-
Notifications
You must be signed in to change notification settings - Fork 2
/
common-functions.sh
executable file
·1006 lines (829 loc) · 26.7 KB
/
common-functions.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
#!/usr/bin/env bash
SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )
# include constants
if [ ! -s "${SCRIPT_DIR}/consts.sh" ]; then
echo >&2 "FATAL: ${SCRIPT_DIR}/consts.sh mot found. Exit"
fi
. "${SCRIPT_DIR}/consts.sh"
# include submodules
for included_sh in "${SCRIPT_DIR}"/commons-*.sh; do
. "${included_sh}"
done
turn_off_service() {
local service_image_name=$1
local network_name=$2
docker kill "${service_image_name}" >/dev/null 2>&1 || true
docker network remove "${network_name}" >/dev/null 2>&1 || true
}
##
## run curl with args and process curl's result
##
fm_curl() {
local temp_file_code temp_file_result status_code curl_result
temp_file_code=$(mktemp)
temp_file_result=$(mktemp)
if ! run_curl_internal "${temp_file_code}" "${temp_file_result}" "$@"; then
return 1
fi
status_code=$(cat "${temp_file_code}")
curl_result=$(cat "${temp_file_result}")
rm -f "${temp_file_code}" "${temp_file_result}"
if [ "${status_code}" -ge 400 ]; then
print_level_message 2 ERROR "Request failed ($*)"
print_level_message 2 ERROR "${curl_result}"
turn_off_service "${FM_DOCKER_CONTAINER_NAME}" "${FM_DOCKER_NETWORK_NAME}"
exit 1
fi
echo -n "${curl_result}"
}
##
## Check hw's prerequisites:
## * docker
## * docker compose plugin or docker-compose
## * CPU
## * RAM
##
check_prereq() {
local cpu_req=$1
local mem_req_mb=$2
ensure_command docker || return 1
# to the future: here need to support podman as well
ensure_docker_compose docker docker-compose || return 1
ensure_docker_cpu docker "${cpu_req}" || return 1
ensure_docker_mem docker "${mem_req_mb}" || return 1
}
##
## Return systemctl command
## * with '--user' option if run under user or env var INSTALL_ROOTLESS=1
## * without '--user' option if run under root
##
systemctl_cmd() {
if [ "${INSTALL_ROOTLESS}" == 1 ]; then
echo "systemctl --user"
else
echo "systemctl"
fi
}
##
## Find if exists systemd service by name
##
find_service() {
local service=$1
$(systemctl_cmd) list-unit-files | grep "${service}" >/dev/null 2>&1
}
##
## Stop service started early if exists
##
stop_prev() {
local service
service="${SERVICE_NAME}.service"
if find_service "${service}"; then
echo >&2 "Stop existing service..."
$(systemctl_cmd) stop "${service}" || true
echo >&2 "... DONE"
else
echo >&2 "Existing service not found. Looks like first installation."
fi
}
##
## Make service's full backup
## Stored only 'product.backup.depth' (default 3) latest backups
## note: be sure service is stopped before call this!
##
make_backup() {
local backup_depth="${1}"
local service_base_dir
service_base_dir=$(get_service_base_dir)
if [ ! -d "${service_base_dir}" ]; then
return 0
fi
local backup_dir backup_file backup_depth backup_depth_config lines_number
backup_dir="${service_base_dir}_backup"
backup_depth_config=$(find_in_configs 'product.backup.depth' 3)
backup_depth=${backup_depth:-${backup_depth_config}}
echo "Remove old backups from '${backup_dir}' directory (only ${backup_depth} latest backup files retain)..."
mkdir -p "${backup_dir}"
# remove old backups except the latest 'backup_depth'
lines_number=$(( backup_depth - 1))
find "${backup_dir}" -type f -printf '%T@\t%p\n' |
sort -t $'\t' -g |
head -n -"${lines_number}" |
cut -d $'\t' -f 2- |
xargs rm -rf
echo "... DONE"
timestamp=$(date -u +"%Y.%m.%dT%H.%M.%SZ")
backup_file="${backup_dir}/backup_${timestamp}.tgz"
echo "Backup all data to '${backup_file}'..."
tar -czf "${backup_dir}/backup_${timestamp}.tgz" -C "${service_base_dir}/" .
