WIP: update_siteinfo.sh update_config.sh

92914895 · Timm Fitschen · fe53744a · 92914895 · 92914895 · 92914895
Unverified Commit 92914895 authored 4 months ago by Timm Fitschen
--- a/.env
+++ b/.env
@@ -15,6 +15,6 @@ HANDLE_SERVER_LOG_SAVE_INTERVAL="Monthly"
 # HANDLE_SERVER_HOME_PREFIX without "0.NA/" prefix.
-HANDLE_SERVER_HOME_PREFIX="0.TEST"
+HANDLE_SERVER_HOME_PREFIX="TEST"
 # USE_PUBLIC_HANDLE_SYSTEM="TRUE"
 USE_PUBLIC_HANDLE_SYSTEM="FALSE"
--- a/Makefile
+++ b/Makefile
 start: .handle
 	@echo "Start Handle System"
 	docker compose up --build --detach
-	. ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server /hs/templates/wait-for-it.sh $${HANDLE_SERVER_IPV4_ADDRESS}:8000 -t 500 -- echo "HANDLE SERVICE ONLINE"
+	. ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server /hs/templates/wait-for-it.sh $${HANDLE_SERVER_IPV4_ADDRESS}:$${HANDLE_SERVER_HTTP_PORT} -t 500 -- echo "HANDLE SERVICE ONLINE"
-	. ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server bin/hdl-genericbatch /hs/setup.batch.hdl
+	. ./.env ; [ "$${USE_PUBLIC_HANDLE_SYSTEM}" = "TRUE" ] || docker exec $${COMPOSE_PROJECT_NAME}-hs-server bin/hdl-genericbatch /hs/setup.batch.hdl
 .handle:
 	mkdir $@

--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,6 +8,10 @@ services:
      hs-network:
        ipv4_address: ${HANDLE_SERVER_IPV4_ADDRESS}
    volumes:
+      ## make handle server persistent
+      #- type: bind
+      #  source: /var/lib/hs/srv_1
+      #  target: /hs/srv_1
      - hs-srv1:/hs/srv_1
      - type: bind
        source: ./.handle/

--- a/handle_server/Dockerfile
+++ b/handle_server/Dockerfile
@@ -17,7 +17,10 @@ WORKDIR /hs/handle-${HANDLE_SERVER_VERSION}
 COPY ./run_handle_server.sh ./
 COPY ./generate_keys.sh ./
-COPY ./generate_siteinfo.sh ./
+COPY ./update_config.sh ./
+COPY ./private.defaults.sh ./
+COPY ./public.defaults.sh ./
+COPY ./update_siteinfo.sh ./
 COPY ./templates /hs/templates

--- a/handle_server/generate_keys.sh
+++ b/handle_server/generate_keys.sh
@@ -2,7 +2,7 @@
 PUBKEY=${PUBKEY:-"pubkey"}
 PRIVKEY=${PRIVKEY:-"privkey"}
-HDL_CMD=${HDL_CMD:-"/home/tf/src/fdo/handle-server/handle-9.3.1/bin/hdl"}
+HDL_CMD=${HDL_CMD:-"bin/hdl"}
 CONVERT="$HDL_CMD convert-key"
 openssl genrsa -out ${PRIVKEY}.pem 2048

--- a/handle_server/generate_siteinfo.sh
+++ b/handle_server/generate_siteinfo.sh
-#!/bin/sh
-. ../.env
-RSA_KEY_N="$(cat pubkey.json | jq .n)"
-RSA_KEY_E="$(cat pubkey.json | jq .e)"
-sed "s/__DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" siteinfo.template.json \
-    | sed "s/__ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" \
-    | sed "s/\"__KEY_N__\"/${RSA_KEY_N}/g" \
-    | sed "s/\"__KEY_E__\"/${RSA_KEY_E}/g" \
-    > siteinfo.json
--- a/handle_server/private.defaults.sh
+++ b/handle_server/private.defaults.sh
+# default values for a private handle system
+HTTP_HEADERS='"Access-Control-Allow-Origin" = "*"'
+ENABLE_MONITOR_DAEMON='"enable_monitor_daemon" = "yes"'
