This repository was archived by the owner on Dec 31, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstartFilteringProxy.sh
executable file
·99 lines (82 loc) · 2.86 KB
/
startFilteringProxy.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
#!/bin/sh
DOCKER_IMAGE_OWNER=cyclone
DOCKER_IMAGE_NAME=federated-proxy-galaxy
FQDN=${FQDN:-$(curl http://169.254.169.254/latest/meta-data/public-ipv4 2>/dev/null)}
FQDN=${FQDN:-$( hostname -I | sed 's/ /\n/g' | grep -v 172.17 | head -n 1)}
TARGET_FQDN=${TARGET_FQDN:-$(hostname -I | sed 's/ /\n/g' | grep 172.17 | head -n 1)}
TARGET_PORT=${TARGET_PORT:-8080}
TARGET_PATH=${TARGET_PATH:-/}
GALAXY_DOCKER_USED=${GALAXY_DOCKER_USED:-true}
if [ -z "$1" ]
then
DEFAULT_DEAMON_OR_ITERACTIVE=d
else
DEFAULT_DEAMON_OR_ITERACTIVE=it
fi
DEAMON_OR_ITERACTIVE=${DEAMON_OR_ITERACTIVE:-$DEFAULT_DEAMON_OR_ITERACTIVE}
SUDO_CMD=${SUDO_CMD:-sudo}
DOCKERFILE=${DOCKERFILE:-Dockerfile}
LOG_DIR=${LOG_DIR:-/var/log/httpd-federated-proxy-galaxy}
if [ ! -d $LOG_DIR ]
then
echo "LOG_DIR(=$LOG_DIR) is missing, creating it"
$SUDO_CMD mkdir -p $LOG_DIR
fi
if [ "$(docker ps 1>/dev/null 2>/dev/null ; echo $?)" != "0" ]
then
echo "Docker seems to not be running"
$SUDO_CMD service docker start
fi
if [ $GALAXY_DOCKER_USED != "true" ]; then
PROXY_CONF=galaxy-local-proxy.conf
else
PROXY_CONF=galaxy-docker-proxy.conf
fi
if [ "$ALLOWED_EMAIL_SPACE_SEPARATED_VALUES" != "" ]
then
rm ./apache_groups
fi
echo "DOCKER_IMAGE_OWNER:$DOCKER_IMAGE_OWNER"
echo "DOCKER_IMAGE_NAME:$DOCKER_IMAGE_NAME"
echo "FQDN:$FQDN"
echo "TARGET_FQDN:$TARGET_FQDN"
echo "TARGET_PORT:$TARGET_PORT"
echo "TARGET_PATH:$TARGET_PATH"
echo "DEAMON_OR_ITERACTIVE:$DEAMON_OR_ITERACTIVE"
echo "SUDO_CMD:$SUDO_CMD"
echo "ALLOWED_EMAIL_SPACE_SEPARATED_VALUES:$ALLOWED_EMAIL_SPACE_SEPARATED_VALUES"
echo "PROXY_CONF:$PROXY_CONF"
echo "LOG_DIR:$LOG_DIR"
if [ ! -e ./apache_groups ]
then
#ALLOWED_EMAIL_COMMA_SEPARATED_VALUES=${ALLOWED_EMAIL_COMMA_SEPARATED_VALUES:[email protected], [email protected]}
if [ "$ALLOWED_EMAIL_SPACE_SEPARATED_VALUES" == "" ]
then
echo "env var \$ALLOWED_EMAIL_SPACE_SEPARATED_VALUES must contains edugain email of allowed user"
exit 1
fi
echo "cyclone: $ALLOWED_EMAIL_SPACE_SEPARATED_VALUES" > apache_groups
fi
echo "to open $TARGET_PORT:\niptables -I INPUT 1 -p tcp -i docker0 -m tcp --dport $TARGET_PORT -j ACCEPT"
echo "redirecting / to http://${TARGET_FQDN}:${TARGET_PORT}${TARGET_PATH}"
echo "user(s) allowed:"
cat apache_groups
docker stop ${DOCKER_IMAGE_NAME}
docker rm -v ${DOCKER_IMAGE_NAME}
docker build -t ${DOCKER_IMAGE_OWNER}/${DOCKER_IMAGE_NAME} \
-f ${DOCKERFILE} . && \
docker run -${DEAMON_OR_ITERACTIVE} -p 80:80 \
--restart always \
-e FQDN=${FQDN} \
-e TARGET_FQDN=${TARGET_FQDN} \
-e TARGET_PORT=${TARGET_PORT} \
-e TARGET_PATH=${TARGET_PATH} \
-v ${LOG_DIR}:/var/log/httpd \
-v $PWD/$PROXY_CONF:/etc/httpd/conf.d/proxy.conf:ro \
-v $PWD/$PROXY_CONF:/etc/apache2/conf-enabled/proxy.conf:ro \
-v $PWD/apache_groups:/etc/httpd/apache_groups:ro \
--name ${DOCKER_IMAGE_NAME} \
${DOCKER_IMAGE_OWNER}/${DOCKER_IMAGE_NAME} $1
echo -e "\n\n"
sleep 5s
docker ps