echo "... DONE"
}
##
## Find latest file in the directory.
## Used for restore latest backup
##
find_latest_file() {
local dir=$1
find "${dir}" -type f -printf '%T@\t%p\n' |
sort -t $'\t' -g |
tail -1 |
cut -d $'\t' -f 2-
}
##
## restore last backup
##
restore_backup() {
local service_base_dir backup_dir
service_base_dir=$(get_service_base_dir)
backup_dir="${service_base_dir}_backup"
latest_backup=$(find_latest_file "${backup_dir}")
rm -rf "${service_base_dir}"
mkdir -p "${service_base_dir}"
tar -xzf "${latest_backup}" -C "${service_base_dir}"
}
##
## common await function
##
await_ready() {
local ready_function=$1; shift;
local name=$1; shift;
local timeout=$1; shift;
local delay=$1; shift;
local start_time current_time elapsed
start_time=$(date +%s)
until "${ready_function}" "$@"; do
sleep "${delay}"
current_time=$(date +%s)
elapsed=$((current_time - start_time))
if [ -n "${name}" ]; then
echo " ... await service '${name}' get started: ${elapsed} seconds elapsed."
fi
if [ "${elapsed}" -ge "${timeout}" ]; then
if [ -n "${name}" ]; then
echo "Service '${name}' start timeout"
fi
return 1
fi
done
current_time=$(date +%s)
elapsed=$((current_time - start_time))
if [ -n "${name}" ]; then
echo " ... starting service '${name}' finished in ${elapsed} seconds"
fi
if [ -n "${name}" ]; then
echo " ... wait for a while to be sure"
fi
sleep 5
}
##
## Create group, user and enable user to use docker
## Use only for rootful install
##
create_user_group() {
local user_name
user_name=$(get_user_name)
groupadd -r "${user_name}" || true
useradd -r -g "${user_name}" "${user_name}" || true
if [ -z "${FOREIGN_DOCKER_USER}" ]; then
groupadd docker || true
usermod -G docker "${user_name}"
fi
}
set_up_events_processor_log_dir() {
local ep_path ep_dir
ep_path=$(find_in_configs 'host.install.events.filepath' "${service_base_dir}/logs/events/events.log")
ep_dir=$(dirname "${ep_path}")
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1006 1006 "${ep_dir}"
chmod 777 "${service_base_dir}/logs/events/"
}
##
## Set required access rights for application directories in rootful mode
## service base directory and user name are known
##
set_dirs_access_right_rootful() {
local service_base_dir user_name
service_base_dir=$(get_service_base_dir)
user_name=$(get_user_name)
set_dirs_access_right_internal "${service_base_dir}" "${user_name}" "" ""
}
##
## Set required access rights for application directories in rootless mode
## service base directory must be provided
## as a user used 'root' that actually current subuid user
##
set_dirs_access_right_rootless() {
local service_base_dir=$1
if [ -z "${service_base_dir}" ]; then
echo >&2 "service_base_dir arg required"
return 1
fi
set_dirs_access_right_internal "${service_base_dir}" root "" ""
}
set_dirs_access_right_foreign() {
local foreign_user_name=$1
local service_base_dir base_user_id base_group_id
service_base_dir=$(get_service_base_dir)
user_name=$(get_user_name)
base_user_id=$(grep "^${foreign_user_name}:" < /etc/subuid | awk -F: '{print $2}')
base_group_id=$(grep "^${foreign_user_name}:" < /etc/subgid | awk -F: '{print $2}')
set_dirs_access_right_internal "${service_base_dir}" "${user_name}" "${base_user_id}" "${base_group_id}"
}
##
## Set required access rights for application directories internal implementation
## Do not call directly use set_dirs_access_right_rootful or set_dirs_access_right_rootless instead
##
set_dirs_access_right_internal() {
local service_base_dir=$1
local user_name=$2
local base_user_id=$3
local base_group_id=$4
chown "${user_name}:${user_name}" "${service_base_dir}" 2>/dev/null
chmod 777 "${service_base_dir}"
find "${service_base_dir}" -maxdepth 1 -mindepth 1 -type f -print0 |
xargs --no-run-if-empty -0 chown "${user_name}:${user_name}" 2>/dev/null
find "${service_base_dir}" -maxdepth 1 -mindepth 1 -type d |
grep -v data |
xargs --no-run-if-empty chown "${user_name}:${user_name}"
chown "${user_name}:${user_name}" "${service_base_dir}/bin/start" 2>/dev/null
