From 92914895561aaa280f73e500a6e9b4e612973b64 Mon Sep 17 00:00:00 2001
From: Timm Fitschen <t.fitschen@indiscale.com>
Date: Fri, 21 Mar 2025 00:40:13 +0100
Subject: [PATCH] WIP: update_siteinfo.sh update_config.sh
---
.env | 2 +-
Makefile | 4 +-
docker-compose.yml | 4 ++
handle_server/Dockerfile | 5 +-
handle_server/generate_keys.sh | 2 +-
handle_server/generate_siteinfo.sh | 12 ----
handle_server/private.defaults.sh | 21 ++++++
handle_server/public.defaults.sh | 11 +++
handle_server/run_handle_server.sh | 81 +++++++++--------------
handle_server/siteinfo.template.json | 47 -------------
handle_server/templates/bootstrap_handles | 2 +-
handle_server/templates/pubkey.json | 5 ++
handle_server/update_config.sh | 17 +++++
handle_server/update_siteinfo.sh | 13 ++++
14 files changed, 111 insertions(+), 115 deletions(-)
delete mode 100755 handle_server/generate_siteinfo.sh
create mode 100644 handle_server/private.defaults.sh
create mode 100644 handle_server/public.defaults.sh
delete mode 100644 handle_server/siteinfo.template.json
create mode 100644 handle_server/templates/pubkey.json
create mode 100644 handle_server/update_config.sh
create mode 100644 handle_server/update_siteinfo.sh
diff --git a/.env b/.env
index e5b892c..a3d372c 100644
--- a/.env
+++ b/.env
@@ -15,6 +15,6 @@ HANDLE_SERVER_LOG_SAVE_INTERVAL="Monthly"
# HANDLE_SERVER_HOME_PREFIX without "0.NA/" prefix.
-HANDLE_SERVER_HOME_PREFIX="0.TEST"
+HANDLE_SERVER_HOME_PREFIX="TEST"
# USE_PUBLIC_HANDLE_SYSTEM="TRUE"
USE_PUBLIC_HANDLE_SYSTEM="FALSE"
diff --git a/Makefile b/Makefile
index ac4ce1f..9ae9fc0 100644
--- a/Makefile
+++ b/Makefile
@@ -1,8 +1,8 @@
start: .handle
@echo "Start Handle System"
docker compose up --build --detach
- . ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server /hs/templates/wait-for-it.sh $${HANDLE_SERVER_IPV4_ADDRESS}:8000 -t 500 -- echo "HANDLE SERVICE ONLINE"
- . ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server bin/hdl-genericbatch /hs/setup.batch.hdl
+ . ./.env && docker exec $${COMPOSE_PROJECT_NAME}-hs-server /hs/templates/wait-for-it.sh $${HANDLE_SERVER_IPV4_ADDRESS}:$${HANDLE_SERVER_HTTP_PORT} -t 500 -- echo "HANDLE SERVICE ONLINE"
+ . ./.env ; [ "$${USE_PUBLIC_HANDLE_SYSTEM}" = "TRUE" ] || docker exec $${COMPOSE_PROJECT_NAME}-hs-server bin/hdl-genericbatch /hs/setup.batch.hdl
.handle:
mkdir $@
diff --git a/docker-compose.yml b/docker-compose.yml
index 195fb82..fce44c8 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,6 +8,10 @@ services:
hs-network:
ipv4_address: ${HANDLE_SERVER_IPV4_ADDRESS}
volumes:
+ ## make handle server persistent
+ #- type: bind
+ # source: /var/lib/hs/srv_1
+ # target: /hs/srv_1
- hs-srv1:/hs/srv_1
- type: bind
source: ./.handle/
diff --git a/handle_server/Dockerfile b/handle_server/Dockerfile
index d8fee09..6328365 100644
--- a/handle_server/Dockerfile
+++ b/handle_server/Dockerfile
@@ -17,7 +17,10 @@ WORKDIR /hs/handle-${HANDLE_SERVER_VERSION}
