96 lines
2.9 KiB
Bash
96 lines
2.9 KiB
Bash
#!/bin/bash
|
|
set -euo pipefail
|
|
|
|
PMA_PASS_FILE="/var/lib/jelastic/keys/pma_root_pass"
|
|
PMA_CONFIG="/etc/phpMyAdmin/config.inc.php"
|
|
|
|
# Ensures phpMyAdmin config is set for automatic login with the given password
|
|
ensure_pma_config() {
|
|
local password="$1"
|
|
echo "🔧 Ensuring phpMyAdmin config is up-to-date..."
|
|
|
|
# Use a different delimiter for sed to handle special characters in the password
|
|
sudo sed -i "s|\(\['password'\]\s*=\s*'\)[^']*'|\1$password'|" "$PMA_CONFIG"
|
|
|
|
if ! sudo grep -q "\['auth_type'\]" "$PMA_CONFIG"; then
|
|
echo "\$cfg['Servers'][\$i]['auth_type'] = 'config';" | sudo tee -a "$PMA_CONFIG" > /dev/null
|
|
else
|
|
sudo sed -i "s/\(\['auth_type'\]\s*=\s*'\)[^']*'/\1config'/" "$PMA_CONFIG"
|
|
fi
|
|
if ! sudo grep -q "\['user'\]" "$PMA_CONFIG"; then
|
|
echo "\$cfg['Servers'][\$i]['user'] = 'root';" | sudo tee -a "$PMA_CONFIG" > /dev/null
|
|
else
|
|
sudo sed -i "s/\(\['user'\]\s*=\s*'\)[^']*'/\1root'/" "$PMA_CONFIG"
|
|
fi
|
|
}
|
|
|
|
# If password file exists, just re-apply the config. This is the fast, idempotent path.
|
|
if [ -f "$PMA_PASS_FILE" ] && [ -s "$PMA_PASS_FILE" ]; then
|
|
echo "🔑 Root password file found. Re-configuring phpMyAdmin without DB reset."
|
|
stored_password=$(sudo cat "$PMA_PASS_FILE")
|
|
ensure_pma_config "$stored_password"
|
|
exit 0
|
|
fi
|
|
|
|
# --- First time execution: Full password reset ---
|
|
echo "🔑 Root password file not found. Performing first-time password reset."
|
|
|
|
# Generate a secure password
|
|
new_password=$(openssl rand -base64 12)
|
|
|
|
# Stop MariaDB
|
|
echo "🛑 Stopping MariaDB service..."
|
|
sudo systemctl stop mariadb
|
|
sleep 3
|
|
|
|
# Start MariaDB in safe mode
|
|
echo "🔧 Starting MariaDB in safe mode (skip-grant-tables)..."
|
|
sudo mysqld_safe --skip-grant-tables --skip-networking --skip-name-resolve &
|
|
PID=$!
|
|
sleep 5
|
|
|
|
# Check if mysqld is running
|
|
if ! ps -p $PID > /dev/null; then
|
|
echo "❌ Failed to start mysqld_safe. Exiting."
|
|
exit 1
|
|
fi
|
|
|
|
# Reset root password
|
|
echo "🔄 Resetting root password..."
|
|
mysql -u root << EOF
|
|
FLUSH PRIVILEGES;
|
|
ALTER USER 'root'@'localhost' IDENTIFIED BY '$new_password';
|
|
ALTER USER 'root'@'127.0.0.1' IDENTIFIED BY '$new_password';
|
|
FLUSH PRIVILEGES;
|
|
EOF
|
|
|
|
# Check if reset succeeded
|
|
if [ $? -ne 0 ]; then
|
|
echo "❌ Failed to reset password. Cleaning up..."
|
|
sudo pkill -f mysqld
|
|
exit 1
|
|
fi
|
|
|
|
# Stop safe mode
|
|
echo "🛑 Stopping safe mode..."
|
|
sudo pkill -f mysqld_safe
|
|
sudo pkill -f mysqld
|
|
sleep 3
|
|
|
|
# Start MariaDB normally
|
|
echo "🟢 Starting MariaDB normally..."
|
|
sudo systemctl start mariadb
|
|
|
|
if sudo systemctl is-active --quiet mariadb; then
|
|
echo "✅ MariaDB is running."
|
|
ensure_pma_config "$new_password"
|
|
|
|
# Save the new password for future runs
|
|
echo "$new_password" | sudo tee "$PMA_PASS_FILE" > /dev/null
|
|
sudo chmod 600 "$PMA_PASS_FILE"
|
|
sudo chown root:root "$PMA_PASS_FILE"
|
|
echo "✅ New root password securely stored for future runs."
|
|
else
|
|
echo "❌ Failed to start MariaDB. Run: sudo systemctl status mariadb"
|
|
exit 1
|
|
fi |