1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
|
# vim: filetype=sh
# Macaron
# openssl rand -hex 32
# URI: postgres:///db_name
DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )"
if ! $(echo "$PATH" | grep -q "$DIR/toolbox/scripts"); then
PATH="$DIR/toolbox/scripts:$PATH"
fi
p() {
if [ -z "$2" ]; then
pass show Travail/Fretlink/$1
else
pass show Travail/Fretlink/$1 | grep "^$2:" | sed -e "s/^$2: //"
fi | head -n1
}
build_macaroon() {
if [ "$1" = "--old" ]; then
shift
action="old-realms"
ttl=""
else
action="new"
ttl="--no-ttl"
fi
if [ -z "$1" -o -z "$2" -o -z "$3" -o -z "$4" ]; then
echo "build_macaroon [--old] secret src-key-id target realm" >&2
return
fi
secret="$1"
src="$2"
target="uri://fretlink/$3"
realm="$4"
pushd "$HOME/workdir/haskell-commons" >/dev/null 2>/dev/null
MACAROON_PRIVATE_KEY="$secret" MACAROON_SECRET="$secret" stack exec macaroon-bakery -- $action --location "$target" --key-id "$src" $ttl "$realm"
popd 2>/dev/null >/dev/null
}
function capitalize() {
echo "$1" | sed -e 's!\(^\|-\)\(.\)!\U\2!g'
}
APP=$(basename $(pwd))
FL_APPS_HOST="localhost"
FL_APPS_SCHEME="http"
FL_ADMIN_ROOT_PORT=8079
FL_ADMIN_ROOT_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/AdminRoot subkey=PrivateKey') }}"
FL_ADMIN_ROOT_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_ADMIN_ROOT_PORT/api/"
FL_APP_PORT=8080
FL_APP_MONGO_URI="mongodb://localhost:27017/fretlink"
FL_APP_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/App subkey=Secret') }}"
FL_APP_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_APP_PORT"
FL_CARRIER_DIRECTORY_PORT=8082
FL_CARRIER_DIRECTORY_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=Secret') }}"
FL_CARRIER_DIRECTORY_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/CarrierDirectory subkey=PrivateKey') }}"
FL_CARRIER_DIRECTORY_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_CARRIER_DIRECTORY_PORT/api"
FL_NOTIFIER_PORT=8081
FL_NOTIFIER_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=Secret') }}"
FL_NOTIFIER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Notifier subkey=PrivateKey') }}"
FL_NOTIFIER_URL="$FL_APPS_SCHEME://$FL_APPS_HOST:$FL_NOTIFIER_PORT/api"
FL_PRICER_PORT=8083
FL_PRICER_PRIVATE_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Pricer subkey=PrivateKey') }}"
FL_FREIGHT_PORT=8084
FL_FREIGHT_SECRET="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/Freight subkey=Secret') }}"
FL_BOOKKEEPING_SECRET="dummy"
FL_LANE_EXPLORER_SECRET="dummy"
FL_PSQL_HOST="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Host') }}"
FL_PSQL_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=Port') }}"
FL_PSQL_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local subkey=User') }}"
FL_PSQL_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Psql/Local') }}"
FL_TOOLBOX_AGENT_MACAROON="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/ToolboxAgent') }}"
export FRETLINK_ENV="$APP ${FL_ENV:-local}"
if [ -f "local.env.example" ]; then
source local.env.example
fi
if [ "$APP" != "app" ]; then
name="${APP//-/_}"
port_var="FL_${name^^}_PORT"
secret_var="FL_${name^^}_SECRET"
private_key_var="FL_${name^^}_PRIVATE_KEY"
if [ -n "${!secret_var}" ]; then
export MACAROON_SECRET="${!secret_var}"
fi
if [ -n "${!private_key_var}" ]; then
export MACAROON_PRIVATE_KEY="${!private_key_var}"
fi
export PORT="${!port_var}"
export PG_URI="postgres:///$name"
if [ -z "$FL_ENV" ]; then
export POSTGRESQL_ADDON_HOST="$FL_PSQL_HOST"
export POSTGRESQL_ADDON_PORT="$FL_PSQL_PORT"
export POSTGRESQL_ADDON_USER="$FL_PSQL_USER"
export POSTGRESQL_ADDON_PASSWORD="$FL_PSQL_PASSWORD"
export POSTGRESQL_ADDON_DB="$name"
else
key=Psql/$(capitalize $FL_ENV)/$(capitalize $APP)
export POSTGRESQL_ADDON_HOST=$(p $key Host)
export POSTGRESQL_ADDON_PORT=$(p $key Port)
export POSTGRESQL_ADDON_USER=$(p $key User)
export POSTGRESQL_ADDON_PASSWORD=$(p $key)
export POSTGRESQL_ADDON_DB=$(p $key Database)
fi
fi
if [ "$APP" = "app" ]; then
export FRETLINK_MONGO_URI="$FL_APP_MONGO_URI"
export FRETLINK_PORT="$FL_APP_PORT"
export FRETLINK_BASE_URL="$FL_APP_URL"
# Dummies mandatory but not defined by default
export FRETLINK_SMTP_PASSWORD="password"
export FRETLINK_AMAZON_PUBLIC_KEY="password"
export FRETLINK_AMAZON_PRIVATE_KEY="password"
