bridgehead/lib/install-bridgehead.sh

71 lines
2.8 KiB
Bash
Raw Normal View History

#!/bin/bash -e
2021-12-21 13:48:28 +01:00
2022-01-10 15:31:07 +01:00
source lib/functions.sh
exitIfNotRoot
2022-05-04 13:50:33 +02:00
if [ $# -eq 0 ]; then
log "ERROR" "Please provide a Project as argument"
2022-05-04 13:50:33 +02:00
exit 1
fi
export PROJECT=$1
2022-05-04 13:50:33 +02:00
checkRequirements noprivkey
2021-12-21 13:48:28 +01:00
log "INFO" "Allowing the bridgehead user to start/stop the bridgehead."
cat <<EOF > /etc/sudoers.d/bridgehead-"${PROJECT}"
# This has been added by the Bridgehead installer. Remove with bridgehead uninstall.
2022-09-30 15:35:37 +02:00
Cmnd_Alias BRIDGEHEAD${PROJECT^^} = \\
/bin/systemctl start bridgehead@${PROJECT}.service, \\
/bin/systemctl stop bridgehead@${PROJECT}.service, \\
/bin/systemctl restart bridgehead@${PROJECT}.service, \\
/bin/systemctl restart bridgehead@*.service, \\
/bin/chown -R bridgehead /etc/bridgehead /srv/docker/bridgehead /var/cache/bridgehead, \\
/usr/bin/chown -R bridgehead /etc/bridgehead /srv/docker/bridgehead /var/cache/bridgehead
2022-09-30 15:35:37 +02:00
bridgehead ALL= NOPASSWD: BRIDGEHEAD${PROJECT^^}
EOF
# TODO: Determine whether this should be located in setup-bridgehead (triggered through bridgehead install) or in update bridgehead (triggered every hour)
2022-11-03 17:29:52 +01:00
if [ -z "$LDM_PASSWORD" ]; then
2022-11-03 17:19:15 +01:00
log "INFO" "Now generating a password for the local data management. Please save the password for your ETL process!"
2022-11-03 18:15:45 +01:00
generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd"
2022-11-03 17:19:15 +01:00
echo -e "## Local Data Management Basic Authentication\n# User: $PROJECT\nLDM_PASSWORD=$generated_passwd" >> /etc/bridgehead/${PROJECT}.local.conf;
fi
log "INFO" "Creating directory /var/cache/bridgehead for storage of backups."
mkdir -p /var/cache/bridgehead
chown -R bridgehead /var/cache/bridgehead
log "INFO" "Registering system units for bridgehead and bridgehead-update"
2022-01-10 15:31:07 +01:00
cp -v \
2022-01-10 16:42:13 +01:00
lib/systemd/bridgehead\@.service \
lib/systemd/bridgehead-update\@.service \
lib/systemd/bridgehead-update\@.timer \
/etc/systemd/system/
2021-12-21 13:48:28 +01:00
2022-01-10 15:31:07 +01:00
systemctl daemon-reload
2021-12-21 13:48:28 +01:00
log INFO "Trying to update your bridgehead ..."
systemctl start bridgehead-update@"${PROJECT}".service
log "INFO" "Enabling autostart of bridgehead@${PROJECT}.service"
systemctl enable bridgehead@"${PROJECT}".service
log "INFO" "Enabling auto-updates for bridgehead@${PROJECT}.service ..."
systemctl enable --now bridgehead-update@"${PROJECT}".timer
2022-01-10 16:31:48 +01:00
STR="\n\n systemctl start bridgehead@${PROJECT}.service\n\nor by rebooting your machine."
if [ -e /etc/bridgehead/pki/${SITE_ID}.priv.pem ]; then
STR="Success. Next, start your bridgehead by running$STR"
else
STR="Success. Next, enroll into the $PROJECT broker by creating a cryptographic certificate. To do so, run\n\n /srv/docker/bridgehead/bridgehead enroll $PROJECT\n\nThen, you may start the bridgehead by running$STR"
fi
log "INFO" "$STR"