$(echo "$JSON_STRING" | grep -oP '"log_file"\s*:\s*"\K[^"]+')",
  "created_at": "$(date -Iseconds)",
  "updateable_fields": {
    "ollama_url": "Can be updated to use hostname instead of IP",
    "ollama_model": "Can be changed to different model",
    "embedding_model": "Can be changed to different embedding model",
    "postgres_password": "Can be updated (requires container restart)",
    "n8n_owner_password": "Can be updated (requires container restart)"
  }
}
EOF

# Format if requested
if [[ "$FORMAT" == "1" ]]; then
  python3 -m json.tool "$OUTPUT_FILE" > "${OUTPUT_FILE}.tmp" && mv "${OUTPUT_FILE}.tmp" "$OUTPUT_FILE"
fi

echo "Credentials saved to: $OUTPUT_FILE"
echo ""
echo "To update credentials, use:"
echo "  bash update_credentials.sh --ctid $(echo "$JSON_STRING" | grep -oP '"ctid"\s*:\s*\K[0-9]+') --credentials-file $OUTPUT_FILE"
feat: Add credentials management system and comprehensive testing - Add credentials management system with automatic saving and updates - Add upload form URL to JSON output - Add Ollama model information to JSON output - Implement credential update system (update_credentials.sh) - Implement credential save system (save_credentials.sh) - Add comprehensive test suites (infrastructure, n8n, PostgREST, complete system) - Add workflow auto-reload system with systemd service - Add detailed documentation (CREDENTIALS_MANAGEMENT.md, TEST_REPORT.md, VERIFICATION_SUMMARY.md) - Improve n8n setup with robust API-based workflow import - Add .gitignore for credentials directory - All tests passing (40+ test cases) Key Features: - Credentials automatically saved to credentials/<hostname>.json - Update Ollama URL from IP to hostname without container restart - Comprehensive testing with 4 test suites - Full documentation and examples - Production-ready system 2026-01-24 22:31:26 +01:00			`#!/usr/bin/env bash`
			`set -Eeuo pipefail`

			`# Save Credentials Script`
			`# Extracts and saves credentials from installation JSON to a file`

			`SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"`

			`usage() {`
			`cat >&2 <<'EOF'`
			`Usage:`
			`bash save_credentials.sh --json <json-string> [options]`
			`bash save_credentials.sh --json-file <path> [options]`

			`Required (one of):`
			`--json <string> JSON string from installation output`
			`--json-file <path> Path to file containing JSON`

			`Options:`
			`--output <path> Output file path (default: credentials/<hostname>.json)`
			`--format Pretty-print JSON output`

			`Examples:`
			`# Save from JSON string`
			`bash save_credentials.sh --json '{"ctid":123,...}'`

			`# Save from file`
			`bash save_credentials.sh --json-file /tmp/install_output.json`

			`# Custom output location`
			`bash save_credentials.sh --json-file output.json --output my-credentials.json`
			`EOF`
			`}`

			`# Parse arguments`
			`JSON_STRING=""`
			`JSON_FILE=""`
			`OUTPUT_FILE=""`
			`FORMAT=0`

			`while [[ $# -gt 0 ]]; do`
			`case "$1" in`
			`--json) JSON_STRING="${2:-}"; shift 2 ;;`
			`--json-file) JSON_FILE="${2:-}"; shift 2 ;;`
			`--output) OUTPUT_FILE="${2:-}"; shift 2 ;;`
			`--format) FORMAT=1; shift 1 ;;`
			`--help\|-h) usage; exit 0 ;;`
			`*) echo "Unknown option: $1 (use --help)" >&2; exit 1 ;;`
			`esac`
			`done`

			`# Get JSON content`
			`if [[ -n "$JSON_FILE" ]]; then`
			`[[ -f "$JSON_FILE" ]] \|\| { echo "File not found: $JSON_FILE" >&2; exit 1; }`
			`JSON_STRING=$(cat "$JSON_FILE")`
			`elif [[ -z "$JSON_STRING" ]]; then`
			`echo "Error: Either --json or --json-file is required" >&2`
			`usage`
			`exit 1`
			`fi`

			`# Validate JSON`
			`if ! echo "$JSON_STRING" \| python3 -m json.tool >/dev/null 2>&1; then`
			`echo "Error: Invalid JSON" >&2`
			`exit 1`
			`fi`

			`# Extract hostname`
			`HOSTNAME=$(echo "$JSON_STRING" \| grep -oP '"hostname"\s:\s"\K[^"]+' \|\| echo "")`
			`[[ -n "$HOSTNAME" ]] \|\| { echo "Error: Could not extract hostname from JSON" >&2; exit 1; }`

			`# Set output file if not specified`
			`if [[ -z "$OUTPUT_FILE" ]]; then`
			`OUTPUT_FILE="${SCRIPT_DIR}/credentials/${HOSTNAME}.json"`
			`fi`

			`# Create credentials directory if needed`
			`mkdir -p "$(dirname "$OUTPUT_FILE")"`

