]>
Commit | Line | Data |
---|---|---|
1 | # vim: filetype=sh | |
2 | # Macaron | |
3 | # openssl rand -hex 32 | |
4 | # URI: postgres:///db_name | |
5 | ||
6 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" | |
7 | if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then | |
8 | PATH="$DIR/toolbox/scripts:$PATH" | |
9 | fi | |
10 | ||
11 | p() { | |
12 | if [ -z "$2" ]; then | |
13 | pass show Travail/Fretlink/$1 | |
14 | else | |
15 | pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //" | |
16 | fi | head -n1 | |
17 | } | |
18 | ||
19 | build_macaroon() { | |
20 | if [ "$1" = "--old" ]; then | |
21 | shift | |
22 | action="old-realms" | |
23 | ttl="" | |
24 | else | |
25 | action="new" | |
26 | ttl="--no-ttl" | |
27 | fi | |
28 | ||
29 | if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then | |
30 | echo "build_macaroon [--old] secret src-key-id target realm" >&2 | |
31 | return | |
32 | fi | |
33 | ||
34 | secret="$1" | |
35 | src="$2" | |
36 | target="uri://fretlink/$3" | |
37 | realm="$4" | |
38 | ||
39 | pushd "$HOME/workdir/haskell-commons" >/dev/null 2>/dev/null | |
40 | MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm" | |
41 | popd 2>/dev/null >/dev/null | |
42 | } | |
43 | ||
44 | function capitalize() { | |
45 | echo "$1" | sed -e 's!\(^\|-\)\(.\)!\U\2!g' | |
46 | } | |
47 | ||
48 | APP=$(basename $(pwd)) | |
49 | ||
50 | FL_APPS_HOST="localhost" | |
51 | FL_APPS_SCHEME="http" | |
52 | ||
53 | FL_ADMIN_USER_PORT=8078 | |
54 | FL_ADMIN_USER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminUser subkey=Secret') }}" | |
55 | FL_ADMIN_USER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminUser subkey=PrivateKey') }}" | |
56 | FL_ADMIN_USER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/" | |
57 | ||
58 | FL_ADMIN_ROOT_PORT=8079 | |
59 | FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}" | |
60 | FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/" | |
61 | ||
62 | FL_APP_PORT=8080 | |
63 | FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink" | |
64 | FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}" | |
65 | FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT" | |
66 | ||
67 | FL_CARRIER_DIRECTORY_PORT=8082 | |
68 | FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}" | |
69 | FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}" | |
70 | FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api" | |
71 | ||
72 | FL_NOTIFIER_PORT=8081 | |
73 | FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}" | |
74 | FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}" | |
75 | FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api" | |
76 | ||
77 | FL_THIRD_PARTIES_PORT=8086 | |
78 | FL_THIRD_PARTIES_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ThirdParties subkey=Secret') }}" | |
79 | ||
80 | FL_PRICER_PORT=8083 | |
81 | FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}" | |
82 | FL_PRICER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=Secret') }}" | |
83 | ||
84 | FL_FREIGHT_PORT=8084 | |
85 | FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}" | |
86 | ||
87 | FL_HOMEPAGE_PORT=8085 | |
88 | ||
89 | FL_BOOKKEEPING_SECRET="dummy" | |
90 | FL_LANE_EXPLORER_SECRET="dummy" | |
91 | ||
92 | FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}" | |
93 | FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}" | |
94 | FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}" | |
95 | FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}" | |
96 | ||
97 | FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}" | |
98 | ||
99 | export FRETLINK_ENV="$APP ${FL_ENV:-local}" | |
100 | ||
101 | if [ -f "local.env.example" ]; then | |
102 | source local.env.example | |
103 | fi | |
104 | ||
105 | if [ "$APP" != "app" ]; then | |
106 | name="${APP//-/_}" | |
107 | port_var="FL_${name^^}_PORT" | |
108 | secret_var="FL_${name^^}_SECRET" | |
109 | private_key_var="FL_${name^^}_PRIVATE_KEY" | |
110 | ||
111 | if [ -n "${!secret_var}" ]; then | |
112 | export MACAROON_SECRET="${!secret_var}" | |
113 | fi | |
114 | if [ -n "${!private_key_var}" ]; then | |
115 | export MACAROON_PRIVATE_KEY="${!private_key_var}" | |
116 | fi | |
117 | export PORT="${!port_var}" | |
118 | export PG_URI="postgres:///$name" | |
119 | ||
120 | if [ -z "$FL_ENV" ]; then | |
121 | export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST" | |
122 | export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT" | |
123 | export POSTGRESQL_ADDON_USER="$FL_PSQL_USER" | |
124 | export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD" | |
125 | export POSTGRESQL_ADDON_DB="$name" | |