chown "${user_name}:${user_name}" "${service_base_dir}/bin/stop" 2>/dev/null
mkdir -p "${service_base_dir}/data"
chown "${user_name}:${user_name}" "${service_base_dir}/data" 2>/dev/null
chmod 777 "${service_base_dir}/data"
if enabled_in_configs 'host.install.events.enabled'; then
set_up_events_processor_log_dir
fi
set_subdir_user_group "${base_user_id}" "${base_group_id}" 7474 7474 "${service_base_dir}/data/graph"
mkdir -p "${service_base_dir}/logs"
chown "${user_name}:${user_name}" "${service_base_dir}/logs" 2>/dev/null
chmod 777 "${service_base_dir}/logs"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 7474 7474 "${service_base_dir}/logs/graph"
mkdir -p "${service_base_dir}/data/deck/cache"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 101 101 "${service_base_dir}/data/deck"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/data/engine/files"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/data/engine/reports/templates"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/data/engine/snapshots"
chmod 755 "${service_base_dir}/kb"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/kb/itkb"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/kb/reports"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 1001 1001 "${service_base_dir}/kb/reports-customization"
chmod 777 "${service_base_dir}/data/engine"
chmod 777 "${service_base_dir}/data/engine/reports"
chmod 777 "${service_base_dir}/kb/reports"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 70 70 "${service_base_dir}/data/postgres"
set_subdir_user_group "${base_user_id}" "${base_group_id}" 999 1000 "${service_base_dir}/data/redis"
}
##
## Own directory to effective uid and gid
## Pass here base uid/gid from the subuid/subgid or empty if run under root
## If run under root then app_uid/app_gid need to use as effective uid/gid
## Else calculate effective uid/gid with well know formula.
## UB if run under system user.
##
set_subdir_user_group() {
local base_uid=$1
local base_gid=$2
local app_uid=$3
local app_gid=$4
local directory=$5
local app_effective_uid app_effective_gid
if [ -z ${base_uid} ]; then
# against root
app_effective_uid="${app_uid}"
app_effective_gid="${app_gid}"
else
# against foreign user
app_effective_uid="$((base_user_id + app_uid - 1))"
app_effective_gid="$((base_group_id + app_gid - 1))"
fi
mkdir -p "${directory}"
chown -R "${app_effective_uid}:${app_effective_gid}" "${directory}" 2>/dev/null
}
##
## Own application subdirectory to service's user
## Do not create directory if it not exists
## Use user calculated by `get_user_name` or passed as arg
##
chown_subdir2user() {
local subdir=$1
local user_name=$2
local service_base_dir
service_base_dir=$(get_service_base_dir)
if [ -z "${user_name}" ]; then
user_name=$(get_user_name)
fi
if [ -d "${service_base_dir}/${subdir}" ]; then
chown -R "${user_name}:${user_name}" "${service_base_dir}/${subdir}" 2>/dev/null || true
fi
}
##
## Create group, user and enable user to use docker
##
enable_service() {
local service_base_dir
service_base_dir=$(get_service_base_dir)
$(systemctl_cmd) link "${service_base_dir}/systemd/${SERVICE_NAME}.service"
$(systemctl_cmd) daemon-reload
$(systemctl_cmd) enable "${SERVICE_NAME}"
}
##
## Configure functions section
##
##
## ping to fleet maker (used for await started)
##
ping_fm() {
local base_url=$1
fm_curl --connect-timeout 1 "${base_url}/ping" >/dev/null
}
##
## send config to fleet maker
##
post_fm_new_config() {
local base_url=$1
config_id=$(fm_curl --request POST "${base_url}/config")
echo "${config_id}"
}
##
## post existing ini file
## call example: "${fm_base_url}" "${config_id}" "${config_dir}/defaults.ini" main
##
post_fm_ini_file() {
local base_url=$1
local config_id=$2
local src_file=$3
local part=$4
fm_curl --request POST -F "content=@${src_file}" \
"${base_url}/config/${config_id}/${part}" >/dev/null
}
##
## post to fleet maker whole existing config
##
post_fm_config() {
local base_url=$1
local config_id=$2
local config_dir=$3
if [ -f "${config_dir}/defaults.ini" ]; then
