61 lines
2.1 KiB
Bash
61 lines
2.1 KiB
Bash
#!/bin/bash
|
|
|
|
# Variables
|
|
#GRAFANA_URL="https://oglog-graf.mytld:3000"
|
|
GRAFANA_URL=$1
|
|
GRAFANA_USER="admin"
|
|
GRAFANA_PASS="admin"
|
|
#CERT="/etc/grafana/oglog-graf.mytld.crt.pem"
|
|
CERT=$2
|
|
#KEY="/etc/grafana/oglog-graf.mytld.key.pem"
|
|
KEY=$3
|
|
SA_NAME="dashboard-exporter"
|
|
TOKEN_NAME="dashboard-export-token"
|
|
TOKEN_TTL=3600
|
|
TOKEN_FILE="./grafana_token.txt"
|
|
|
|
# 1. Buscar si ya existe el Service Account
|
|
SA_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
|
|
"$GRAFANA_URL/api/serviceaccounts/search" \
|
|
| jq -r '.serviceAccounts[] | select(.name=="'"$SA_NAME"'") | .id')
|
|
|
|
# 2. Crear si no existe
|
|
if [ -z "$SA_ID" ]; then
|
|
echo "Creando Service Account: $SA_NAME"
|
|
SA_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
|
|
-H "Content-Type: application/json" \
|
|
-d '{ "name": "'"$SA_NAME"'", "role": "Admin" }' \
|
|
"$GRAFANA_URL/api/serviceaccounts" | jq -r '.id')
|
|
echo "Service Account creado con ID: $SA_ID"
|
|
else
|
|
echo "Service Account ya existe con ID: $SA_ID"
|
|
fi
|
|
|
|
# 3. Verificamos si el fichero con el token existe
|
|
if [ -f "$TOKEN_FILE" ]; then
|
|
echo "El token ya fue generado y está guardado en $TOKEN_FILE."
|
|
echo "Para forzar su regeneración, borra el archivo manualmente."
|
|
else
|
|
echo "Buscando token existente con nombre $TOKEN_NAME..."
|
|
|
|
TOKEN_ID=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
|
|
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens" \
|
|
| jq -r '.[] | select(.name=="'"$TOKEN_NAME"'") | .id')
|
|
|
|
if [ -n "$TOKEN_ID" ]; then
|
|
echo "Borrando token anterior con ID $TOKEN_ID..."
|
|
curl -s -X DELETE --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
|
|
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens/$TOKEN_ID" > /dev/null
|
|
fi
|
|
|
|
echo "Creando nuevo token..."
|
|
TOKEN=$(curl -s --cert "$CERT" --key "$KEY" -u $GRAFANA_USER:$GRAFANA_PASS \
|
|
-H "Content-Type: application/json" \
|
|
-d '{ "name": "'"$TOKEN_NAME"'", "secondsToLive": '"$TOKEN_TTL"' }' \
|
|
"$GRAFANA_URL/api/serviceaccounts/$SA_ID/tokens" | jq -r '.key')
|
|
|
|
echo "$TOKEN" > "$TOKEN_FILE"
|
|
echo "Token guardado en $TOKEN_FILE"
|
|
fi
|
|
|