126 | export PG_URI="postgresql://$POSTGRESQL_ADDON_USER:$POSTGRESQL_ADDON_PASSWORD@localhost:$POSTGRESQL_ADDON_PORT/$POSTGRESQL_ADDON_DB" | |
127 | else | |
128 | key=Psql/$(capitalize $FL_ENV)/$(capitalize $APP) | |
129 | export POSTGRESQL_ADDON_HOST=$(p $key Host) | |
130 | export POSTGRESQL_ADDON_PORT=$(p $key Port) | |
131 | export POSTGRESQL_ADDON_USER=$(p $key User) | |
132 | export POSTGRESQL_ADDON_PASSWORD=$(p $key) | |
133 | export POSTGRESQL_ADDON_DB=$(p $key Database) | |
134 | export PG_URI="postgresql://$POSTGRESQL_ADDON_USER:$POSTGRESQL_ADDON_PASSWORD@$POSTGRESQL_ADDON_HOST:$POSTGRESQL_ADDON_PORT/$POSTGRESQL_ADDON_DB" | |
135 | fi | |
136 | ||
137 | export GRAYLOG_HOST="localhost" | |
138 | export GRAYLOG_PORT="1111" | |
139 | export ENVIRONMENT_NAME="local" | |
140 | export APPLICATION_NAME="$APP" | |
141 | export SENTRY_DSN="test" | |
142 | export ACCEPTED_ORIGINS="*" | |
143 | fi | |
144 | ||
145 | if [ "$APP" = "app" ]; then | |
146 | export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI" | |
147 | export FRETLINK_PORT="$FL_APP_PORT" | |
148 | export FRETLINK_BASE_URL="$FL_APP_URL" | |
149 | ||
150 | # Dummies mandatory but not defined by default | |
151 | export FRETLINK_SMTP_PASSWORD="password" | |
152 | export FRETLINK_AMAZON_PUBLIC_KEY="password" | |
153 | export FRETLINK_AMAZON_PRIVATE_KEY="password" | |
154 | export FRETLINK_GMAPS_API_KEY="password" | |
155 | export FRETLINK_PASSWORD_REQUEST_SECRET="password" | |
156 | ||
157 | # secret | |
158 | export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET | |
159 | ||
160 | # carrier directory | |
161 | export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL/" | |
162 | export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL" | |
163 | export FRETLINK_CARDIR_URL_FRONTEND="$FL_CARRIER_DIRECTORY_URL" | |
164 | export FRETLINK_CARDIR_ENABLED="true" | |
165 | export FRETLINK_CARDIRV3_ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)" | |
166 | ||
167 | # notifier | |
168 | export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL | |
169 | export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier messaging)" | |
170 | export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)" | |
171 | export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true" | |
172 | ||
173 | export FRETLINK_NOTIFIER_ENABLED="true" | |
174 | export FRETLINK_NOTIFIER_AMQP_ENABLED="true" | |
175 | export FRETLINK_NOTIFIER_AMQP_TLS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=TLS') }}" | |
176 | export FRETLINK_NOTIFIER_AMQP_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=User') }}" | |
177 | export FRETLINK_NOTIFIER_AMQP_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier') }}" | |
178 | export FRETLINK_NOTIFIER_AMQP_HOSTS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Hosts') }}" | |
179 | export FRETLINK_NOTIFIER_AMQP_QUEUE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Queue') }}" | |
180 | export FRETLINK_NOTIFIER_AMQP_EXCHANGE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Exchange') }}" | |
181 | export FRETLINK_NOTIFIER_AMQP_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Port') }}" | |
182 | export FRETLINK_NOTIFIER_AMQP_VHOST="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Vhost') }}" | |
183 | ||
184 | # pricer | |
185 | export FRETLINK_PRICER_USE_CARGO_OUTPUT="true" | |
186 | export FRETLINK_PRICER_SHIPPER_PRICE_V2_KEY=$(build_macaroon $FL_PRICER_SECRET pricer pricer pricing::cargo) | |
187 | export FRETLINK_PRICER_SHIPPER_PRICE_KEY=$(build_macaroon --old $FL_PRICER_SECRET pricer pricer internal-cargo-pricing) | |
188 | export FRETLINK_PRICER_CARRIER_SUGGESTION_KEY=$(build_macaroon --old $FL_PRICER_SECRET pricer pricer internal-cargo-pricing) | |
189 | export FRETLINK_PRICER_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/PricerDev') }}" | |
190 | export FRETLINK_PRICER_URL="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/PricerDev subkey=Url') }}" | |
191 | ||
192 | # admin-root | |
193 | export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL | |
194 | export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)" | |
195 | ||
196 | # geodata | |
197 | export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}" | |
198 | export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}" | |
199 | export GEODATA_URI="$FRETLINK_GEODATA_API" | |
200 | fi | |
201 | ||
202 | if [ "$APP" = "admin-root" ]; then | |
203 | export BASE_URL=$FL_APPS_HOST | |
204 | export API_ROOT="http://$BASE_URL:$PORT/api" | |
205 | export UI_ROOT="http://$BASE_URL:$PORT/admin" | |
206 | export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)" | |
