1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
|
# vim: filetype=sh
# Macaron
# openssl rand -hex 32
# URI: postgres:///db_name
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
PATH="$DIR/toolbox/scripts:$PATH"
fi
p() {
if [ -z "$2" ]; then
pass show Travail/Fretlink/$1
else
pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //"
fi | head -n1
}
build_macaroon() {
if [ "$1" = "--old" ]; then
shift
action="old-realms"
ttl=""
else
action="new"
ttl="--no-ttl"
fi
if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
echo "build_macaroon [--old] secret src-key-id target realm" >&2
return
fi
secret="$1"
src="$2"
target="uri://fretlink/$3"
realm="$4"
pushd "$HOME/workdir/haskell-commons" >/dev/null 2>/dev/null
MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
popd 2>/dev/null >/dev/null
}
function capitalize() {
echo "$1" | sed -e 's!\(^\|-\)\(.\)!\U\2!g'
}
APP=$(basename $(pwd))
FL_APPS_HOST="localhost"
FL_APPS_SCHEME="http"
FL_ADMIN_USER_PORT=8078
FL_ADMIN_USER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminUser subkey=Secret') }}"
FL_ADMIN_USER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminUser subkey=PrivateKey') }}"
FL_ADMIN_USER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"
FL_ADMIN_ROOT_PORT=8079
FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"
FL_APP_PORT=8080
FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"
FL_CARRIER_DIRECTORY_PORT=8082
FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api"
FL_NOTIFIER_PORT=8081
FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"
FL_THIRD_PARTIES_PORT=8086
FL_THIRD_PARTIES_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ThirdParties subkey=Secret') }}"
FL_PRICER_PORT=8083
FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"
FL_PRICER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=Secret') }}"
FL_FREIGHT_PORT=8084
FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"
FL_HOMEPAGE_PORT=8085
FL_BOOKKEEPING_SECRET="dummy"
FL_LANE_EXPLORER_SECRET="dummy"
FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"
FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"
export FRETLINK_ENV="$APP ${FL_ENV:-local}"
if [ -f "local.env.example" ]; then
source local.env.example
fi
if [ "$APP" != "app" ]; then
name="${APP//-/_}"
port_var="FL_${name^^}_PORT"
secret_var="FL_${name^^}_SECRET"
private_key_var="FL_${name^^}_PRIVATE_KEY"
if [ -n "${!secret_var}" ]; then
export MACAROON_SECRET="${!secret_var}"
fi
if [ -n "${!private_key_var}" ]; then
export MACAROON_PRIVATE_KEY="${!private_key_var}"
fi
export PORT="${!port_var}"
export PG_URI="postgres:///$name"
if [ -z "$FL_ENV" ]; then
export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
export POSTGRESQL_ADDON_DB="$name"
export PG_URI="postgresql://$POSTGRESQL_ADDON_USER:$POSTGRESQL_ADDON_PASSWORD@localhost:$POSTGRESQL_ADDON_PORT/$POSTGRESQL_ADDON_DB"
else
key=Psql/$(capitalize $FL_ENV)/$(capitalize $APP)
export POSTGRESQL_ADDON_HOST=$(p $key Host)
export POSTGRESQL_ADDON_PORT=$(p $key Port)
export POSTGRESQL_ADDON_USER=$(p $key User)
export POSTGRESQL_ADDON_PASSWORD=$(p $key)
export POSTGRESQL_ADDON_DB=$(p $key Database)
export PG_URI="postgresql://$POSTGRESQL_ADDON_USER:$POSTGRESQL_ADDON_PASSWORD@$POSTGRESQL_ADDON_HOST:$POSTGRESQL_ADDON_PORT/$POSTGRESQL_ADDON_DB"
fi
export GRAYLOG_HOST="localhost"
export GRAYLOG_PORT="1111"
export ENVIRONMENT_NAME="local"
export APPLICATION_NAME="$APP"
export SENTRY_DSN="test"
export ACCEPTED_ORIGINS="*"
fi
if [ "$APP" = "app" ]; then
export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
export FRETLINK_PORT="$FL_APP_PORT"
export FRETLINK_BASE_URL="$FL_APP_URL"
# Dummies mandatory but not defined by default
export FRETLINK_SMTP_PASSWORD="password"
export FRETLINK_AMAZON_PUBLIC_KEY="password"
export FRETLINK_AMAZON_PRIVATE_KEY="password"
export FRETLINK_GMAPS_API_KEY="password"
export FRETLINK_PASSWORD_REQUEST_SECRET="password"
# secret
export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET
# carrier directory
export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL/"
export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
export FRETLINK_CARDIR_URL_FRONTEND="$FL_CARRIER_DIRECTORY_URL"
export FRETLINK_CARDIR_ENABLED="true"
export FRETLINK_CARDIRV3_ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)"
# notifier
export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier messaging)"
export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"
export FRETLINK_NOTIFIER_ENABLED="true"
export FRETLINK_NOTIFIER_AMQP_ENABLED="true"
export FRETLINK_NOTIFIER_AMQP_TLS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=TLS') }}"
export FRETLINK_NOTIFIER_AMQP_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=User') }}"
export FRETLINK_NOTIFIER_AMQP_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier') }}"
export FRETLINK_NOTIFIER_AMQP_HOSTS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Hosts') }}"
