auth/sample/bin/service.sh

   1 #!/bin/bash
   2 # This script is run when starting aaf_config Container.
   3 #  It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
   4 #
   5 JAVA=/usr/bin/java
   6 LOCAL=/opt/app/osaaf/local
   7 DATA=/opt/app/osaaf/data
   8 PUBLIC=/opt/app/osaaf/public
   9 CONFIG=/opt/app/aaf_config
  10 # Temp use for clarity of code
  11 FILE=
  12
  13 # Only load Identities once
  14 # echo "Check Identities"
  15 FILE="$DATA/identities.dat"
  16 if [ ! -e $FILE ]; then
  17     mkdir -p $DATA
  18     cp $CONFIG/data/sample.identities.dat $FILE
  19 fi
  20
  21 # Load up Cert/X509 Artifacts
  22 # echo "Check Signer Keyfile"
  23 FILE="$LOCAL/org.osaaf.aaf.signer.p12"
  24 if [ ! -e $FILE ]; then
  25     mkdir -p $LOCAL
  26     mkdir -p $PUBLIC
  27     if [ -e $CONFIG/cert/org.osaaf.aaf.signer.p12 ]; then
  28         cp $CONFIG/cert/org.osaaf.aaf.signer.p12 $FILE
  29     else
  30         echo "Decode"
  31         base64 -d $CONFIG/cert/demoONAPsigner.p12.b64 > $FILE
  32         base64 -d $CONFIG/cert/truststoreONAP.p12.b64 > $PUBLIC/truststoreONAP.p12
  33         base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $PUBLIC/truststoreONAPall.jks
  34         ln -s $PUBLIC/truststoreONAPall.jks $LOCAL
  35         echo "cadi_keystore_password=something easy" >> $CONFIG/local/aaf.props
  36     fi
  37 fi
  38
  39 # echo "Check keyfile"
  40 FILE="$LOCAL/org.osaaf.aaf.p12"
  41 if [ ! -e $FILE ]; then
  42     if [ -e $CONFIG/cert/org.osaaf.aaf.p12 ]; then
  43         cp $CONFIG/cert/org.osaaf.aaf.p12 $FILE
  44     else
  45         echo "Bootstrap Creation of Keystore from Signer"
  46         cd $CONFIG/CA
  47
  48         # Remove this after Casablanca
  49         CADI_X509_ISSUERS="CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US"
  50         bash bootstrap.sh $LOCAL/org.osaaf.aaf.signer.p12 'something easy'
  51         cp aaf.bootstrap.p12 $FILE
  52         if [ -n "$CADI_X509_ISSUERS" ]; then
  53             CADI_X509_ISSUERS="$CADI_X509_ISSUERS:"
  54         fi
  55         BOOT_ISSUER="$(cat aaf.bootstrap.issuer)"
  56         CADI_X509_ISSUERS="$CADI_X509_ISSUERS$BOOT_ISSUER"
  57
  58         I=${BOOT_ISSUER##CN=};I=${I%%,*}
  59         CM_CA_PASS="something easy"
  60         CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,$LOCAL/org.osaaf.aaf.signer.p12;aaf_intermediate_9;enc:"
  61     fi
  62 fi
  63
  64 # Only initialize once, automatically...
  65 if [ ! -e $LOCAL/org.osaaf.aaf.props ]; then
  66     rsync -avzh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
  67     for D in public etc logs; do
  68         rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
  69     done
  70
  71     TMP=$(mktemp)
  72     echo aaf_env=${AAF_ENV} >> ${TMP}
  73     echo cadi_latitude=${LATITUDE} >> ${TMP}
  74     echo cadi_longitude=${LONGITUDE} >> ${TMP}
  75     echo cadi_x509_issuers=${CADI_X509_ISSUERS} >> ${TMP}
  76     echo aaf_register_as=${AAF_REGISTER_AS} >> ${TMP}
  77     echo aaf_locate_url=https://${AAF_REGISTER_AS}:8095 >> ${TMP}
  78
  79     cat $TMP
  80
  81     $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config aaf@aaf.osaaf.org \
  82         cadi_etc_dir=$LOCAL \
  83         cadi_prop_files=$CONFIG/local/initialConfig.props:$CONFIG/local/aaf.props:${TMP}
  84     rm ${TMP}
  85     # Default Password for Default Cass
  86     CASS_PASS=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "cassandra" $LOCAL/org.osaaf.aaf.keyfile)
  87     sed -i.backup -e "s/\\(cassandra.clusters.password=enc:\\)/\\1$CASS_PASS/" $LOCAL/org.osaaf.aaf.cassandra.props
  88
  89     if [ -n "$CM_CA_LOCAL" ]; then
  90       if [ -n "$CM_CA_PASS" ]; then
  91           CM_CA_LOCAL=$CM_CA_LOCAL$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$CM_CA_PASS" $LOCAL/org.osaaf.aaf.keyfile)
  92       fi
  93       # Move and copy method, rather than sed, because of slashes in CM_CA_LOCAL makes too complex
  94       FILE=$LOCAL/org.osaaf.aaf.cm.ca.props
  95       mv $FILE $FILE.backup
  96       grep -v "cm_ca.local=" $FILE.backup > $FILE
  97       echo "cm_ca.local=$CM_CA_LOCAL" >> $FILE
  98     fi
  99 fi
 100
 101
 102 # Now run a command
 103 CMD=$2
 104 if [ ! "$CMD" = "" ]; then
 105     shift
 106     shift
 107     case "$CMD" in
 108     ls)
 109         echo ls requested
 110         find /opt/app/osaaf -depth
 111         ;;
 112     cat)
 113         if [ "$1" = "" ]; then
 114             echo "usage: cat <file... ONLY files ending in .props>"
 115         else
 116             if [[ $1 == *.props ]]; then
 117                 echo
 118                 echo "## CONTENTS OF $3"
 119                 echo
 120                 cat "$1"
 121             else
 122                 echo "### ERROR ####"
 123                 echo "   \"cat\" may only be used with files ending with \".props\""
 124             fi
 125         fi
 126         ;;
 127     update)
 128         rsync -uh --exclude=.gitignore $CONFIG/local/org.osaaf.aaf* $LOCAL
 129         for D in public data etc logs; do
 130             rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
 131         done
 132         ;;
 133     validate)
 134         echo "## validate requested"
 135         $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate cadi_prop_files=$LOCAL/org.osaaf.aaf.props
 136         ;;
 137     onap)
 138         echo Initializing ONAP configurations.
