#!/bin/sh set -e set -u # DEBUG set -x # 3. Generate an environment .env file. gen_env_vars() { # generate config using env vars from docker cat > .env <&2 echo "# ERROR: ${message}" >&2 echo "###############################################" >&2 exit 1 } handle_federated_id() { # devicehub host and id federated checker EXPECTED_ID_FEDERATED="$(curl -s "${API_RESOLVER}/getAll" \ | jq -r '.url | to_entries | .[] | select(.value == "'"${DEVICEHUB_HOST}"'") | .key' \ | head -n 1)" # if is a new DEVICEHUB_HOST, then register it if [ -z "${EXPECTED_ID_FEDERATED}" ]; then # TODO better docker compose run command cmd="docker compose run --entrypoint= devicehub flask dlt_insert_members ${DEVICEHUB_HOST}" big_error "No FEDERATED ID maybe you should run \`${cmd}\`" fi # if not new DEVICEHUB_HOST, then check consistency # if there is already an ID in the DLT, it should match with my internal ID if [ ! "${EXPECTED_ID_FEDERATED}" = "${ID_FEDERATED}" ]; then big_error "ID_FEDERATED should be ${EXPECTED_ID_FEDERATED} instead of ${ID_FEDERATED}" fi # not needed, but reserved # EXPECTED_DEVICEHUB_HOST="$(curl -s "${API_RESOLVER}/getAll" \ # | jq -r '.url | to_entries | .[] | select(.key == "'"${ID_FEDERATED}"'") | .value' \ # | head -n 1)" # if [ ! "${EXPECTED_DEVICEHUB_HOST}" = "${DEVICEHUB_HOST}" ]; then # big_error "ERROR: DEVICEHUB_HOST should be ${EXPECTED_DEVICEHUB_HOST} instead of ${DEVICEHUB_HOST}" # fi } config_oidc() { # TODO test allowing more than 1 client if [ "${ID_SERVICE}" = "server_id" ]; then client_description="client identity from docker compose demo" # in AUTHORIZED_CLIENT_URL we remove anything before :// flask add_contract_oidc \ "${EMAIL_DEMO}" \ "${client_description}" \ "${AUTHORIZED_CLIENT_URL}" \ > /shared/client_id_${AUTHORIZED_CLIENT_URL#*://} elif [ "${ID_SERVICE}" = "client_id" ]; then # in DEVICEHUB_HOST we remove anything before :// CLIENT_ID_CONFIG="/shared/client_id_${DEVICEHUB_HOST#*://}" # wait that the file generated by the server_id is readable while true; do if [ -f "${CLIENT_ID_CONFIG}" ]; then break fi sleep 1 done client_id="$(cat "${CLIENT_ID_CONFIG}" | jq -r '.client_id')" client_secret="$(cat "${CLIENT_ID_CONFIG}" | jq -r '.client_secret')" flask add_client_oidc \ "${SERVER_ID_HOST}" \ "${client_id}" \ "${client_secret}" else big_error "Something went wrong ${ID_SERVICE} is not server_id nor client_id" fi } config_phase() { init_flagfile='/already_configured' if [ ! -f "${init_flagfile}" ]; then # 7, 8, 9, 11 init_data # 12. Add a new server to the 'api resolver' handle_federated_id # 13. Do a rsync api resolve flask dlt_rsync_members # 14. Register a new user to the DLT flask dlt_register_user "${EMAIL_DEMO}" ${PASSWORD_DEMO} Operator # non DL user (only for the inventory) # flask adduser user2@dhub.com ${PASSWORD_DEMO} # # 15. Add inventory snapshots for user "${EMAIL_DEMO}". cp /mnt/snapshots/snapshot*.json ereuse_devicehub/commands/snapshot_files /usr/bin/time flask snapshot "${EMAIL_DEMO}" ${PASSWORD_DEMO} # # 16. flask check_install "${EMAIL_DEMO}" ${PASSWORD_DEMO} # config server or client ID config_oidc # remain next command as the last operation for this if conditional touch "${init_flagfile}" fi } main() { gen_env_vars wait_for_postgres config_phase # 17. Use gunicorn # thanks https://akira3030.github.io/formacion/articulos/python-flask-gunicorn-docker.html # TODO meanwhile no nginx (step 19), gunicorn cannot serve static files, then we prefer development server #gunicorn --access-logfile - --error-logfile - --workers 4 -b :5000 app:app # alternative: run development server flask run --host=0.0.0.0 --port 5000 # DEBUG #sleep infinity } main "${@}"