#!/bin/bash set -e # Colors for output RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' NC='\033[0m' echo -e "${GREEN}[Postgre-TLS] Preparing to start PostgreSQL container...${NC}" # Create secrets directory if needed mkdir -p secrets # Generate SSL certificates if missing if [ ! -f "secrets/ca.crt" ] || [ ! -f "secrets/server.crt" ] || [ ! -f "secrets/server.key" ]; then echo -e "${YELLOW}[PloughGres] Generating SSL certificates for local development...${NC}" openssl genrsa -out secrets/ca.key 2048 openssl req -new -x509 -key secrets/ca.key -out secrets/ca.crt -days 365 \ -subj "/C=US/ST=State/L=City/O=PloughGres/CN=PloughGres-CA" -batch openssl genrsa -out secrets/server.key 2048 openssl req -new -key secrets/server.key -out secrets/server.csr \ -subj "/C=US/ST=State/L=City/O=PloughGres/CN=localhost" -batch openssl x509 -req -in secrets/server.csr \ -CA secrets/ca.crt -CAkey secrets/ca.key \ -CAcreateserial -out secrets/server.crt -days 365 rm secrets/server.csr chmod 600 secrets/server.key chmod 644 secrets/server.crt secrets/ca.crt # Remove CA private key for security rm secrets/ca.key echo -e "${GREEN}[PloughGres] SSL certificates generated in secrets/${NC}" fi # Generate password if missing if [ ! -f "secrets/postgres_password" ]; then echo -e "${YELLOW}[PloughGres] Generating random password for PostgreSQL...${NC}" openssl rand -base64 32 > secrets/postgres_password chmod 600 secrets/postgres_password echo -e "${GREEN}[PloughGres] Generated password stored in secrets/postgres_password${NC}" echo -e "${YELLOW}[PloughGres] Your PostgreSQL password is:${NC}" cat secrets/postgres_password echo "" fi # Manage container echo -e "${YELLOW}[PloughGres] Managing Docker container...${NC}" docker-compose down -v || true # Graceful down with volume removal docker-compose build docker-compose up -d echo -e "${GREEN}[PloughGres] Container started successfully!${NC}" echo -e "${YELLOW}[PloughGres] Run ./connect.sh to test the connection.${NC}"