Gitiles
Code Review Sign In
gerrit.nordix.org / onap / aaf / authz / 1ccc1ca3fbd7bc1357a4d63d5fa5a29ce3f0ab67 / . / auth / sample / bin / service.sh
blob: b6121ead101ad47a854c0921a5bc5d1c1aed6c81 [file] [log] [blame]
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]1#!/bin/bash
Instrumental9ec28952018-07-12 11:14:10 -0500[diff] [blame]2# This script is run when starting aaf_config Container.
3# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
4#
5JAVA=/usr/bin/java
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]6LOCAL=/opt/app/osaaf/local
7DATA=/opt/app/osaaf/data
8PUBLIC=/opt/app/osaaf/public
9CONFIG=/opt/app/aaf_config
Instrumental5451a502018-10-10 18:51:33 -0500[diff] [blame]10
11# If doesn't exist... still create
12mkdir -p /opt/app/osaaf
13
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]14# Temp use for clarity of code
15FILE=
Instrumental9ec28952018-07-12 11:14:10 -0500[diff] [blame]16
Instrumental365638c2018-10-01 15:26:03 -0500[diff] [blame]17# Setup Bash, first time only
18if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
19 echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
20 echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
21 chmod a+x $CONFIG/bin/agent.sh
22 . $HOME/.bash_aliases
23fi
24
Instrumental9ec28952018-07-12 11:14:10 -0500[diff] [blame]25# Only load Identities once
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]26# echo "Check Identities"
27FILE="$DATA/identities.dat"
28if [ ! -e $FILE ]; then
29 mkdir -p $DATA
30 cp $CONFIG/data/sample.identities.dat $FILE
31fi
32
33# Load up Cert/X509 Artifacts
34# echo "Check Signer Keyfile"
35FILE="$LOCAL/org.osaaf.aaf.signer.p12"
36if [ ! -e $FILE ]; then
37 mkdir -p $LOCAL
38 mkdir -p $PUBLIC
39 if [ -e $CONFIG/cert/org.osaaf.aaf.signer.p12 ]; then
40 cp $CONFIG/cert/org.osaaf.aaf.signer.p12 $FILE
41 else
42 echo "Decode"
43 base64 -d $CONFIG/cert/demoONAPsigner.p12.b64 > $FILE
44 base64 -d $CONFIG/cert/truststoreONAP.p12.b64 > $PUBLIC/truststoreONAP.p12
45 base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $PUBLIC/truststoreONAPall.jks
46 ln -s $PUBLIC/truststoreONAPall.jks $LOCAL
Instrumental365638c2018-10-01 15:26:03 -0500[diff] [blame]47 cp $CONFIG/cert/AAF_RootCA.cer $PUBLIC
48 CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]49 echo "cadi_keystore_password=something easy" >> $CONFIG/local/aaf.props
50 fi
51fi
52
53# echo "Check keyfile"
54FILE="$LOCAL/org.osaaf.aaf.p12"
55if [ ! -e $FILE ]; then
56 if [ -e $CONFIG/cert/org.osaaf.aaf.p12 ]; then
57 cp $CONFIG/cert/org.osaaf.aaf.p12 $FILE
58 else
59 echo "Bootstrap Creation of Keystore from Signer"
60 cd $CONFIG/CA
61
62 # Remove this after Casablanca
63 CADI_X509_ISSUERS="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
64 bash bootstrap.sh $LOCAL/org.osaaf.aaf.signer.p12 'something easy'
65 cp aaf.bootstrap.p12 $FILE
66 if [ -n "$CADI_X509_ISSUERS" ]; then
67 CADI_X509_ISSUERS="$CADI_X509_ISSUERS:"
68 fi
69 BOOT_ISSUER="$(cat aaf.bootstrap.issuer)"
70 CADI_X509_ISSUERS="$CADI_X509_ISSUERS$BOOT_ISSUER"
71
72 I=${BOOT_ISSUER##CN=};I=${I%%,*}
73 CM_CA_PASS="something easy"
74 CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,$LOCAL/org.osaaf.aaf.signer.p12;aaf_intermediate_9;enc:"
Instrumental365638c2018-10-01 15:26:03 -0500[diff] [blame]75 CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]76 fi
Instrumental9ec28952018-07-12 11:14:10 -0500[diff] [blame]77fi
78
79# Only initialize once, automatically...