post_fm_ini_file "${base_url}" "${config_id}" "${config_dir}/defaults.ini" main
else
echo "required config '${config_dir}/defaults.ini' is not found"
return 1
fi
if [ ! -f "${config_dir}/local.ini" ]; then
echo "[main]" >"${config_dir}/local.ini"
echo "host.base.dir = $(get_service_base_dir)" >> "${config_dir}/local.ini"
fi
post_fm_ini_file "${base_url}" "${config_id}" "${config_dir}/local.ini" host
if [ -f "${config_dir}/user.ini" ] && [ -s "${config_dir}/user.ini" ]; then
post_fm_ini_file "${base_url}" "${config_id}" "${config_dir}/user.ini" user
fi
if [ -f "${config_dir}/env_vars.ini" ]; then
post_fm_ini_file "${base_url}" "${config_id}" "${config_dir}/env_vars.ini" env
fi
}
##
## post one lang pack for one client
##
post_one_lang_pack() {
local base_url=$1; shift;
local config_id=$1; shift;
local prefix=$1; shift;
local src_file=$1; shift;
fm_curl --request POST \
"${base_url}/config/${config_id}/language/${prefix}" \
-F "content=@${src_file}" \
> /dev/null
}
##
## post lang packs for one client
##
post_langs_client() {
local base_url=$1; shift;
local config_id=$1; shift;
local prefix=$1; shift;
local lang_pack_dir
lang_pack_dir=$(find_in_configs "${prefix}.deck.languages.dir" "NONE")
if [ "${lang_pack_dir}" == NONE ]; then
return 0
fi
if [ ! -d "${lang_pack_dir}" ]; then
echo >&2 "Directory for language packs (${prefix}.deck.languages.dir = ${lang_pack_dir}) is not found"
return 1
fi
lang_packs=$(find "${lang_pack_dir}" -name "*.json")
for lang_pack_file in ${lang_packs}; do
post_one_lang_pack "${base_url}" "${config_id}" "${prefix}" "${lang_pack_file}"
done
}
##
## post langs packs for all clients
##
post_langs() {
local base_url=$1; shift;
local config_id=$1; shift;
post_langs_client "${base_url}" "${config_id}" b
}
##
## post to fleet maker additions for config
## example to use: "${base_url}" "${config_id}" "_" "${compose_path}"
## api: "/config/{config_id}/host/{option}?value="
#
post_fm_add_ini() {
local base_url=$1
local config_id=$2
local part=$3
local var_name=$4
local var_value=$5
fm_curl --request PATCH \
"${base_url}/config/${config_id}/${part}/${var_name}?value=${var_value}" \
>/dev/null
}
##
## Process J2 template with fleet maker
##
post_gen_template() {
local base_url=$1
shift
local config_id=$1
shift
local src_file=$1
shift
local dst_file=$1
shift
fm_curl --request POST -F "content=@${src_file}" \
"${base_url}/config/${config_id}/template/applied" \
>"${dst_file}"
}
##
## retrieve file from fleet maker
##
get_fm_file() {
local base_url=$1
shift
local config_id=$1
shift
local part=$1
shift
local dst_file=$1
shift
dst_dir=$(dirname "$dst_file")
mkdir -p "${dst_dir}"
tmp_dst_file=$(mktemp)
fm_curl "${base_url}/config/${config_id}/${part}" >"${tmp_dst_file}"
cp "${tmp_dst_file}" "${dst_file}"
rm -f "${tmp_dst_file}"
if [ -z "${INSTALL_ROOTLESS}" ]; then
user_name=$(get_user_name)
chown "${user_name}:${user_name}" "${dst_file}" 2>/dev/null || true
fi
}
get_fm_image_name() {
local registry_prefix fleet_make_tag
registry_prefix=$(get_registry_prefix)
fleet_make_tag=$(find_in_configs fleet.maker.tag latest)
echo "${registry_prefix}/fleet-make:${fleet_make_tag}"
}
start_service_on() {
local service_name=$1
local service_image_name=$2
local bind_port=$3
local service_port=$4
local network_name=$5
docker network create "${network_name}" \
>/dev/null
docker run --interactive --rm --detach --name "${service_name}" \
--publish "127.0.0.1:${bind_port}:${service_port}" \
--read-only \
--tmpfs /tmp-data \
--tmpfs /tmp \
--network "${network_name}" \
"${service_image_name}" \
>/dev/null
}
##
##
##
fm_start() {
local fm_image_name=$1
for ((fm_port = 50000; fm_port < 50100; fm_port++)); do
if start_service_on "${FM_DOCKER_CONTAINER_NAME}" "${fm_image_name}" "${fm_port}" 8000 "${FM_DOCKER_NETWORK_NAME}"; then
_FM_PORT="${fm_port}"
return 0
fi
done
return 1
}
##
## configure service with fleet maker
##
make_fleet2() {
local src_dir=$1
local fm_image_name fm_port fm_base_url
# start fleet maker
echo "Starting config service..."
