d-bis/proxmox
4
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
Files
e4a19db0ae96721b9ed70ff8dee304bb35bc6389
proxmox/scripts/provision-admin-vault.sh
defiQUG fbda1b4beb
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
docs: Ledger Live integration, contract deploy learnings, NEXT_STEPS updates 
- ADD_CHAIN138_TO_LEDGER_LIVE: Ledger form done; public code review repo bis-innovations/LedgerLive; init/push commands
- CONTRACT_DEPLOYMENT_RUNBOOK: Chain 138 gas price 1 gwei, 36-addr check, TransactionMirror workaround
- CONTRACT_*: AddressMapper, MirrorManager deployed 2026-02-12; 36-address on-chain check
- NEXT_STEPS_FOR_YOU: Ledger done; steps completable now (no LAN); run-completable-tasks-from-anywhere
- MASTER_INDEX, OPERATOR_OPTIONAL, SMART_CONTRACTS_INVENTORY_SIMPLE: updates
- LEDGER_BLOCKCHAIN_INTEGRATION_COMPLETE: bis-innovations/LedgerLive reference

Co-authored-by: Cursor <cursoragent@cursor.com>
2026-02-12 15:46:57 -08:00

85 lines
2.5 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
# Provision Admin Vault for Sankofa Admin Portal
# Creates the admin vault and migrates all secrets
set -euo pipefail
# Load IP configuration
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
source "${PROJECT_ROOT}/config/ip-addresses.conf" 2>/dev/null || true
# Configuration
VAULT_ADDR="${VAULT_ADDR:-http://${IP_SERVICE_200:-${IP_SERVICE_200:-192.168.11.200}}:8200}"
VAULT_TOKEN="${VAULT_TOKEN:-${VAULT_ROOT_TOKEN:-}}"
ADMIN_ORG_NAME="${ADMIN_ORG_NAME:-Sankofa Admin}"
ADMIN_VAULT_NAME="${ADMIN_VAULT_NAME:-sankofa-admin}"
ADMIN_LEVEL="${ADMIN_LEVEL:-super_admin}"
# Colors
GREEN='\033[0;32m'
BLUE='\033[0;34m'
YELLOW='\033[1;33m'
NC='\033[0m'
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[SUCCESS]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
# Check prerequisites
if [ -z "$VAULT_TOKEN" ]; then
log_warn "VAULT_TOKEN not set. Please set it before running."
exit 1
fi
log_info "=== Provisioning Admin Vault ==="
log_info "Organization: $ADMIN_ORG_NAME"
log_info "Vault Name: $ADMIN_VAULT_NAME"
log_info "Admin Level: $ADMIN_LEVEL"
echo ""
# Check if we can use Node.js/TypeScript script
if command -v node &> /dev/null && [ -f "dbis_core/scripts/provision-admin-vault.ts" ]; then
log_info "Using TypeScript provisioning script..."
cd dbis_core
export VAULT_TOKEN
export VAULT_ADDR
npx tsx scripts/provision-admin-vault.ts \
--org "$ADMIN_ORG_NAME" \
--name "$ADMIN_VAULT_NAME" \
--level "$ADMIN_LEVEL"
cd ..
else
log_warn "TypeScript script not available. Using direct Vault API calls..."
# Direct Vault API provisioning
ORG_ID=$(echo "$ADMIN_ORG_NAME" | tr '[:upper:]' '[:lower:]' | sed 's/[^a-z0-9]/-/g' | sed 's/--*/-/g' | cut -c1-32)
VAULT_PATH="secret/data/admin/${ORG_ID}/${ADMIN_VAULT_NAME}"
log_info "Creating admin vault at: $VAULT_PATH"
# Create initial structure
curl -s -X POST \
-H "X-Vault-Token: $VAULT_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"data\":{\"initialized\":true,\"adminVault\":true,\"createdAt\":\"$(date -u +%Y-%m-%dT%H:%M:%SZ)\"}}" \
"$VAULT_ADDR/v1/$VAULT_PATH" > /dev/null
log_success "Admin vault created at: $VAULT_PATH"
fi
echo ""
log_info "Next steps:"
log_info "1. Run migration script: ./scripts/migrate-secrets-to-admin-vault.sh"
log_info "2. Store credentials securely"
log_info "3. Update applications to use admin vault"
Reference in New Issue View Git Blame Copy Permalink