207 | ||
208 | export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET | |
209 | export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET | |
210 | export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET | |
211 | export LANE_EXPLORER_MACAROON_SECRET=$FL_LANE_EXPLORER_SECRET | |
212 | fi | |
213 | ||
214 | if [ "$APP" = "admin-user" ]; then | |
215 | export BASE_URL=$FL_APPS_HOST | |
216 | export API_ROOT="http://$BASE_URL:$PORT/api" | |
217 | export UI_ROOT="http://$BASE_URL:$PORT/admin" | |
218 | export ACCEPTED_ORIGINS="http://$BASE_URL:$PORT/admin" | |
219 | export TOK="$(build_macaroon $FL_ADMIN_USER_PRIVATE_KEY admin-user admin-user admin-user::provisioning)" | |
220 | export ADMIN_TOKEN="$(build_macaroon $FL_ADMIN_USER_SECRET admin-user admin-user admin-user::user-management)" | |
221 | export SERVICE_TOKEN="$(build_macaroon $FL_ADMIN_USER_SECRET admin-user admin-user admin-user::some-service)" | |
222 | fi | |
223 | ||
224 | if [ "$APP" = "homepage" ]; then | |
225 | export HOMEPAGE_API_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/HomepageDev subkey=ApiKey') }}" | |
226 | export HOMEPAGE_API_ROOT_REDIRECT="https://next.www.fretlink.com" | |
227 | export HOMEPAGE_API_BLOG_URL="https://blog.fretlink.com" | |
228 | export HOMEPAGE_API_CIO_API_KEY="123" | |
229 | export HOMEPAGE_API_CIO_SITE_ID="321" | |
230 | fi | |
231 | ||
232 | if [ "$APP" = "carrier-directory" ]; then | |
233 | export ADMIN_BASE_URL=$FL_APP_URL | |
234 | export ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)" | |
235 | fi | |
236 | ||
237 | if [ "$APP" = "notifier" ]; then | |
238 | export MAILGUN_API_KEY="dummy" | |
239 | export MAILGUN_DOMAIN="dummy" | |
240 | export TEMPLATES_ASSETS_BASE_URL="http://dummy/" | |
241 | export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}" | |
242 | export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}" | |
243 | export TRANSPOREON_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Host') }}" | |
244 | export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}" | |
245 | export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}" | |
246 | ||
247 | # Used by curl | |
248 | # v2 | |
249 | #export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)" | |
250 | # v1 | |
251 | export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)" | |
252 | export MONITORING_MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier monitoring)" | |
253 | ||
254 | # To push transporeon cargos to app | |
255 | export TRANSPOREON_APP_PUSH_URL="http://localhost:8080/api/transporeon/cargo" | |
256 | export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)" | |
257 | ||
258 | # AMQP | |
259 | export AMQP_VHOST="notifier" | |
260 | export AMQP_USER="notifier" | |
261 | export AMQP_PASSWORD="notifier" | |
262 | export AMQP_QUEUE="notifier" | |
263 | export AMQP_SERVER="localhost" | |
264 | export AMQP_TLS="false" | |
265 | fi | |
266 | ||
267 | if [ "$APP" = "third-parties" ]; then | |
268 | export PROCTER_GAMBLE_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET third-parties app app::proctergamble-cargos-write)" | |
269 | export PROCTER_GAMBLE_APP_PUSH_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT/api/proctergamble/cargo" | |
270 | export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET third-parties app app::transporeon-cargos-write)" | |
271 | export TRANSPOREON_APP_PUSH_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT/api/transporeon/cargo" | |
272 | export PROCTER_GAMBLE_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/NotifierCallbackTest subkey=Login') }}" | |
273 | export PROCTER_GAMBLE_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/NotifierCallbackTest') }}" | |
274 | export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}" | |
275 | export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}" | |
276 | ||
277 | export PROCTER_GAMBLE_FETCHER_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP subkey=Host') }}" | |
278 | export PROCTER_GAMBLE_FETCHER_LOGIN="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP subkey=Login') }}" | |
279 | export PROCTER_GAMBLE_FETCHER_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP') }}" | |
280 | export PROCTER_GAMBLE_FETCHER_PRODUCTION=false | |
281 | ||
282 | fi | |
283 | ||
284 | if [ "$APP" = "pricer" ]; then | |
285 | export GOOGLE_AUTH_CLIENT_ID="dummy" | |
286 | fi | |
287 | ||
288 | if [ "$APP" = "toolbox" ]; then | |
289 | export AGENT_HOST=$FL_APP_URL | |
290 | export AGENT_PATH="/" | |
291 | export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON | |
292 | fi |