Permit to set the postgres lavaserver password

By setting pg_lava_password, the final lavaserver password will be set
to this value.

4 files changed, 16 insertions, 3 deletions

diff --git a/README.md b/README.md
index 5895a51..bb4b02f 100644
--- a/README.md
+++ b/README.md
@@ -221,6 +221,7 @@ masters:
     slave_keys:			optional path to a directory with slaves public key. Usefull when you want to create a master without slaves nodes in boards.yaml.
     lava-coordinator:		Does the master should ran a lava-coordinator and export its port
     persistent_db: True/False	(default False) Is the postgres DB is persistent over reboot
+    pg_lava_password:		The Postgres lavaserver password to set
     http_fqdn:			The FQDN used to access the LAVA web interface. This is necessary if you use https otherwise you will issue CSRF errors.
     healthcheck_url:		Hack healthchecks hosting URL. See hosting healthchecks below
     build_args:
diff --git a/lava-master/Dockerfile b/lava-master/Dockerfile
index 5bf989a..6396253 100644
--- a/lava-master/Dockerfile
+++ b/lava-master/Dockerfile
@@ -39,6 +39,8 @@ COPY apache2/ /etc/apache2/
 # Fixes 'postgresql ERROR:  invalid locale name: "en_US.UTF-8"' when restoring a backup
 RUN echo "en_US.UTF-8 UTF-8" >> /etc/locale.gen && locale-gen en_US.UTF-8
 
+COPY pg_lava_password /root
+
 # TODO: send this fix to upstream
 RUN sed -i 's,find /root/entrypoint.d/ -type f,find /root/entrypoint.d/ -type f | sort,' /root/entrypoint.sh
 # TODO: send this fix to upstream
diff --git a/lava-master/entrypoint.d/01_setup.sh b/lava-master/entrypoint.d/01_setup.sh
index 53db47e..95b180b 100755
--- a/lava-master/entrypoint.d/01_setup.sh
+++ b/lava-master/entrypoint.d/01_setup.sh
@@ -1,8 +1,11 @@
 #!/bin/bash
 
 # always reset the lavaserver user, since its password could have been reseted in a "docker build --nocache"
-if [ ! -e /root/pg_lava_password ];then
-       < /dev/urandom tr -dc A-Za-z0-9 | head -c16 > /root/pg_lava_password
+if [ ! -s /root/pg_lava_password ];then
+	echo "DEBUG: Generating a random LAVA password"
+	< /dev/urandom tr -dc A-Za-z0-9 | head -c16 > /root/pg_lava_password
+else
+	echo "DEBUG: use the given LAVA password"
 fi
 sudo -u postgres psql -c "ALTER USER lavaserver WITH PASSWORD '$(cat /root/pg_lava_password)';" || exit $?
 if [ -e /etc/lava-server/instance.conf ];then
diff --git a/lavalab-gen.py b/lavalab-gen.py
index 521deda..fbe2df9 100755
--- a/lavalab-gen.py
+++ b/lavalab-gen.py
@@ -121,7 +121,7 @@ def main():
             "healthcheck_url", "host", "http_fqdn",
             "loglevel", "lava-coordinator",
             "name",
-            "persistent_db",
+            "persistent_db", "pg_lava_password",
             "slave_keys", "slaveenv", "smtp",
             "tokens", "type",
             "users",
@@ -172,6 +172,13 @@ def main():
         groupdir = "%s/groups" % workerdir
         os.mkdir(groupdir)
         worker = master
+        if "pg_lava_password" in master:
+            f_pg = open("%s/pg_lava_password" % workerdir, 'w')
+            f_pg.write(master["pg_lava_password"])
+            f_pg.close()
+        else:
+            f_pg = open("%s/pg_lava_password" % workerdir, 'w')
+            f_pg.close()
         if "version" in worker:
             dockerfile = open("%s/Dockerfile" % workerdir, "r+")
             dockerfilec = re.sub('(^FROM.*:).*', '\g<1>%s' % worker["version"], dockerfile.read())