samply
/
bridgehead
mirror of https://github.com/samply/bridgehead.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add generic bash function addBasicAuthUser

This commit is contained in:
p.delpy@dkfz-heidelberg.de 2023-07-25 14:08:54 +02:00
parent 7feb903dfa
commit 788e4ea9f7
5 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
bridgehead
View File

@ -103,6 +103,10 @@ case "$ACTION" in
uninstall) uninstall)
exec ./lib/uninstall-bridgehead.sh $PROJECT exec ./lib/uninstall-bridgehead.sh $PROJECT
;; ;;
addUser)
loadVars
exec ./lib/sitespecific-functions.sh $PROJECT
;;
enroll) enroll)
loadVars loadVars

7
ccp/nngm-compose.yml
View File

@ -18,7 +18,12 @@ services:
- "traefik.http.middlewares.connector_strip.stripprefix.prefixes=/nngm-connector" - "traefik.http.middlewares.connector_strip.stripprefix.prefixes=/nngm-connector"
- "traefik.http.services.connector.loadbalancer.server.port=8080" - "traefik.http.services.connector.loadbalancer.server.port=8080"
- "traefik.http.routers.connector.tls=true" - "traefik.http.routers.connector.tls=true"
- "traefik.http.routers.connector.middlewares=connector_strip,auth" - "traefik.http.routers.connector.middlewares=connector_strip,auth-nngm"
volumes: volumes:
- nngm-rest:/var/log - nngm-rest:/var/log
traefik:
labels:
- "traefik.http.middlewares.auth-nngm.basicauth.users=$NNGM_AUTH"

24
lib/functions.sh
View File

@ -183,3 +183,27 @@ function bk_is_running {
##Setting Network properties ##Setting Network properties
# currently not needed # currently not needed
#export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}'); #export HOSTIP=$(MSYS_NO_PATHCONV=1 docker run --rm --add-host=host.docker.internal:host-gateway ubuntu cat /etc/hosts | grep 'host.docker.internal' | awk '{print $1}');
addBasicAuthUser() {
USER="${1}"
PASSWORD="${2}"
NAME="${3}"
PROJECT="${4}"
FILE="/etc/bridgehead/${PROJECT}.local.conf"
ENCRY_CREDENTIALS="$(docker run --rm docker.verbis.dkfz.de/cache/httpd:alpine htpasswd -nb $USER $PASSWORD | tr -d '\n' | tr -d '\r')"
if [ -f $FILE ] && grep -R -q "$NAME=" $FILE # if a basic auth user already exists:
then
sed -i "/$NAME/ s/$/,$ENCRY_CREDENTIALS/" $FILE
else
echo -e "\n## Basic Authentication Credentials for:\n$NAME=$ENCRY_CREDENTIALS" >> $FILE;
fi
read -p "Do you want to have your cleartext credentials saved in your $FILE: [y/n]" yn
case $yn in
[yYjJ] )
echo "ok, variables are saved in $FILE"
echo -e "# User: $USER\n# Password: $PASSWORD" >> $FILE;
;;
[nN] )
echo "skip saving cleartext LDM credentials; make sure to save them somewhere else"
;;
esac
}

2
lib/install-bridgehead.sh
View File

@ -34,7 +34,7 @@ if [ -z "$LDM_PASSWORD" ]; then
generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)" generated_passwd="$(cat /proc/sys/kernel/random/uuid | sed 's/[-]//g' | head -c 32)"
log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd" log "INFO" "Your generated credentials are:\n user: $PROJECT\n password: $generated_passwd"
echo -e "## Local Data Management Basic Authentication\n# User: $PROJECT\nLDM_PASSWORD=$generated_passwd" >> /etc/bridgehead/${PROJECT}.local.conf; addBasicAuthUser $PROJECT $generated_passwd "LDM_LOGIN" $PROJECT
fi fi
log "INFO" "Registering system units for bridgehead and bridgehead-update" log "INFO" "Registering system units for bridgehead and bridgehead-update"

7
lib/sitespecific-functions.sh Normal file
View File

@ -0,0 +1,7 @@
#!/bin/bash -e
source lib/functions.sh
PROJECT="ccp"
log "INFO" "Adding custom encrypted credentials in /etc/bridgehead/$PROJECT.local.conf"
read -p "Please enter custom user: " user
read -s -p "Please enter password (will not be echoed): "$'\n' password
addBasicAuthUser $user $password "NNGM_AUTH" $PROJECT