You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
65 lines
2.1 KiB
65 lines
2.1 KiB
#!/bin/bash
|
|
|
|
## Init is run on host
|
|
## For now it is run every time the script is launched, but
|
|
## it should be launched only once after build.
|
|
|
|
## Accessible variables are:
|
|
## - SERVICE_NAME Name of current service
|
|
## - DOCKER_BASE_IMAGE Base image from which this service might be built if any
|
|
## - SERVICE_DATASTORE Location on host of the DATASTORE of this service
|
|
## - SERVICE_CONFIGSTORE Location on host of the CONFIGSTORE of this service
|
|
|
|
|
|
set -e
|
|
|
|
service_def=$(get_compose_service_def "$SERVICE_NAME")
|
|
|
|
keys=$(echo "$service_def" | shyaml -y get-value options.keys 2>/dev/null) || {
|
|
err "You must specify a ${WHITE}keys${NORMAL} struct to use this service"
|
|
exit 1
|
|
}
|
|
|
|
[ "$(echo "$keys" | shyaml -y get-type 2>/dev/null)" == "struct" ] || {
|
|
err "Invalid value type for ${WHITE}keys${NORMAL}, please provide a struct"
|
|
exit 1
|
|
}
|
|
|
|
local_path_key=/etc/rsync/keys
|
|
host_path_key="$SERVICE_CONFIGSTORE${local_path_key}"
|
|
key_nb=0
|
|
|
|
## ident are unique by construction (they are struct keys)
|
|
## but keys need to be also unique
|
|
declare -A keys
|
|
while read-0 ident key; do
|
|
if [ "${keys[$key]}" ]; then
|
|
err "Duplicate key: key for ident '$ident' is same as ident '${keys["$key"]}'."
|
|
exit 1
|
|
fi
|
|
if ! [[ "$ident" =~ ^[a-zA-Z0-9._-]+$ ]]; then
|
|
err "Invalid identifier '$ident'," \
|
|
"please use only alphanumerical char, dots, dash or underscores."
|
|
exit 1
|
|
fi
|
|
debug "Creating access key for ${ident}" || true
|
|
echo "$key" | file_put "$host_path_key/${ident}.pub"
|
|
keys["$key"]="$ident"
|
|
done < <(echo "$keys" | shyaml key-values-0)
|
|
|
|
debug "Adding config hash to enable recreating upon config change."
|
|
config_hash=$({
|
|
## XXXvlab: ``env -i`` sole purpose is to protect find
|
|
## against big shell environments, and prevent it to fail.
|
|
env -i find "${host_path_key}" \
|
|
-name \*.pub -exec md5sum {} \;
|
|
} | md5_compat) || exit 1
|
|
|
|
init-config-add "\
|
|
$SERVICE_NAME:
|
|
volumes:
|
|
- $host_path_key:$local_path_key:ro
|
|
labels:
|
|
- compose.config_hash=$config_hash
|
|
"
|
|
|