-
Notifications
You must be signed in to change notification settings - Fork 101
/
Copy pathcontainer_env
80 lines (70 loc) · 3.6 KB
/
container_env
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
#!/bin/bash
[[ -n "$(ls -A /etc/pki/ca-trust/source/anchors)" ]] && update-ca-trust
[[ -s /etc/default/evm ]] && source /etc/default/evm
[[ -f /run/secrets/postgresql/POSTGRESQL_DATABASE ]] && database_name_file=$(cat /run/secrets/postgresql/POSTGRESQL_DATABASE)
[[ -f /run/secrets/postgresql/POSTGRESQL_HOSTNAME ]] && database_hostname_file=$(cat /run/secrets/postgresql/POSTGRESQL_HOSTNAME)
[[ -f /run/secrets/postgresql/POSTGRESQL_PASSWORD ]] && database_password_file=$(cat /run/secrets/postgresql/POSTGRESQL_PASSWORD)
[[ -f /run/secrets/postgresql/POSTGRESQL_PORT ]] && database_port_file=$(cat /run/secrets/postgresql/POSTGRESQL_PORT)
[[ -f /run/secrets/postgresql/POSTGRESQL_USER ]] && database_username_file=$(cat /run/secrets/postgresql/POSTGRESQL_USER)
database_hostname=${DATABASE_HOSTNAME:-$database_hostname_file}
database_hostname=${database_hostname:-localhost}
database_name=${DATABASE_NAME:-$database_name_file}
database_name=${database_name:-db_unknown}
database_password=${DATABASE_PASSWORD:-$database_password_file}
database_port=${DATABASE_PORT:-$database_port_file}
database_port=${database_port:-5432}
DATABASE_SSL_MODE=${DATABASE_SSL_MODE:-prefer}
database_username=${DATABASE_USERNAME:-$database_username_file}
echo "== Writing database config =="
cat > ${APP_ROOT}/config/database.yml << KEY
---
production:
adapter: postgresql
username: ${database_username}
password: ${database_password}
host: ${database_hostname}
database: ${database_name}
port: ${database_port}
encoding: utf8
pool: 5
wait_timeout: 5
ssl_mode: ${DATABASE_SSL_MODE}
KEY
[[ -f /.postgresql/root.crt ]] && echo " sslrootcert=/.postgresql/root.crt" >> ${APP_ROOT}/config/database.yml
[[ -f /run/secrets/manageiq/application/encryption_key ]] && encryption_key_file=$(cat /run/secrets/manageiq/application/encryption_key)
encryption_key=${ENCRYPTION_KEY:-$encryption_key_file}
echo "== Writing encryption key =="
cat > ${APP_ROOT}/certs/v2_key << KEY
---
:algorithm: aes-256-cbc
:key: ${encryption_key}
KEY
[[ -f /run/secrets/messaging/MESSAGING_HOSTNAME ]] && messaging_hostname_file=$(cat /run/secrets/messaging/MESSAGING_HOSTNAME)
[[ -f /run/secrets/messaging/MESSAGING_USERNAME ]] && messaging_username_file=$(cat /run/secrets/messaging/MESSAGING_USERNAME)
[[ -f /run/secrets/messaging/MESSAGING_PASSWORD ]] && messaging_password_file=$(cat /run/secrets/messaging/MESSAGING_PASSWORD)
[[ -f /run/secrets/messaging/MESSAGING_PORT ]] && messaging_port_file=$(cat /run/secrets/messaging/MESSAGING_PORT)
[[ -f /run/secrets/messaging/MESSAGING_SASL_MECHANISM ]] && messaging_sasl_mechanism_file=$(cat /run/secrets/messaging/MESSAGING_SASL_MECHANISM)
[[ -f /etc/pki/ca-trust/source/anchors/root.crt ]] && messaging_ca_path=/etc/pki/ca-trust/source/anchors/root.crt
messaging_hostname=${MESSAGING_HOSTNAME:-$messaging_hostname_file}
messaging_hostname=${messaging_hostname:-localhost}
messaging_username=${MESSAGING_USERNAME:-$messaging_username_file}
messaging_password=${MESSAGING_PASSWORD:-$messaging_password_file}
messaging_port=${MESSAGING_PORT:-$messaging_port_file}
messaging_port=${messaging_port:-9093}
messaging_sasl_mechanism=${MESSAGING_SASL_MECHANISM:-$messaging_sasl_mechanism_file}
messaging_ca_path=${messaging_ca_path:-/etc/pki/ca-trust/source/anchors/ca.crt}
echo "== Writing messaging config =="
cat > ${APP_ROOT}/config/messaging.yml << KEY
---
production:
host: ${messaging_hostname}
port: ${messaging_port}
protocol: Kafka
encoding: json
username: ${messaging_username}
password: ${messaging_password}
sasl_mechanism: ${messaging_sasl_mechanism}
ssl: true
ca_file: ${messaging_ca_path}
KEY
echo "${GUID}" > ${APP_ROOT}/GUID