export FRETLINK_NOTIFIER_AMQP_QUEUE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Queue') }}"
export FRETLINK_NOTIFIER_AMQP_EXCHANGE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Exchange') }}"
export FRETLINK_NOTIFIER_AMQP_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Port') }}"
export FRETLINK_NOTIFIER_AMQP_VHOST="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Vhost') }}"
# pricer
export FRETLINK_PRICER_USE_CARGO_OUTPUT="true"
export FRETLINK_PRICER_SHIPPER_PRICE_V2_KEY=$(build_macaroon $FL_PRICER_SECRET pricer pricer pricing::cargo)
export FRETLINK_PRICER_SHIPPER_PRICE_KEY=$(build_macaroon --old $FL_PRICER_SECRET pricer pricer internal-cargo-pricing)
export FRETLINK_PRICER_CARRIER_SUGGESTION_KEY=$(build_macaroon --old $FL_PRICER_SECRET pricer pricer internal-cargo-pricing)
export FRETLINK_PRICER_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/PricerDev') }}"
export FRETLINK_PRICER_URL="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/PricerDev subkey=Url') }}"
# admin-root
export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"
# geodata
export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
export GEODATA_URI="$FRETLINK_GEODATA_API"
fi
if [ "$APP" = "admin-root" ]; then
export BASE_URL=$FL_APPS_HOST
export API_ROOT="http://$BASE_URL:$PORT/api"
export UI_ROOT="http://$BASE_URL:$PORT/admin"
export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"
export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
export LANE_EXPLORER_MACAROON_SECRET=$FL_LANE_EXPLORER_SECRET
fi
if [ "$APP" = "admin-user" ]; then
export BASE_URL=$FL_APPS_HOST
export API_ROOT="http://$BASE_URL:$PORT/api"
export UI_ROOT="http://$BASE_URL:$PORT/admin"
export ACCEPTED_ORIGINS="http://$BASE_URL:$PORT/admin"
export TOK="$(build_macaroon $FL_ADMIN_USER_PRIVATE_KEY admin-user admin-user admin-user::provisioning)"
export ADMIN_TOKEN="$(build_macaroon $FL_ADMIN_USER_SECRET admin-user admin-user admin-user::user-management)"
export SERVICE_TOKEN="$(build_macaroon $FL_ADMIN_USER_SECRET admin-user admin-user admin-user::some-service)"
fi
if [ "$APP" = "homepage" ]; then
export HOMEPAGE_API_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/HomepageDev subkey=ApiKey') }}"
export HOMEPAGE_API_ROOT_REDIRECT="https://next.www.fretlink.com"
export HOMEPAGE_API_BLOG_URL="https://blog.fretlink.com"
export HOMEPAGE_API_CIO_API_KEY="123"
export HOMEPAGE_API_CIO_SITE_ID="321"
fi
if [ "$APP" = "carrier-directory" ]; then
export ADMIN_BASE_URL=$FL_APP_URL
export ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)"
fi
if [ "$APP" = "notifier" ]; then
export MAILGUN_API_KEY="dummy"
export MAILGUN_DOMAIN="dummy"
export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
export TRANSPOREON_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Host') }}"
export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"
# Used by curl
# v2
#export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
# v1
export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
export MONITORING_MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier monitoring)"
# To push transporeon cargos to app
export TRANSPOREON_APP_PUSH_URL="http://localhost:8080/api/transporeon/cargo"
export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
# AMQP
export AMQP_VHOST="notifier"
export AMQP_USER="notifier"
export AMQP_PASSWORD="notifier"
export AMQP_QUEUE="notifier"
export AMQP_SERVER="localhost"
export AMQP_TLS="false"
fi
if [ "$APP" = "third-parties" ]; then
export PROCTER_GAMBLE_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET third-parties app app::proctergamble-cargos-write)"
export PROCTER_GAMBLE_APP_PUSH_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT/api/proctergamble/cargo"
export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET third-parties app app::transporeon-cargos-write)"
export TRANSPOREON_APP_PUSH_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT/api/transporeon/cargo"
export PROCTER_GAMBLE_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/NotifierCallbackTest subkey=Login') }}"
export PROCTER_GAMBLE_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/NotifierCallbackTest') }}"
export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"
export PROCTER_GAMBLE_FETCHER_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP subkey=Host') }}"
export PROCTER_GAMBLE_FETCHER_LOGIN="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP subkey=Login') }}"
export PROCTER_GAMBLE_FETCHER_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/ProcterGamble/FTP') }}"
export PROCTER_GAMBLE_FETCHER_PRODUCTION=false
fi
if [ "$APP" = "pricer" ]; then
export GOOGLE_AUTH_CLIENT_ID="dummy"
fi
if [ "$APP" = "toolbox" ]; then
export AGENT_HOST=$FL_APP_URL
export AGENT_PATH="/"
export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
fi
|
