#!/usr/bin/env sh
set -eu

vault_dir="/vault/secrets"

read_secret() {
  cat "${vault_dir}/$1"
}

admin_user="$(read_secret keycloak-admin__username)"
admin_password="$(read_secret keycloak-admin__password)"

export KEYCLOAK_ADMIN="${admin_user}"
export KEYCLOAK_ADMIN_USER="${admin_user}"
export KEYCLOAK_ADMIN_PASSWORD="${admin_password}"

export KC_DB_URL_DATABASE="$(read_secret keycloak-db__POSTGRES_DATABASE)"
export KC_DB_USERNAME="$(read_secret keycloak-db__POSTGRES_USER)"
export KC_DB_PASSWORD="$(read_secret keycloak-db__POSTGRES_PASSWORD)"

export PORTAL_E2E_CLIENT_ID="$(read_secret portal-e2e-client__client_id)"
export PORTAL_E2E_CLIENT_SECRET="$(read_secret portal-e2e-client__client_secret)"

export LDAP_ADMIN_PASSWORD="$(read_secret openldap-admin__LDAP_ADMIN_PASSWORD)"
export LDAP_CONFIG_PASSWORD="$(read_secret openldap-admin__LDAP_CONFIG_PASSWORD)"