@@ -21,6 +21,10 @@ LANGUAGE="en_US"
2121# Determine the source URL to download files
2222SOURCE_URL=" https://raw.githubusercontent.com/lobehub/lobe-chat/main"
2323
24+ # Arg: --host
25+ # Determine the server host
26+ HOST=" "
27+
2428# 2. Parse script arguments
2529while getopts " fl:-:" ; do
2630 case $opt in
@@ -40,8 +44,12 @@ while getopts "fl:-:" opt; do
4044 SOURCE_URL=" ${! OPTIND} "
4145 OPTIND=$(( $OPTIND + 1 ))
4246 ;;
47+ host)
48+ HOST=" ${! OPTIND} "
49+ OPTIND=$(( $OPTIND + 1 ))
50+ ;;
4351 * )
44- echo " Usage: $0 [-f] [-l language|--lang language] [--url source]" >&2
52+ echo " Usage: $0 [-f] [-l language|--lang language] [--url source] [--host serverhost] " >&2
4553 exit 1
4654 ;;
4755 esac
@@ -122,13 +130,43 @@ show_message() {
122130 ;;
123131 esac
124132 ;;
133+ security_secrect_regenerate)
134+ case $LANGUAGE in
135+ zh_CN)
136+ echo " éę°ēęå®å
ØåÆé„..."
137+ ;;
138+ * )
139+ echo " Regenerate security secrets..."
140+ ;;
141+ esac
142+ ;;
143+ security_secrect_regenerate_failed)
144+ case $LANGUAGE in
145+ zh_CN)
146+ echo " ę ę³éę°ēęå®å
ØåÆé„ļ¼"
147+ ;;
148+ * )
149+ echo " Failed to regenerate security secrets: "
150+ ;;
151+ esac
152+ ;;
153+ security_secrect_regenerate_report)
154+ case $LANGUAGE in
155+ zh_CN)
156+ echo " å®å
ØåÆé„ēęē»ęå¦äøļ¼"
157+ ;;
158+ * )
159+ echo " Security secret generation results are as follows:"
160+ ;;
161+ esac
162+ ;;
125163 tips_run_command)
126164 case $LANGUAGE in
127165 zh_CN)
128- echo " ęØå·²ē»å®ęäŗęęé
ē½®ę件ēäøč½½ ćčÆ·čæč”仄äøå½ä»¤åÆåØLobeChatļ¼"
166+ echo " ęØå·²ē»å®ęäŗęęé
ē½® ćčÆ·čæč”仄äøå½ä»¤åÆåØLobeChatļ¼"
129167 ;;
130168 * )
131- echo " You have completed downloading all configuration files . Please run this command to start LobeChat:"
169+ echo " You have completed all configurations . Please run this command to start LobeChat:"
132170 ;;
133171 esac
134172 ;;
@@ -155,10 +193,10 @@ show_message() {
155193 tips_warning)
156194 case $LANGUAGE in
157195 zh_CN)
158- echo " č¦åļ¼äøč¦åØēäŗ§ēÆå¢äøä½æēØę¤ę¼ē¤ŗåŗēØēØåŗ ļ¼ļ¼ļ¼"
196+ echo " č¦åļ¼å¦ęä½ ę£åØēäŗ§ēÆå¢äøä½æēØļ¼čÆ·åØę„åæäøę£ę„åÆé„ęÆå¦å·²ē»ēę ļ¼ļ¼ļ¼"
159197 ;;
160198 * )
161- echo " Warning: do not use this demo application in production!!!"
199+ echo " Warning: If you are using it in a production environment, please check if the keys have been generated in the logs !!!"
162200 ;;
163201 esac
164202 ;;
@@ -235,7 +273,91 @@ download_file "$SOURCE_URL/${FILES[3]}" "s3_data.tar.gz"
235273extract_file " s3_data.tar.gz" " ."
