Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
118 lines (107 sloc) 3.51 KB
#!/bin/bash
# vim: ft=sh
set -e -u -x
ENV_FILE_OWNER=vcap
mkdir -p /var/vcap/jobs/web/config/env
<%
# vim: ft=eruby
def env_file_perms(fn)
<<~EOS
if [[ "${ENV_FILE_OWNER:-}" != "" ]] ; then
chown ${ENV_FILE_OWNER}:${ENV_FILE_OWNER} #{fn}
fi
chmod 0600 #{fn}
EOS
end
def env_file_content(v)
case v
when Array
v.collect(&:chomp).join("\n").chomp + "\n"
when String
v.chomp + "\n"
else
v.to_json + "\n"
end
end
def env_file_writer(v, env)
path = "/var/vcap/jobs/web/config/env/#{env}"
case v
when Hash
v.collect do |k, v|
fn = "#{path}_#{k}"
"cat > #{fn} <<\"ENVGEN_EOF\"\n#{env_file_content(v)}ENVGEN_EOF\n#{env_file_perms(fn)}"
end.join("\n\n")
else
"cat > #{path} <<\"ENVGEN_EOF\"\n#{env_file_content(v)}ENVGEN_EOF\n#{env_file_perms(path)}"
end
end
-%>
<% if_p("cf_auth.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CF_CA_CERT") %>
<% end -%>
<% if_p("credhub.tls.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CREDHUB_CA_CERT") %>
<% end -%>
<% if_p("credhub.tls.client_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CREDHUB_CLIENT_CERT") %>
<% end -%>
<% if_p("credhub.tls.client_cert.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_CREDHUB_CLIENT_KEY") %>
<% end -%>
<% if_p("generic_oauth.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_OAUTH_CA_CERT") %>
<% end -%>
<% if_p("generic_oidc.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_OIDC_CA_CERT") %>
<% end -%>
<% if_p("github_auth.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_GITHUB_CA_CERT") %>
<% end -%>
<% if_p("ldap_auth.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_LDAP_CA_CERT") %>
<% end -%>
<% if_p("postgresql.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_POSTGRES_CA_CERT") %>
<% end -%>
<% if_p("postgresql.client_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_POSTGRES_CLIENT_CERT") %>
<% end -%>
<% if_p("postgresql.client_cert.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_POSTGRES_CLIENT_KEY") %>
<% end -%>
<% if_p("syslog.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_SYSLOG_CA_CERT") %>
<% end -%>
<% if_p("tls.cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TLS_CERT") %>
<% end -%>
<% if_p("tls.cert.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TLS_KEY") %>
<% end -%>
<% if_p("tls_cert") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TLS_CERT") %>
<% end -%>
<% if_p("tls_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TLS_KEY") %>
<% end -%>
<% if_p("token_signing_key.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_SESSION_SIGNING_KEY") %>
<% end -%>
<% if_p("vault.tls.ca_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_VAULT_CA_CERT") %>
<% end -%>
<% if_p("vault.tls.client_cert.certificate") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_VAULT_CLIENT_CERT") %>
<% end -%>
<% if_p("vault.tls.client_cert.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_VAULT_CLIENT_KEY") %>
<% end -%>
<% if_p("worker_gateway.authorized_keys") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TSA_AUTHORIZED_KEYS") %>
<% end -%>
<% if_p("worker_gateway.host_key.private_key") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TSA_HOST_KEY") %>
<% end -%>
<% if_p("worker_gateway.team_authorized_keys") do |v| -%>
<%= env_file_writer(v, "CONCOURSE_TSA_TEAM_AUTHORIZED_KEYS") %>
<% end -%>
You can’t perform that action at this time.