COPY ./run_handle_server.sh ./
COPY ./generate_keys.sh ./
-COPY ./generate_siteinfo.sh ./
+COPY ./update_config.sh ./
+COPY ./private.defaults.sh ./
+COPY ./public.defaults.sh ./
+COPY ./update_siteinfo.sh ./
COPY ./templates /hs/templates
diff --git a/handle_server/generate_keys.sh b/handle_server/generate_keys.sh
index 3ab8f4f..5fad4d2 100755
--- a/handle_server/generate_keys.sh
+++ b/handle_server/generate_keys.sh
@@ -2,7 +2,7 @@
PUBKEY=${PUBKEY:-"pubkey"}
PRIVKEY=${PRIVKEY:-"privkey"}
-HDL_CMD=${HDL_CMD:-"/home/tf/src/fdo/handle-server/handle-9.3.1/bin/hdl"}
+HDL_CMD=${HDL_CMD:-"bin/hdl"}
CONVERT="$HDL_CMD convert-key"
openssl genrsa -out ${PRIVKEY}.pem 2048
diff --git a/handle_server/generate_siteinfo.sh b/handle_server/generate_siteinfo.sh
deleted file mode 100755
index 0042b84..0000000
--- a/handle_server/generate_siteinfo.sh
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-. ../.env
-
-RSA_KEY_N="$(cat pubkey.json | jq .n)"
-RSA_KEY_E="$(cat pubkey.json | jq .e)"
-
-sed "s/__DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" siteinfo.template.json \
- | sed "s/__ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" \
- | sed "s/\"__KEY_N__\"/${RSA_KEY_N}/g" \
- | sed "s/\"__KEY_E__\"/${RSA_KEY_E}/g" \
- > siteinfo.json
diff --git a/handle_server/private.defaults.sh b/handle_server/private.defaults.sh
new file mode 100644
index 0000000..f0861b5
--- /dev/null
+++ b/handle_server/private.defaults.sh
@@ -0,0 +1,21 @@
+# default values for a private handle system
+
+HTTP_HEADERS='"Access-Control-Allow-Origin" = "*"'
+ENABLE_MONITOR_DAEMON='"enable_monitor_daemon" = "yes"'
+ALLOW_NA_ADMINS='"allow_na_admins" = "no"'
+TEMPLATE_NS_OVERRIDE='"template_ns_override" = "yes"'
+SERVER_ADMINS="300:${HANDLE_SERVER_HOME_PREFIX}/ADMIN"
+REPLICATION_ADMINS="${SERVER_ADMINS}"
+ALLOW_RECURSION='"allow_recursion" = "yes"'
+
+AUTO_HOMED_PREFIXES="
+"
+read -d '' AUTO_HOMED_PREFIXES << EOF
+ "0.NA/${HANDLE_SERVER_HOME_PREFIX}"
+ "0.NA/0.NA"
+ "0.NA/0.0"
+EOF
+
+AUTO_HOMED_PREFIXES="$(echo "${AUTO_HOMED_PREFIXES}" | sed ':a;N;$!ba;s/\n/\\n/g' | sed 's/\$/\\$/g')"
+
+
diff --git a/handle_server/public.defaults.sh b/handle_server/public.defaults.sh
new file mode 100644
index 0000000..c9cbad0
--- /dev/null
+++ b/handle_server/public.defaults.sh
@@ -0,0 +1,11 @@
+# default values for a public handle system
+
+HTTP_HEADERS=""
+ENABLE_MONITOR_DAEMON=""
+ALLOW_NA_ADMINS=""
+TEMPLATE_NS_OVERRIDE=""
+SERVER_ADMINS="300:0.NA/${HANDLE_SERVER_HOME_PREFIX}"
+REPLICATION_ADMINS="${SERVER_ADMINS}"
+ALLOW_RECURSION=""
+
+AUTO_HOMED_PREFIXES="\"0.NA/${HANDLE_SERVER_HOME_PREFIX}\""
diff --git a/handle_server/run_handle_server.sh b/handle_server/run_handle_server.sh
index 0b5852f..53f41ce 100755
--- a/handle_server/run_handle_server.sh
+++ b/handle_server/run_handle_server.sh
@@ -1,72 +1,53 @@
#!/bin/sh
+# This script configures the handle server and starts it
+# Much depends on the USE_PUBLIC_HANDLE_SYSTEM variable.
