diff options
author | ebo <eliezio.oliveira@est.tech> | 2020-04-03 15:24:15 +0100 |
---|---|---|
committer | Bartek Grzybowski <b.grzybowski@partner.samsung.com> | 2020-04-08 08:52:09 +0000 |
commit | f986059d04af9eafe85aafe467e3196e8400098c (patch) | |
tree | e42f20f8117d752498ba9d302878172280c98a1c /test/mocks/netconf-pnp-simulator/engine/entrypoint.sh | |
parent | 7a3199bf4a05ffe7148ab7139a73df863a659353 (diff) |
netconf-pnp-simulator: convenient TLS and SSH configuration
- Simple SSH and TLS configuration. Instead of specific Netopeer2
XML configuration files, the user only needs to provide:
For SSH: id_XXX.pub
For TLS: server_key.pem, server_cert.pem, and ca.pem
- SSH and TLS can be reconfigured at runtime by running
/opt/bin/reconfigure-ssh.sh and /opt/bin/reconfigure-tls.sh respectively
- Improved log readability by using zlog (on C applications) and loguru
for Python
See the updated documentation under ../docs for more information.
Issue-ID: INT-1516
Change-Id: I21052d2524f0610c6197875a544113cce1a02787
Signed-off-by: ebo <eliezio.oliveira@est.tech>
Diffstat (limited to 'test/mocks/netconf-pnp-simulator/engine/entrypoint.sh')
-rwxr-xr-x | test/mocks/netconf-pnp-simulator/engine/entrypoint.sh | 120 |
1 files changed, 7 insertions, 113 deletions
diff --git a/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh b/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh index 6636080fb..378f33b3a 100755 --- a/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh +++ b/test/mocks/netconf-pnp-simulator/engine/entrypoint.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/ash # shellcheck disable=SC2086 #- @@ -20,120 +20,14 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= -set -o errexit -set -o nounset -set -o pipefail -set -o xtrace +set -eu -export PATH=/opt/bin:/usr/local/bin:/usr/bin:/bin +HERE=${0%/*} +source $HERE/common.sh -CONFIG=/config -SSH_CONFIG=$CONFIG/ssh -TLS_CONFIG=$CONFIG/tls -MODELS_CONFIG=$CONFIG/modules -KEY_PATH=/opt/etc/keystored/keys -BASE_VIRTUALENVS=$HOME/.local/share/virtualenvs +configure_ssh startup merge $TEMPLATES +configure_tls startup merge $TEMPLATES -find_file() { - local dir=$1 - shift - for prog in "$@"; do - if [ -f $dir/$prog ]; then - echo -n $dir/$prog - break - fi - done -} - -find_executable() { - local dir=$1 - shift - for prog in "$@"; do - if [ -x $dir/$prog ]; then - echo -n $dir/$prog - break - fi - done -} - -configure_ssh() -{ - sysrepocfg --datastore=startup --format=xml ietf-system --import=$SSH_CONFIG/load_auth_pubkey.xml -} - -configure_tls() -{ - cp $TLS_CONFIG/server_key.pem $KEY_PATH - cp $TLS_CONFIG/server_key.pem.pub $KEY_PATH - sysrepocfg --datastore=startup --format=xml ietf-keystore --merge=$TLS_CONFIG/load_server_certs.xml - sysrepocfg --datastore=startup --format=xml ietf-netconf-server --merge=$TLS_CONFIG/tls_listen.xml -} - -configure_modules() -{ - for dir in "$MODELS_CONFIG"/*; do - if [ -d $dir ]; then - model=${dir##*/} - install_and_configure_yang_model $dir $model - prog=$(find_executable $dir subscriber.py) - if [ -n "$prog" ]; then - configure_subscriber_execution $dir $model $prog - fi - fi - done -} - -install_and_configure_yang_model() -{ - local dir=$1 - local model=$2 - - yang=$(find_file $dir $model.yang model.yang) - sysrepoctl --install --yang=$yang - data=$(find_file $dir startup.json startup.xml data.json data.xml) - if [ -n "$data" ]; then - sysrepocfg --datastore=startup --import=$data $model - fi -} - -configure_subscriber_execution() -{ - local dir=$1 - local model=$2 - local prog=$3 - - PROG_PATH=$PATH - if [ -r "$dir/requirements.txt" ]; then - env_dir=$(create_python_venv $dir) - PROG_PATH=$env_dir/bin:$PROG_PATH - fi - cat > /etc/supervisord.d/$model.conf <<EOF -[program:subs-$model] -command=$prog $model -redirect_stderr=true -autorestart=true -environment=PATH=$PROG_PATH,PYTHONUNBUFFERED="1" -EOF -} - -create_python_venv() -{ - local dir=$1 - - mkdir -p $BASE_VIRTUALENVS - env_dir=$BASE_VIRTUALENVS/$model - ( - python3 -m venv --system-site-packages $env_dir - cd $env_dir - . ./bin/activate - pip install --upgrade pip - pip install -r "$dir"/requirements.txt - ) 1>&2 - echo $env_dir -} - -configure_ssh -configure_tls -configure_modules +$HERE/configure-modules.sh exec /usr/local/bin/supervisord -c /etc/supervisord.conf |