]> git.immae.eu Git - perso/Immae/Config/Ansible.git/blob - roles/contexts/fretlink/templates/environment.j2
projects / perso / Immae / Config / Ansible.git / blob
? search:


50dc75b7ba66e553e88423abd10ba5022c4f9754
[perso/Immae/Config/Ansible.git] / roles / contexts / fretlink / templates / environment.j2
1 # vim: filetype=sh
2 # Macaron
3 # openssl rand -hex 32
4 # URI: postgres:///db_name
5
6 DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
7 if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
8 PATH="$DIR/toolbox/scripts:$PATH"
9 fi
10
11 p() {
12 if [ -z "$2" ]; then
13 pass show Travail/Fretlink/$1
14 else
15 pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //"
16 fi | head -n1
17 }
18
19 build_macaroon() {
20 if [ "$1" = "--old" ]; then
21 shift
22 action="old-realms"
23 ttl=""
24 else
25 action="new"
26 ttl="--no-ttl"
27 fi
28
29 if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
30 echo "build_macaroon [--old] secret src-key-id target realm" >&2
31 return
32 fi
33
34 secret="$1"
35 src="$2"
36 target="uri://fretlink/$3"
37 realm="$4"
38
39 pushd "$HOME/workdir/haskell-commons" >/dev/null 2>/dev/null
40 MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
41 popd 2>/dev/null >/dev/null
42 }
43
44 APP=$(basename $(pwd))
45
46 FL_APPS_HOST="localhost"
47 FL_APPS_SCHEME="http"
48
49 FL_ADMIN_ROOT_PORT=8079
50 FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
51 FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"
52
53 FL_APP_PORT=8080
54 FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
55 FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
56 FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"
57
58 FL_CARRIER_DIRECTORY_PORT=8082
59 FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
60 FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
61 FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api/"
62
63 FL_NOTIFIER_PORT=8081
64 FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
65 FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
66 FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"
67
68 FL_PRICER_PORT=8083
69 FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"
70
71 FL_FREIGHT_PORT=8084
72 FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"
73
74 FL_BOOKKEEPING_SECRET="dummy"
75
76 FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
77 FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
78 FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
79 FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"
80
81 FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}"
82 FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}"
83 FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}"
84 FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}"
85 FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}"
86
87 FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}"
88 FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}"
89 FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}"
90 FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}"
91 FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}"
92
93 FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"
94
95 if [ -f "local.env.example" ]; then
96 source local.env.example
97 fi
98
99 if [ "$APP" != "app" ]; then
100 name="${APP//-/_}"
101 port_var="FL_${name^^}_PORT"
102 secret_var="FL_${name^^}_SECRET"
103 private_key_var="FL_${name^^}_PRIVATE_KEY"
104
105 if [ -n "${!secret_var}" ]; then
106 export MACAROON_SECRET="${!secret_var}"
107 fi
108 if [ -n "${!private_key_var}" ]; then
109 export MACAROON_PRIVATE_KEY="${!private_key_var}"
110 fi
111 export PORT="${!port_var}"
112 export PG_URI="postgres:///$name"
113
114 if [ -z "$FL_ENV" ]; then
115 export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
116 export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
117 export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
118 export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
119 export POSTGRESQL_ADDON_DB="$name"
120 else
121 postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST"
122 postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT"
123 postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER"
124 postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD"
125 postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB"
126 export FRETLINK_ENV="$FL_ENV"
127 export POSTGRESQL_ADDON_HOST="${!postgresql_host}"
128 export POSTGRESQL_ADDON_PORT="${!postgresql_port}"
129 export POSTGRESQL_ADDON_USER="${!postgresql_user}"
130 export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}"
131 export POSTGRESQL_ADDON_DB="${!postgresql_db}"
132 fi
133 fi
134
135 if [ "$APP" = "app" ]; then
136 export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
137 export FRETLINK_PORT="$FL_APP_PORT"
138 export FRETLINK_BASE_URL="$FL_APP_URL"
139
140 # Dummies mandatory but not defined by default
141 export FRETLINK_SMTP_PASSWORD="password"
142 export FRETLINK_AMAZON_PUBLIC_KEY="password"
143 export FRETLINK_AMAZON_PRIVATE_KEY="password"
144 export FRETLINK_GMAPS_API_KEY="password"
145
146 # secret
147 export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET
148
149 # carrier directory
150 export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL"
151 export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
152 export FRETLINK_CARDIR_ENABLED="true"
153
154 # notifier
155 export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
156 export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier messaging)"
157 export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
158 export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"
159
160 # admin-root
161 export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
162 export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"
163
164 # geodata
165 export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
166 export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
167 fi
168
169 if [ "$APP" = "admin-root" ]; then
170 export BASE_URL=$FL_APPS_HOST
171 export API_ROOT="http://$BASE_URL:$PORT/api"
172 export UI_ROOT="http://$BASE_URL:$PORT/admin"
173 export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"
174
175 export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
176 export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
177 export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
178 fi
179
180 if [ "$APP" = "carrier-directory" ]; then
181 export ADMIN_BASE_URL=$FL_APP_URL
182 fi
183
184 if [ "$APP" = "notifier" ]; then
185 export MAILGUN_API_KEY="dummy"
186 export MAILGUN_DOMAIN="dummy"
187 export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
188 export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
189 export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
190 export TRANSPOREON_HOST="api.test.transporeon.com"
191 export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
192 export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"
193
194 # Used by curl
195 # v2
196 #export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
197 # v1
198 export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
199
200 # To push transporeon cargos to app
201 export TRANSPOREON_APP_PUSH_URL="http://localhost:8080/api/transporeon/cargo"
202 export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
203 fi
204
205 if [ "$APP" = "pricer" ]; then
206 export GOOGLE_AUTH_CLIENT_ID="dummy"
207 fi
208
209 if [ "$APP" = "toolbox" ]; then
210 export AGENT_HOST=$FL_APP_URL
211 export AGENT_PATH="/"
212 export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
213 fi
My Ansible home manager - Deprecated