-
Notifications
You must be signed in to change notification settings - Fork 0
/
reclaim
executable file
·358 lines (319 loc) · 8.09 KB
/
reclaim
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
#!/bin/sh
VERSION="0.0.1"
if test -z $CLIENT_PREFIX
then
CLIENT_PREFIX=`dirname $0`
fi
if ! test -d $CLIENT_PREFIX
then
echo "$CLIENT_PREFIX does not exist!"
exit 1
fi
cd $CLIENT_PREFIX
mkdir -p ".tmp"
PROD="reclaim"
RED='\033[0;31m'
GREEN='\033[0;32m'
REC='\033[1;34m'
NC='\033[0m'
NO_PULL=0
DEMO_ENABLED=0
COMPOSEFILE="$CLIENT_PREFIX/config/docker-compose.yml"
CUSTOM_COMPOSEFILE=0
ACTION="none"
NOARG=1
SECRET_LENGTH=32
OIDC_CMD=""
export LC_ALL=C
export YES_TO_ALL=0
export NO_TO_ALL=0
# prevent warnings
export PSW_SECRET=0
export JWT_SECRET=0
parse_opt() {
while [[ $# -gt 0 ]]
do
NOARG=0
key="$1"
case $key in
--no-pull)
NO_PULL=1
`touch .tmp/no_pull`
shift
;;
-d|--demo)
DEMO_ENABLED=1
COMPOSEFILE="config/docker-compose_demo.yml"
shift
;;
-f|--compose-file)
COMPOSEFILE="$2"
CUSTOM_COMPOSEFILE=1
shift
shift
;;
start)
ACTION="start"
shift
;;
stop)
ACTION="stop"
shift
;;
purge)
ACTION="purge"
shift
;;
restart)
ACTION="restart"
shift
;;
oidc)
ACTION="oidc"
shift
OIDC_CMD="$*"
break
;;
-y|--yes-to-all)
export YES_TO_ALL=1
shift
;;
-n|--no-to-all)
export NO_TO_ALL=1
shift
;;
*)
reclaim_banner
echo "${RED}Unknown argument:${NC} $key\n"
reclaim_usage
exit 1
shift
;;
esac
done
if [[ $CUSTOM_COMPOSEFILE = 1 && $DEMO_ENABLED = 1 ]];
then
echo "${RED}WARNING: demo was enabled and custom Dockerfile set. This is currently NOT supported."
echo "Not starting demo, then.${NC}"
fi
if [ $YES_TO_ALL = 1 ] && [ $NO_TO_ALL = 1 ]
then
echo "${RED}ERROR: flags -n and -y are exclusive.${NC}"
exit 1
fi
}
stop_reclaim() {
echo "Shutting down $PROD"
if [ -f .tmp/composefile ]
then
COMPOSEFILE=`cat .tmp/composefile`
fi
docker-compose -f $COMPOSEFILE down
echo "reclaim stopped.\n"
}
start_reclaim() {
echo "Starting $PROD..."
# check whether cert has already been generated
if ! docker run --rm -v reclaim-gnunet:/volume alpine ls /volume/gns/gns_ca_cert.pem &> /dev/null
then
echo ""
echo "No CA cert found. Generating..."
if [ -f ./bin/generate-ca ]
then
./bin/generate-ca
else
echo "Error... CA helper not found!"
exit 1
fi
else
echo "gns certificate has already been added"
fi
# has user given preferences? always override
if [[ $CUSTOM_COMPOSEFILE = 1 || $DEMO_ENABLED = 1 ]]
then
# store info about docker-compose file
echo $COMPOSEFILE > .tmp/composefile
else
# try to read an existing starting configuration
if [ -f .tmp/composefile ]
then
COMPOSEFILE=`cat .tmp/composefile`
fi
fi
if [[ 1 = $NO_PULL ]]
then
echo "Not pulling images from Docker Hub"
else
docker-compose -f $COMPOSEFILE pull
fi
# TODO: provide user with an option for supplying custom pws
# check whether passwords have already been generated
if [ -f .tmp/psw_secret ]
then
export PSW_SECRET=$(cat .tmp/psw_secret)
else
export PSW_SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $SECRET_LENGTH | head -1)
echo "$PSW_SECRET" > .tmp/psw_secret
fi
if [ -f .tmp/jwt_secret ]
then
export JWT_SECRET=$(cat .tmp/jwt_secret)
else
export JWT_SECRET=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w $SECRET_LENGTH | head -1)
echo "$JWT_SECRET" > .tmp/jwt_secret
fi
docker-compose -f $COMPOSEFILE up -d
echo "started.\n"
}
restart_reclaim() {
reclaim_banner
stop_reclaim
start_reclaim
reclaim_status
}
purge_reclaim() {
reclaim_banner
echo "Purging $PROD"
if [ -f .tmp/composefile ]
then
COMPOSEFILE=`cat .tmp/composefile`
rm -rf .tmp
fi
if ! [ 1 = $YES_TO_ALL ] && [ 0 = $NO_TO_ALL ]
then
echo "Do you also want to remove the named volumes (persistent data)?"
