Skip to content
Snippets Groups Projects
configure.sh 4.99 KiB
#!/bin/bash
set -e
clear

wait () {
	secs=${1}
	while [ $secs -gt 0 ]; do
		echo -ne "$secs\033[0K\r"
		sleep 1
		: $((secs--))
	done
}

echo "By default, all services except HAProxy stats and ODFE are public!"
echo "The configuration file: access.ips is used to configure external access to the services"
echo "Do you want to modify/edit this file now?"
read -p "(yes|no) [no] : " MODIFY
MODIFY=${MODIFY:-no}
case $MODIFY in
	yes|Yes|YES )
		echo modify
		echo "Please enter which editor (command) you want to use for editing this file"
		read -p "[vi] : " EDITOR
		EDITOR=${EDITOR:-vi}
		if [[ ( $EDITOR = "vi" ) || $EDITOR = "vim" ]]; then
			if `which $EDITOR > /dev/null 2>&1`; then
				echo "Instruction: "
				echo -e "\t 1. press i to edit file"
				echo -e "\t 2. modify file based on your needs"
				echo -e "\t 3. to save changes use following sequence: 'Esc : wq' and press enter"
				echo "to discard changes, use: 'Esc : q!' and press enter"
				read -p "press enter to continue ..." CONTINUE
				$EDITOR access.ips
			else
				echo "$EDITOR not found. install it and start over"
				exit 1
			fi
		else
			if `which $EDITOR > /dev/null 2>&1`; then
				$EDITOR access.ips
			else
				echo "$EDITOR not found. install it and start over"
				exit 1
			fi
		fi
		;;
	no|No|NO )
		echo no
		;;
	* )
		echo "Unknown answer, not modifying access rules!"
		;;
esac

./generate_haproxy_whitelist_files.sh
if [ $? -gt 0 ]; then
	echo "Error occurred, please check access.ips file structure. lines starting with '###' should not be modified"
	exit 1
else
	echo "Access restrictions configured successfully"
	echo ""
fi


if [ -f group_vars/all/variables.yml ]; then 
	echo "Variables file (group_vars/all/variables.yml) is already configured manually. Please take a look if everything is correct and move to the next step"
	echo
	echo "group_vars/all/variables.yml:"
	echo "============================================================"
	cat group_vars/all/variables.yml
	echo "============================================================"
else
	echo "Set the FQDN which will be used to access the soctools services (the DNS record should already be in place)"
	read -p "[$(hostname -f)]: " soctoolsproxy
	soctoolsproxy=${soctoolsproxy:-$(hostname -f)}
	echo
	echo "Organization's top level domain (will be used as organization name and organization domain in different services)"
	read -p 'domain: ' domain
		if [ -z $domain ]; then
			echo "Error: Empty string for domain! exiting..."
			exit 1
		fi
	echo
	echo
	echo
	echo "Please provide the following parameters for the first SOCTools user, which will be created during the initialization with organization admin privileges:"
	echo "username 	- Username of the user"
	echo "firstname - First name of the user"
	echo "lastname 	- Last name of the user"
	#echo "DN 	- Distinguished Name of the user, for user certificate"
	#echo "CN 	- Common Name of the user, for user certificate"
	echo "Email will be generated automatically in Username@Domain format because of format restrictions in some services"
	echo ""
	read -p "username: " username
	if [ -z "$username" ]; then
		echo "Error: Empty username! exiting..."
		exit 1
  fi
	read -p "firstname: " firstname
	read -p "lastname: " lastname
	#read -p "Enter CN for Certificate [${firstname}${lastname}]: " CN
	#CN=${CN:-${firstname}${lastname}}
	CN="$username"
	DN="CN=${CN}"
	echo
	echo
	echo
	echo "Please check the gathered variables and type 'yes' if everything is correct:"
	echo "soctoolsproxy:	$soctoolsproxy"
	echo "domain:     $domain"
	echo "firstname:  $firstname"
	echo "lastname:   $lastname"
	echo "username:   $username"
	echo "DN:         $DN"
	echo "CN:         $CN"
	echo
	echo
	read -p "Correct? type 'yes' or 'no': " ANSWER
	if [ "$ANSWER" = "yes" ]; then
		if ! [ -f group_vars/all/variables.template ]; then
			echo "template file(group_vars/all/variables.template) does not exists! exiting ..."
			exit 1
		else
			cp -f group_vars/all/variables.template group_vars/all/variables.yml
			sed -i "s/CHANGE_ME_TO_FQDN/${soctoolsproxy}/g" group_vars/all/variables.yml
			sed -i "s/soctools.test/${domain}/g" group_vars/all/variables.yml
			sed -i "11s/CHANGE_ME_FIRST_NAME/${firstname}/" group_vars/all/variables.yml
			sed -i "12s/CHANGE_ME_LAST_NAME/${lastname}/" group_vars/all/variables.yml
			sed -i "13s/soc_admin/${username}/" group_vars/all/variables.yml
			sed -i "14s/soc_admin/${username}/" group_vars/all/variables.yml
			sed -i "15s/CN=soc_admin/${DN}/" group_vars/all/variables.yml
			sed -i "16s/soc_admin/${CN}/" group_vars/all/variables.yml
			sed -i "26s/soc_admin/${username}/" group_vars/all/variables.yml
			echo
			echo
			echo "variables file generated (group_vars/all/variables.yml)"
			echo "We have configured for you the following config files: access.ips, group_vars/all/variables.yml and we have also generated HAProxy Access Control Lists in the following directory: roles/haproxy/files"
			echo ""
			echo "move to next command to deploy the soctools cluster."
			echo 'Thank You!'
		fi
	else
		echo "Exiting based of user input ..."
		exit 0
	fi
fi