			`# Create credentials JSON with updateable fields`
			`cat > "$OUTPUT_FILE" <<EOF`
			`{`
			`"container": {`
			`"ctid": $(echo "$JSON_STRING" \| grep -oP '"ctid"\s:\s\K[0-9]+'),`
			`"hostname": "$(echo "$JSON_STRING" \| grep -oP '"hostname"\s:\s"\K[^"]+')",`
			`"fqdn": "$(echo "$JSON_STRING" \| grep -oP '"fqdn"\s:\s"\K[^"]+')",`
			`"ip": "$(echo "$JSON_STRING" \| grep -oP '"ip"\s:\s"\K[^"]+')",`
			`"vlan": $(echo "$JSON_STRING" \| grep -oP '"vlan"\s:\s\K[0-9]+')`
			`},`
			`"urls": {`
			`"n8n_internal": "$(echo "$JSON_STRING" \| grep -oP '"n8n_internal"\s:\s"\K[^"]+')",`
			`"n8n_external": "$(echo "$JSON_STRING" \| grep -oP '"n8n_external"\s:\s"\K[^"]+')",`
			`"postgrest": "$(echo "$JSON_STRING" \| grep -oP '"postgrest"\s:\s"\K[^"]+')",`
			`"chat_webhook": "$(echo "$JSON_STRING" \| grep -oP '"chat_webhook"\s:\s"\K[^"]+')",`
			`"chat_internal": "$(echo "$JSON_STRING" \| grep -oP '"chat_internal"\s:\s"\K[^"]+')",`
			`"upload_form": "$(echo "$JSON_STRING" \| grep -oP '"upload_form"\s:\s"\K[^"]+')",`
			`"upload_form_internal": "$(echo "$JSON_STRING" \| grep -oP '"upload_form_internal"\s:\s"\K[^"]+')"`
			`},`
			`"postgres": {`
			`"host": "$(echo "$JSON_STRING" \| grep -oP '"postgres"[^}]"host"\s:\s*"\K[^"]+')",`
			`"port": $(echo "$JSON_STRING" \| grep -oP '"postgres"[^}]"port"\s:\s*\K[0-9]+'),`
			`"db": "$(echo "$JSON_STRING" \| grep -oP '"postgres"[^}]"db"\s:\s*"\K[^"]+')",`
			`"user": "$(echo "$JSON_STRING" \| grep -oP '"postgres"[^}]"user"\s:\s*"\K[^"]+')",`
			`"password": "$(echo "$JSON_STRING" \| grep -oP '"postgres"[^}]"password"\s:\s*"\K[^"]+')"`
			`},`
			`"supabase": {`
			`"url": "$(echo "$JSON_STRING" \| grep -oP '"supabase"[^}]"url"\s:\s*"\K[^"]+' \| head -1)",`
			`"url_external": "$(echo "$JSON_STRING" \| grep -oP '"url_external"\s:\s"\K[^"]+')",`
			`"anon_key": "$(echo "$JSON_STRING" \| grep -oP '"anon_key"\s:\s"\K[^"]+')",`
			`"service_role_key": "$(echo "$JSON_STRING" \| grep -oP '"service_role_key"\s:\s"\K[^"]+')",`
			`"jwt_secret": "$(echo "$JSON_STRING" \| grep -oP '"jwt_secret"\s:\s"\K[^"]+')"`
			`},`
			`"ollama": {`
			`"url": "$(echo "$JSON_STRING" \| grep -oP '"ollama"[^}]"url"\s:\s*"\K[^"]+')",`
			`"model": "$(echo "$JSON_STRING" \| grep -oP '"ollama"[^}]"model"\s:\s*"\K[^"]+')",`
			`"embedding_model": "$(echo "$JSON_STRING" \| grep -oP '"embedding_model"\s:\s"\K[^"]+')"`
			`},`
			`"n8n": {`
			`"encryption_key": "$(echo "$JSON_STRING" \| grep -oP '"n8n"[^}]"encryption_key"\s:\s*"\K[^"]+')",`
			`"owner_email": "$(echo "$JSON_STRING" \| grep -oP '"owner_email"\s:\s"\K[^"]+')",`
			`"owner_password": "$(echo "$JSON_STRING" \| grep -oP '"owner_password"\s:\s"\K[^"]+')",`
			`"secure_cookie": $(echo "$JSON_STRING" \| grep -oP '"secure_cookie"\s:\s\K(true\|false)')`
			`},`
			`"log_file": "$(echo "$JSON_STRING" \| grep -oP '"log_file"\s:\s"\K[^"]+')",`
			`"created_at": "$(date -Iseconds)",`
			`"updateable_fields": {`
			`"ollama_url": "Can be updated to use hostname instead of IP",`
			`"ollama_model": "Can be changed to different model",`
			`"embedding_model": "Can be changed to different embedding model",`
			`"postgres_password": "Can be updated (requires container restart)",`
			`"n8n_owner_password": "Can be updated (requires container restart)"`
			`}`
			`}`
			`EOF`

			`# Format if requested`
			`if [[ "$FORMAT" == "1" ]]; then`
			`python3 -m json.tool "$OUTPUT_FILE" > "${OUTPUT_FILE}.tmp" && mv "${OUTPUT_FILE}.tmp" "$OUTPUT_FILE"`
			`fi`

			`echo "Credentials saved to: $OUTPUT_FILE"`
			`echo ""`
			`echo "To update credentials, use:"`
			`echo " bash update_credentials.sh --ctid $(echo "$JSON_STRING" \| grep -oP '"ctid"\s:\s\K[0-9]+') --credentials-file $OUTPUT_FILE"`