echo -n "(Y/n) "
read input
fi
if ( [[ $input = "Y" ]] || [ 1 = $YES_TO_ALL ] ) && [ 0 = $NO_TO_ALL ]
then
echo "removing named volumes"
#docker volume rm reclaim-gnunet || true
#docker volume rm reclaim-reclaim || true
docker-compose -f $COMPOSEFILE down --remove --volumes
else
echo "not removing named volumes"
docker-compose -f $COMPOSEFILE down --remove
fi
reclaim_status
}
reclaim_banner() {
echo "re:claimID"
echo "Self-sovereign, Decentralised Identity Management and Personal Data Sharing"
echo "Version ${VERSION}"
echo "https://reclaim-identity.io"
echo "(C) 2018 Fraunhofer AISEC"
echo ""
}
reclaim_status() {
echo "Status:"
if [ -z `docker ps -q --no-trunc | grep $(docker-compose -f config/docker-compose.yml ps -q reclaim-runtime) 2>/dev/null` ]; then
echo "${RED}\xE2\x9D\x8C Service is not running.${NC}"
else
echo "${GREEN}\xE2\x9C\x94 Service is running.${NC}"
fi
if [ -z `docker ps -q --no-trunc | grep $(docker-compose -f config/docker-compose.yml ps -q reclaim-ui) 2>/dev/null` ]; then
echo "${RED}\xE2\x9D\x8C UI is not running.${NC}"
else
echo "${GREEN}\xE2\x9C\x94 UI is running.${NC}"
fi
echo ""
}
reclaim_usage() {
echo "Usage:"
echo "reclaim start: starts $PROD"
echo "reclaim stop: shuts $PROD down"
echo "reclaim restart: restarts $PROD"
echo "reclaim purge: shuts $PROD down and purges its data"
echo "the --no-pull (-n) flag can be used to prevent pulling images from remote"
echo "the --demo (-d) flag can be used to start a demo relying party"
echo "the --compose-file (-f) flag can be used to specify a custom docker-compose.yml"
}
reclaim_full() {
reclaim_banner
reclaim_status
reclaim_usage
}
oidc_help() {
# TODO: show help
echo "not implemented"
}
oidc() {
OIDC_ACTION="none"
URI=""
while [[ $# -gt 0 ]]
do
key="$1"
case $key in
createClient)
OIDC_ACTION="create"
shift
;;
listClients)
OIDC_ACTION="list"
shift
;;
deleteClient)
OIDC_ACTION="delete"
shift
;;
--uri)
URI=$2
shift
shift
;;
*)
echo "unknown key: $1"
shift
;;
esac
done
case $OIDC_ACTION in
none)
;;
create)
echo "creating client"
docker exec reclaim-runtime create_client --uri $URI
;;
list)
echo "listing clients"
docker exec reclaim-runtime list_clients
;;
delete)
echo "deleting client"
docker exec reclaim-runtime list_clients --uri $URI
;;
esac
}
parse_opt "$@"
if [ -f .tmp/no_pull ]
then
NO_PULL=1
fi
case $ACTION in
none)
;;
start)
start_reclaim
;;
stop)
stop_reclaim
;;
restart)
restart_reclaim
;;
purge)
purge_reclaim
;;
oidc)
oidc $OIDC_CMD
;;
*)
echo "${RED}Unregistered Action. This should not happen.${NC}"
exit 1
;;
esac
if [ $NOARG = 1 ]
then
reclaim_full
fi