#!/bin/bash

USERS=(ADMIN)
SECRETS=(SESSION_SECRET STORAGE_ENCRYPTION JWT_SECRET OIDC_HMAC_SECRET)
SECRET_DIR=$PWD/secrets

[ ! -d "$SECRET_DIR" ] && mkdir -p "$SECRET_DIR"

# Generate secrets
for filename in "${SECRETS[@]}"; do
    if [ ! -f "$SECRET_DIR"/"$filename" ]; then
        openssl rand -hex 64 > "$SECRET_DIR"/"$filename"
    fi
done

# Generate admin password
for filename in "${USERS[@]}"; do
    if [ ! -f "$SECRET_DIR"/"$filename" ]; then
        openssl rand -hex 12 > "$SECRET_DIR"/"$filename"
    fi
done