-
Notifications
You must be signed in to change notification settings - Fork 8
/
Copy pathrun-app
executable file
·100 lines (81 loc) · 3.38 KB
/
run-app
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/bin/bash
## Runtime environment name:
ENV=${ENV:-test}
echo "Runtime Environment: $ENV"
## host domainnname:
DOMAINNAME=${DOMAINNAME:-$(hostname -A | cut -d\ -f1)}
HOSTNAME=${HOSTNAME-$(hostname)}
echo "Domain name: \"$DOMAINNAME\""
echo "Host anem: \"$HOSTNAME\""
## Shibboleth SP domainname:
if [ -z "$SHIB_SP_DOMAINNAME" ] ; then
if [ "$ENV" == "prod" ] ; then
SHIB_SP_DOMAINNAME=${DOMAINNAME/$HOSTNAME./}
else
SHIB_SP_DOMAINNAME=${DOMAINNAME/$HOSTNAME/$ENV}
fi
fi
echo "Shibboleth SP Domainname (\$SHIB_SP_DOMAINNAME): \"$SHIB_SP_DOMAINNAME\""
## Shibboleth SP domainname:
if [ -z "$SHIB_IDP_DOMAINNAME" ] ; then
if [ "$ENV" != "prod" ] && [ "$ENV" != "test" ]; then
SHIB_IDP_DOMAINNAME=directory.test.tuakiri.ac.nz
else
SHIB_IDP_DOMAINNAME=directory.tuakiri.ac.nz
fi
fi
echo "Shibboleth IdP Domainname (\$SHIB_IDP_DOMAINNAME): $SHIB_IDP_DOMAINNAME"
[ -z "$SHIB_SSO_DS_URL" ] && SHIB_SSO_DS_URL=https://${SHIB_IDP_DOMAINNAME}/ds/DS
echo "Shibboleth SSO Discovery URL: $SHIB_SSO_DS_URL"
if [ -z "$SHIB_METADATA_PROVIDER_URI" ] ; then
if [ "$ENV" != "prod" ] && [ "$ENV" != "test" ]; then
SHIB_METADATA_PROVIDER_URI=https://${SHIB_IDP_DOMAINNAME}/metadata/tuakiri-test-metadata-signed.xml
else
SHIB_METADATA_PROVIDER_URI=https://${SHIB_IDP_DOMAINNAME}/metadata/tuakiri-metadata-signed.xml
fi
fi
echo "Shibboleth metadata provider URI (\$SHIB_METADATA_PROVIDER_URI): $SHIB_METADATA_PROVIDER_URI"
if [ -z "$SHIB_METADATA_CERT_FILE" ] ; then
if [ "$ENV" != "prod" ] && [ "$ENV" != "test" ]; then
SHIB_METADATA_CERT_FILE=tuakiri-test-metadata-cert.pem
else
SHIB_METADATA_CERT_FILE=tuakiri-metadata-cert.pem
fi
fi
echo "Shibboleth metadata certificate file (\$SHIB_METADATA_CERT_FILE): $SHIB_METADATA_CERT_FILE"
export ENV SHIB_SP_DOMAINNAME SHIB_IDP_DOMAINNAME SHIB_SSO_DS_URL SHIB_METADATA_PROVIDER_URI
export SHIB_METADATA_CERT_FILE
cp /.keys/${ENV}-server.key /etc/pki/tls/private/server.key
chown root /etc/pki/tls/private/server.key
chmod 400 /etc/pki/tls/private/server.key
cp /.keys/${ENV}-server.crt /etc/pki/tls/certs/server.crt
chown root /etc/pki/tls/certs/server.crt
cp /.keys/CA.crt /etc/pki/tls/certs/CA.crt
chown root /etc/pki/tls/certs/CA.crt
if [ -z "$EXTERNAL_SP" ] ; then
cp /.keys/${ENV}-sp.key /etc/shibboleth/sp-key.pem
cp /./.keys/${ENV}-sp.crt /etc/shibboleth/sp-cert.pem
if [ ! -f /etc/shibboleth/sp-key.pem ] || [ ! -f /etc/shibboleth/sp-cert.pem ] ; then
cd /etc/shibboleth
./keygen.sh -f -h $SHIB_SP_DOMAINNAME -e https://$SHIB_SP_DOMAINNAME/shibboleth
fi
echo "Rendering Shibboleth configuration template ..."
/conf/render_template /conf/templates/shibboleth2.xml >/etc/shibboleth/shibboleth2.xml
# Run Shibboleth:
echo "Starting Shibboleth ..."
/etc/shibboleth/shibd-redhat start
fi
# Create a dirctory for application logs:
mkdir -p /var/log/orcidhub
chown -R apache:apache /var/log/orcidhub
# Run Apache:
rm -f /run/httpd/httpd.pid /usr/local/apache2/logs/httpd.pid /var/lock/subsys/shibd
echo "Starting Apache2 ..."
# Re-direct all errors to container logs:
ln -sfT /dev/stderr /var/log/httpd/error_log
# ln -sfT /dev/stdout /var/log/httpd/access_log
[ -z "$DATABASE_URL" ] && DATABASE_URL=postgresql://orcidhub@db:5432/orcidhub?sslmode=disable\&options='-c statement_timeout=100000'
export DATABASE_URL
[ -z $RQ_REDIS_URL ] && RQ_REDIS_URL=redis://redis:6379/0
export RQ_REDIS_URL
exec httpd -DFOREGROUND