Commit 6587def1 authored by jackie / Andrea Ida Malkah Klaura's avatar jackie / Andrea Ida Malkah Klaura
Browse files

refactor and extend run.sh to do full setup from aura-config.yaml

parent 820b4db5
#!/bin/bash
# get_config_steering $1
# outputs the value of a key, if set
get_config_steering () {
grep "^$1" steering/.env | cut -d'=' -f2
}
# set_config_steering $1 $2
# checks the steering/.env file and updates the key $1 to value $2
# keys are only considered if the are found on the beginning of a line
# if the key does not exist, a new line will be added, otherwise
# the existing line will be overwritten
set_config_steering () {
if [ -z "$(get_config_steering "$1")" ]; then
echo "$1=$2" >> steering/.env
else
sed -i "s/^$1=.*$/$1=$2/" steering/.env
fi
}
# init_common
# sources .env variables and initialises variables from aura-config.yaml
# and also write the global .env file for docker-compose
init_common () {
echo "Reading required variables from aura-config.yaml"
AURA_DOMAIN="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.domain' aura-config.yaml)"
USERNAME="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.admin.username' aura-config.yaml)"
USERMAIL="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.admin.email' aura-config.yaml)"
DEBUG="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.debug' aura-config.yaml)"
# TODO: set this depending on config (should be http only for local systems)
HTTP_SCHEMA="http"
echo "Reading steering database config from aura-config.yaml"
STEERING_DB_PASS="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.steering.db_pass' aura-config.yaml)"
STEERING_DB_USER="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.steering.db_user' aura-config.yaml)"
STEERING_DB_NAME="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.steering.db_name' aura-config.yaml)"
echo "Reading tank database config from aura-config.yaml"
TANK_DB_PASS="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.tank.db_pass' aura-config.yaml)"
TANK_DB_USER="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.tank.db_user' aura-config.yaml)"
TANK_DB_NAME="$(docker run --rm -v "${PWD}"/aura-config.yaml:/workdir/aura-config.yaml mikefarah/yq eval '.aura.tanke.db_name' aura-config.yaml)"
echo "Writing global .env for docker-compose"
echo "
STEERING_DB_PASS=$STEERING_DB_PASS
STEERING_DB_USER=$STEERING_DB_USER
STEERING_DB_NAME=$STEERING_DB_NAME
TANK_DB_PASS=$TANK_DB_PASS
TANK_DB_USER=$TANK_DB_USER
TANK_DB_NAME=$TANK_DB_NAME
" > .env
}
# init_steering
# sets all needed steering/.env values and starts steering
# then initializes the steering database, creates a superuser and
# creates the OpenID Connect clients needed for the tank and dashboard config
init_steering () {
USERNAME="$(docker run --rm -v "${PWD}":/workdir mikefarah/yq eval '.aura.admin.username' aura-config.yaml)"
USERMAIL="$(docker run --rm -v "${PWD}":/workdir mikefarah/yq eval '.aura.admin.email' aura-config.yaml)"
docker-compose start steering-django
echo "Generating settings for steering/.env"
if [ ! -f steering/.env ]; then touch steering/.env; fi
# we only want to generate a new secret key, if there isn't already one there
if [ -z "$(get_config_steering SECRET_KEY)" ]; then
set_config_steering SECRET_KEY "$(tr -dc A-Z-a-z-0-9 < /dev/urandom | head -c32)"
fi
set_config_steering DBPASS $STEERING_DB_PASS
set_config_steering RUN_IN_DOCKER True
if [ "$DEBUG" = "true" ]; then
set_config_steering DEBUG True
fi
# django has to accept our configured domain as well as steering-django (due to proxying)
# TODO: localhost only makes sense if the container ports are mapped (usually in a dev setup)
set_config_steering ALLOWED_HOSTS "127.0.0.1,localhost,steering-django,$AURA_DOMAIN"
echo "Building steering-django image"
docker-compose build steering-django
echo "Starting steering-django"
docker-compose up -d steering-django
echo "Running migrations"
docker exec steering-django python manage.py migrate
echo "Loading fixtures"
docker exec steering-django sh -c 'python manage.py loaddata fixtures/*/*.json'
echo "A steering superuser account for $USERNAME <$USERMAIL> will be created."
