/
configure
executable file
·223 lines (205 loc) · 8.58 KB
/
configure
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
#!/bin/bash
# this is a little hackish, but reads better to use string concatenation
# to build the list of services than have a long string
ALL_SERVICES=""
# base services
ALL_SERVICES="$ALL_SERVICES consul"
ALL_SERVICES="$ALL_SERVICES mongod"
ALL_SERVICES="$ALL_SERVICES mongo-worker"
ALL_SERVICES="$ALL_SERVICES redis"
# core services
ALL_SERVICES="$ALL_SERVICES core-data"
ALL_SERVICES="$ALL_SERVICES core-metadata"
ALL_SERVICES="$ALL_SERVICES core-config-seed"
ALL_SERVICES="$ALL_SERVICES core-command"
# support services
ALL_SERVICES="$ALL_SERVICES support-notifications"
ALL_SERVICES="$ALL_SERVICES support-logging"
ALL_SERVICES="$ALL_SERVICES support-scheduler"
ALL_SERVICES="$ALL_SERVICES support-rulesengine"
# app-services
ALL_SERVICES="$ALL_SERVICES app-service-configurable"
# device services
ALL_SERVICES="$ALL_SERVICES device-random"
ALL_SERVICES="$ALL_SERVICES device-virtual"
# security services
ALL_SERVICES="$ALL_SERVICES security-secret-store"
ALL_SERVICES="$ALL_SERVICES security-proxy"
# handle_svc will either turn a service off or on and set the associated
# config item
# first arg is the service, second is the state to put it in
handle_svc () {
case "$2" in
"off")
snapctl stop --disable "$SNAP_NAME.$1"
snapctl set "$1"=off
;;
"on")
snapctl start --enable "$SNAP_NAME.$1"
snapctl set "$1"=on
;;
"")
# no setting for it, ignore and continue
;;
*)
echo "invalid setting $2 for service $1"
exit 1;;
esac
}
for key in $ALL_SERVICES; do
# get the config key for the service
status=$(snapctl get "$key")
case $key in
device*)
# the device services are all using the device-sdk-go which waits
# for core-data and core-metadata to come online, so if we are
# enabling a device service, we should also enable those services
if [ "$status" = "on" ]; then
handle_svc "core-data" "on"
handle_svc "core-metadata" "on"
fi
# handle the service too
handle_svc "$key" "$status"
;;
mongo-worker|security-proxy-setup|security-secretstore-setup)
# it doesn't make any sense to disable the *-worker daemons since
# they are just oneshot daemons that run after other daemons, so
# just ignore this request
;;
security-proxy)
# the security-proxy consists of the following base services
# - kong
# - postgres (because kong requires it)
handle_svc "postgres" "$status"
handle_svc "kong-daemon" "$status"
handle_svc "security-proxy-setup" "$status"
# additionally, the security-proxy needs to use the following
# services:
# - vault (because security-proxy-setup will access/store secrets in vault)
# - security-secretstore-setup
# so if we are turning the security-api-gateway on, then turn
# those services on too
if [ "$status" = "on" ]; then
handle_svc "vault" "on"
handle_svc "security-secretstore-setup" "on"
fi
;;
security-secret-store)
# the security-api-gateway consists of the following services:
# - vault
# - security-secretstore-setup
# and since the security-api-gateway needs to be able to use
# security-secret-store, we also need to turn off those services
# if this one is disabled
if [ "$status" = "off" ]; then
handle_svc "postgres" "off"
handle_svc "kong-daemon" "off"
handle_svc "security-proxy-setup" "off"
# turn off security-secrets-setup too
handle_svc "security-secrets-setup" "off"
fi
handle_svc "vault" "$status"
handle_svc "security-secretstore-setup" "$status"
;;
support-rulesengine)
# if we are turning rulesengine on, make sure
# app-service-configurable is on too
if [ "$status" = "on" ]; then
handle_svc "app-service-configurable" "on"
fi
;;
*)
# default case for all other services just enable/disable the service using
# snapd/systemd
# if the service is meant to be off, then disable it
handle_svc "$key" "$status"
;;
esac
done
# handle usage of database provider
dbProvider=$(snapctl get dbtype)
PREV_DB_PROVIDER_FILE="$SNAP_DATA/prevdbtype"
if [ -f "$PREV_DB_PROVIDER_FILE" ]; then
echo "" > "$PREV_DB_PROVIDER_FILE"
fi
case "$dbProvider" in
"")
# not set, don't do anything
;;
"redis")
# dbtype is set to redis, see what the previous value of dbtype was
prevDBtype=$(cat "$PREV_DB_PROVIDER_FILE")
if [ "$prevDBtype" != "redis" ]; then
# change from previous database provider to redis
# first change the configuration.toml files for the following
# services:
# * core-data
# * core-metadata
# * support-notifications
# * support-scheduler
for svc in core-data core-metadata support-notifications support-scheduler; do
configFile=$SNAP_DATA/config/$svc/res/configuration.toml
toml2json --preserve-key-order "$configFile" | \
jq -r '.Databases.Primary.Type = "redisdb" | .Databases.Primary.Port = 6379' | \
json2toml --preserve-key-order > "$configFile.tmp"
mv "$configFile.tmp" "$configFile"
done
# we also need to ensure that the support-logging is set to
# use file based logging persistence
configFile=$SNAP_DATA/config/support-logging/res/configuration.toml
toml2json --preserve-key-order "$configFile" | \
jq -r '.Writable.Persistence = "file"' | \
json2toml --preserve-key-order > "$configFile.tmp"
mv "$configFile.tmp" "$configFile"
# turn mongod and mongo-worker off
handle_svc "mongod" "off"
handle_svc "mongo-worker" "off"
# turn redis on
handle_svc "redis" "on"
# since the configuration files have been modified, those
# changes need to be progpogated into relevant services, so
# restart the services with updated configuration if they were
# already running
# note support-logging is here too due to the file Persistence
"$SNAP/bin/push-config.sh" core-data core-metadata support-notifications support-scheduler support-logging
fi
# save the database provider as redis for next invocation
echo "redis" > "$PREV_DB_PROVIDER_FILE"
;;
"mongodb")
# dbtype is set to mongodb, see what the previous value of dbtype was
prevDBtype=$(cat "$PREV_DB_PROVIDER_FILE")
if [ "$prevDBtype" != "mongodb" ]; then
# change from previous database provider to mongodb
# first change the configuration.toml files for the following
# services:
# * core-data
# * core-metadata
# * support-notifications
# * support-scheduler
for svc in core-data core-metadata support-notifications support-scheduler; do
configFile=$SNAP_DATA/config/$svc/res/configuration.toml
toml2json --preserve-key-order "$configFile" | \
jq -r '.Databases.Primary.Type = "mongodb" | .Databases.Primary.Port = 27017' | \
json2toml --preserve-key-order > "$configFile.tmp"
mv "$configFile.tmp" "$configFile"
done
# turn redis off
handle_svc "redis" "off"
# turn mongod and mongo-worker on
handle_svc "mongod" "on"
handle_svc "mongo-worker" "on"
# since the configuration files have been modified, those
# changes need to be progpogated into relevant services, so
# restart the services with updated configuration if they were
# already running
"$SNAP/bin/push-config.sh" core-data core-metadata support-notifications support-scheduler
fi
# save the database provider as mongodb for next invocation
echo "mongodb" > "$PREV_DB_PROVIDER_FILE"
;;
*)
echo "invalid setting for dbtype: $dbProvider"
exit 1
;;
esac