byarielm.fyi
ATlast — you'll never need to find your favorites on another platform again. Find your favs in the ATmosphere.
atproto
1#!/bin/bash
2# ═══════════════════════════════════════════════════════
3# ATlast Secret Generator
4# Generates all required environment variable values.
5# Usage: bash scripts/generate-secrets.sh
6# ═══════════════════════════════════════════════════════
7
8set -euo pipefail
9
10echo "# ═══════════════════════════════════════════════════"
11echo "# ATlast generated secrets — $(date -u +%Y-%m-%dT%H:%M:%SZ)"
12echo "# Copy these values into docker/.env"
13echo "# ═══════════════════════════════════════════════════"
14echo ""
15
16echo "# Database password (32 bytes of randomness, hex-encoded)"
17echo "DB_PASSWORD=$(node -e "process.stdout.write(require('crypto').randomBytes(32).toString('hex'))")"
18echo ""
19
20echo "# Token encryption key (32 bytes of randomness, hex-encoded)"
21echo "TOKEN_ENCRYPTION_KEY=$(node -e "process.stdout.write(require('crypto').randomBytes(32).toString('hex'))")"
22echo ""
23
24echo "# Generate OAUTH_PRIVATE_KEY separately (requires openssl):"
25echo "# Run the following command, then paste the output as OAUTH_PRIVATE_KEY"
26echo "# Replace actual newlines with \\n for the .env file."
27echo "#"
28echo "# openssl ecparam -genkey -name prime256v1 -noout | openssl pkcs8 -topk8 -nocrypt"
29echo ""
30
31echo "# CLOUDFLARE_TUNNEL_TOKEN: obtain from https://one.dash.cloudflare.com"
32echo "# Zero Trust → Access → Tunnels → Create a tunnel → copy the token"