echo "Creating steering-django superuser account for $USERNAME <$USERMAIL>."
echo "Please provide a (strong) password."
docker exec steering-django python manage.py createsuperuser --username "$USERNAME" --email "$USERMAIL"
docker exec -it steering-django python manage.py createsuperuser --username "$USERNAME" --email "$USERMAIL"
echo "Creating RSA key for OpenID Connect"
docker exec steering-django python manage.py creatersakey
DASHBOARD_CLIENT_ID="$(docker exec steering-django python manage.py create_oidc_client -r "id_token token" --no-require-consent -i -u "http://aura.local/oidc_callback.html" -u "http://aura.local/oidc_callback_silentRenew.html" -p "http://aura.local" dashboard public)"
TANK_OIDC_DETAILS="$(docker exec steering-django python manage.py create_oidc_client -r "code" -i -u "http://aura.local/tank/auth/oidc/callback" -p "http://aura.local" dashboard confidential)"
echo "Creating OIDC client for dashboard"
DASHBOARD_CLIENT_ID="$(docker exec steering-django python manage.py create_oidc_client -r "id_token token" --no-require-consent -i -u "$HTTP_SCHEMA://$AURA_DOMAIN/oidc_callback.html" -u "$HTTP_SCHEMA://$AURA_DOMAIN/oidc_callback_silentRenew.html" -p "$HTTP_SCHEMA://$AURA_DOMAIN" dashboard public)"
echo "Creating OIDC client for tank"
TANK_OIDC_DETAILS="$(docker exec steering-django python manage.py create_oidc_client -r "code" -i -u "$HTTP_SCHEMA://$AURA_DOMAIN/tank/auth/oidc/callback" -p "$HTTP_SCHEMA://$AURA_DOMAIN" dashboard confidential)"
TANK_CLIENT_ID="$(echo $TANK_OIDC_DETAILS | cut -d ' ' -f 1)"
TANK_CLIENT_SECRET="$(echo $TANK_OIDC_DETAILS | cut -d ' ' -f 2)"
echo "Stopping steering-django"
docker-compose down
}
init_tank () {
echo "todo: implement tank init"
echo "Write OIDC info to tank.yaml"
docker run --rm -v "${PWD}"/container-config/tank.yaml:/workdir/tank.yaml mikefarah/yq eval ".auth.oidc.client-id = \"$TANK_CLIENT_ID\"" -i tank.yaml
docker run --rm -v "${PWD}"/container-config/tank.yaml:/workdir/tank.yaml mikefarah/yq eval ".auth.oidc.client-secret = \"$TANK_CLIENT_SECRET\"" -i tank.yaml
docker run --rm -v "${PWD}"/container-config/tank.yaml:/workdir/tank.yaml mikefarah/yq eval ".auth.oidc.callback-url = \"$HTTP_SCHEMA://$AURA_DOMAIN/tank/auth/oidc/callback\"" -i tank.yaml
}
init_dashboard () {
echo "todo: implement dashboard init"
echo "todo: set .env.production variables according to aura config and oidc client"
# we only use the dashboard image to build the static code
# which will be used by the web server to serve under /
docker-compose run --rm dashboard
}
init_webserver () {
echo "todo"
}
start_containers () {
docker-compose up -d steering tank dashboard
}
start_webserver () {
docker-compose start aura-web
docker-compose up -d aura-web
# TODO: implement letsencrypt for prod setup
}
# TODO: create getopts interface with options to init, run and stop services
init_common
init_steering
init_tank
init_dasboard
start_webserver
\ No newline at end of file
#init_dasboard
#start_webserver
\ No newline at end of file
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment