#!/bin/bash set -eux { date env # set optional ACCESS_CONTEXT_ROOT=${ACCESS_CONTEXT_ROOT:-datasets} SECURITY=${SECURITY:-} KEYSTORE_ALIAS=${KEYSTORE_ALIAS:-} SKAIAM_INTROSPECT=${SKAIAM_INTROSPECT:-} SKAIAM_CLIENT=${SKAIAM_CLIENT:-} SKAIAM_PASSWORD=${SKAIAM_PASSWORD:-} AUTH_RAP_URL=${AUTH_RAP_URL:-} AUTH_GMS_URL=${AUTH_GMS_URL:-} AUTH_CLIENT=${AUTH_CLIENT:-} AUTH_SECRET=${AUTH_SECRET:-} # configure CONTEXT_ROOT mkdir -p $CATALINA_BASE/conf/Catalina/localhost cp $WEBAPP_DIR/META-INF/context.xml $CATALINA_BASE/conf/Catalina/localhost/$ACCESS_CONTEXT_ROOT.xml # env SECURITY (deprecated) case $SECURITY in iamtoken) echo "SECURITY is set: "$SECURITY cd $WEBAPP_DIR/WEB-INF/ && rm -f web.xml && cp web-cutout-$SECURITY.xml web.xml && cd - cp /etc/pki/tls/server-connector.xml $CATALINA_BASE/conf cp /etc/pki/tls/iamtoken.properties $WEBAPP_DIR/WEB-INF/classes/ ;; *) echo "SECURITY not configured." ;; esac # configure TLS if [ -f /etc/pki/tls/keystore.jks ] && [ -f /etc/pki/tls/keystore.pwd ]; then cp $CATALINA_BASE/conf/server-connector.xml-8443 $CATALINA_BASE/conf/server-connector.xml fi if [ -n $KEYSTORE_ALIAS ]; then echo "KEYSTORE_ALIAS: "$KEYSTORE_ALIAS sed -i "s/tomcat/$KEYSTORE_ALIAS/" $CATALINA_BASE/conf/server-connector.xml fi # configure SKA IAM if [ -z "$SKAIAM_INTROSPECT" ] || [ -z "$SKAIAM_CLIENT" ] || [ -z "$SKAIAM_PASSWORD" ]; then echo "Some of SKAIAM_ is not set." echo "url: "$SKAIAM_INTROSPECT echo "cli: "$SKAIAM_CLIENT echo "pwd: "$SKAIAM_PASSWORD else echo "Config SKA IAM ..." { echo "introspect=$SKAIAM_INTROSPECT" echo "client_name=$SKAIAM_CLIENT" echo "client_password=$SKAIAM_PASSWORD" } > $WEBAPP_DIR/WEB-INF/classes/iamtoken.properties cp $WEBAPP_DIR/WEB-INF/web-cutout-iamtoken.xml $WEBAPP_DIR/WEB-INF/web.xml fi # configure IA2 security if [ -z "$AUTH_RAP_URL" ] || [ -z "$AUTH_GMS_URL" ] || [ -z "$AUTH_CLIENT" ] || [ -z "$AUTH_SECRET" ]; then echo "Some of AUTH_ is not set." echo "rap: "$AUTH_RAP_URL echo "gms: "$AUTH_GMS_URL echo "cli: "$AUTH_CLIENT echo "pwd: "$AUTH_SECRET else echo "Config SKA IAM ..." { echo "rap_uri=$AUTH_RAP_URL" echo "gms_uri=$AUTH_GMS_URL" echo "client_id=$AUTH_CLIENT" echo "client_secret=$AUTH_SECRET" echo "groups_autoload=true" echo "store_state_on_login_endpoint=true" echo "scope=openid email profile read:rap" echo "allow_anonymous_access=true" } > $WEBAPP_DIR/WEB-INF/classes/ia2token.properties cp $WEBAPP_DIR/WEB-INF/web-cutout-ia2token.xml $WEBAPP_DIR/WEB-INF/web.xml fi # config debug DBG_LEVEL=${DEBUG_LEVEL:-CONFIG} sed -i "s/.*ServletCutout\.level.*=.*/ServletCutout.level = $DBG_LEVEL/g" $CATALINA_BASE/conf/soda.logging.properties sed -i "s/.*ResolverFromId\.level.*=.*/ResolverFromId.level = $DBG_LEVEL/g" $CATALINA_BASE/conf/soda.logging.properties sed -i "s/.*SodaImpl\.level.*=.*/SodaImpl.level = $DBG_LEVEL/g" $CATALINA_BASE/conf/soda.logging.properties sed -i "s/.*VlkbCli\.level.*=.*/VlkbCli.level = $DBG_LEVEL/g" $CATALINA_BASE/conf/soda.logging.properties date } 1> /tmp/start-soda.log 2>&1 $CATALINA_HOME/bin/catalina.sh run