From 4791f78fd0152b782195d3ba8fcf5f55e97f7886 Mon Sep 17 00:00:00 2001
From: Justin DeBo <justin.debo@gmail.com>
Date: Fri, 8 Nov 2024 15:08:24 -0600
Subject: [PATCH 1/2] Adding wetty

---
 .pre-commit-config.yaml | 31 +++++++++++++++++++++++++++++++
 scripts/setup-wetty.sh  |  9 +++++++++
 2 files changed, 40 insertions(+)
 create mode 100644 .pre-commit-config.yaml
 create mode 100644 scripts/setup-wetty.sh

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
new file mode 100644
index 0000000..bfc3df0
--- /dev/null
+++ b/.pre-commit-config.yaml
@@ -0,0 +1,31 @@
+repos:
+- repo: https://github.com/pre-commit/pre-commit-hooks
+  rev: v4.6.0
+  hooks:
+    # Git style
+    - id: check-added-large-files
+    - id: check-merge-conflict
+    - id: check-vcs-permalinks
+    - id: forbid-new-submodules
+    - id: no-commit-to-branch
+
+    # Common errors
+    - id: end-of-file-fixer
+    - id: trailing-whitespace
+      args: [--markdown-linebreak-ext=md]
+      exclude: CHANGELOG.md
+    - id: check-yaml
+    - id: check-merge-conflict
+    - id: check-executables-have-shebangs
+
+- repo: https://github.com/jumanjihouse/pre-commit-hooks
+  rev: 3.0.0
+  hooks:
+    - id: shfmt
+      args: ['-l', '-i', '2', '-ci', '-sr', '-w']
+    - id: shellcheck
+# - repo: https://github.com/antonbabenko/pre-commit-terraform
+#   rev: 1.92.1
+#   hooks:
+#     - id: terraform_fmt
+#     - id: terraform_docs
diff --git a/scripts/setup-wetty.sh b/scripts/setup-wetty.sh
new file mode 100644
index 0000000..86c087b
--- /dev/null
+++ b/scripts/setup-wetty.sh
@@ -0,0 +1,9 @@
+#!/usr/bin/env bash
+
+curl -fsSL https://get.docker.com -o get-docker.sh
+sh get-docker.sh
+rm get-docker.sh
+
+IP=$(hostname -I | awk '{print $1}')
+
+docker run --rm -d -p 3000:3000 wettyoss/wetty --ssh-host=$IP --title "DevUp Demo" --ssh-port=2332

From 21d6b6d23972dfa793e4df927da788c417911dac Mon Sep 17 00:00:00 2001
From: Justin DeBo <justin.debo@gmail.com>
Date: Mon, 9 Dec 2024 12:52:26 -0600
Subject: [PATCH 2/2] I think this is done

---
 .pre-commit-config.yaml         | 10 +++++-----
 scripts/init-db.sh              | 25 +++++++++++++++++++++++++
 scripts/linux-workshop-admin.sh |  2 +-
 3 files changed, 31 insertions(+), 6 deletions(-)

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index bfc3df0..c24a96b 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -24,8 +24,8 @@ repos:
     - id: shfmt
       args: ['-l', '-i', '2', '-ci', '-sr', '-w']
     - id: shellcheck
-# - repo: https://github.com/antonbabenko/pre-commit-terraform
-#   rev: 1.92.1
-#   hooks:
-#     - id: terraform_fmt
-#     - id: terraform_docs
+- repo: https://github.com/antonbabenko/pre-commit-terraform
+  rev: 1.92.1
+  hooks:
+    - id: terraform_fmt
+    - id: terraform_docs
diff --git a/scripts/init-db.sh b/scripts/init-db.sh
index bf409d3..6786c6d 100755
--- a/scripts/init-db.sh
+++ b/scripts/init-db.sh
@@ -67,6 +67,16 @@ sleep 3
 systemctl is-active "${postgres_service}" > /dev/null
 
 ###
+# Generate a 32-character random password with special characters
+DB_PASSWORD=$(openssl rand -base64 24 | tr -dc 'a-zA-Z0-9!@#$%^&*()' | head -c 32)
+
+# Save password to a restricted access file
+echo "${DB_PASSWORD}" > /etc/app_admin_db.pass
+chmod 600 /etc/app_admin_db.pass
+
+# Export for immediate use
+export DB_PASSWORD
+log-info "DB_PASSWORD: ${DB_PASSWORD}" #Logging for debug purposes
 log-info 'Setting up DB'
 psql -U postgres -c '
 CREATE TABLE IF NOT EXISTS scoring (
@@ -75,6 +85,21 @@ CREATE TABLE IF NOT EXISTS scoring (
   last_challenge_completed INTEGER,
   score INTEGER
 );
+
+-- Create app_admin user with a password from environment variable
+CREATE USER app_admin WITH PASSWORD '\''${DB_PASSWORD}'\'';
+
+-- Grant connect permission
+GRANT CONNECT ON DATABASE postgres TO app_admin;
+
+-- Grant usage on schema
+GRANT USAGE ON SCHEMA public TO app_admin;
+
+-- Grant specific permissions on scoring table
+GRANT SELECT, INSERT, UPDATE ON scoring TO app_admin;
+
+-- Grant permissions on sequence if you have any
+-- GRANT USAGE, SELECT ON ALL SEQUENCES IN SCHEMA public TO app_admin;
 ' > /dev/null
 
 ###
diff --git a/scripts/linux-workshop-admin.sh b/scripts/linux-workshop-admin.sh
index f3aff85..91feffc 100755
--- a/scripts/linux-workshop-admin.sh
+++ b/scripts/linux-workshop-admin.sh
@@ -67,7 +67,7 @@ _get-last-challenge-completed() {
 # _accrue-points adds monotonically-increasing point values, the rate of which
 # will increase over time at aggregate since this is called per-challenge.
 _accrue-points() {
-  psql -U postgres -h "${db_addr:-NOT_SET}" -c "
+  PGPASSWORD=$DB_PASSWORD psql -U app_admin -h "${db_addr:-NOT_SET}" -c "
     INSERT INTO scoring (
       timestamp,
       team_name,