forked from metal3-io/ironic-inspector-image
-
Notifications
You must be signed in to change notification settings - Fork 0
/
runironic-inspector.sh
executable file
·75 lines (59 loc) · 2.68 KB
/
runironic-inspector.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
#!/usr/bin/bash
CONFIG=/etc/ironic-inspector/ironic-inspector.conf
export IRONIC_INSPECTOR_ENABLE_DISCOVERY=${IRONIC_INSPECTOR_ENABLE_DISCOVERY:-false}
export IRONIC_CERT_FILE=/certs/ironic/tls.crt
export IRONIC_CACERT_FILE=/certs/ca/ironic/tls.crt
export IRONIC_INSPECTOR_CACERT_FILE=/certs/ca/ironic-inspector/tls.crt
export IRONIC_INSPECTOR_CERT_FILE=/certs/ironic-inspector/tls.crt
export IRONIC_INSPECTOR_KEY_FILE=/certs/ironic-inspector/tls.key
if [ -f "$IRONIC_INSPECTOR_CERT_FILE" ] && [ ! -f "$IRONIC_INSPECTOR_KEY_FILE" ] ; then
echo "Missing TLS Certificate key file /certs/ironic-inspector/tls.key"
exit 1
fi
if [ ! -f "$IRONIC_INSPECTOR_CERT_FILE" ] && [ -f "$IRONIC_INSPECTOR_KEY_FILE" ] ; then
echo "Missing TLS Certificate file /certs/ironic-inspector/tls.crt"
exit 1
fi
. /bin/ironic-common.sh
wait_for_interface_or_ip
if [ -f "$IRONIC_INSPECTOR_CERT_FILE" ]; then
export IRONIC_INSPECTOR_TLS_SETUP="true"
export IRONIC_INSPECTOR_BASE_URL="https://${IRONIC_URL_HOST}:5050"
if [ ! -f "${IRONIC_INSPECTOR_CACERT_FILE}"]; then
cp "${IRONIC_INSPECTOR_CERT_FILE}" "${IRONIC_INSPECTOR_CACERT_FILE}"
fi
else
export IRONIC_INSPECTOR_TLS_SETUP="false"
export IRONIC_INSPECTOR_BASE_URL="http://${IRONIC_URL_HOST}:5050"
fi
if [ -f "$IRONIC_CERT_FILE" ] || [ -f "$IRONIC_CACERT_FILE" ]; then
export IRONIC_TLS_SETUP="true"
export IRONIC_BASE_URL="https://${IRONIC_URL_HOST}:6385"
if [ ! -f "${IRONIC_CACERT_FILE}"]; then
cp "${IRONIC_CERT_FILE}" "${IRONIC_CACERT_FILE}"
fi
else
export IRONIC_TLS_SETUP="false"
export IRONIC_BASE_URL="http://${IRONIC_URL_HOST}:6385"
fi
cp $CONFIG $CONFIG.orig
function build_j2_config() {
python3 -c 'import os; import sys; import jinja2; sys.stdout.write(jinja2.Template(sys.stdin.read()).render(env=os.environ))' < $CONFIG.j2
}
# Merge with the original configuration file from the package.
build_j2_config | crudini --merge /etc/ironic-inspector/ironic-inspector.conf
# Configure HTTP basic auth for API server
HTPASSWD_FILE=/etc/ironic-inspector/htpasswd
if [ -n "${HTTP_BASIC_HTPASSWD}" ]; then
printf "%s\n" "${HTTP_BASIC_HTPASSWD}" >"${HTPASSWD_FILE}"
crudini --set $CONFIG DEFAULT auth_strategy http_basic
crudini --set $CONFIG DEFAULT http_basic_auth_user_file "${HTPASSWD_FILE}"
fi
# Configure auth for ironic client
CONFIG_OPTIONS="--config-file /etc/ironic-inspector/inspector-dist.conf --config-file ${CONFIG}"
auth_config_file="/auth/ironic/auth-config"
if [ -f ${auth_config_file} ]; then
CONFIG_OPTIONS+=" --config-file ${auth_config_file}"
fi
ironic-inspector-dbsync --config-file /etc/ironic-inspector/ironic-inspector.conf upgrade
exec /usr/bin/ironic-inspector $CONFIG_OPTIONS