aboutsummaryrefslogtreecommitdiffstats
path: root/onap-offline/bash/tools/deploy_nexus.sh
diff options
context:
space:
mode:
authorMichal Ptacek <m.ptacek@partner.samsung.com>2018-10-15 15:27:29 +0200
committerMichal Ptacek <m.ptacek@partner.samsung.com>2018-10-15 15:34:24 +0200
commit39d73bc539d9f3e72e167a51a6fecf58e04265ac (patch)
tree0fa9b9b499fb960524c9dee46174b73925a3c082 /onap-offline/bash/tools/deploy_nexus.sh
parent0d41bc49d18ebf126faa9a709dbe59b2bccc8ee1 (diff)
Core of ONAP offline installer
Seed code for ONAP offline installer. This includes core of the installer without downloading parts. Those will come in subsequent commits. Change-Id: I0d5c8c3c8c911ae11a0e558d5df94b6889af4435 Signed-off-by: Michal Ptacek <m.ptacek@partner.samsung.com> Signed-off-by: Samuli Silvius <s.silvius@partner.samsung.com> Issue-ID: INT-691
Diffstat (limited to 'onap-offline/bash/tools/deploy_nexus.sh')
-rwxr-xr-xonap-offline/bash/tools/deploy_nexus.sh194
1 files changed, 194 insertions, 0 deletions
diff --git a/onap-offline/bash/tools/deploy_nexus.sh b/onap-offline/bash/tools/deploy_nexus.sh
new file mode 100755
index 0000000..1532c61
--- /dev/null
+++ b/onap-offline/bash/tools/deploy_nexus.sh
@@ -0,0 +1,194 @@
+#! /usr/bin/env bash
+
+# COPYRIGHT NOTICE STARTS HERE
+#
+# Copyright 2018 © Samsung Electronics Co., Ltd.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# COPYRIGHT NOTICE ENDS HERE
+
+
+# fail fast
+set -e
+
+# OS check
+. /etc/os-release
+OS_ID="${ID}"
+
+case "$OS_ID" in
+ centos)
+ ;;
+ rhel)
+ ;;
+ ubuntu)
+ ;;
+ *)
+ echo This OS is not supported: $OS_ID
+ exit 1
+ ;;
+esac
+
+# boilerplate
+RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh'
+if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then
+ SCRIPT_DIR=$(dirname "${0}")
+ LOCAL_PATH=$(readlink -f "$SCRIPT_DIR")
+ . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh
+fi
+
+#
+# local functions
+#
+
+start_nexus() {
+ echo "** Starting nexus **"
+ if [[ -z "$NEXUS_DATA" ]]; then
+ echo "Nexus data env is not set"
+ exit -3
+ fi
+
+ # valid for case of fresh nexus deployment
+ # data are inserted in later phases
+ mkdir -p $NEXUS_DATA
+ # hardening
+ chmod a+wrX $NEXUS_DATA
+ chown -R 200:200 $NEXUS_DATA
+
+ docker rm -f nexus 1> /dev/null 2>&1 || true
+
+ docker run -d --name nexus\
+ --restart unless-stopped \
+ -v $NEXUS_DATA:/nexus-data:rw \
+ sonatype/nexus3
+
+ echo "** Creating docker network **"
+ docker network create nexus_network
+ docker network connect nexus_network nexus
+}
+
+start_nginx() {
+ echo "** Starting reverse proxy - nginx **"
+
+ docker rm -f nginx 1> /dev/null 2>&1 || true
+ mkdir -p $NGINX_HTTP_DIR/repo.install-server
+
+ mkdir -p "$NGINX_HTTP_DIR/repo.install-server"
+
+ docker run -d -p 80:80 -p 443:443 -p 10001:443 \
+ --name nginx \
+ --network nexus_network \
+ -v $GEN_CFG_PATH/nginx.conf:/etc/nginx/nginx.conf:ro \
+ -v $CERTS_TARGET_PATH:/etc/nginx/certs:ro \
+ -v $GIT_REPOS:/srv/git:rw \
+ -v $NGINX_LOG_DIR:/var/log/nginx:rw \
+ -v $NGINX_HTTP_DIR:/srv/http:ro \
+ -v $RHEL_REPO:/srv/http/repo.install-server:ro \
+ --restart unless-stopped \
+ own_nginx
+}
+
+patch_cert() {
+ file=$1
+ cp "$APROJECT_DIR/cfg/$file" "$GEN_CFG_PATH/$file"
+# sed "s#countryName =.*#countryName = $CERT_COUNTRY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file
+# sed "s#localityName =.*#localityName = $CERT_LOCALITY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file
+# sed "s#organizationName =.*#organizationName = $CERT_ORGANIZATION#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file
+}
+
+patch_conf_files() {
+ # patch nexus and root cert
+ patch_cert nexus_cert.cnf
+ patch_cert cacert.cnf
+
+ # patch nexus v3 ext cert
+ sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/v3.ext" > $GEN_CFG_PATH/v3.ext
+
+ #patch nginx.conf
+ sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/nginx.conf" > $GEN_CFG_PATH/nginx.conf
+}
+
+#
+# body
+#
+
+message info "Nexus will be installed into this directory: $(pwd)"
+
+if ! [ -f ./local_repo.conf ]; then
+ printf "[?] > Do you want continue? (if no, hit CTRL+C): "
+ read x
+fi
+
+message info "Reading configuration"
+get_configuration
+
+mkdir -p "$CERTS_TARGET_PATH"
+mkdir -p "$NGINX_LOG_DIR"
+mkdir -p "$GEN_CFG_PATH"
+if [ "$IS_SELF_EXTRACT" = YES ] ; then
+ message info "Now I will untar the resources"
+ message info "This may take a long time..."
+ sleep 3s
+ may_self_extract
+fi
+
+#
+echo "Cleanup docker (if installed)"
+docker rm -f nginx 1> /dev/null 2>&1 || true
+docker rm -f nexus 1> /dev/null 2>&1 || true
+
+install_files
+install_packages "$OS_ID"
+setup_vnc_server
+
+update_hosts
+
+# TODO
+#check_dependencies
+
+echo "Restarting dnsmasq"
+# TODO dnsmasq config?
+systemctl enable dnsmasq
+systemctl restart dnsmasq
+
+echo "** Generating config files to $GEN_CFG_PATH **"
+echo "Configure ssl certificates"
+
+patch_conf_files
+create_root_CA
+
+# create selfinstall CA cert
+$BASH_SCRIPTS_DIR/tools/create_si_cacert_pkg.sh
+# run generated file
+./install_cacert.sh
+
+create_cert "nexus"
+
+echo "** Certificates finished **"
+
+update_docker_cfg
+
+echo "Restarting docker"
+systemctl enable docker
+systemctl restart docker
+
+update_firewall
+
+set +e
+
+echo "** Loading images **"
+docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/sonatype_nexus3_latest.tar
+docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/own_nginx_latest.tar
+
+start_nexus
+start_nginx