turn_off_service ${FM_DOCKER_CONTAINER_NAME} "${FM_DOCKER_NETWORK_NAME}"
sleep 3
fm_image_name=$(get_fm_image_name)
if ! fm_start "${fm_image_name}"; then
echo >&2 "... Failed to start container form image '${fm_image_name}'... Is it accessible?"
return 1
fi
fm_port="${_FM_PORT}"
fm_base_url="http://localhost:${fm_port}"
# wait it get accessible
if ! await_ready ping_fm "" 20 1 "${fm_base_url}"; then
echo >&2 "... FAILED by timeout. Something went wrong. May be 'docker logs ${FM_DOCKER_CONTAINER_NAME}' may help to investigate a problem."
exit 1
fi
echo "... DONE"
echo "Create or modify config..."
# post to fleet maker configs if exists: main, host, user, env
config_id=$(post_fm_new_config "${fm_base_url}")
config_dir="${src_dir}/config"
post_fm_config "${fm_base_url}" "${config_id}" "${config_dir}"
post_langs "${fm_base_url}" "${config_id}"
# post additional vars
local registry_prefix registry_proxy_prefix
registry_prefix=$(get_registry_prefix)
if [ -n "${registry_prefix}" ]; then
post_fm_add_ini "${fm_base_url}" "${config_id}" host "registry.prefix" "${registry_prefix}"
fi
registry_proxy_prefix=$(get_registry_proxy_prefix)
if [ -n "${registry_proxy_prefix}" ]; then
post_fm_add_ini "${fm_base_url}" "${config_id}" host "registry.proxy.prefix" "${registry_proxy_prefix}"
fi
if [ -n "${DOCKER_HOST}" ]; then
post_fm_add_ini "${fm_base_url}" "${config_id}" host "host.docker.url" "${DOCKER_HOST}"
fi
# get and save compose file
rm -f "${src_dir}/compose/docker-compose.yml"
get_fm_file "${fm_base_url}" "${config_id}" compose "${src_dir}/compose/docker-compose.yml"
if [ -z "${INSTALL_ROOTLESS}" ]; then
chown_subdir2user compose
chmod 740 "${src_dir}/compose"
chmod 640 "${src_dir}/compose"/*
fi
# get and save config files (main, host, user, env) for future installations
get_fm_file "${fm_base_url}" "${config_id}" main "${src_dir}/config/defaults.ini"
get_fm_file "${fm_base_url}" "${config_id}" host "${src_dir}/config/local.ini"
get_fm_file "${fm_base_url}" "${config_id}" user "${src_dir}/config/user.ini"
get_fm_file "${fm_base_url}" "${config_id}" env "${src_dir}/config/env_vars.ini"
# convert rootless systemd file if need
if [ "${INSTALL_ROOTLESS}" == 1 ]; then
post_gen_template "${fm_base_url}" "${config_id}" \
"${src_dir}/systemd/rootless-systemd.service.j2" \
"${src_dir}/systemd/${SERVICE_NAME}.service"
elif [ -n "${FOREIGN_DOCKER_HOST}" ]; then
post_gen_template "${fm_base_url}" "${config_id}" \
"${src_dir}/systemd/foreign-docker-systemd.service.j2" \
"${src_dir}/systemd/${SERVICE_NAME}.service"
fi
echo "... DONE"
# stop fleet maker
echo "Stopping config service..."
