summaryrefslogtreecommitdiff
path: root/roles/contexts/fretlink/templates/environment.j2
blob: 50dc75b7ba66e553e88423abd10ba5022c4f9754 (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
# vim: filetype=sh
# Macaron
# openssl rand -hex 32
# URI: postgres:///db_name

DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
  PATH="$DIR/toolbox/scripts:$PATH"
fi

p() {
  if [ -z "$2" ]; then
    pass show Travail/Fretlink/$1
  else
    pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //"
  fi | head -n1
}

build_macaroon() {
  if [ "$1" = "--old" ]; then
    shift
    action="old-realms"
    ttl=""
  else
    action="new"
    ttl="--no-ttl"
  fi

  if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
    echo "build_macaroon [--old] secret src-key-id target realm" >&2
    return
  fi

  secret="$1"
  src="$2"
  target="uri://fretlink/$3"
  realm="$4"

  pushd "$HOME/workdir/haskell-commons" >/dev/null 2>/dev/null
  MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
  popd 2>/dev/null >/dev/null
}

APP=$(basename $(pwd))

FL_APPS_HOST="localhost"
FL_APPS_SCHEME="http"

FL_ADMIN_ROOT_PORT=8079
FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"

FL_APP_PORT=8080
FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"

FL_CARRIER_DIRECTORY_PORT=8082
FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api/"

FL_NOTIFIER_PORT=8081
FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"

FL_PRICER_PORT=8083
FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"

FL_FREIGHT_PORT=8084
FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"

FL_BOOKKEEPING_SECRET="dummy"

FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"

FL_GEODATA_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Host') }}"
FL_GEODATA_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Port') }}"
FL_GEODATA_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=User') }}"
FL_GEODATA_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata') }}"
FL_GEODATA_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Geodata subkey=Database') }}"

FL_NOTIFIER_DEV_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Host') }}"
FL_NOTIFIER_DEV_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Port') }}"
FL_NOTIFIER_DEV_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=User') }}"
FL_NOTIFIER_DEV_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier') }}"
FL_NOTIFIER_DEV_PSQL_DB="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Dev/Notifier subkey=Database') }}"

FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"

if [ -f "local.env.example" ]; then
  source local.env.example
fi

if [ "$APP" != "app" ]; then
  name="${APP//-/_}"
  port_var="FL_${name^^}_PORT"
  secret_var="FL_${name^^}_SECRET"
  private_key_var="FL_${name^^}_PRIVATE_KEY"

  if [ -n "${!secret_var}" ]; then
    export MACAROON_SECRET="${!secret_var}"
  fi
  if [ -n "${!private_key_var}" ]; then
    export MACAROON_PRIVATE_KEY="${!private_key_var}"
  fi
  export PORT="${!port_var}"
  export PG_URI="postgres:///$name"

  if [ -z "$FL_ENV" ]; then
    export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
    export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
    export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
    export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
    export POSTGRESQL_ADDON_DB="$name"
  else
    postgresql_host="FL_${name^^}_${FL_ENV^^}_PSQL_HOST"
    postgresql_port="FL_${name^^}_${FL_ENV^^}_PSQL_PORT"
    postgresql_user="FL_${name^^}_${FL_ENV^^}_PSQL_USER"
    postgresql_password="FL_${name^^}_${FL_ENV^^}_PSQL_PASSWORD"
    postgresql_db="FL_${name^^}_${FL_ENV^^}_PSQL_DB"
    export FRETLINK_ENV="$FL_ENV"
    export POSTGRESQL_ADDON_HOST="${!postgresql_host}"
    export POSTGRESQL_ADDON_PORT="${!postgresql_port}"
    export POSTGRESQL_ADDON_USER="${!postgresql_user}"
    export POSTGRESQL_ADDON_PASSWORD="${!postgresql_password}"
    export POSTGRESQL_ADDON_DB="${!postgresql_db}"
  fi
fi

if [ "$APP" = "app" ]; then
  export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
  export FRETLINK_PORT="$FL_APP_PORT"
  export FRETLINK_BASE_URL="$FL_APP_URL"

  # Dummies mandatory but not defined by default
  export FRETLINK_SMTP_PASSWORD="password"
  export FRETLINK_AMAZON_PUBLIC_KEY="password"
  export FRETLINK_AMAZON_PRIVATE_KEY="password"
  export FRETLINK_GMAPS_API_KEY="password"

  # secret
  export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET

  # carrier directory
  export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL"
  export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
  export FRETLINK_CARDIR_ENABLED="true"

  # notifier
  export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
  export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier messaging)"
  export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
  export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"

  # admin-root
  export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
  export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"

  # geodata
  export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
  export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
fi

if [ "$APP" = "admin-root" ]; then
  export BASE_URL=$FL_APPS_HOST
  export API_ROOT="http://$BASE_URL:$PORT/api"
  export UI_ROOT="http://$BASE_URL:$PORT/admin"
  export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"

  export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
  export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
  export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
fi

if [ "$APP" = "carrier-directory" ]; then
  export ADMIN_BASE_URL=$FL_APP_URL
fi

if [ "$APP" = "notifier" ]; then
  export MAILGUN_API_KEY="dummy"
  export MAILGUN_DOMAIN="dummy"
  export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
  export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
  export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
  export TRANSPOREON_HOST="api.test.transporeon.com"
  export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
  export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"

  # Used by curl
  # v2
  #export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
  # v1
  export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"

  # To push transporeon cargos to app
  export TRANSPOREON_APP_PUSH_URL="http://localhost:8080/api/transporeon/cargo"
  export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
fi

if [ "$APP" = "pricer" ]; then
  export GOOGLE_AUTH_CLIENT_ID="dummy"
fi

if [ "$APP" = "toolbox" ]; then
  export AGENT_HOST=$FL_APP_URL
  export AGENT_PATH="/"
  export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
fi