-
Notifications
You must be signed in to change notification settings - Fork 160
/
run-broker
64 lines (51 loc) · 2.66 KB
/
run-broker
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/bin/bash
################################################################################
# Copyright (c) 2016, 2021 Eurotech and/or its affiliates and others
#
# This program and the accompanying materials are made
# available under the terms of the Eclipse Public License 2.0
# which is available at https://www.eclipse.org/legal/epl-2.0/
#
# SPDX-License-Identifier: EPL-2.0
#
# Contributors:
# Eurotech
################################################################################
ACTIVEMQ_BASE="/var/opt/activemq"
# Generate X509 certificate and private key
openssl req -x509 -newkey rsa:4096 -keyout ${ACTIVEMQ_BASE}/key.pem -out ${ACTIVEMQ_BASE}/cert.pem -days 365 -nodes -subj '/O=Eclipse Kapua/C=XX'
openssl pkcs8 -topk8 -in ${ACTIVEMQ_BASE}/key.pem -out ${ACTIVEMQ_BASE}/key.pk8 -nocrypt
rm ${ACTIVEMQ_BASE}/key.pem
## Certificate Options
: ${KAPUA_DISABLE_SSL:="true"}
if [ "${KAPUA_DISABLE_SSL}" == "false" ]; then
# Certificates directory configuration
CERTIFICATES_PATH="tls"
if [ ! -d "${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}" ]; then
mkdir -p "${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}"
fi
# Keystore configuration
: ${KEYSTORE_NAME:="kapua.jks"}
: ${KAPUA_KEYSTORE_PASSWORD:="changeit"}
if [ ! -f "${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}/${KEYSTORE_NAME}" ]; then
if [ -z "${KAPUA_KEYSTORE}" ]; then
if [ -n "${KAPUA_KEY_PASSWORD}" ]; then
PASSWORD_PARAM="-passin pass:${KAPUA_KEY_PASSWORD}";
fi
openssl pkcs12 -export -in <(echo "${KAPUA_CRT}"; echo "${KAPUA_CA}") -inkey <(echo "${KAPUA_KEY}") ${PASSWORD_PARAM} -name kapua -password pass:"${KAPUA_KEYSTORE_PASSWORD}" -out "${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}/${KEYSTORE_NAME}"
else
echo "${KAPUA_KEYSTORE}" | base64 --decode > "${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}/${KEYSTORE_NAME}"
fi
fi
ACTIVEMQ_SSL_OPTS="${ACTIVEMQ_SSL_OPTS} -Djavax.net.ssl.keyStore=${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}/${KEYSTORE_NAME}"
ACTIVEMQ_SSL_OPTS="${ACTIVEMQ_SSL_OPTS} -Djavax.net.ssl.keyStorePassword=${KAPUA_KEYSTORE_PASSWORD}"
ACTIVEMQ_SSL_OPTS="${ACTIVEMQ_SSL_OPTS} -Djavax.net.ssl.trustStore=${ACTIVEMQ_BASE}/${CERTIFICATES_PATH}/${KEYSTORE_NAME}"
ACTIVEMQ_SSL_OPTS="${ACTIVEMQ_SSL_OPTS} -Djavax.net.ssl.trustStorePassword=${KAPUA_KEYSTORE_PASSWORD}"
export ACTIVEMQ_SSL_OPTS
fi
if [ "${KAPUA_DISABLE_DATASTORE:-false}" == "true" ]; then
sed -i '/BEGIN DATASTORE PERSISTENCE/,/END DATASTORE PERSISTENCE/d' /opt/activemq/conf/camel.xml
sed -i '/BEGIN DATASTORE PERSISTENCE/,/END DATASTORE PERSISTENCE/d' /opt/activemq/conf/camel-routes.xml
fi
# Run broker
/opt/activemq/bin/activemq console