Skip to content

Commit

Permalink
fix: [#378] Change initial admin pass (automatically).
Browse files Browse the repository at this point in the history
  • Loading branch information
@030
030 committed Aug 20, 2023
1 parent 057ae4c commit 446093e
Show file tree
Hide file tree
Showing 4 changed files with 257 additions and 6 deletions.
12 changes: 6 additions & 6 deletions cmd/n3dr/configUser.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@ var (
// configUserCmd represents the configUser command.
var configUserCmd = &cobra.Command{
Use: "configUser",
Short: "A brief description of your command",
Long: `A longer description that spans multiple lines and likely contains examples
and usage of using your command. For example:
Short: "Configure users.",
Long: `Create users or change their passwords.
Cobra is a CLI library for Go that empowers applications.
This application is a tool to generate the needed files
to quickly create a Cobra application.`,
Examples:
# Change the admin password:
n3dr configUser --changePass --https false --n3drUser admin --n3drURL nexus3:8081 --n3drPass initial-pass --pass some-pass --email [email protected] --firstName admin --id admin --lastName admin
`,
Run: func(cmd *cobra.Command, args []string) {
fmt.Println("configUser called")

Expand Down
47 changes: 47 additions & 0 deletions configs/k8s/README.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# kind

## create cluster

```bash
mkdir -p /tmp/k8s/kind/nexus-data
sudo chown 8484 -R /tmp/k8s/kind/nexus-data
~/go/bin/kind create cluster --config=configs/k8s/kind.yaml
```

## add ingress

```bash
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml
kubectl wait --namespace ingress-nginx \
--for=condition=ready pod \
--selector=app.kubernetes.io/component=controller \
--timeout=90s
```

## deploy nexus

```bash
kubectl create -f configs/k8s/nexus3.yaml
```

## access nexus

open `/etc/hosts` and add:

```bash
127.0.0.1 nexus3.some-domain
```

and navigate to: <http://nexus3.some-domain/>

## n3dr

```bash
kubectl exec -it -c n3dr nexus3-0 -n nexus3 -- ash
```

## cleanup

```bash
~/go/bin/kind delete cluster
```
22 changes: 22 additions & 0 deletions configs/k8s/kind.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
---
kind: Cluster
apiVersion: kind.x-k8s.io/v1alpha4
nodes:
- role: control-plane
kubeadmConfigPatches:
- |
kind: InitConfiguration
nodeRegistration:
kubeletExtraArgs:
node-labels: "ingress-ready=true"
system-reserved: memory=8Gi
extraPortMappings:
- containerPort: 80
hostPort: 80
protocol: TCP
- containerPort: 443
hostPort: 443
protocol: TCP
extraMounts:
- hostPath: /tmp/k8s/kind/nexus-data
containerPath: /nexus-data
182 changes: 182 additions & 0 deletions configs/k8s/nexus3.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,182 @@
---
apiVersion: v1
kind: Namespace
metadata:
name: nexus3
---
apiVersion: v1
kind: Secret
metadata:
name: n3dr
namespace: nexus3
data:
admin-password: aGVsbG93b3JsZAo=
---
apiVersion: apps/v1
kind: StatefulSet
metadata:
name: nexus3
namespace: nexus3
spec:
replicas: 1
selector:
matchLabels:
app: nexus3
serviceName: nexus3
template:
metadata:
labels:
app: nexus3
spec:
containers:
- image: sonatype/nexus3:3.59.0
imagePullPolicy: IfNotPresent
name: nexus3
livenessProbe:
failureThreshold: 6
initialDelaySeconds: 120
httpGet:
path: /
port: 8081
scheme: HTTP
periodSeconds: 60
timeoutSeconds: 30
readinessProbe:
failureThreshold: 6
initialDelaySeconds: 120
httpGet:
path: /
port: 8081
scheme: HTTP
periodSeconds: 60
timeoutSeconds: 30
ports:
- containerPort: 8081
name: nexus3
protocol: TCP
resources:
limits:
cpu: 1250m
memory: 2Gi
requests:
cpu: 1m
memory: 50Mi
securityContext:
readOnlyRootFilesystem: false
runAsUser: 8484
runAsGroup: 8484
volumeMounts:
- mountPath: /nexus-data
name: nexus3
- mountPath: /tmp
name: tmp
volumes:
- name: tmp
emptyDir: {}
volumeClaimTemplates:
- apiVersion: v1
kind: PersistentVolumeClaim
metadata:
name: nexus3
spec:
accessModes:
- ReadWriteOnce
resources:
requests:
storage: 4Gi
volumeMode: Filesystem
volumeName: nexus3
---
apiVersion: v1
kind: Service
metadata:
name: nexus3
namespace: nexus3
spec:
selector:
app: nexus3
ports:
- protocol: TCP
port: 8081
targetPort: 8081
---
apiVersion: batch/v1
kind: Job
metadata:
name: n3dr
namespace: nexus3
spec:
template:
spec:
containers:
- image: utrecht/n3dr:7.2.4
imagePullPolicy: IfNotPresent
name: n3dr
command:
- /bin/sh
- -c
- |
if [ -e /tmp/nexus-data/admin.password ]; then
echo "changing randomized generated password..."
pw=$(cat /tmp/nexus-data/admin.password)
n3dr configUser \
--changePass \
--https false \
--n3drUser admin \
--n3drURL nexus3:8081 \
--n3drPass "${pw}" \
--pass "${NEXUS_ADMIN_PASSWORD}" \
--email [email protected] \
--firstName admin \
--id admin \
--lastName admin
else
echo "initial password has been changed already"
fi
env:
- name: NEXUS_ADMIN_PASSWORD
valueFrom:
secretKeyRef:
name: n3dr
key: admin-password
volumeMounts:
- mountPath: /tmp/nexus-data
name: nexus3
volumes:
- name: nexus3
persistentVolumeClaim:
claimName: nexus3-nexus3-0
restartPolicy: Never
backoffLimit: 20
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: nexus3
namespace: nexus3
spec:
rules:
- host: nexus3.some-domain
http:
paths:
- pathType: Prefix
path: /
backend:
service:
name: nexus3
port:
number: 8081
---
apiVersion: v1
kind: PersistentVolume
metadata:
name: nexus3
namespace: nexus3
spec:
storageClassName: standard
accessModes:
- ReadWriteOnce
capacity:
storage: 4Gi
hostPath:
path: /nexus-data

0 comments on commit 446093e

Please sign in to comment.