turn_off_service "${FM_DOCKER_CONTAINER_NAME}" "${FM_DOCKER_NETWORK_NAME}"
echo "... DONE"
}
##
## Returns registry prefix for hexway images.
## Customers may set 'registry.prefix' in user.ini if can not use world-wide hexway registry
## but use some kinda of registry proxy in their internal infra.
##
get_registry_prefix() {
# default registry prefix
local registry_prefix service_base_dir
registry_prefix="${APP_REGISTRY_URL}"
# first check file registry-prefix.sh if config/*.ini files not exists yet (first installing)
service_base_dir=$(get_service_base_dir)
if [ -f "${service_base_dir}/bin/registry-prefix.sh" ]; then
. "${service_base_dir}/bin/registry-prefix.sh"
fi
if [ -n "${REGISTRY_PREFIX}" ]; then
registry_prefix=${REGISTRY_PREFIX}
fi
# retrieve registry.prefix from config or use default
config_registry_prefix=$(find_in_configs "registry.prefix" "${registry_prefix}")
# TODO: remove this hack after 2024-03
# `hexway` is obsoleted prefix.
# fleet-make during config state will remove it from `local.ini`.
# But even to start fleet maker we need to use new one prefix.
if [ "${config_registry_prefix}" == hexway ]; then
registry_prefix="${APP_REGISTRY_URL}"
else
registry_prefix=${config_registry_prefix}
fi
echo "${registry_prefix}"
}
##
## Returns prefix for docker hub based images.
## Customers may set 'registry.proxy.prefix' in user.ini if can not use docker hub
## but use some kinda of registry proxy in their internal infra.
## Empty by default.
##
get_registry_proxy_prefix() {
# default registry prefix
local registry_proxy_prefix=""
# first check file registry-prefix.sh if config/*.ini files not exists yet (first installing)
if [ -f "${service_base_dir}/bin/registry-prefix.sh" ]; then
. "${service_base_dir}/bin/registry-prefix.sh"
fi
if [ -n "${PROXY_REGISTRY_PREFIX}" ]; then
registry_proxy_prefix=${PROXY_REGISTRY_PREFIX}
fi
# retrieve registry.prefix from config or use default
registry_proxy_prefix=$(find_in_configs "registry.proxy.prefix" "${registry_proxy_prefix}")
if [ "${registry_proxy_prefix}" != "<unknown>" ]; then
echo "${registry_proxy_prefix}"
fi
}
##
## List images with provided prefix
## list format: <repo> <space> <tag>
##
list_images_with_prefix() {
local repo_prefix=$1
local docker_command
docker images --format '{{.Repository}} {{.Tag}}' \
| ( grep "^${repo_prefix}/" || true )
}
##
## Rename image: tag with new name and remove old
##
rename_image() {
local old_image=$1
local new_image=$2
local docker_command
docker tag "${old_image}" "${new_image}"
docker image rm "${old_image}"
}
##
## Rename all old style images th the new one
##
rename_images() {
local old_style_repo_prefix=$1
local new_style_repo_prefix=$2
local tmp_list
tmp_list=$(mktemp)
list_images_with_prefix "${old_style_repo_prefix}" > "${tmp_list}"
while read line; do
local orig_full_image_name orig_image_only image_tag
orig_full_image_name=$(echo ${line} | awk '{print $1}')
image_tag=$(echo ${line} | awk '{print $2}')
orig_image_only=$(echo "${orig_full_image_name}" | awk -F/ '{print $2}')
rename_image \
"${old_style_repo_prefix}/${orig_image_only}:${image_tag}" \
"${new_style_repo_prefix}/${orig_image_only}:${image_tag}" \
> /dev/null
done < "${tmp_list}"
rm -f "${tmp_list}"
}
ping_protocol() {
local option=$1
local config_value
config_value=$(find_in_configs "${option}" no_ssl | tr '[:upper:]' '[:lower:]')
case "${config_value}" in
0|no_ssl|no|false|plain_only|ssl_both|separate|1)
echo "http"
;;
3|ssl_only|2|yes|true|redirect|ssl_redirect)
echo "https"
;;
*)
echo >&2 "Unknown ssl mode: '${config_value}'"
exit 1
esac
}
##
## print default root username and password
##
welcome_message() {
local service_base_dir
service_base_dir=$(get_service_base_dir)
echo "UI accessible on 'https://0.0.0.0' or 'http://0.0.0.0'"
root_password=$(find_in_configs 'b.root.password')
root_login=$(find_in_configs 'b.root.login')
echo "Root login: '${root_login}'"
echo "Default root password: '${root_password}' (if you didn't change it early)"
}
is_configured() {
local service_base_dir configured_file
service_base_dir=$(get_service_base_dir)
configured_file="${service_base_dir}/compose/docker-compose.yml"
[ -f "${configured_file}" ]
}
##
## re-config service
## * find fleet maker version
## * invoke make_fleet
##
make_reconfig() {
local pull_mode=$1
local service_base_dir
service_base_dir=$(get_service_base_dir)
if [ "${pull_mode}" == "force" ]; then
local fm_image_name
fm_image_name=$(get_fm_image_name)
echo "Pull configurator image..."
