359 lines
7.9 KiB

  1. #!/bin/bash
  2. exname=$(basename $0)
  3. compose_core=$(which compose-core) || {
  4. echo "Requires compose-core executable to be in \$PATH." >&2
  5. exit 1
  6. }
  7. fetch-def() {
  8. local path="$1" fname="$2"
  9. ( . "$path" 1>&2 || {
  10. echo "Failed to load '$path'." >&2
  11. exit 1
  12. }
  13. declare -f "$fname"
  14. )
  15. }
  16. prefix_cmd="
  17. . /etc/shlib
  18. include common
  19. include parse
  20. . ../lib/common
  21. $(fetch-def "$compose_core" yaml_get_values)
  22. $(fetch-def "$compose_core" yaml_get_interpret)
  23. " || {
  24. echo "Couldn't build prefix cmd" >&2
  25. exit 1
  26. }
  27. ##
  28. ## Mocks
  29. ##
  30. relation-get() {
  31. local key="$1"
  32. echo "$CFG" | shyaml get-value "$key" 2>/dev/null
  33. }
  34. export -f relation-get
  35. export RELATION_DATA_FILE=x
  36. relation-set() {
  37. local key="$1" value="$2"
  38. echo "relation-set $key:" >&2
  39. echo "$value" | prefix " | " >&2
  40. }
  41. export -f relation-set
  42. cfg-get-value() {
  43. local key="$1"
  44. shyaml get-value "$key" 2>/dev/null
  45. }
  46. export -f cfg-get-value
  47. get_service_relations() {
  48. printf "%s\0" "${RELATIONS[@]}"
  49. }
  50. export -f get_service_relations
  51. merge_yaml_str() {
  52. local arg_hash="$(H "$@" | cut -c -16)"
  53. local i
  54. echo "Calling: merge_yaml_str" >&2
  55. ((i=0))
  56. for arg in "$@"; do
  57. echo " arg$((i++)):"
  58. echo "$arg" | prefix " | "
  59. done >&2
  60. echo " H> $arg_hash" >&2
  61. while read-0 h res; do
  62. if [[ "$arg_hash" == "$h" ]]; then
  63. echo "Mock hash matched, returning:" >&2
  64. echo "$res" | prefix " | " >&2
  65. echo "$res"
  66. return 0
  67. fi
  68. done < <(e "$MERGE_YAML_STR" | shyaml key-values-0)
  69. printf "<merge_yaml_str("
  70. printf "'%s', " "$@"
  71. printf ")>"
  72. }
  73. export -f merge_yaml_str
  74. compose() {
  75. printf "Calling: compose "
  76. printf "%s " "$*"
  77. echo
  78. }
  79. export -f compose
  80. yaml_key_val_str() {
  81. printf "%s: %s" "$1" "$2"
  82. }
  83. export -f yaml_key_val_str
  84. yaml_get_interpret() {
  85. shyaml get-value
  86. }
  87. export -f yaml_get_interpret
  88. file_put() {
  89. echo "file_put $1"
  90. cat - | prefix " | "
  91. }
  92. export -f file_put
  93. docker() {
  94. echo "docker" "$@"
  95. echo stdin:
  96. cat - | prefix " | "
  97. }
  98. export -f docker
  99. config-add() {
  100. echo "config-add"
  101. echo "$1" | prefix " | "
  102. }
  103. export -f config-add
  104. init-config-add() {
  105. echo "config-add"
  106. echo "$1" | prefix " | "
  107. }
  108. export -f init-config-add
  109. mkdir() {
  110. echo "called: $FUNCNAME $@" >&2
  111. }
  112. export -f mkdir
  113. setfacl() {
  114. echo "called: $FUNCNAME $@" >&2
  115. }
  116. export -f setfacl
  117. chgrp() {
  118. echo "called: $FUNCNAME $@" >&2
  119. }
  120. export -f chgrp
  121. chmod() {
  122. echo "called: $FUNCNAME $@" >&2
  123. }
  124. export -f chmod
  125. cached_cmd_on_base_image() {
  126. echo "called: $FUNCNAME $@" >&2
  127. echo "stdout:" >&2
  128. echo "<GID>" | prefix " | " >&2
  129. echo "<GID>"
  130. }
  131. export -f cached_cmd_on_base_image
  132. export state_tmpdir=$(mktemp -d -t tmp.XXXXXXXXXX)
  133. trap "rm -rf \"$state_tmpdir\"" EXIT
  134. ##
  135. ## cert-provider
  136. ##
  137. try "
  138. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  139. export CONFIGSTORE='\$CONFIGSTORE'
  140. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  141. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  142. RELATIONS=()
  143. apache_vhost_create publish_dir '
  144. domain: www.example.com
  145. ssl:
  146. foo: |
  147. a
  148. b
  149. ' ''
  150. " "unknown cert key"
  151. is errlvl 1
  152. is err reg 'Error: .*cert-provider.*'
  153. try "
  154. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  155. export CONFIGSTORE='\$CONFIGSTORE'
  156. export DATASTORE='\$DATASTORE'
  157. export SERVICE_NAME='\$SERVICE_NAME'
  158. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  159. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  160. CFG='
  161. domain: www.example.com
  162. ssl:
  163. foo: 12
  164. '
  165. ADDITION='
  166. apache-custom-rules:
  167. - |
  168. ## Auto-redirection from http to https
  169. RewriteEngine On
  170. RewriteCond %{HTTPS} off
  171. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  172. MERGE_YAML_STR=\"
  173. 3e417c2db15450f3: |
  174. \$(echo \"\$CFG\" | prefix ' ')
  175. \$(echo \"\$ADDITION\" | prefix ' ')
  176. \"