+# If USE_PUBLIC_HANDLE_SYSTEM="TRUE" then everything is configured to be used with the public handle
+# system.
+# Otherwise, a handle server is being startet which acts as a root server of a private handle system.
+
SRV_DIR=/hs/srv_1
# ### Copy configuration and empty database ###
if [ ! -e "${SRV_DIR}/config.dct" ] ; then
cp -r /hs/templates/* "${SRV_DIR}"
+
+ if [ "$USE_PUBLIC_HANDLE_SYSTEM" = "TRUE" ] ; then
+ # ### Generate keys
+ PRIVKEY="${SRV_DIR}/admpriv" PUBKEY="${SRV_DIR}/admpub" ./generate_keys.sh
+ PRIVKEY="${SRV_DIR}/privkey" PUBKEY="${SRV_DIR}/pubkey" ./generate_keys.sh
+
+ # ### empty database
+ rm -r "${SRV_DIR}/bdbje"
+ fi
fi
+
# ### Update configuration ###
# update config.dct
-ALLOW_NA_ADMINS='"allow_na_admins" = "no"'
-TEMPLATE_NS_OVERRIDE='"template_ns_override" = "yes"'
-SERVER_ADMINS="300:${HANDLE_SERVER_HOME_PREFIX}/ADMIN"
-ENABLE_MONITOR_DAEMON='"enable_monitor_daemon" = "yes"'
-ALLOW_RECURSION='"allow_recursion" = "yes"'
-HTTP_HEADERS='"Access-Control-Allow-Origin" = "*"'
-
-AUTO_HOMED_PREFIXES="$(cat <<-_EOF
- "0.NA/${HANDLE_SERVER_HOME_PREFIX}"
- "0.NA/0.NA"
- "0.NA/0.0"
- _EOF
-)"
-
+echo "HERE ##################"
if [ "$USE_PUBLIC_HANDLE_SYSTEM" = "TRUE" ] ; then
- HTTP_HEADERS=""
- ENABLE_MONITOR_DAEMON=""
- ALLOW_NA_ADMINS=""
- TEMPLATE_NS_OVERRIDE=""
- SERVER_ADMINS="300:0.NA/${HANDLE_SERVER_HOME_PREFIX}"
- AUTO_HOMED_PREFIXES="\"0.NA/${HANDLE_SERVER_HOME_PREFIX}\""
+ . public.defaults.sh
+else
+ . private.defaults.sh
fi
-REPLICATION_ADMINS="${SERVER_ADMINS}"
-
-sed "s/__HANDLE_SERVER_BIND_ADDRESS__/${HANDLE_SERVER_BIND_ADDRESS}/g" /hs/templates/config.dct \
- | sed "s/__HANDLE_SERVER_ENABLE_MONITOR_DAEMON__/${ENABLE_MONITOR_DAEMON}/g" \
- | sed "s/__HANDLE_SERVER_ALLOW_RECURSION__/${ALLOW_RECURSION}/g" \
- | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
- | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
- | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
- | sed "s/__HANDLE_SERVER_ALLOW_NA_ADMINS__/${ALLOW_NA_ADMINS}/g" \
- | sed "s/__HANDLE_SERVER_TEMPLATE_NS_OVERRIDE__/${TEMPLATE_NS_OVERRIDE}/g" \
- | sed "s/__HANDLE_SERVER_SERVER_ADMINS__/${SERVER_ADMINS}/g" \
- | sed "s/__HANDLE_SERVER_REPLICATION_ADMINS__/${REPLICATION_ADMINS}/g" \
- > "$SRV_DIR/config.dct"
+. update_config.sh
# update siteinfo.json
-RSA_KEY_N="$(cat "${SRV_DIR}/pubkey.json" | jq .n)"
-RSA_KEY_E="$(cat "${SRV_DIR}/pubkey.json" | jq .e)"
+. update_siteinfo.sh
-sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/siteinfo.json \
- | sed "s/__HANDLE_SERVER_DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" \
- | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
- | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
- | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
- | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_N__\"/${RSA_KEY_N}/g" \
- | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_E__\"/${RSA_KEY_E}/g" \
- > "$SRV_DIR/siteinfo.json"
-
-# update batch file
-sed "s/HANDLE_SERVER_IPV4_ADDRESS/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/setup.batch.hdl > "/hs/setup.batch.hdl"
# ### Configure private handle network ###
mkdir -p /root/.handle
-sed "s/HANDLE_SERVER_IPV4_ADDRESS/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/bootstrap_handles > /root/.handle/bootstrap_handles
-echo '{' > /root/.handle/config.dct
-echo '"auto_update_root_info" = "no"' >> /root/.handle/config.dct
-echo '}' >> /root/.handle/config.dct
+if [ "$USE_PUBLIC_HANDLE_SYSTEM" != "TRUE" ] ; then
+ cp /hs/templates/setup.batch.hdl /hs/setup.batch.hdl
+
+ mkdir -p /root/.handle
+ sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" /hs/templates/bootstrap_handles > /root/.handle/bootstrap_handles
+ echo '{' > /root/.handle/config.dct
+ echo '"auto_update_root_info" = "no"' >> /root/.handle/config.dct
+ echo '}' >> /root/.handle/config.dct
+fi
# actually run the server
bin/hdl-server "$SRV_DIR"
diff --git a/handle_server/siteinfo.template.json b/handle_server/siteinfo.template.json
deleted file mode 100644
index 77a6094..0000000
--- a/handle_server/siteinfo.template.json
+++ /dev/null
@@ -1,47 +0,0 @@
-{
- "version": 1,
- "protocolVersion": "2.11",
- "serialNumber": 1,
- "primarySite": true,
- "multiPrimary": false,
- "attributes": [
- {
- "name": "desc",
- "value": "__HANDLE_SERVER_DESCRIPTION__"
- }
- ],
- "servers": [
- {
- "serverId": 1,
- "address": "__HANDLE_SERVER_IPV4_ADDRESS__",
- "publicKey": {
- "format": "key",
- "value": {
- "kty": "RSA",
- "n": "__HANDLE_SERVER_PUBKEY_RSA_N__",
- "e": "__HANDLE_SERVER_PUBKEY_RSA_E__"
- }
- },
- "interfaces": [
- {
- "query": true,
- "admin": true,
- "protocol": "TCP",
- "port": __HANDLE_SERVER_TCP_PORT__
- },
- {
- "query": true,
- "admin": false,
- "protocol": "UDP",
- "port": __HANDLE_SERVER_UDP_PORT__
- },
- {
- "query": true,
- "admin": true,
- "protocol": "HTTP",
- "port": __HANDLE_SERVER_HTTP_PORT__
- }
- ]
- }
- ]
-}
diff --git a/handle_server/templates/bootstrap_handles b/handle_server/templates/bootstrap_handles
index 914cc05..52795c3 100644
--- a/handle_server/templates/bootstrap_handles
+++ b/handle_server/templates/bootstrap_handles
@@ -57,7 +57,7 @@
"servers": [
{
"serverId": 1,
- "address": "HANDLE_SERVER_IPV4_ADDRESS",
+ "address": "__HANDLE_SERVER_IPV4_ADDRESS__",
"publicKey": {
"format": "key",
"value": {
diff --git a/handle_server/templates/pubkey.json b/handle_server/templates/pubkey.json
