diff options
Diffstat (limited to 'bash/tools/deploy_nexus.sh')
-rw-r--r-- | bash/tools/deploy_nexus.sh | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/bash/tools/deploy_nexus.sh b/bash/tools/deploy_nexus.sh index ab1c80b2..1532c614 100644 --- a/bash/tools/deploy_nexus.sh +++ b/bash/tools/deploy_nexus.sh @@ -1,4 +1,5 @@ #! /usr/bin/env bash + # COPYRIGHT NOTICE STARTS HERE # # Copyright 2018 © Samsung Electronics Co., Ltd. @@ -16,11 +17,15 @@ # limitations under the License. # # COPYRIGHT NOTICE ENDS HERE + + # fail fast set -e + # OS check . /etc/os-release OS_ID="${ID}" + case "$OS_ID" in centos) ;; @@ -33,6 +38,7 @@ case "$OS_ID" in exit 1 ;; esac + # boilerplate RELATIVE_PATH=./ # relative path from this script to 'common-functions.sh' if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then @@ -40,35 +46,45 @@ if [ "$IS_COMMON_FUNCTIONS_SOURCED" != YES ] ; then LOCAL_PATH=$(readlink -f "$SCRIPT_DIR") . "${LOCAL_PATH}"/"${RELATIVE_PATH}"/common-functions.sh fi + # # local functions # + start_nexus() { echo "** Starting nexus **" if [[ -z "$NEXUS_DATA" ]]; then echo "Nexus data env is not set" exit -3 fi + # valid for case of fresh nexus deployment # data are inserted in later phases mkdir -p $NEXUS_DATA # hardening chmod a+wrX $NEXUS_DATA chown -R 200:200 $NEXUS_DATA + docker rm -f nexus 1> /dev/null 2>&1 || true + docker run -d --name nexus\ --restart unless-stopped \ -v $NEXUS_DATA:/nexus-data:rw \ sonatype/nexus3 + echo "** Creating docker network **" docker network create nexus_network docker network connect nexus_network nexus } + start_nginx() { echo "** Starting reverse proxy - nginx **" + docker rm -f nginx 1> /dev/null 2>&1 || true mkdir -p $NGINX_HTTP_DIR/repo.install-server + mkdir -p "$NGINX_HTTP_DIR/repo.install-server" + docker run -d -p 80:80 -p 443:443 -p 10001:443 \ --name nginx \ --network nexus_network \ @@ -81,29 +97,41 @@ start_nginx() { --restart unless-stopped \ own_nginx } + patch_cert() { file=$1 cp "$APROJECT_DIR/cfg/$file" "$GEN_CFG_PATH/$file" +# sed "s#countryName =.*#countryName = $CERT_COUNTRY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file +# sed "s#localityName =.*#localityName = $CERT_LOCALITY#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file +# sed "s#organizationName =.*#organizationName = $CERT_ORGANIZATION#" "$APROJECT_DIR/cfg/$file" > $GEN_CFG_PATH/$file } + patch_conf_files() { # patch nexus and root cert patch_cert nexus_cert.cnf patch_cert cacert.cnf + # patch nexus v3 ext cert sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/v3.ext" > $GEN_CFG_PATH/v3.ext + #patch nginx.conf sed "s#nexus.student12#$NEXUS_FQDN#" "$APROJECT_DIR/cfg/nginx.conf" > $GEN_CFG_PATH/nginx.conf } + # # body # + message info "Nexus will be installed into this directory: $(pwd)" + if ! [ -f ./local_repo.conf ]; then printf "[?] > Do you want continue? (if no, hit CTRL+C): " read x fi + message info "Reading configuration" get_configuration + mkdir -p "$CERTS_TARGET_PATH" mkdir -p "$NGINX_LOG_DIR" mkdir -p "$GEN_CFG_PATH" @@ -113,37 +141,54 @@ if [ "$IS_SELF_EXTRACT" = YES ] ; then sleep 3s may_self_extract fi + # echo "Cleanup docker (if installed)" docker rm -f nginx 1> /dev/null 2>&1 || true docker rm -f nexus 1> /dev/null 2>&1 || true + install_files install_packages "$OS_ID" setup_vnc_server + update_hosts + # TODO #check_dependencies + echo "Restarting dnsmasq" +# TODO dnsmasq config? systemctl enable dnsmasq systemctl restart dnsmasq + echo "** Generating config files to $GEN_CFG_PATH **" echo "Configure ssl certificates" + patch_conf_files create_root_CA + # create selfinstall CA cert $BASH_SCRIPTS_DIR/tools/create_si_cacert_pkg.sh # run generated file ./install_cacert.sh + create_cert "nexus" + echo "** Certificates finished **" + update_docker_cfg + echo "Restarting docker" systemctl enable docker systemctl restart docker + update_firewall + set +e + echo "** Loading images **" docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/sonatype_nexus3_latest.tar docker load -i $RESOURCES_DIR/offline_data/docker_images_infra/own_nginx_latest.tar + start_nexus start_nginx |