| Piotr Perzanowski | 4e3b228 | 2018-12-18 15:51:39 +0100 | [diff] [blame] | 1 | #! /usr/bin/env bash |
| 2 | # COPYRIGHT NOTICE STARTS HERE |
| 3 | # |
| 4 | # Copyright 2018 © Samsung Electronics Co., Ltd. |
| 5 | # |
| 6 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 7 | # you may not use this file except in compliance with the License. |
| 8 | # You may obtain a copy of the License at |
| 9 | # |
| 10 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | # |
| 12 | # Unless required by applicable law or agreed to in writing, software |
| 13 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | # See the License for the specific language governing permissions and |
| 16 | # limitations under the License. |
| 17 | # |
| 18 | # COPYRIGHT NOTICE ENDS HERE |
| 19 | # fail fast |
| 20 | set -e |
| 21 | # OS check |
| 22 | . /etc/os-release |
| 23 | OS_ID="${ID}" |
| 24 | case "$OS_ID" in |
| 25 | centos) |
| 26 | ;; |
| 27 | rhel) |
| 28 | ;; |
| 29 | ubuntu) |
| 30 | ;; |
| 31 | *) |
| 32 | echo This OS is not supported: $OS_ID |
| 33 | exit 1 |
| 34 | ;; |
| 35 | esac |
| 36 | # boilerplate |
| 37 | RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' |
| 38 | if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then |
| 39 | SCRIPT_DIR=$(dirname "${0}") |
| 40 | LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") |
| 41 | . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh |
| 42 | fi |
| 43 | # |
| 44 | # local functions |
| 45 | # |
| 46 | start_nexus() { |
| 47 | echo "** Starting nexus **" |
| 48 | if [[ -z "$NEXUS_DATA" ]]; then |
| 49 | echo "Nexus data env is not set" |
| 50 | exit -3 |
| 51 | fi |
| 52 | # valid for case of fresh nexus deployment |
| 53 | # data are inserted in later phases |
| 54 | mkdir -p $NEXUS_DATA |
| 55 | # hardening |
| 56 | chmod a+wrX $NEXUS_DATA |
| 57 | chown -R 200:200 $NEXUS_DATA |
| 58 | docker rm -f nexus 1> /dev/null 2>&1 || true |
| 59 | docker run -d --name nexus\ |
| 60 | --restart unless-stopped \ |
| 61 | -v $NEXUS_DATA:/nexus-data:rw \ |
| 62 | sonatype/nexus3 |
| 63 | echo "** Creating docker network **" |
| 64 | docker network create nexus_network |
| 65 | docker network connect nexus_network nexus |
| 66 | } |
| 67 | start_nginx() { |
| 68 | echo "** Starting reverse proxy - nginx **" |
| 69 | docker rm -f nginx 1> /dev/null 2>&1 || true |
| 70 | mkdir -p $NGINX_HTTP_DIR/repo.install-server |
| 71 | mkdir -p "$NGINX_HTTP_DIR/repo.install-server" |
| 72 | docker run -d -p 80:80 -p 443:443 -p 10001:443 \ |
| 73 | --name nginx \ |
| 74 | --network nexus_network \ |
| 75 | -v $GEN_CFG_PATH/nginx.conf:/etc/nginx/nginx.conf:ro \ |
| 76 | -v $CERTS_TARGET_PATH:/etc/nginx/certs:ro \ |
| 77 | -v $GIT_REPOS:/srv/git:rw \ |
| 78 | -v $NGINX_LOG_DIR:/var/log/nginx:rw \ |
| 79 | -v $NGINX_HTTP_DIR:/srv/http:ro \ |
| 80 | -v $RHEL_REPO:/srv/http/repo.install-server:ro \ |
| 81 | --restart unless-stopped \ |
| 82 | own_nginx |
| 83 | } |
| 84 | patch_cert() { |
| 85 | file=$1 |
| 86 | cp "$APROJECT_DIR/cfg/$file" "$GEN_CFG_PATH/$file" |
| 87 | } |
| 88 | patch_conf_files() { |
| 89 | # patch nexus and root cert |
| 90 | patch_cert nexus_cert.cnf |
| 91 | patch_cert cacert.cnf |
| 92 | # patch nexus v3 ext cert |
| 93 | sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/v3.ext" > $GEN_CFG_PATH/v3.ext |
| 94 | #patch nginx.conf |
| 95 | sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/nginx.conf" > $GEN_CFG_PATH/nginx.conf |
| 96 | } |
| 97 | # |
| 98 | # body |
| 99 | # |
| 100 | message info "Nexus will be installed into this directory: $(pwd)" |
| 101 | if ! [ -f ./local_repo.conf ]; then |
| 102 | printf "[?] > Do you want continue? (if no, hit CTRL+C): " |
| 103 | read x |
| 104 | fi |
| 105 | message info "Reading configuration" |
| 106 | get_configuration |
| 107 | mkdir -p "$CERTS_TARGET_PATH" |
| 108 | mkdir -p "$NGINX_LOG_DIR" |
| 109 | mkdir -p "$GEN_CFG_PATH" |
| 110 | if [ "$IS_SELF_EXTRACT" = YES ] ; then |
| 111 | message info "Now I will untar the resources" |
| 112 | message info "This may take a long time..." |
| 113 | sleep 3s |
| 114 | may_self_extract |
| 115 | fi |
| 116 | # |
| 117 | echo "Cleanup docker (if installed)" |
| 118 | docker rm -f nginx 1> /dev/null 2>&1 || true |
| 119 | docker rm -f nexus 1> /dev/null 2>&1 || true |
| 120 | install_files |
| 121 | install_packages "$OS_ID" |
| 122 | setup_vnc_server |
| 123 | update_hosts |
| 124 | # TODO |
| 125 | #check_dependencies |
| 126 | echo "Restarting dnsmasq" |
| 127 | systemctl enable dnsmasq |
| 128 | systemctl restart dnsmasq |
| 129 | echo "** Generating config files to $GEN_CFG_PATH **" |
| 130 | echo "Configure ssl certificates" |
| 131 | patch_conf_files |
| 132 | create_root_CA |
| 133 | # create selfinstall CA cert |
| 134 | $BASH_SCRIPTS_DIR/tools/create_si_cacert_pkg.sh |
| 135 | # run generated file |
| 136 | ./install_cacert.sh |
| 137 | create_cert "nexus" |
| 138 | echo "** Certificates finished **" |
| 139 | update_docker_cfg |
| 140 | echo "Restarting docker" |
| 141 | systemctl enable docker |
| 142 | systemctl restart docker |
| 143 | update_firewall |
| 144 | set +e |
| 145 | echo "** Loading images **" |
| 146 | docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/sonatype_nexus3_latest.tar |
| 147 | docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/own_nginx_latest.tar |
| 148 | start_nexus |
| 149 | start_nginx |