infrastructure/cdn-in-a-box/traffic_ops/run.sh - trafficcontrol - Git at Google

 #!/usr/bin/env bash
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.

 # Script for running the Dockerfile for Traffic Ops.
 # The Dockerfile sets up a Docker image which can be used for any new Traffic Ops container;
 # This script, which should be run when the container is run (it's the ENTRYPOINT), will configure the container.
 #
 # The following environment variables are used to configure the database and traffic ops.  They must be set
 # in ../variables.env for docker-compose to pick up the values:
 #
 # DB_SERVER
 # DB_PORT
 # DB_USER
 # DB_USER_PASS
 # DB_NAME
 # ADMIN_USER
 # ADMIN_PASS
 # TODO:  Unused -- should be removed?  TRAFFIC_VAULT_PASS

 # Check that env vars are set
 envvars=( DB_SERVER DB_PORT DB_USER DB_USER_PASS ADMIN_USER ADMIN_PASS X509_CA_DIR TLD_DOMAIN INFRA_SUBDOMAIN CDN_SUBDOMAIN DS_HOSTS)
 for v in $envvars
 do
 	if [[ -z $$v ]]; then echo "$v is unset"; exit 1; fi
 done

 set-dns.sh
 insert-self-into-dns.sh

 set-to-ips-from-dns.sh

 # Source to-access functions and FQDN vars
 source /to-access.sh

 # Create SSL certificates and trust the shared CA.
 source /generate-certs.sh

 # copy contents of /ca to /export/ssl
 # update the permissions
 mkdir -p "$X509_CA_PERSIST_DIR" && chmod 777 "$X509_CA_PERSIST_DIR"
 chmod -R a+rw "$X509_CA_PERSIST_DIR"

 if [ -r "$X509_CA_PERSIST_ENV_FILE" ] ; then
   umask $X509_CA_UMASK
   mkdir -p "$X509_CA_DIR" && chmod 777 $X509_CA_DIR
   rsync -a "$X509_CA_PERSIST_DIR/" "$X509_CA_DIR/"
   sync
   echo "PERSIST CERTS FROM $X509_CA_PERSIST_DIR to $X509_CA_DIR"
   sleep 4
   source "$X509_CA_ENV_FILE"
 elif x509v3_init; then
     umask $X509_CA_UMASK
 		x509v3_create_cert "$INFRA_SUBDOMAIN" "$INFRA_FQDN"
 		for ds in $DS_HOSTS
 		do
 			x509v3_create_cert "$ds" "$ds.$CDN_FQDN"
 		done
 		echo "X509_GENERATION_COMPLETE=\"YES\"" >> "$X509_CA_ENV_FILE"
 		x509v3_dump_env
     # Save newly generated certs for future restarts.
     rsync -av "$X509_CA_DIR/" "$X509_CA_PERSIST_DIR/"
     chmod 777 "$X509_CA_PERSIST_DIR"
     sync
     echo "GENERATE CERTS FROM $X509_CA_DIR to $X509_CA_PERSIST_DIR"
     sleep 4
 fi

 chown -R trafops:trafops "$X509_CA_PERSIST_DIR"
 chmod -R a+rw "$X509_CA_PERSIST_DIR"

 # Write config files
 set -x
 if [[ -r /config.sh ]]; then
 	. /config.sh
 fi

 pg_isready=$(rpm -ql postgresql96 | grep bin/pg_isready)
 if [[ ! -x $pg_isready ]] ; then
     echo "Can't find pg_ready in postgresql96"
     exit 1
 fi

 while ! $pg_isready -h$DB_SERVER -p$DB_PORT -d $DB_NAME; do
         echo "waiting for db on $DB_SERVER $DB_PORT"
         sleep 3
 done

 export TO_DIR=/opt/traffic_ops/app
 cat conf/production/database.conf

 export PERL5LIB=$TO_DIR/lib:$TO_DIR/local/lib/perl5
 export PATH=/usr/local/go/bin:/opt/traffic_ops/go/bin:$PATH
 export GOPATH=/opt/traffic_ops/go

 cd $TO_DIR && \
 	./db/admin --env=production reset && \
 	./db/admin --env=production upgrade || { echo "db upgrade failed!"; exit 1; }

 # Add admin user -- all other users should be created using API
 /adduser.pl $TO_ADMIN_USER $TO_ADMIN_PASSWORD admin | psql -v ON_ERROR_STOP=1 -U$DB_USER -h$DB_SERVER $DB_NAME || { echo "adding traffic_ops admin user failed!"; exit 1; }

 cd $TO_DIR && $TO_DIR/local/bin/hypnotoad script/cdn

 until [[ -f ${ENROLLER_DIR}/enroller-started ]]; do
     echo "waiting for enroller"
     sleep 3
 done

 # Add initial data to traffic ops
 /trafficops-init.sh

 export TO_USER=$TO_ADMIN_USER
 export TO_PASSWORD=$TO_ADMIN_PASSWORD

 to-enroll "to" ALL || (while true; do echo "enroll failed."; sleep 3 ; done)

 exec tail -f /var/log/traffic_ops/traffic_ops.log
	#!/usr/bin/env bash
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.

