-
Václav Bartoš authored
firstname and lastname are optional (can be empty) - they are not needed in any of the tools.
Václav Bartoš authoredfirstname and lastname are optional (can be empty) - they are not needed in any of the tools.
configure.sh 4.99 KiB
#!/bin/bash
set -e
clear
wait () {
secs=${1}
while [ $secs -gt 0 ]; do
echo -ne "$secs\033[0K\r"
sleep 1
: $((secs--))
done
}
echo "By default, all services except HAProxy stats and ODFE are public!"
echo "The configuration file: access.ips is used to configure external access to the services"
echo "Do you want to modify/edit this file now?"
read -p "(yes|no) [no] : " MODIFY
MODIFY=${MODIFY:-no}
case $MODIFY in
yes|Yes|YES )
echo modify
echo "Please enter which editor (command) you want to use for editing this file"
read -p "[vi] : " EDITOR
EDITOR=${EDITOR:-vi}
if [[ ( $EDITOR = "vi" ) || $EDITOR = "vim" ]]; then
if `which $EDITOR > /dev/null 2>&1`; then
echo "Instruction: "
echo -e "\t 1. press i to edit file"
echo -e "\t 2. modify file based on your needs"
echo -e "\t 3. to save changes use following sequence: 'Esc : wq' and press enter"
echo "to discard changes, use: 'Esc : q!' and press enter"
read -p "press enter to continue ..." CONTINUE
$EDITOR access.ips
else
echo "$EDITOR not found. install it and start over"
exit 1
fi
else
if `which $EDITOR > /dev/null 2>&1`; then
$EDITOR access.ips
else
echo "$EDITOR not found. install it and start over"
exit 1
fi
fi
;;
no|No|NO )
echo no
;;
* )
echo "Unknown answer, not modifying access rules!"
;;
esac
./generate_haproxy_whitelist_files.sh
if [ $? -gt 0 ]; then
echo "Error occurred, please check access.ips file structure. lines starting with '###' should not be modified"
exit 1
else
echo "Access restrictions configured successfully"
echo ""
fi
if [ -f group_vars/all/variables.yml ]; then
echo "Variables file (group_vars/all/variables.yml) is already configured manually. Please take a look if everything is correct and move to the next step"
echo
echo "group_vars/all/variables.yml:"
echo "============================================================"
cat group_vars/all/variables.yml
echo "============================================================"
else
echo "Set the FQDN which will be used to access the soctools services (the DNS record should already be in place)"
read -p "[$(hostname -f)]: " soctoolsproxy
soctoolsproxy=${soctoolsproxy:-$(hostname -f)}
echo
echo "Organization's top level domain (will be used as organization name and organization domain in different services)"
read -p 'domain: ' domain
if [ -z $domain ]; then
echo "Error: Empty string for domain! exiting..."
exit 1
fi
echo
echo
echo
echo "Please provide the following parameters for the first SOCTools user, which will be created during the initialization with organization admin privileges:"
echo "username - Username of the user"
echo "firstname - First name of the user"
echo "lastname - Last name of the user"
#echo "DN - Distinguished Name of the user, for user certificate"
#echo "CN - Common Name of the user, for user certificate"
echo "Email will be generated automatically in Username@Domain format because of format restrictions in some services"
echo ""
read -p "username: " username
if [ -z "$username" ]; then
echo "Error: Empty username! exiting..."
exit 1
fi
read -p "firstname: " firstname
read -p "lastname: " lastname
#read -p "Enter CN for Certificate [${firstname}${lastname}]: " CN
#CN=${CN:-${firstname}${lastname}}
CN="$username"
DN="CN=${CN}"
echo
echo
echo
echo "Please check the gathered variables and type 'yes' if everything is correct:"
echo "soctoolsproxy: $soctoolsproxy"
echo "domain: $domain"
echo "firstname: $firstname"
echo "lastname: $lastname"
echo "username: $username"
echo "DN: $DN"
echo "CN: $CN"
echo
echo
read -p "Correct? type 'yes' or 'no': " ANSWER
if [ "$ANSWER" = "yes" ]; then
if ! [ -f group_vars/all/variables.template ]; then
echo "template file(group_vars/all/variables.template) does not exists! exiting ..."
exit 1
else
cp -f group_vars/all/variables.template group_vars/all/variables.yml
sed -i "s/CHANGE_ME_TO_FQDN/${soctoolsproxy}/g" group_vars/all/variables.yml
sed -i "s/soctools.test/${domain}/g" group_vars/all/variables.yml
sed -i "11s/CHANGE_ME_FIRST_NAME/${firstname}/" group_vars/all/variables.yml
sed -i "12s/CHANGE_ME_LAST_NAME/${lastname}/" group_vars/all/variables.yml
sed -i "13s/soc_admin/${username}/" group_vars/all/variables.yml
sed -i "14s/soc_admin/${username}/" group_vars/all/variables.yml
sed -i "15s/CN=soc_admin/${DN}/" group_vars/all/variables.yml
sed -i "16s/soc_admin/${CN}/" group_vars/all/variables.yml
sed -i "26s/soc_admin/${username}/" group_vars/all/variables.yml
echo
echo
echo "variables file generated (group_vars/all/variables.yml)"
echo "We have configured for you the following config files: access.ips, group_vars/all/variables.yml and we have also generated HAProxy Access Control Lists in the following directory: roles/haproxy/files"
echo ""
echo "move to next command to deploy the soctools cluster."
echo 'Thank You!'
fi
else
echo "Exiting based of user input ..."
exit 0
fi
fi