236274rm s3_data.tar.gz
237275
238- # Display final message
276+ # ==========================
277+ # === Regenerate Secrets ===
278+ # ==========================
279+
280+ generate_key () {
281+ if [[ -z " $1 " ; then
282+ echo " Usage: generate_key <length>"
283+ return 1
284+ fi
285+ echo $( openssl rand -hex $1 | tr -d ' \n' | fold -w $1 | head -n 1)
286+ }
287+
288+ echo $( show_message " security_secrect_regenerate" )
289+
290+ # Generate CASDOOR_SECRET
291+ CASDOOR_SECRET=$( generate_key 32)
292+ if [ $? -ne 0 ]; then
293+ echo $( show_message " security_secrect_regenerate_failed" ) " CASDOOR_SECRET"
294+ else
295+ # Search and replace the value of CASDOOR_SECRET in .env
296+ sed -i " s#^AUTH_CASDOOR_SECRET=.*#AUTH_CASDOOR_SECRET=${CASDOOR_SECRET} #"
297+ if [ $? -ne 0 ]; then
298+ echo $( show_message " security_secrect_regenerate_failed" ) " AUTH_CASDOOR_SECRET in \` .env\` "
299+ fi
300+ # replace `clientSecrect` in init_data.json
301+ sed -i " s#dbf205949d704de81b0b5b3603174e23fbecc354#${CASDOOR_SECRET} #"
302+ if [ $? -ne 0 ]; then
303+ echo $( show_message " security_secrect_regenerate_failed" ) " AUTH_CASDOOR_SECRET in \` init_data.json\` "
304+ fi
305+ fi
306+
307+ # Generate Casdoor User
308+ CASDOOR_USER=" admin"
309+ CASDOOR_PASSWORD=$( generate_key 6)
310+ if [ $? -ne 0 ]; then
311+ echo $( show_message " security_secrect_regenerate_failed" ) " CASDOOR_PASSWORD"
312+ else
313+ # replace `password` in init_data.json
314+ sed -i " s/" " /${CASDOOR_PASSWORD} /"
315+ if [ $? -ne 0 ]; then
316+ echo $( show_message " security_secrect_regenerate_failed" ) " CASDOOR_PASSWORD in \` init_data.json\` "
317+ fi
318+ fi
319+
320+ # Generate Minio S3 access key
321+ # Temporarily disable key gen for minio because
322+ # minio can not start with a access key in envs
323+ # S3_SECRET_ACCESS_KEY=$(generate_key 32)
324+ # if [ $? -ne 0 ]; then
325+ # echo $(show_message "security_secrect_regenerate_failed") "S3_SECRET_ACCESS_KEY"
326+ # else
327+ # # Search and replace the value of S3_SECRET_ACCESS_KEY in .env
328+ # sed -i "s#^S3_SECRET_ACCESS_KEY=.*#S3_SECRET_ACCESS_KEY=${S3_SECRET_ACCESS_KEY}#" .env
329+ # if [ $? -ne 0 ]; then
330+ # echo $(show_message "security_secrect_regenerate_failed") "S3_SECRET_ACCESS_KEY in \`.env\`"
331+ # fi
332+ # fi
333+
334+ # Modify the .env file if the host is specified
335+ if [ -n " $HOST " ; then
336+ # Modify env
337+ sed -i " s/localhost/$HOST /g"
338+ if [ $? -ne 0 ]; then
339+ echo $( show_message " security_secrect_regenerate_failed" ) " HOST in \` .env\` "
340+ fi
341+ # Modify casdoor init data
342+ sed -i " s/localhost/$HOST /g"
343+ if [ $? -ne 0 ]; then
344+ echo $( show_message " security_secrect_regenerate_failed" ) " HOST in \` init_data.json\` "
345+ fi
346+ fi
347+
348+ # Display configuration reports
349+
350+ echo $( show_message " security_secrect_regenerate_report" )
351+
352+ if [ -n " $HOST " ; then
353+ echo -e " Server Host: $HOST "
354+ fi
355+ echo -e " Casdoor: \n - Username: admin\n - Password: ${CASDOOR_PASSWORD} \n - Client Secret: ${CASDOOR_SECRET} "
356+
357+ # ===========================
358+ # == Display final message ==
359+ # ===========================
360+
239361printf " \n%s\n\n" " $( show_message " tips_run_command" ) "
240362print_centered " docker compose up -d" " green"
241363printf " \n%s" " $( show_message " tips_show_documentation" ) "
0 commit comments