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]80if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
81 rsync -avzh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]82 for D in public etc logs; do
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]83 rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]84 done
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]85
86 TMP=$(mktemp)
87 echo aaf_env=${AAF_ENV} >> ${TMP}
88 echo cadi_latitude=${LATITUDE} >> ${TMP}
89 echo cadi_longitude=${LONGITUDE} >> ${TMP}
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]90 echo cadi_x509_issuers=${CADI_X509_ISSUERS} >> ${TMP}
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]91 echo aaf_register_as=${AAF_REGISTER_AS} >> ${TMP}
Instrumental5451a502018-10-10 18:51:33 -0500[diff] [blame]92 LOCATOR_AS=${LOCATOR:=AAF_REGISTER_AS}
93 echo aaf_locate_url=https://${AAF_LOCATOR_AS}:8095 >> ${TMP}
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]94
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]95 cat $TMP
96
97 $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
98 cadi_etc_dir=$LOCAL \
99 cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP}
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]100 rm ${TMP}
Instrumental196000b2018-10-05 19:30:59 -0500[diff] [blame]101
102 # Cassandra Config stuff
103 # Default is expect a Cassandra on same Node
104 CASS_HOST=${CASS_HOST:="localhost:127.0.0.1"}
105 CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile)
106 CASS_NAME=${CASS_HOST/:*/}
Instrumental14f37072018-10-09 08:32:06 -0500[diff] [blame]107 sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \
Instrumental196000b2018-10-05 19:30:59 -0500[diff] [blame]108 -e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \
109 -e "s/\\(cassandra.clusters.password=enc:\\).*/\\1$CASS_PASS/" \
110 -e "s/\\(cassandra.clusters.port=\\).*/\\1${CASSANDRA_PORT:=9042}/" \
111 $LOCAL/org.osaaf.aaf.cassandra.props
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]112
113 if [ -n "$CM_CA_LOCAL" ]; then
114 if [ -n "$CM_CA_PASS" ]; then
115 CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile)
116 fi
117 # Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex
118 FILE=$LOCAL/org.osaaf.aaf.cm.ca.props
119 mv $FILE $FILE.backup
120 grep -v "cm_ca.local=" $FILE.backup > $FILE
121 echo "cm_ca.local=$CM_CA_LOCAL" >> $FILE
Instrumental365638c2018-10-01 15:26:03 -0500[diff] [blame]122 echo "cm_trust_cas=$CM_TRUST_CAS" >> $FILE
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]123 fi
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]124fi
Instrumental9ec28952018-07-12 11:14:10 -0500[diff] [blame]125
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]126
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]127# Now run a command
128CMD=$2
129if [ ! "$CMD" = "" ]; then
130 shift
131 shift
132 case "$CMD" in
133 ls)
134 echo ls requested
135 find /opt/app/osaaf -depth
136 ;;
137 cat)
138 if [ "$1" = "" ]; then
139 echo "usage: cat <file... ONLY files ending in .props>"
140 else
141 if [[ $1 == *.props ]]; then
142 echo
143 echo "## CONTENTS OF $3"
144 echo
145 cat "$1"
146 else
147 echo "### ERROR ####"
148 echo " \"cat\" may only be used with files ending with \".props\""
149 fi
150 fi
151 ;;
152 update)
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]153 rsync -uh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]154 for D in public data etc logs; do
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]155 rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]156 done
157 ;;
158 validate)
159 echo "## validate requested"
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]160 $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]161 ;;
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]162 onap)
163 echo Initializing ONAP configurations.
164 ;;
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]165 bash)
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]166 shift
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]167 cd $LOCAL || exit
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]168 /bin/bash "$@"
169 ;;
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]170 setProp)
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]171 cd $LOCAL || exit
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]172 FILES=$(grep -l "$1" ./*.props)
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]173 if [ "$FILES" = "" ]; then
174 FILES="$3"
175 ADD=Y
176 fi
177 for F in $FILES; do
178 echo "Changing $1 in $F"
179 if [ "$ADD" = "Y" ]; then
Instrumentalaeb80c82018-08-21 10:24:08 -0500[diff] [blame]180 echo "$1=$2" >> $F
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]181 else
Instrumentalaeb80c82018-08-21 10:24:08 -0500[diff] [blame]182 VALUE=${2//\//\\\/}
Instrumental6095e292018-09-06 13:27:15 -0500[diff] [blame]183 sed -i.backup -e "s/\(${1}=\).*/\1${VALUE}/" $F
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]184 fi
185 cat $F
186 done
187 ;;
188 encrypt)
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]189 cd $LOCAL || exit
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]190 echo $1
191 FILES=$(grep -l "$1" ./*.props)
192 if [ "$FILES" = "" ]; then
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]193 FILES=$LOCAL/org.osaaf.aaf.cred.props
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]194 ADD=Y
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]195 fi
196 for F in $FILES; do
197 echo "Changing $1 in $F"
198 if [ "$2" = "" ]; then
199 read -r -p "Password (leave blank to cancel): " -s ORIG_PW
200 echo " "
201 if [ "$ORIG_PW" = "" ]; then
202 echo canceling...
203 break
204 fi
205 else
206 ORIG_PW="$2"
207 fi
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]208 PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile)
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]209 if [ "$ADD" = "Y" ]; then
210 echo "$1=enc:$PWD" >> $F
211 else
212 sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
213 fi
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]214 cat $F
215 done
216 ;;
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]217 taillog)
218 sh /opt/app/osaaf/logs/taillog
219 ;;
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]220 --help | -?)
221 case "$1" in
222 "")
223 echo "--- Agent Container Comands ---"
224 echo " ls - Lists all files in Configuration"
225 echo " cat <file.props>> - Shows the contents (Prop files only)"
226 echo " validate - Runs a test using Configuration"
Instrumental9c8a8b02018-07-16 18:41:10 -0500[diff] [blame]227 echo " setProp <tag> [<value>] - set value on 'tag' (if no value, it will be queried from config)"
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]228 echo " encrypt <tag> [<pass>] - set passwords on Configuration (if no pass, it will be queried)"
229 echo " bash - run bash in Container"
230 echo " Note: the following aliases are preset"
231 echo " cadi - CADI CmdLine tool"
232 echo " agent - Agent Java tool (see above help)"
233 echo ""
234 echo " --help|-? [cadi|agent] - This help, cadi help or agent help"
235 ;;
236 cadi)
237 echo "--- cadi Tool Comands ---"
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]238 $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]239 ;;
240 agent)
241 echo "--- agent Tool Comands ---"
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]242 $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]243 ;;
244 esac
245 echo ""
246 ;;
247 *)
Instrumentalbc299c02018-09-25 06:42:31 -0500[diff] [blame]248 $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
Instrumental4ad47632018-07-13 15:49:26 -0500[diff] [blame]249 ;;
250 esac
251fi