#!/bin/bash
#
# Copyright (C) 2019 OX Software GmbH
#
# This file is part of OX Automation.
#
# OX Automation is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# OX Automation is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with OX Automation. If not, see <http://www.gnu.org/licenses/>.
#
#
# Authors:
# Benedikt Kroening <benedikt.kroening@open-xchange.com>
#
set -e
SCRIPT_DIR="$( cd "$(dirname "$0")" ; pwd -P)"
# sourcing some commonly used functions and executing basic checks
source ${SCRIPT_DIR}/../lib/common.bash
source ${SCRIPT_DIR}/../lib/setup.bash
checkRootPrivileges
detectDistribution
if [[ -z "${INSTALL_GUARD}" ]]; then
# sourcing the default configuration to use
echo "Warning: Missing environment variable. Sourcing default configuration file ..."
exportProperties ${SCRIPT_DIR}/../config/config
fi
if [[ -z "${AS_GUARD_VERSION}" ]]; then
# sourcing the default configuration to use
echo "Warning: Missing environment variable. Sourcing default versions file ..."
exportProperties ${SCRIPT_DIR}/../setup/versions
fi
## Help text
show_usage() {
echo -n "
Install Open-Xchange Guard packages and optionally initialize it
$0 [OPTIONS]
--enable
--disable
--restart
-k | --key <value>
"
}
### reading config from command line; overriding defaults
POSITIONAL=()
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
-h|--help)
show_usage
exit 0
shift
;;
--debug)
echo "WARNING: Debug flag set (--debug)"
set -x
shift
;;
--enable)
GUARD_ENABLE=true
shift
;;
--disable)
GUARD_ENABLE=false
shift
;;
--middleware)
MIDDLEWARE=true
shift
;;
--frontend)
FRONTEND=true
shift
;;
--backend)
BACKEND=true
shift
;;
--install)
export INSTALL_GUARD=true
shift
;;
--guard-endpoint)
echo "Using $2 as guard endpoint url ..."
export OX_GUARD_ENDPOINT_URL="$2"
shift
shift
;;
# -k|--key)
# value="$2"
# shift
# shift
# ;;
--restart)
RESTART_OX=true
shift
;;
*) # unknown option
POSITIONAL+=("$1") # save it in an array for later
shift
;;
esac
done
set -- "${POSITIONAL[@]}" # restore positional parameters
if [ "$INSTALL_GUARD" = true ] ; then
#
if [[ "${INSTALL_MIDDLEWARE}" = true ]]; then
if [[ "${INSTALL_BACKEND}" = true ]] || [[ "${INSTALL_TYPE}" == *"singlenode"* ]]; then
# These packages are guard only, see below for middleware realted guard packages
PACKAGES="open-xchange-guard open-xchange-guard-file-storage"
fi
PACKAGES="${PACKAGES} open-xchange-guard-ui open-xchange-guard-backend-plugin"
fi
if [[ "${INSTALL_FRONTEND}" = true ]]; then
PACKAGES="${PACKAGES} open-xchange-guard-ui-static open-xchange-guard-reader open-xchange-guard-help*"
fi
installPackages ${PACKAGES}
fi
if [[ "${GUARD_ENABLE}" = true ]]; then
# Default value, override globally for cluster envs
if [[ -z "${OX_GUARD_ENDPOINT_URL}" ]]; then
OX_GUARD_ENDPOINT_URL="http://localhost:8009/guardadmin"
fi
if [[ "${INSTALL_FRONTEND}" = true ]]; then
echo "Adding Guard proxy rules ..."