new file mode 100644
index 0000000..ef83f67
--- /dev/null
+++ b/handle_server/templates/pubkey.json
@@ -0,0 +1,5 @@
+{
+ "kty": "RSA",
+ "n": "wqkCd9QfFxYwMhQM72k-nQ5yL0lbxz9OTOTgR2eFj6dz5YZzoDg3t4MauMVUt5pkByWScle-7mdVJHuEp1GErqyzW3dPagTgmzc1R1i2gQF5fUiJFx90hkAzh88PW4qFs_YBwOsChGanGzsqn6cbKV3VQn5K2QZHF7rxeKdstF72lFN7ewkk-Kw5i0I3akpGYu9YJ_Is8k7rDQ5P_KKfrn_N_0_seQO-IT9vW_u0IvK75_6VwNjU5wU6SDF9dgivSk-qv7R_rpl8eAow0zUkllsFqJxEEn63koK5gSsKitfN7Jt_71b_Nwmjpv2gEydh42bEOSHx0dFeALwY1rl74w",
+ "e": "AQAB"
+}
\ No newline at end of file
diff --git a/handle_server/update_config.sh b/handle_server/update_config.sh
new file mode 100644
index 0000000..849c9e0
--- /dev/null
+++ b/handle_server/update_config.sh
@@ -0,0 +1,17 @@
+_SOURCE="${SOURCE:-"/hs/templates/config.dct"}"
+_TARGET="${TARGET:-"${SRV_DIR}/config.dct"}"
+
+sed "s/__HANDLE_SERVER_BIND_ADDRESS__/${HANDLE_SERVER_BIND_ADDRESS}/g" "$_SOURCE" \
+ | sed "s/__HANDLE_SERVER_ENABLE_MONITOR_DAEMON__/${ENABLE_MONITOR_DAEMON}/g" \
+ | sed "s/__HANDLE_SERVER_ALLOW_RECURSION__/${ALLOW_RECURSION}/g" \
+ | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
+ | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
+ | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
+ | sed "s/__HANDLE_SERVER_ALLOW_NA_ADMINS__/${ALLOW_NA_ADMINS}/g" \
+ | sed "s/__HANDLE_SERVER_TEMPLATE_NS_OVERRIDE__/${TEMPLATE_NS_OVERRIDE}/g" \
+ | sed "s/__HANDLE_SERVER_LOG_SAVE_INTERVAL__/${HANDLE_SERVER_LOG_SAVE_INTERVAL}/g" \
+ | sed "s/__HANDLE_SERVER_HTTP_HEADERS__/${HTTP_HEADERS}/g" \
+ | sed "s|__HANDLE_SERVER_SERVER_ADMINS__|${SERVER_ADMINS}|g" \
+ | sed "s|__HANDLE_SERVER_REPLICATION_ADMINS__|${REPLICATION_ADMINS}|g" \
+ | sed "s|__HANDLE_SERVER_AUTO_HOMED_PREFIXES__|${AUTO_HOMED_PREFIXES}|g" \
+ > "$_TARGET"
diff --git a/handle_server/update_siteinfo.sh b/handle_server/update_siteinfo.sh
new file mode 100644
index 0000000..44dc017
--- /dev/null
+++ b/handle_server/update_siteinfo.sh
@@ -0,0 +1,13 @@
+_SOURCE="${SOURCE:-"/hs/templates/siteinfo.json"}"
+_TARGET="${TARGET:-"${SRV_DIR}/siteinfo.json"}"
+RSA_KEY_N="$(cat "${SRV_DIR}/pubkey.json" | jq .n)"
+RSA_KEY_E="$(cat "${SRV_DIR}/pubkey.json" | jq .e)"
+
+sed "s/__HANDLE_SERVER_IPV4_ADDRESS__/${HANDLE_SERVER_IPV4_ADDRESS}/g" "$_SOURCE" \
+ | sed "s/__HANDLE_SERVER_DESCRIPTION__/${HANDLE_SERVER_DESCRIPTION}/g" \
+ | sed "s/__HANDLE_SERVER_HTTP_PORT__/${HANDLE_SERVER_HTTP_PORT}/g" \
+ | sed "s/__HANDLE_SERVER_TCP_PORT__/${HANDLE_SERVER_TCP_PORT}/g" \
+ | sed "s/__HANDLE_SERVER_UDP_PORT__/${HANDLE_SERVER_UDP_PORT}/g" \
+ | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_N__\"/${RSA_KEY_N}/g" \
+ | sed "s/\"__HANDLE_SERVER_PUBKEY_RSA_E__\"/${RSA_KEY_E}/g" \
+ > "$_TARGET"
--
GitLab