-
Notifications
You must be signed in to change notification settings - Fork 59
/
Copy pathconfigure.sh
executable file
·108 lines (93 loc) · 3.54 KB
/
configure.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/bin/bash
if [ "$VERBOSE" != "true" ]; then
exec &>/dev/null
fi
set -Eeox pipefail
function main() {
##Define variables for XML snippets source and target paths
WLP_INSTALL_DIR=/opt/ol/wlp
SHARED_CONFIG_DIR=${WLP_INSTALL_DIR}/usr/shared/config
SHARED_RESOURCE_DIR=${WLP_INSTALL_DIR}/usr/shared/resources
SNIPPETS_SOURCE=/opt/ol/helpers/build/configuration_snippets
SNIPPETS_TARGET=/config/configDropins/overrides
SNIPPETS_TARGET_DEFAULTS=/config/configDropins/defaults
mkdir -p ${SNIPPETS_TARGET}
mkdir -p ${SNIPPETS_TARGET_DEFAULTS}
#Check for each Liberty value-add functionality
# Infinispan Session Caching
if [[ -n "$INFINISPAN_SERVICE_NAME" ]]; then
cp ${SNIPPETS_SOURCE}/infinispan-client-sessioncache.xml ${SNIPPETS_TARGET}/infinispan-client-sessioncache.xml
chmod g+rw $SNIPPETS_TARGET/infinispan-client-sessioncache.xml
fi
# Hazelcast Session Caching
if [ "${HZ_SESSION_CACHE}" == "client" ] || [ "${HZ_SESSION_CACHE}" == "embedded" ]; then
cp ${SNIPPETS_SOURCE}/hazelcast-sessioncache.xml ${SNIPPETS_TARGET}/hazelcast-sessioncache.xml
mkdir -p ${SHARED_CONFIG_DIR}/hazelcast
cp ${SNIPPETS_SOURCE}/hazelcast-${HZ_SESSION_CACHE}.xml ${SHARED_CONFIG_DIR}/hazelcast/hazelcast.xml
fi
# Key Store
if [ "$EXCLUDE_CONFIG_KEYSTORE" != "false" ]; then
if [ "$SSL" != "false" ] && [ "$TLS" != "false" ]; then
keystorePath="$SNIPPETS_TARGET_DEFAULTS/keystore.xml"
if [ ! -e $keystorePath ]; then
# Generate the keystore.xml
export KEYSTOREPWD=$(openssl rand -base64 32)
sed "s|REPLACE|$KEYSTOREPWD|g" $SNIPPETS_SOURCE/keystore.xml >$SNIPPETS_TARGET_DEFAULTS/keystore.xml
chmod g+w $SNIPPETS_TARGET_DEFAULTS/keystore.xml
fi
fi
fi
# SSO
if [[ -n "$SEC_SSO_PROVIDERS" ]]; then
parseProviders $SEC_SSO_PROVIDERS
fi
# Apply interim fixes found in /opt/ol/fixes
# Fixes recommended by IBM, such as to resolve security vulnerabilities, are also included in /opt/ol/fixes
# Note: This step should only be done ONCE needed features are enabled and installed.
find /opt/ol/fixes -type f -name "*.jar" -print0 | sort -z | xargs -0 -n 1 -r -I {} java -jar {} --installLocation $WLP_INSTALL_DIR
# Create a new SCC layer. This should be invoked when server configuration is complete.
if [ "$OPENJ9_SCC" == "true" ]; then
cmd="populate_scc.sh -i 1"
if [ "$TRIM_SCC" == "false" ]; then
cmd+=" -d"
fi
if [ ! "$SCC_SIZE" = "" ]; then
cmd+=" -s $SCC_SIZE"
fi
eval $cmd
fi
}
## parse provider list to generate files into configDropins
function parseProviders() {
while [ $# -gt 0 ]; do
case "$1" in
oidc:*)
parseCommaList oidc "${1#*:}"
;;
oauth2:*)
parseCommaList oauth2 "${1#*:}"
;;
*)
if [[ $(ls $SNIPPETS_SOURCE | grep "$1") ]]; then
cp $SNIPPETS_SOURCE/sso-${1}.xml $SNIPPETS_TARGET_DEFAULTS
fi
;;
esac
shift
done
}
## process the comma delimitted oauth2/oidc source lists
function parseCommaList() {
local type="$1"
local list=$(echo "$2" | tr , " ")
for current in ${list}; do
if [[ "${type}" = "oidc" ]]; then
# replace oidc identifiers with custom name
sed -e 's/=\"oidc/=\"'${current}'/g' -e 's/_OIDC_/_'${current^^}'_/g' $SNIPPETS_SOURCE/sso-oidc.xml > $SNIPPETS_TARGET_DEFAULTS/sso-${current}.xml
else
# replace oauth2 identifiers with custom name
sed -e 's/=\"oauth2/=\"'${current}'/g' -e 's/_OAUTH2_/_'${current^^}'_/g' $SNIPPETS_SOURCE/sso-oauth2.xml > $SNIPPETS_TARGET_DEFAULTS/sso-${current}.xml
fi
done
}
main "$@"