  177. RELATIONS=(cert-provider foo a True)
  178. apache_vhost_create publish_dir \"\$CFG\"
  179. " "known cert key"
  180. is errlvl 0
  181. is err part "\
  182. relation-set apache-custom-rules:
  183. | - |
  184. | ## Auto-redirection from http to https
  185. | RewriteEngine On
  186. | RewriteCond %{HTTPS} off
  187. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  188. |"
  189. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com'
  190. is out part 'config-add
  191. | $SERVICE_NAME:
  192. | volumes:
  193. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  194. is out part '
  195. | ## Auto-redirection from http to https
  196. | RewriteEngine On
  197. | RewriteCond %{HTTPS} off
  198. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  199. '
  200. try "
  201. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  202. export CONFIGSTORE='\$CONFIGSTORE'
  203. export DATASTORE='\$DATASTORE'
  204. export SERVICE_NAME='\$SERVICE_NAME'
  205. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  206. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  207. RELATIONS=(cert-provider foo a True)
  208. CFG='
  209. domain: www.example.com
  210. server-aliases:
  211. ssl:
  212. foo: 12
  213. '
  214. ADDITION='
  215. apache-custom-rules:
  216. - |
  217. ## Auto-redirection from http to https
  218. RewriteEngine On
  219. RewriteCond %{HTTPS} off
  220. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  221. MERGE_YAML_STR=\"
  222. d186e0ae74640f6d: |
  223. \$(echo \"\$CFG\" | prefix ' ')
  224. \$(echo \"\$ADDITION\" | prefix ' ')
  225. \"
  226. apache_vhost_create publish_dir \"\$CFG\"
  227. " "known cert key - empty server-aliases"
  228. is errlvl 0
  229. is err part "\
  230. relation-set apache-custom-rules:
  231. | - |
  232. | ## Auto-redirection from http to https
  233. | RewriteEngine On
  234. | RewriteCond %{HTTPS} off
  235. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  236. |"
  237. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com\s+
  238. '
  239. is out part 'config-add
  240. | $SERVICE_NAME:
  241. | volumes:
  242. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  243. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  244. | <VirtualHost *:80>
  245. |
  246. | ServerAdmin contact@www.example.com
  247. | ServerName www.example.com
  248. |
  249. | ServerSignature Off' RTRIM
  250. is out part '
  251. | ## Auto-redirection from http to https
  252. | RewriteEngine On
  253. | RewriteCond %{HTTPS} off
  254. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  255. '
  256. try "
  257. export SERVICE_CONFIGSTORE='\$SERVICE_CONFIGSTORE'
  258. export CONFIGSTORE='\$CONFIGSTORE'
  259. export DATASTORE='\$DATASTORE'
  260. export SERVICE_NAME='\$SERVICE_NAME'
  261. export BASE_SERVICE_NAME='\$BASE_SERVICE_NAME'
  262. export MASTER_TARGET_SERVICE_NAME='\$MASTER_TARGET_SERVICE_NAME'
  263. RELATIONS=(cert-provider foo a True)
  264. CFG='
  265. domain: www.example.com
  266. server-aliases:
  267. - example.fr
  268. - example.de
  269. ssl:
  270. foo: 12
  271. '
  272. ADDITION='
  273. apache-custom-rules:
  274. - |
  275. ## Auto-redirection from http to https
  276. RewriteEngine On
  277. RewriteCond %{HTTPS} off
  278. RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]'
  279. MERGE_YAML_STR=\"
  280. fcab3acadc661133: |
  281. \$(echo \"\$CFG\" | prefix ' ')
  282. \$(echo \"\$ADDITION\" | prefix ' ')
  283. \"
  284. apache_vhost_create publish_dir \"\$CFG\"
  285. " "known cert key - multiple server-aliases"
  286. is errlvl 0
  287. is err part "\
  288. relation-set apache-custom-rules:
  289. | - |
  290. | ## Auto-redirection from http to https
  291. | RewriteEngine On
  292. | RewriteCond %{HTTPS} off
  293. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  294. |"
  295. is out reg 'Calling: compose .*foo: options: <merge_yaml_str\(.a., .12., )>.*crt foo create www.example.com example.fr example.de\s+
  296. '
  297. is out part 'config-add
  298. | $SERVICE_NAME:
  299. | volumes:
  300. | - $DATASTORE/foo/etc/letsencrypt:/etc/letsencrypt:ro'
  301. is out part 'file_put $SERVICE_CONFIGSTORE/etc/apache2/sites-enabled/www.example.com.conf
  302. | <VirtualHost *:80>
  303. |
  304. | ServerAdmin contact@www.example.com
  305. | ServerName www.example.com
  306. | ServerAlias example.fr
  307. | ServerAlias example.de
  308. |
  309. | ServerSignature Off' RTRIM
  310. is out part '
  311. | ## Auto-redirection from http to https
  312. | RewriteEngine On
  313. | RewriteCond %{HTTPS} off
  314. | RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=302,L,QSA]
  315. '