docker pull "${fm_image_name}" --quiet || true
echo "... DONE"
fi
if enabled_in_configs 'host.install.events.enabled'; then
set_up_events_processor_log_dir
fi
make_fleet2 "${service_base_dir}"
}
##
## Returns full path to docker-compose command
##
docker_compose_command() {
if docker compose version > /dev/null 2>/dev/null; then
echo docker compose
return 0
fi
command -v docker-compose
}
##
## run docker compose command
## here get deal with project dir and project name
## all other args pass to docker-compose
run_docker_compose() {
local compose_dir docker_compose_cmd
compose_dir="$(get_service_base_dir)/compose"
docker_compose_cmd=$(docker_compose_command)
(
cd "${compose_dir}" || return 1
${docker_compose_cmd} --project-name "${SERVICE_NAME}" "$@"
)
}
##
## re-config service:
## * stop
## * make fleet
## * start
## * await ready
## * welcome message if all OK or warning and welcome message if something went wrong
##
service_reconfig() {
local pull_mode=$1
stop_prev
make_reconfig "${pull_mode}"
enable_service
if [ "${pull_mode}" == force ]; then
echo "Pull docker images..."
run_docker_compose pull > /dev/null 2>&1
echo "... DONE"
fi
$(systemctl_cmd) restart "${SERVICE_NAME}"
service_await_and_welcome
}
##
## wait service is get ready
##
# here we wait service then it become accessible via http ping
await_service_ready() {
local target_dir
service_base_dir=$(get_service_base_dir)
echo "Waiting for the service '${SERVICE_NAME}' to get started..."
await_ready ping_back \
"${SERVICE_NAME} systemd service" \
"${AWAIT_SERVICE_READY_TIMEOUT}" \
"${AWAIT_SERVICE_READY_PAUSE}"
}
# internal implementation:
# * wait when got ready
# * print success message if all right
# * print error message of not ready timeout
service_await_internal() {
if await_service_ready; then
print_level_message 1 SUCCESS "${VENDOR_NAME} ${PRODUCT_NAME} is ready to use."
return 0
fi
print_level_message 1 ERROR "Something went wrong..."
echo "See 'systemctl status ${SERVICE_NAME}.service' and 'journalctl --pager-end --unit=${SERVICE_NAME}.service' for details. "
echo "But maybe ${VENDOR_NAME} ${PRODUCT_NAME} is ready to use nevertheless."
return 1
}
# wait, print success or error message and exit on error.
# print welcome message anyway
service_await_and_welcome() {
if ! service_await_internal; then
welcome_message
exit 1
fi
welcome_message
}
#
# ping backend(s) to ensure they started and ready to use
#
ping_back() {
local ping_cmd
ping_cmd="curl --silent --fail --connect-timeout 1 --insecure --noproxy '*'"
local bprotocol bport bhost
bprotocol=$(ping_protocol b.ssl.enabled)
if [ "${bprotocol}" == https ]; then
bport=$(find_in_configs b.deck.https.port.expose 443)
bhost=$(find_in_configs b.deck.https.host.expose "127.0.0.1")
else
bport=$(find_in_configs b.deck.port.expose 80)
bhost=$(find_in_configs b.deck.host.expose "127.0.0.1")