export FRETLINK_GMAPS_API_KEY="password"
export FRETLINK_PASSWORD_REQUEST_SECRET="password"
# secret
export FRETLINK_MACAROON_SECRET=$FL_APP_SECRET
# carrier directory
export CARRIER_DIRECTORY_URI="$FL_CARRIER_DIRECTORY_URL/"
export FRETLINK_CARDIR_URL="$FL_CARRIER_DIRECTORY_URL"
export FRETLINK_CARDIR_ENABLED="true"
export FRETLINK_CARDIRV3_ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)"
# notifier
export FRETLINK_NOTIFIER_API=$FL_NOTIFIER_URL
export FRETLINK_NOTIFIER_ACCESS_KEY="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier messaging)"
export FRETLINK_NOTIFIER_TRANSPOREON_ACCESS_KEY="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
export FRETLINK_NOTIFIER_TRANSPOREON_ENABLED="true"
export FRETLINK_NOTIFIER_ENABLED="true"
export FRETLINK_NOTIFIER_AMQP_ENABLED="true"
export FRETLINK_NOTIFIER_AMQP_TLS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=TLS') }}"
export FRETLINK_NOTIFIER_AMQP_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=User') }}"
export FRETLINK_NOTIFIER_AMQP_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier') }}"
export FRETLINK_NOTIFIER_AMQP_HOSTS="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Hosts') }}"
export FRETLINK_NOTIFIER_AMQP_QUEUE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Queue') }}"
export FRETLINK_NOTIFIER_AMQP_EXCHANGE="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Exchange') }}"
export FRETLINK_NOTIFIER_AMQP_PORT="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Port') }}"
export FRETLINK_NOTIFIER_AMQP_VHOST="{{ lookup('passwordstore', 'Travail/Fretlink/Rabbitmq/Local/Notifier subkey=Vhost') }}"
# admin-root
export FRETLINK_ADMINROOT_URL=$FL_ADMIN_ROOT_URL
export FRETLINK_ADMINROOT_ACCESS_KEY="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::token-delivery)"
# geodata
export FRETLINK_GEODATA_API="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev subkey=Url') }}"
export FRETLINK_GEODATA_ACCESS_KEY="{{ lookup('passwordstore', 'Travail/Fretlink/Macaroons/GeodataDev') }}"
export GEODATA_URI="$FRETLINK_GEODATA_API"
fi
if [ "$APP" = "admin-root" ]; then
export BASE_URL=$FL_APPS_HOST
export API_ROOT="http://$BASE_URL:$PORT/api"
export UI_ROOT="http://$BASE_URL:$PORT/admin"
export TOK="$(build_macaroon $FL_ADMIN_ROOT_PRIVATE_KEY admin-root admin-root admin-root::provisioning)"
export CARDIR_MACAROON_SECRET=$FL_CARRIER_DIRECTORY_SECRET
export NOTIFIER_MACAROON_SECRET=$FL_NOTIFIER_SECRET
export BOOKKEEPING_MACAROON_SECRET=$FL_BOOKKEEPING_SECRET
export LANE_EXPLORER_MACAROON_SECRET=$FL_LANE_EXPLORER_SECRET
fi
if [ "$APP" = "carrier-directory" ]; then
export ADMIN_BASE_URL=$FL_APP_URL
export ACCESS_KEY="$(build_macaroon $FL_CARRIER_DIRECTORY_SECRET carrier-directory carrier-directory carrier-directory::read)"
fi
if [ "$APP" = "notifier" ]; then
export MAILGUN_API_KEY="dummy"
export MAILGUN_DOMAIN="dummy"
export TEMPLATES_ASSETS_BASE_URL="http://dummy/"
export TRANSPOREON_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest subkey=Login') }}"
export TRANSPOREON_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/ApiTest') }}"
export TRANSPOREON_HOST="api.test.transporeon.com"
export TRANSPOREON_CALLBACK_USER="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest subkey=Login') }}"
export TRANSPOREON_CALLBACK_PASSWORD="{{ lookup('passwordstore', 'Travail/Fretlink/Transporeon/NotifierCallbackTest') }}"
# Used by curl
# v2
#export MACAROON="$(build_macaroon $FL_NOTIFIER_SECRET notifier notifier external)"
# v1
export MACAROON="$(build_macaroon --old $FL_NOTIFIER_PRIVATE_KEY notifier notifier external)"
# To push transporeon cargos to app
export TRANSPOREON_APP_PUSH_URL="http://localhost:8080/api/transporeon/cargo"
export TRANSPOREON_APP_PUSH_MACAROON="$(build_macaroon $FL_APP_SECRET notifier app app::transporeon-cargos-write)"
# AMQP
export AMQP_VHOST="notifier"
export AMQP_USER="notifier"
export AMQP_PASSWORD="notifier"
export AMQP_QUEUE="notifier"
export AMQP_SERVER="localhost"
export AMQP_TLS="false"
fi
if [ "$APP" = "pricer" ]; then
export GOOGLE_AUTH_CLIENT_ID="dummy"
fi
if [ "$APP" = "toolbox" ]; then
export AGENT_HOST=$FL_APP_URL
export AGENT_PATH="/"
export AGENT_MACAROON=$FL_TOOLBOX_AGENT_MACAROON
fi
|
