2020-01-31 20:52:59 +01:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
set -eo pipefail
|
2018-12-30 21:37:46 +01:00
|
|
|
|
2018-12-31 16:58:51 +01:00
|
|
|
if [ -z "${POSTGRES_USER}" ] || [ -z "${POSTGRES_PASSWORD}" ] || [ -z "${POSTGRES_HOST}" ] || [ -z "${POSTGRES_DB}" ];then
|
2018-12-31 18:36:02 +01:00
|
|
|
echo "Database vars not set"
|
2018-12-31 15:37:19 +01:00
|
|
|
exit 1
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
export POSTGRES_PORT="${POSTGRES_PORT:-5432}"
|
|
|
|
|
|
2020-01-31 20:52:59 +01:00
|
|
|
export LEMUR_ADMIN_PASSWORD="${LEMUR_ADMIN_PASSWORD:-admin}"
|
|
|
|
|
|
|
|
|
|
export SQLALCHEMY_DATABASE_URI="postgresql://$POSTGRES_USER:$POSTGRES_PASSWORD@$POSTGRES_HOST:$POSTGRES_PORT/$POSTGRES_DB"
|
2018-12-31 15:37:19 +01:00
|
|
|
|
2018-12-30 21:37:46 +01:00
|
|
|
|
2018-12-30 22:25:11 +01:00
|
|
|
PGPASSWORD=$POSTGRES_PASSWORD psql -h $POSTGRES_HOST -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_DB --command 'select 1;'
|
|
|
|
|
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Create Postgres trgm extension"
|
2020-01-31 20:52:59 +01:00
|
|
|
PGPASSWORD=$POSTGRES_PASSWORD psql -h $POSTGRES_HOST -p $POSTGRES_PORT -U $POSTGRES_USER -d $POSTGRES_DB --command 'CREATE EXTENSION IF NOT EXISTS pg_trgm;'
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Done"
|
2018-12-30 21:37:46 +01:00
|
|
|
|
2019-01-01 11:05:45 +01:00
|
|
|
if [ -z "${SKIP_SSL}" ]; then
|
2018-12-31 14:07:56 +01:00
|
|
|
if [ ! -f /etc/nginx/ssl/server.crt ] && [ ! -f /etc/nginx/ssl/server.key ]; then
|
2019-01-01 12:09:06 +01:00
|
|
|
openssl req -x509 -newkey rsa:4096 -nodes -keyout /etc/nginx/ssl/server.key -out /etc/nginx/ssl/server.crt -days 365 -subj "/C=US/ST=FAKE/L=FAKE/O=FAKE/OU=FAKE/CN=FAKE"
|
2018-12-31 14:07:56 +01:00
|
|
|
fi
|
2020-01-31 20:52:59 +01:00
|
|
|
[ -f "/etc/nginx/conf.d/default-ssl.conf.a" ] && mv /etc/nginx/conf.d/default-ssl.conf.a /etc/nginx/conf.d/default-ssl.conf
|
|
|
|
|
[ -f "/etc/nginx/conf.d/default.conf" ] && mv -f /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.a
|
2018-12-31 16:58:51 +01:00
|
|
|
fi
|
2018-12-31 13:21:13 +01:00
|
|
|
|
2018-12-30 22:43:55 +01:00
|
|
|
# if [ ! -f /home/lemur/.lemur/lemur.conf.py ]; then
|
|
|
|
|
# echo "Creating config"
|
|
|
|
|
# https://github.com/Netflix/lemur/issues/2257
|
|
|
|
|
# python3 /opt/lemur/lemur/manage.py create_config
|
|
|
|
|
# echo "Done"
|
|
|
|
|
# fi
|
|
|
|
|
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Running init"
|
2020-02-26 18:12:53 +01:00
|
|
|
su lemur -s /bin/bash -c "cd /opt/lemur/lemur; lemur init -p ${LEMUR_ADMIN_PASSWORD}"
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Done"
|
2018-12-30 22:25:11 +01:00
|
|
|
|
2018-12-30 22:43:55 +01:00
|
|
|
# echo "Creating user"
|
|
|
|
|
# https://github.com/Netflix/lemur/issues/
|
|
|
|
|
# echo "something that will create user" | python3 /opt/lemur/lemur/manage.py shell
|
|
|
|
|
# echo "Done"
|
2018-12-30 21:37:46 +01:00
|
|
|
|
2018-12-30 21:47:27 +01:00
|
|
|
cron_notify="${CRON_NOTIFY:-"0 22 * * *"}"
|
|
|
|
|
cron_sync="${CRON_SYNC:-"*/15 * * * *"}"
|
2019-01-01 11:33:49 +01:00
|
|
|
cron_revoked="${CRON_CHECK_REVOKED:-"0 22 * * *"}"
|
2020-02-27 09:24:35 +01:00
|
|
|
cron_reissue="${CRON_REISSUE:-"0 23 * * *"}"
|
2018-12-30 21:37:46 +01:00
|
|
|
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Populating crontab"
|
2020-02-26 18:12:53 +01:00
|
|
|
echo "${cron_notify} lemur notify expirations" > /etc/crontabs/lemur
|
|
|
|
|
echo "${cron_sync} lemur source sync -s all" >> /etc/crontabs/lemur
|
|
|
|
|
echo "${cron_revoked} lemur certificate check_revoked" >> /etc/crontabs/lemur
|
2020-02-27 09:24:35 +01:00
|
|
|
echo "${cron_reissue} lemur certificate reissue -c" >> /etc/crontabs/lemur
|
2018-12-31 15:37:19 +01:00
|
|
|
echo " # Done"
|
2018-12-30 21:37:46 +01:00
|
|
|
|
|
|
|
|
exec "$@"
|