+ALLOW_NA_ADMINS='"allow_na_admins" = "no"'
+TEMPLATE_NS_OVERRIDE='"template_ns_override" = "yes"'
+SERVER_ADMINS="300:${HANDLE_SERVER_HOME_PREFIX}/ADMIN"
+REPLICATION_ADMINS="${SERVER_ADMINS}"
+ALLOW_RECURSION='"allow_recursion" = "yes"'
+AUTO_HOMED_PREFIXES="
+"
+read -d '' AUTO_HOMED_PREFIXES << EOF
+      "0.NA/${HANDLE_SERVER_HOME_PREFIX}"
+      "0.NA/0.NA"
+      "0.NA/0.0"
+EOF
+AUTO_HOMED_PREFIXES="$(echo "${AUTO_HOMED_PREFIXES}" | sed ':a;N;$!ba;s/\n/\\n/g' | sed 's/\$/\\$/g')"
--- a/handle_server/public.defaults.sh
+++ b/handle_server/public.defaults.sh
+# default values for a public handle system
+HTTP_HEADERS=""
+ENABLE_MONITOR_DAEMON=""
+ALLOW_NA_ADMINS=""
+TEMPLATE_NS_OVERRIDE=""
+SERVER_ADMINS="300:0.NA/${HANDLE_SERVER_HOME_PREFIX}"
+REPLICATION_ADMINS="${SERVER_ADMINS}"
+ALLOW_RECURSION=""
+AUTO_HOMED_PREFIXES="\"0.NA/${HANDLE_SERVER_HOME_PREFIX}\""
--- a/handle_server/run_handle_server.sh
+++ b/handle_server/run_handle_server.sh
 #!/bin/sh
+# This script configures the handle server and starts it
+# Much depends on the USE_PUBLIC_HANDLE_SYSTEM variable.
+# If USE_PUBLIC_HANDLE_SYSTEM="TRUE" then everything is configured to be used with the public handle
+# system.
+# Otherwise, a handle server is being startet which acts as a root server of a private handle system.
 SRV_DIR=/hs/srv_1
 # ### Copy configuration and empty database ###
 if [ ! -e "${SRV_DIR}/config.dct" ] ; then
    cp -r /hs/templates/* "${SRV_DIR}"
+    if [ "$USE_PUBLIC_HANDLE_SYSTEM" = "TRUE" ] ; then
+        # ### Generate keys
+        PRIVKEY="${SRV_DIR}/admpriv" PUBKEY="${SRV_DIR}/admpub" ./generate_keys.sh
+        PRIVKEY="${SRV_DIR}/privkey" PUBKEY="${SRV_DIR}/pubkey" ./generate_keys.sh
+        # ### empty database
+        rm -r "${SRV_DIR}/bdbje"
    fi
+fi
 # ### Update configuration ###
 # update config.dct
-ALLOW_NA_ADMINS='"allow_na_admins" = "no"'
+echo "HERE ##################"
-TEMPLATE_NS_OVERRIDE='"template_ns_override" = "yes"'
-SERVER_ADMINS="300:${HANDLE_SERVER_HOME_PREFIX}/ADMIN"
-ENABLE_MONITOR_DAEMON='"enable_monitor_daemon" = "yes"'
-ALLOW_RECURSION='"allow_recursion" = "yes"'
-HTTP_HEADERS='"Access-Control-Allow-Origin" = "*"'
-AUTO_HOMED_PREFIXES="$(cat <<-_EOF
-	      "0.NA/${HANDLE_SERVER_HOME_PREFIX}"
-	      "0.NA/0.NA"
-	      "0.NA/0.0"
-	_EOF
-)"
 if [ "$USE_PUBLIC_HANDLE_SYSTEM" = "TRUE" ] ; then
-    HTTP_HEADERS=""
+    . public.defaults.sh
-    ENABLE_MONITOR_DAEMON=""
+else
-    ALLOW_NA_ADMINS=""
+    . private.defaults.sh
-    TEMPLATE_NS_OVERRIDE=""
-    SERVER_ADMINS="300:0.NA/${HANDLE_SERVER_HOME_PREFIX}"
-    AUTO_HOMED_PREFIXES="\"0.NA/${HANDLE_SERVER_HOME_PREFIX}\""
 fi
-REPLICATION_ADMINS="${SERVER_ADMINS}"
+. update_config.sh
-sed "s/__HANDLE_SERVER_BIND_ADDRESS__/${HANDLE_SERVER_BIND_ADDRESS}/g" /hs/templates/config.dct \
-  | sed "s/__HANDLE_SERVER_ENABLE_MONITOR_DAEMON__/${ENABLE_MONITOR_DAEMON}/g" \
-  | sed "s/__HANDLE_SERVER_ALLOW_RECURSION__/${ALLOW_RECURSION}/g" \