	# Script for running the Dockerfile for Traffic Ops.
	# The Dockerfile sets up a Docker image which can be used for any new Traffic Ops container;
	# This script, which should be run when the container is run (it's the ENTRYPOINT), will configure the container.
	#
	# The following environment variables are used to configure the database and traffic ops. They must be set
	# in ../variables.env for docker-compose to pick up the values:
	#
	# DB_SERVER
	# DB_PORT
	# DB_USER
	# DB_USER_PASS
	# DB_NAME
	# ADMIN_USER
	# ADMIN_PASS
	# TODO: Unused -- should be removed? TRAFFIC_VAULT_PASS

	# Check that env vars are set
	envvars=( DB_SERVER DB_PORT DB_USER DB_USER_PASS ADMIN_USER ADMIN_PASS X509_CA_DIR TLD_DOMAIN INFRA_SUBDOMAIN CDN_SUBDOMAIN DS_HOSTS)
	for v in $envvars
	do
	if [[ -z $$v ]]; then echo "$v is unset"; exit 1; fi
	done

	set-dns.sh
	insert-self-into-dns.sh

	set-to-ips-from-dns.sh

	# Source to-access functions and FQDN vars
	source /to-access.sh

	# Create SSL certificates and trust the shared CA.
	source /generate-certs.sh

	# copy contents of /ca to /export/ssl
	# update the permissions
	mkdir -p "$X509_CA_PERSIST_DIR" && chmod 777 "$X509_CA_PERSIST_DIR"
	chmod -R a+rw "$X509_CA_PERSIST_DIR"

	if [ -r "$X509_CA_PERSIST_ENV_FILE" ] ; then
	umask $X509_CA_UMASK
	mkdir -p "$X509_CA_DIR" && chmod 777 $X509_CA_DIR
	rsync -a "$X509_CA_PERSIST_DIR/" "$X509_CA_DIR/"
	sync
	echo "PERSIST CERTS FROM $X509_CA_PERSIST_DIR to $X509_CA_DIR"
	sleep 4
	source "$X509_CA_ENV_FILE"
	elif x509v3_init; then
	umask $X509_CA_UMASK
	x509v3_create_cert "$INFRA_SUBDOMAIN" "$INFRA_FQDN"
	for ds in $DS_HOSTS
	do
	x509v3_create_cert "$ds" "$ds.$CDN_FQDN"
	done
	echo "X509_GENERATION_COMPLETE=\"YES\"" >> "$X509_CA_ENV_FILE"
	x509v3_dump_env
	# Save newly generated certs for future restarts.
	rsync -av "$X509_CA_DIR/" "$X509_CA_PERSIST_DIR/"
	chmod 777 "$X509_CA_PERSIST_DIR"
	sync
	echo "GENERATE CERTS FROM $X509_CA_DIR to $X509_CA_PERSIST_DIR"
	sleep 4
	fi

	chown -R trafops:trafops "$X509_CA_PERSIST_DIR"
	chmod -R a+rw "$X509_CA_PERSIST_DIR"

	# Write config files
	set -x
	if [[ -r /config.sh ]]; then
	. /config.sh
	fi

	pg_isready=$(rpm -ql postgresql96 \| grep bin/pg_isready)
	if [[ ! -x $pg_isready ]] ; then
	echo "Can't find pg_ready in postgresql96"
	exit 1
	fi

	while ! $pg_isready -h$DB_SERVER -p$DB_PORT -d $DB_NAME; do
	echo "waiting for db on $DB_SERVER $DB_PORT"
	sleep 3
	done

	export TO_DIR=/opt/traffic_ops/app
	cat conf/production/database.conf

	export PERL5LIB=$TO_DIR/lib:$TO_DIR/local/lib/perl5
	export PATH=/usr/local/go/bin:/opt/traffic_ops/go/bin:$PATH
	export GOPATH=/opt/traffic_ops/go

	cd $TO_DIR && \
	./db/admin --env=production reset && \
	./db/admin --env=production upgrade \|\| { echo "db upgrade failed!"; exit 1; }

	# Add admin user -- all other users should be created using API
	/adduser.pl $TO_ADMIN_USER $TO_ADMIN_PASSWORD admin \| psql -v ON_ERROR_STOP=1 -U$DB_USER -h$DB_SERVER $DB_NAME \|\| { echo "adding traffic_ops admin user failed!"; exit 1; }

	cd $TO_DIR && $TO_DIR/local/bin/hypnotoad script/cdn

	until [[ -f ${ENROLLER_DIR}/enroller-started ]]; do
	echo "waiting for enroller"
	sleep 3
	done

	# Add initial data to traffic ops
	/trafficops-init.sh

	export TO_USER=$TO_ADMIN_USER
	export TO_PASSWORD=$TO_ADMIN_PASSWORD

	to-enroll "to" ALL \|\| (while true; do echo "enroll failed."; sleep 3 ; done)

	exec tail -f /var/log/traffic_ops/traffic_ops.log