-
Notifications
You must be signed in to change notification settings - Fork 6
/
Copy pathsetup
executable file
·163 lines (132 loc) · 4.61 KB
/
setup
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
#!/usr/bin/env bash
red='\033[31m'
green='\033[32m'
yellow='\033[33m'
blue='\033[34;1m'
nc='\033[0m'
command_exists () {
if ! type "$1" &> /dev/null; then
printf "\n$red%s$nc %s\n$1 %s\n%s" "[ERROR]" "Prerequisite requirements not met" "not found!" "Please make sure all requirements are installed."
exit 1
fi
}
validate_username () {
if ! [[ $ERNESTUSER =~ ^[a-zA-Z0-9@._-]*$ ]]; then
printf "$red%s$nc\n\n" "Username can only contain the following characters: a-z 0-9 @._-"
unset ERNESTUSER
fi
}
validate_password () {
if [[ ${#ERNESTPASSWORD} -lt 8 ]]; then
printf "$red%s$nc\n\n" "Minimum password length is 8 characters"
unset ERNESTPASSWORD
return
fi
if ! [[ $ERNESTPASSWORD =~ ^[a-zA-Z0-9@._-]*$ ]]; then
printf "$red%s$nc\n\n" "Password can only contain the following characters: a-z 0-9 @._-"
unset ERNESTPASSWORD
return
fi
echo
}
printf "\n$blue%s\n%s$nc\n\n" "Ernest Setup Tool" "-----------------"
# input
while [[ -z $ERNESTHOSTNAME ]]; do
printf "$blue%s$nc " "Hostname:"
read ERNESTHOSTNAME
done
if ! [[ -z $ERNESTUSER ]]; then
validate_username
fi
while [[ -z $ERNESTUSER ]]; do
printf "$blue%s$nc " "Username:"
read ERNESTUSER
validate_username
done
if ! [[ -z $ERNESTPASSWORD ]]; then
validate_password
fi
while [[ -z $ERNESTPASSWORD ]]; do
printf "$blue%s$nc " "Password:"
read -s ERNESTPASSWORD
echo
validate_password
done
# prereqs
printf "%s " "Checking prerequisites..."
command_exists wget
command_exists openssl
command_exists docker
command_exists docker-compose
printf "$green%s$nc\n\n" "done"
# license
if [[ -f license.json ]]; then
printf "%s\n%s" "License found" "Validating... "
wget https://s3-eu-west-1.amazonaws.com/ernest-tools/ernest-verifier-`uname` -O ernest-verifier &> /dev/null
chmod +x ernest-verifier
./ernest-verifier license.json &> /dev/null
if [[ ! $? == 0 ]]; then
printf "$red%s$nc\n" "failed"
exit 1
fi
printf "$green%s$nc\n" "done"
cp config/nginx/ernest.licensed config/nginx/ernest.local
if $(grep -q 'image: quay.io' docker-compose.yml); then
cp docker-compose.enterprise.yml docker-compose.yml
registryHost=$(grep registryHost license.json | awk -F \" '{printf $4}')
registryUser=$(grep registryUser license.json | awk -F \" '{printf $4}')
registryToken=$(grep registryToken license.json | awk -F \" '{printf $4}')
docker login -u $registryUser -p $registryToken $registryHost &> /dev/null
fi
fi
printf "\n%s" "Generating Certificates... "
openssl req \
-new \
-newkey rsa:4096 \
-days 365 \
-nodes \
-x509 \
-subj "/C=UK/ST=London/L=London/O=ErnestIO/CN=$ERNESTHOSTNAME" \
-keyout ./config/nginx/ernest.key \
-out ./config/nginx/ernest.crt &> /dev/null
printf "$green%s$nc\n" "done"
sed -i.bak "s/ERNESTHOSTNAME/$ERNESTHOSTNAME/g" ./config/nginx/ernest.local && rm ./config/nginx/ernest.local.bak
# Setup a random JWT Token for api-gateway
if [[ -z $TOKEN ]]; then
printf "%s" "Generating API token... "
TOKEN=`openssl rand -base64 32`
printf "$green%s$nc\n" "done"
fi
sed -i.bak "s:GENERATEDJWTSECRET:$TOKEN:g" docker-compose.yml && rm docker-compose.yml.bak
# Setup a random CRYPTO_KEY
if [[ -z $CRYPTO_KEY ]]; then
printf "%s" "Generating cryptographic key... "
CRYPTO_KEY=`openssl rand -base64 24`
printf "$green%s$nc\n" "done"
fi
sed -i.bak "s:CRYPTO_KEY_TEMPLATE:$CRYPTO_KEY:g" docker-compose.yml && rm docker-compose.yml.bak
# Make volume for postgres data
mkdir -p postgres/data
printf "\n$blue%s$nc\n\n" "Starting Ernest"
# Boot services via docker-compose or composable (if available).
composable_exists=$(command -v composable &> /dev/null; echo $?)
if [ $composable_exists -eq 0 ]; then
composable up
else
docker-compose up -d
fi
# Download the natsc tool
wget https://s3-eu-west-1.amazonaws.com/ernest-tools/natsc-`uname` -O natsc &> /dev/null
chmod +x ./natsc
# NOTE: Wait for backend services to become available.
printf "\n%s" "Waiting for services... "
./natsc request -s nats://127.0.0.1:4222 -t 5 -r 99 'authorization.find' '{}' &> /dev/null
./natsc request -s nats://127.0.0.1:4222 -t 5 -r 99 'datacenter.find' '{}' &> /dev/null
printf "$green%s$nc\n" "done"
# setup admin account
printf "%s" "Creating accounts... "
./natsc request -s nats://127.0.0.1:4222 -t 5 -r 99 'user.set' "{\"username\": \"$ERNESTUSER\", \"password\": \"$ERNESTPASSWORD\", \"type\": \"local\", \"admin\": true}" &> /dev/null
printf "$green%s$nc\n" "done"
printf "\n$green%s$nc\n\n" "Setup complete!"
printf "%s $blue%s$nc\n" "Please download the latest client from" "https://github.com/ernestio/ernest-cli/releases"
printf "%s $blue%s$nc %s $blue%s$nc %s\n" "Then configure with" "ernest-cli setup" "providing" "https://$ERNESTHOSTNAME" "as the target."