NS=${NS}${FQIA_E[i]}'.'
done
NS=${NS}${FQIA_E[0]}
-
+CONFIG="/opt/app/aaf_config"
+LOCAL="/opt/app/osaaf/local"
+DOT_AAF="$HOME/.aaf"
+SSO="$DOT_AAF/sso.props"
+
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+ echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ chmod a+x $CONFIG/bin/agent.sh
+ . $HOME/.bash_aliases
+fi
# Setup SSO info for Deploy ID
function sso_encrypt() {
- $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} ~/.aaf/keyfile
+ $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine digest ${1} $DOT_AAF/keyfile
}
-if [ ! -e " ~/.aaf/keyfile" ]; then
- mkdir -p ~/.aaf
- SSO=~/.aaf/sso.props
- $JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen ~/.aaf/keyfile
- chmod 400 ~/.aaf/keyfile
+
+if [ ! -e "$DOT_AAF/keyfile" ]; then
+ mkdir -p $DOT_AAF
+ echo "WRITING $DOT_AAF Props ($SSO)"
+ $JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine keygen $DOT_AAF/keyfile
+ chmod 400 $DOT_AAF/keyfile
echo cadi_latitude=${LATITUDE} > ${SSO}
echo cadi_longitude=${LONGITUDE} >> ${SSO}
echo aaf_id=${DEPLOY_FQI} >> ${SSO}
fi
echo aaf_locate_url=https://${AAF_FQDN}:8095 >> ${SSO}
echo aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:${AAF_INTERFACE_VERSION} >> ${SSO}
- echo cadi_truststore=$(ls /opt/app/aaf_config/public/*trust*) >> ${SSO}
+
+ base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $DOT_AAF/truststoreONAPall.jks
+ echo "cadi_truststore=$DOT_AAF/truststoreONAPall.jks" >> ${SSO}
echo cadi_truststore_password=enc:$(sso_encrypt changeit) >> ${SSO}
fi
# Only initialize once, automatically...
-if [ ! -e /opt/app/osaaf/local/${NS}.props ]; then
+if [ ! -e $LOCAL/${NS}.props ]; then
+ mkdir -p $LOCAL
for D in bin logs; do
- rsync -avzh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -avzh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
# setup Configs
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
- cadi_etc_dir=/opt/app/osaaf/local
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar config $APP_FQI \
+ cadi_etc_dir=$LOCAL cadi_prop_files=$SSO
# Place Certificates
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN}
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar place ${APP_FQI} ${APP_FQDN}
# Validate
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate \
- cadi_prop_files=/opt/app/osaaf/local/${NS}.props
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate \
+ cadi_prop_files=$LOCAL/${NS}.props
fi
# Now run a command
;;
update)
for D in bin logs; do
- rsync -uh --exclude=.gitignore /opt/app/aaf_config/$D/* /opt/app/osaaf/$D
+ rsync -uh --exclude=.gitignore $CONFIG/$D/* /opt/app/osaaf/$D
done
;;
showpass)
echo "## Show Passwords"
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar showpass ${APP_FQI} ${APP_FQDN}
;;
check)
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar check ${APP_FQI} ${APP_FQDN}
;;
validate)
echo "## validate requested"
- $JAVA -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar validate /opt/app/osaaf/local/${NS}.props
+ $JAVA -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar validate $LOCAL/${NS}.props
;;
bash)
- if [ ! -e ~/.bash_aliases ]; then
- echo "alias cadi='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >~/.bash_aliases
