senke/veza
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
veza/scripts/archive/validate-env.sh
senke 2dfde29f7d refonte: backend-api go first; phase 1
2025-12-12 21:34:34 -05:00

174 lines
5.1 KiB
Bash
Executable file
Raw Blame History

#!/bin/bash
# =============================================================================
# Environment Variables Validation Script
# =============================================================================
# This script validates that all required environment variables are set
# before starting docker-compose services.
#
# Usage:
# ./scripts/validate-env.sh [environment]
# environment: local (default), production, test
#
# =============================================================================
set -e
ENVIRONMENT=${1:-local}
ENV_FILE=".env"
# Colors for output
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
NC='\033[0m' # No Color
echo "🔍 Validating environment variables for: ${ENVIRONMENT}"
# Check if .env file exists
if [ ! -f "${ENV_FILE}" ]; then
echo -e "${RED}❌ Error: .env file not found!${NC}"
echo -e "${YELLOW}💡 Tip: Copy .env.example to .env and configure it:${NC}"
echo " cp .env.example .env"
exit 1
fi
# Load environment variables
set -a
source "${ENV_FILE}"
set +a
# Track validation errors
ERRORS=0
WARNINGS=0
# Function to check if variable is set
check_var() {
local var_name=$1
local required=$2
local value="${!var_name}"
if [ -z "$value" ]; then
if [ "$required" = "required" ]; then
echo -e "${RED}${var_name} is required but not set${NC}"
ERRORS=$((ERRORS + 1))
else
echo -e "${YELLOW}⚠️ ${var_name} is not set (optional)${NC}"
WARNINGS=$((WARNINGS + 1))
fi
else
echo -e "${GREEN}${var_name} is set${NC}"
fi
}
# Function to validate password strength
validate_password() {
local var_name=$1
local value="${!var_name}"
if [ -z "$value" ]; then
return 0
fi
if [ ${#value} -lt 8 ]; then
echo -e "${YELLOW}⚠️ ${var_name} is too short (minimum 8 characters recommended)${NC}"
WARNINGS=$((WARNINGS + 1))
fi
}
# Function to validate URL format
validate_url() {
local var_name=$1
local value="${!var_name}"
local scheme=$2 # http, https, ws, wss, postgres, redis
if [ -z "$value" ]; then
return 0
fi
if [[ ! "$value" =~ ^${scheme}:// ]]; then
echo -e "${YELLOW}⚠️ ${var_name} should start with ${scheme}://${NC}"
WARNINGS=$((WARNINGS + 1))
fi
}
echo ""
echo "📋 Checking required variables..."
# Required variables for all environments
check_var "POSTGRES_DB" "required"
check_var "POSTGRES_USER" "required"
check_var "POSTGRES_PASSWORD" "required"
check_var "DATABASE_URL" "required"
check_var "REDIS_URL" "required"
check_var "JWT_SECRET" "required"
check_var "VITE_API_URL" "required"
check_var "VITE_WS_URL" "required"
check_var "VITE_STREAM_URL" "required"
# Production-specific requirements
if [ "$ENVIRONMENT" = "production" ]; then
echo ""
echo "🔒 Checking production-specific requirements..."
check_var "REDIS_PASSWORD" "required"
# Validate password strength
validate_password "POSTGRES_PASSWORD"
validate_password "REDIS_PASSWORD"
validate_password "JWT_SECRET"
# Validate URLs use secure protocols
if [[ ! "$VITE_API_URL" =~ ^https:// ]]; then
echo -e "${YELLOW}⚠️ VITE_API_URL should use HTTPS in production${NC}"
WARNINGS=$((WARNINGS + 1))
fi
if [[ ! "$VITE_WS_URL" =~ ^wss:// ]]; then
echo -e "${YELLOW}⚠️ VITE_WS_URL should use WSS in production${NC}"
WARNINGS=$((WARNINGS + 1))
fi
if [[ ! "$VITE_STREAM_URL" =~ ^wss:// ]]; then
echo -e "${YELLOW}⚠️ VITE_STREAM_URL should use WSS in production${NC}"
WARNINGS=$((WARNINGS + 1))
fi
# Check for default/weak values
if [ "$JWT_SECRET" = "your-secret-key-here-change-in-production" ] || [ "$JWT_SECRET" = "dev-secret-key-change-in-production" ]; then
echo -e "${RED}❌ JWT_SECRET is still using default value! Change it in production.${NC}"
ERRORS=$((ERRORS + 1))
fi
if [ "$POSTGRES_PASSWORD" = "veza_password" ]; then
echo -e "${RED}❌ POSTGRES_PASSWORD is still using default value! Change it in production.${NC}"
ERRORS=$((ERRORS + 1))
fi
fi
# Validate URL formats
echo ""
echo "🔗 Validating URL formats..."
validate_url "DATABASE_URL" "postgres"
validate_url "REDIS_URL" "redis"
validate_url "VITE_API_URL" "http"
validate_url "VITE_WS_URL" "ws"
validate_url "VITE_STREAM_URL" "ws"
# Summary
echo ""
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
if [ $ERRORS -eq 0 ] && [ $WARNINGS -eq 0 ]; then
echo -e "${GREEN}✅ All checks passed!${NC}"
exit 0
elif [ $ERRORS -eq 0 ]; then
echo -e "${YELLOW}⚠️ Validation completed with ${WARNINGS} warning(s)${NC}"
echo -e "${GREEN}✅ No critical errors${NC}"
exit 0
else
echo -e "${RED}❌ Validation failed with ${ERRORS} error(s) and ${WARNINGS} warning(s)${NC}"
echo ""
echo "Please fix the errors before starting docker-compose."
exit 1
fi
Reference in a new issue View git blame Copy permalink