cp -f ${SCRIPT_DIR}/../config/frontend/conf/89_guard-proxy.dummy ${HTTPD_CONF_PATH}/89_guard-proxy.conf
if [[ "${INSTALL_TYPE}" == *"singlenode"* ]]; then
# Creating guard config with higher prios for apache config (load order)
${SCRIPT_DIR}/../config/frontend/add-balancer.sh \
--name "oxguard" \
--balancer "http://localhost:8009" \
--route "singlenode" \
--priority 10
${SCRIPT_DIR}/../config/frontend/add-balancer.sh \
--name "oxguardpks" \
--balancer "http://localhost:8009/pks" \
--route "singlenode" \
--priority 10
else
echo "Current Install type: "${INSTALL_TYPE}
echo "ERROR: guard init currently only supports singlenode. TODO: implement additional hostname parameter for balancer backend config"
# e.g. guard.sh --guard-backend guard.host:8009
exit 99
fi
fi
INIT_STATE_FILE="/opt/open-xchange/etc/22-init-guard-done"
if [ ! -f ${INIT_STATE_FILE} ]; then
echo "Using following configuration:"
set | grep "OX_GUARD"
echo "==============================="
sleep 5
# configure guard
setOXProperty com.openexchange.capability.guard true /opt/open-xchange/etc/guard-api.properties
setOXProperty com.openexchange.capability.guard-mail true /opt/open-xchange/etc/guard-api.properties
setOXProperty com.openexchange.capability.guard-drive true /opt/open-xchange/etc/guard-api.properties
setOXProperty com.openexchange.share.staticGuestCapabilities "guard" /opt/open-xchange/etc/guard-api.properties
setOXProperty com.openexchange.guard.endpoint "${OX_GUARD_ENDPOINT_URL}" /opt/open-xchange/etc/guard-api.properties
setOXProperty com.openexchange.rest.services.basic-auth.login "open-xchange" /opt/open-xchange/etc/server.properties
setOXProperty com.openexchange.rest.services.basic-auth.password "secret" /opt/open-xchange/etc/server.properties
# set guard config
# TODO:
setOXProperty com.openexchange.guard.oxGuardDatabaseHostname "${DATABASE_HOST_NAME}" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.oxGuardShardDatabase "${DATABASE_HOST_NAME}" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.databaseUsername "${OX_CONFIGDB_USER}" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.databasePassword "${OX_CONFIGDB_PASS}" /opt/open-xchange/etc/guard-core.properties
# setOXProperty com.openexchange.guard.restApiHostname "frontend" /opt/open-xchange/etc/guard-core.properties
# setOXProperty com.openexchange.guard.supportApiUsername "open-xchange" /opt/open-xchange/etc/guard-core.properties
# setOXProperty com.openexchange.guard.supportApiPassword "secret" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.restApiUsername "open-xchange" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.restApiPassword "secret" /opt/open-xchange/etc/guard-core.properties
# setOXProperty com.openexchange.guard.oxBackendPort 80 /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.oxBackendPath "/appsuite/api/" /opt/open-xchange/etc/guard-core.properties
# setup localhost config for sharing tests
# todo: guard external smtp config not hardcoded
setOXProperty com.openexchange.guard.externalReaderPath "localhost/guard/reader/reader.html" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.externalEmailURL "localhost" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.guestSMTPServer "${OX_MAIL_HOST}" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.guestSMTPPort "25" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.guestSMTPUsername "noreply" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.guestSMTPPassword "secret" /opt/open-xchange/etc/guard-core.properties
setOXProperty com.openexchange.guard.guestSMTPMailFrom "noreply@${OX_MAIL_DOMAIN}" /opt/open-xchange/etc/guard-core.properties
restartService open-xchange
sleep 10
waitPort localhost 8009
/opt/open-xchange/sbin/runallupdate -A ${OX_ADMINMASTER_USER} -P ${OX_ADMINMASTER_PASS}
/opt/open-xchange/sbin/guard --directory /opt/open-xchange/etc --init
restartService open-xchange
sleep 10
echo "$(date)" >> ${INIT_STATE_FILE}
else
echo "WARNING: This scripts has already been executed and will be skipped!"
sleep 5
fi
elif [[ "${GUARD_ENABLE}" = false ]]; then
echo ""
# do something to disable it
fi
if [[ "${RESTART_OX}" = true ]]; then
restartService open-xchange
fi