--- /dev/null
+# vim: filetype=sh
+# Macaron
+# openssl rand -hex 32
+# URI: postgres:///db_name
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
+if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
+ PATH="$DIR/toolbox/scripts:$PATH"
+fi
+
+build_macaroon() {
+ if [ "$1" = "--old" ]; then
+ shift
+ action="old-realms"
+ ttl=""
+ else
+ action="new"
+ ttl="--no-ttl"
+ fi
+
+ if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
+ echo "build_macaroon [--old] secret src-key-id target realm" >&2
+ return
+ fi
+
+ secret="$1"
+ src="$2"
+ target="uri://fretlink/$3"
+ realm="$4"
+
+ cd "$HOME/workdir/haskell-commons"
+ MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
+}
+
+APP=$(basename $(pwd))
+
+FL_APPS_HOST="localhost"
+FL_APPS_SCHEME="http"
+
+FL_ADMIN_ROOT_PORT=8079
+FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
+FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"
+
+FL_APP_PORT=8080
+FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
+FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
+FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"
+
+FL_CARRIER_DIRECTORY_PORT=8082
+FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
+FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
+FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api/"
+
+FL_NOTIFIER_PORT=8081
+FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
+FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
+FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"
+
+FL_PRICER_PORT=8083
+FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"
+
+FL_FREIGHT_PORT=8084
+FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"
+
+FL_BOOKKEEPING_SECRET="dummy"
+
+FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
+FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
+FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
+FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"
+
+FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}"
+FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}"
+FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}"
+FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}"
+FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}"
+
+FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}"
+FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}"
+FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}"
+FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}"
+FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}"
+
+FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"
+
+if [ -f "local.env.example" ]; then
+ source local.env.example
+fi
+
+if [ "$APP" != "app" ]; then
+ name="${APP//-/_}"
+ port_var="FL_${name^^}_PORT"
+ secret_var="FL_${name^^}_SECRET"
+ private_key_var="FL_${name^^}_PRIVATE_KEY"
+
+ if [ -n "${!secret_var}" ]; then
+ export MACAROON_SECRET="${!secret_var}"
+ fi
+ if [ -n "${!private_key_var}" ]; then
+ export MACAROON_PRIVATE_KEY="${!private_key_var}"
+ fi
+ export PORT="${!port_var}"
+ export PG_URI="postgres:///$name"
+
+ if [ -z "$FL_ENV" ]; then
+ export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
+ export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
+ export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
+ export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
+ export POSTGRESQL_ADDON_DB="$name"
+ else
+ postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST"
+ postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT"
+ postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER"
+ postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD"
+ postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB"
+ export FRETLINK_ENV="$FL_ENV"
+ export POSTGRESQL_ADDON_HOST="${!postgresql_host}"
+ export POSTGRESQL_ADDON_PORT="${!postgresql_port}"
+ export POSTGRESQL_ADDON_USER="${!postgresql_user}"
+ export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}"
+ export POSTGRESQL_ADDON_DB="${!postgresql_db}"
+ fi
+fi
+
+if [ "$APP" = "app" ]; then
+ export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
+ export FRETLINK_PORT="$FL_APP_PORT"
+ export FRETLINK_BASE_URL="$FL_APP_URL"
+
+ # Dummies mandatory but not defined by default
+ export FRETLINK_SMTP_PASSWORD="password"
+ export FRETLINK_AMAZON_PUBLIC_KEY="password"
+ export FRETLINK_AMAZON_PRIVATE_KEY="password"
+ export FRETLINK_GMAPS_API_KEY="password"
+
+ # secret
+ export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET
+
+ # carrier directory
+ export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL"
+ export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
+ export FRETLINK_CARDIR_ENABLED="true"
+
+ # notifier
+ export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
+ export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier messaging)"
+ export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
+ export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"
+
+ # admin-root
+ export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
+ export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"
+
+ # geodata
+ export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
+ export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
+fi
+
+if [ "$APP" = "admin-root" ]; then
+ export BASE_URL=$FL_APPS_HOST
+ export API_ROOT="http://$BASE_URL:$PORT/api"
+ export UI_ROOT="http://$BASE_URL:$PORT/admin"
+ export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"
+
+ export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
+ export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
+ export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
+fi
+
+if [ "$APP" = "carrier-directory" ]; then
+ export ADMIN_BASE_URL=$FL_APP_URL
+fi
+
+if [ "$APP" = "notifier" ]; then
+ export MAILGUN_API_KEY="dummy"
+ export MAILGUN_DOMAIN="dummy"
+ export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
+ export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
+ export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
+ export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
+ export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"
+
+ # Used by curl
+ # v2
+ #export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
+ # v1
+ export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
+
+ # To push transporeon cargos to app
+ APP_TRANSPOREON_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
+fi
+
+if [ "$APP" = "pricer" ]; then
+ export GOOGLE_AUTH_CLIENT_ID="dummy"
+fi
+
+if [ "$APP" = "toolbox" ]; then
+ export AGENT_HOST=$FL_APP_URL
+ export AGENT_PATH="/"
+ export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
+fi
projects / perso / Immae / Config / Ansible.git / commitdiff