- echo "alias agent='$JAVA -cp /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.configure.Agent \$*'" >>~/.bash_aliases
- fi
+ #if [ ! -e $HOME/bash_aliases ]; then
+ # echo "alias cadi='$JAVA -cp $CONFIG/bin/aaf-cadi-aaf-*-full.jar org.onap.aaf.cadi.CmdLine \$*'" >$HOME/bash_aliases
+ # echo "alias agent='/bin/bash $CONFIG/bin/agent.sh no-op \$*'" >>$HOME/bash_aliases
+ #fi
shift
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
/bin/bash "$@"
;;
setProp)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
FILES="$3"
done
;;
encrypt)
- cd /opt/app/osaaf/local || exit
+ cd $LOCAL || exit
echo $1
FILES=$(grep -l "$1" ./*.props)
if [ "$FILES" = "" ]; then
- FILES=/opt/app/osaaf/local/${NS}.cred.props
+ FILES=$LOCAL/${NS}.cred.props
ADD=Y
fi
for F in $FILES; do
else
ORIG_PW="$2"
fi
- PWD=$("$JAVA" -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" /opt/app/osaaf/local/${NS}.keyfile)
+ PWD=$("$JAVA" -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi digest "$ORIG_PW" $LOCAL/${NS}.keyfile)
if [ "$ADD" = "Y" ]; then
echo "$1=enc:$PWD" >> $F
else
;;
cadi)
echo "--- cadi Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar cadi | tail -n +6
;;
agent)
echo "--- agent Tool Comands ---"
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar
;;
esac
echo ""
;;
*)
- $JAVA -Dcadi_prop_files=/opt/app/osaaf/local/${NS}.props -jar /opt/app/aaf_config/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
+ $JAVA -Dcadi_prop_files=$LOCAL/${NS}.props -jar $CONFIG/bin/aaf-cadi-aaf-*-full.jar "$CMD" "$@"
;;
esac
fi
# Temp use for clarity of code
FILE=
+# Setup Bash, first time only
+if [ ! -e "$HOME/.bash_aliases" ] || [ -z "$(grep aaf_config $HOME/.bash_aliases)" ]; then
+ echo "alias cadi='$CONFIG/bin/agent.sh EMPTY cadi \$*'" >>$HOME/.bash_aliases
+ echo "alias agent='$CONFIG/bin/agent.sh EMPTY \$*'" >>$HOME/.bash_aliases
+ chmod a+x $CONFIG/bin/agent.sh
+ . $HOME/.bash_aliases
+fi
+
# Only load Identities once
# echo "Check Identities"
FILE="$DATA/identities.dat"
base64 -d $CONFIG/cert/truststoreONAP.p12.b64 > $PUBLIC/truststoreONAP.p12
base64 -d $CONFIG/cert/truststoreONAPall.jks.b64 > $PUBLIC/truststoreONAPall.jks
ln -s $PUBLIC/truststoreONAPall.jks $LOCAL
+ cp $CONFIG/cert/AAF_RootCA.cer $PUBLIC
+ CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
echo "cadi_keystore_password=something easy" >> $CONFIG/local/aaf.props
fi
fi
I=${BOOT_ISSUER##CN=};I=${I%%,*}
CM_CA_PASS="something easy"
CM_CA_LOCAL="org.onap.aaf.auth.cm.ca.LocalCA,$LOCAL/org.osaaf.aaf.signer.p12;aaf_intermediate_9;enc:"
+ CM_TRUST_CAS="$PUBLIC/AAF_RootCA.cer"
fi
fi
mv $FILE $FILE.backup
grep -v "cm_ca.local=" $FILE.backup > $FILE
echo "cm_ca.local=$CM_CA_LOCAL" >> $FILE
+ echo "cm_trust_cas=$CM_TRUST_CAS" >> $FILE
fi
fi
echo Initializing ONAP configurations.
;;
bash)
- echo "alias agent='/bin/bash $CONFIG/bin/agent.sh EMPTY \$*'" >>~/.bashrc
- if [ ! "$(grep aaf_config ~/.bashrc)" = "" ]; then
- echo "alias cadi='/bin/bash $CONFIG/bin/agent.sh EMPTY cadi \$*'" >>~/.bashrc
- echo "alias agent='/bin/bash $CONFIG/bin/agent.sh EMPTY \$*'" >>~/.bashrc
- #. ~/.bashrc
- fi
shift
cd $LOCAL || exit
/bin/bash "$@"
Code Review / aaf / authz.git / commitdiff