-  | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
-  | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
-  | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
-  | sed "s/__HANDLE_SERVER_ALLOW_NA_ADMINS__/${ALLOW_NA_ADMINS}/g" \
-  | sed "s/__HANDLE_SERVER_TEMPLATE_NS_OVERRIDE__/${TEMPLATE_NS_OVERRIDE}/g" \
-  | sed "s/__HANDLE_SERVER_SERVER_ADMINS__/${SERVER_ADMINS}/g" \
-  | sed "s/__HANDLE_SERVER_REPLICATION_ADMINS__/${REPLICATION_ADMINS}/g" \
-  > "$SRV_DIR/config.dct"
 # update siteinfo.json
-RSA_KEY_N="$(cat "${SRV_DIR}/pubkey.json" | jq .n)"
+. update_siteinfo.sh
-RSA_KEY_E="$(cat "${SRV_DIR}/pubkey.json" | jq .e)"
-sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/siteinfo.json \
-  | sed "s/__HANDLE_SERVER_DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" \
-  | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
-  | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
-  | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
-  | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_N__\"/${RSA_KEY_N}/g" \
-  | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_E__\"/${RSA_KEY_E}/g" \
-  > "$SRV_DIR/siteinfo.json"
-# update batch file
-sed "s/HANDLE_SERVER_IPV4_ADDRESS/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/setup.batch.hdl > "/hs/setup.batch.hdl"
 # ### Configure private handle network ###
 mkdir -p /root/.handle
-sed "s/HANDLE_SERVER_IPV4_ADDRESS/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/bootstrap_handles > /root/.handle/bootstrap_handles
+if [ "$USE_PUBLIC_HANDLE_SYSTEM" != "TRUE" ] ; then
+    cp /hs/templates/setup.batch.hdl /hs/setup.batch.hdl
+    mkdir -p /root/.handle
+    sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/bootstrap_handles > /root/.handle/bootstrap_handles
    echo '{' > /root/.handle/config.dct
    echo '"auto_update_root_info" = "no"' >> /root/.handle/config.dct
    echo '}' >> /root/.handle/config.dct
+fi
 # actually run the server
 bin/hdl-server "$SRV_DIR"
--- a/handle_server/siteinfo.template.json
+++ b/handle_server/siteinfo.template.json
-{
-  "version": 1,
-  "protocolVersion": "2.11",
-  "serialNumber": 1,
-  "primarySite": true,
-  "multiPrimary": false,
-  "attributes": [
-    {
-      "name": "desc",
-      "value": "__HANDLE_SERVER_DESCRIPTION__"
-    }
-  ],
-  "servers": [
-    {
-      "serverId": 1,
-      "address": "__HANDLE_SERVER_IPV4_ADDRESS__",
-      "publicKey": {
-        "format": "key",
-        "value": {
-          "kty": "RSA",
-          "n": "__HANDLE_SERVER_PUBKEY_RSA_N__",
-          "e": "__HANDLE_SERVER_PUBKEY_RSA_E__"
-        }
-      },
-      "interfaces": [
-        {
-          "query": true,
-          "admin": true,
-          "protocol": "TCP",
-          "port": __HANDLE_SERVER_TCP_PORT__
-        },
-        {
-          "query": true,
-          "admin": false,
-          "protocol": "UDP",
-          "port": __HANDLE_SERVER_UDP_PORT__