 139         ;;
 140     bash)
 141         echo "alias agent='/bin/bash $CONFIG/bin/agent.sh EMPTY \$*'" >>~/.bashrc
 142         if [ ! "$(grep aaf_config ~/.bashrc)" = "" ]; then
 143             echo "alias cadi='/bin/bash $CONFIG/bin/agent.sh EMPTY cadi \$*'" >>~/.bashrc
 144             echo "alias agent='/bin/bash $CONFIG/bin/agent.sh EMPTY \$*'" >>~/.bashrc
 145             #. ~/.bashrc
 146         fi
 147         shift
 148         cd $LOCAL || exit
 149         /bin/bash "$@"
 150         ;;
 151     setProp)
 152         cd $LOCAL || exit
 153         FILES=$(grep -l "$1" ./*.props)
 154         if [ "$FILES" = "" ]; then
 155             FILES="$3"
 156             ADD=Y
 157         fi
 158         for F in $FILES; do
 159             echo "Changing $1 in $F"
 160             if [ "$ADD" = "Y" ]; then
 161                 echo "$1=$2" >> $F
 162             else
 163                 VALUE=${2//\//\\\/}
 164                 sed -i.backup -e "s/\(${1}=\).*/\1${VALUE}/" $F
 165             fi
 166             cat $F
 167         done
 168         ;;
 169     encrypt)
 170         cd $LOCAL || exit
 171         echo $1
 172         FILES=$(grep -l "$1" ./*.props)
 173         if [ "$FILES" = "" ]; then
 174              FILES=$LOCAL/org.osaaf.aaf.cred.props
 175              ADD=Y
 176         fi
 177         for F in $FILES; do
 178             echo "Changing $1 in $F"
 179             if [ "$2" = "" ]; then
 180                 read -r -p "Password (leave blank to cancel): " -s ORIG_PW
 181                 echo " "
 182                 if [ "$ORIG_PW" = "" ]; then
 183                     echo canceling...
 184                     break
 185                 fi
 186             else
 187                 ORIG_PW="$2"
 188             fi
 189             PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/org.osaaf.aaf.keyfile)
 190             if [ "$ADD" = "Y" ]; then
 191                   echo "$1=enc:$PWD" >> $F
 192             else
 193                 sed -i.backup -e "s/\\($1.*enc:\\).*/\\1$PWD/" $F
 194            fi
 195             cat $F
 196         done
 197         ;;
 198     taillog)
 199         sh /opt/app/osaaf/logs/taillog
 200         ;;
 201     --help | -?)
 202         case "$1" in
 203         "")
 204             echo "--- Agent Container Comands ---"
 205             echo "  ls                      - Lists all files in Configuration"
 206             echo "  cat <file.props>>       - Shows the contents (Prop files only)"
 207             echo "  validate                - Runs a test using Configuration"
 208             echo "  setProp <tag> [<value>] - set value on 'tag' (if no value, it will be queried from config)"
 209             echo "  encrypt <tag> [<pass>]  - set passwords on Configuration (if no pass, it will be queried)"
 210             echo "  bash                    - run bash in Container"
 211             echo "     Note: the following aliases are preset"
 212             echo "       cadi               - CADI CmdLine tool"
 213             echo "       agent              - Agent Java tool (see above help)"
 214             echo ""
 215             echo " --help|-? [cadi|agent]   - This help, cadi help or agent help"
 216             ;;
 217         cadi)
 218             echo "--- cadi Tool Comands ---"
 219             $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
 220             ;;
 221         agent)
 222             echo "--- agent Tool Comands ---"
 223             $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
 224             ;;
 225         esac
 226         echo ""
 227         ;;
 228     *)
 229         $JAVA -Dcadi_prop_files=$LOCAL/org.osaaf.aaf.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
 230         ;;
 231     esac
 232 fi