-        },
-        {
-          "query": true,
-          "admin": true,
-          "protocol": "HTTP",
-          "port": __HANDLE_SERVER_HTTP_PORT__
-        }
-      ]
-    }
-  ]
-}
--- a/handle_server/templates/bootstrap_handles
+++ b/handle_server/templates/bootstrap_handles
@@ -57,7 +57,7 @@
  "servers": [
    {
      "serverId": 1,
-      "address": "HANDLE_SERVER_IPV4_ADDRESS",
+      "address": "__HANDLE_SERVER_IPV4_ADDRESS__",
      "publicKey": {
        "format": "key",
        "value": {

--- a/handle_server/templates/pubkey.json
+++ b/handle_server/templates/pubkey.json
+{
+  "kty": "RSA",
+  "n": "wqkCd9QfFxYwMhQM72k-nQ5yL0lbxz9OTOTgR2eFj6dz5YZzoDg3t4MauMVUt5pkByWScle-7mdVJHuEp1GErqyzW3dPagTgmzc1R1i2gQF5fUiJFx90hkAzh88PW4qFs_YBwOsChGanGzsqn6cbKV3VQn5K2QZHF7rxeKdstF72lFN7ewkk-Kw5i0I3akpGYu9YJ_Is8k7rDQ5P_KKfrn_N_0_seQO-IT9vW_u0IvK75_6VwNjU5wU6SDF9dgivSk-qv7R_rpl8eAow0zUkllsFqJxEEn63koK5gSsKitfN7Jt_71b_Nwmjpv2gEydh42bEOSHx0dFeALwY1rl74w",
+  "e": "AQAB"
+}
\ No newline at end of file
--- a/handle_server/update_config.sh
+++ b/handle_server/update_config.sh
+_SOURCE="${SOURCE:-"/hs/templates/config.dct"}"
+_TARGET="${TARGET:-"${SRV_DIR}/config.dct"}"
+sed "s/__HANDLE_SERVER_BIND_ADDRESS__/${HANDLE_SERVER_BIND_ADDRESS}/g" "$_SOURCE" \
+  | sed "s/__HANDLE_SERVER_ENABLE_MONITOR_DAEMON__/${ENABLE_MONITOR_DAEMON}/g" \
+  | sed "s/__HANDLE_SERVER_ALLOW_RECURSION__/${ALLOW_RECURSION}/g" \
+  | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
+  | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
+  | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
+  | sed "s/__HANDLE_SERVER_ALLOW_NA_ADMINS__/${ALLOW_NA_ADMINS}/g" \
+  | sed "s/__HANDLE_SERVER_TEMPLATE_NS_OVERRIDE__/${TEMPLATE_NS_OVERRIDE}/g" \
+  | sed "s/__HANDLE_SERVER_LOG_SAVE_INTERVAL__/${HANDLE_SERVER_LOG_SAVE_INTERVAL}/g" \
+  | sed "s/__HANDLE_SERVER_HTTP_HEADERS__/${HTTP_HEADERS}/g" \
+  | sed "s|__HANDLE_SERVER_SERVER_ADMINS__|${SERVER_ADMINS}|g" \
+  | sed "s|__HANDLE_SERVER_REPLICATION_ADMINS__|${REPLICATION_ADMINS}|g" \
+  | sed "s|__HANDLE_SERVER_AUTO_HOMED_PREFIXES__|${AUTO_HOMED_PREFIXES}|g" \
+  > "$_TARGET"
--- a/handle_server/update_siteinfo.sh
+++ b/handle_server/update_siteinfo.sh
+_SOURCE="${SOURCE:-"/hs/templates/siteinfo.json"}"
+_TARGET="${TARGET:-"${SRV_DIR}/siteinfo.json"}"
+RSA_KEY_N="$(cat "${SRV_DIR}/pubkey.json" | jq .n)"
+RSA_KEY_E="$(cat "${SRV_DIR}/pubkey.json" | jq .e)"
+sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" "$_SOURCE" \
+  | sed "s/__HANDLE_SERVER_DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" \
+  | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
+  | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
+  | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
+  | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_N__\"/${RSA_KEY_N}/g" \
+  | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_E__\"/${RSA_KEY_E}/g" \
+  > "$_TARGET"