remove prepare file of shell version& let shell run silently

This commit is contained in:
saga92 2016-04-20 19:40:19 +08:00
parent d91b33fcd0
commit 4d9d46ffc4
7 changed files with 78 additions and 140 deletions

View File

@ -2,45 +2,45 @@
#The IP address or hostname to access admin UI and registry service.
#DO NOT use localhost or 127.0.0.1, because Harbor needs to be accessed by external clients.
hostname="reg.mydomain.com"
hostname = reg.mydomain.com
#The protocol for accessing the UI and token/notification service, by default it is http.
#It can be set to https if ssl is enabled on nginx.
ui_url_protocol="http"
ui_url_protocol = http
#Email account settings for sending out password resetting emails.
email_server="smtp.mydomain.com"
email_server_port="25"
email_username="sample_admin@mydomain.com"
email_password="abc"
email_from="admin <sample_admin@mydomain.com>"
email_server = smtp.mydomain.com
email_server_port = 25
email_username = sample_admin@mydomain.com
email_password = abc
email_from = admin <sample_admin@mydomain.com>
##The password of Harbor admin, change this before any production use.
harbor_admin_password="Harbor12345"
harbor_admin_password = Harbor12345
##By default the auth mode is db_auth, i.e. the credentials are stored in a local database.
#Set it to ldap_auth if you want to verify a user's credentials against an LDAP server.
auth_mode="db_auth"
auth_mode = db_auth
#The url for an ldap endpoint.
ldap_url="ldaps://ldap.mydomain.com"
ldap_url = ldaps://ldap.mydomain.com
#The basedn template to look up a user in LDAP and verify the user's password.
ldap_basedn="uid=%s,ou=people,dc=mydomain,dc=com"
ldap_basedn = uid=%s,ou=people,dc=mydomain,dc=com
#The password for the root user of mysql db, change this before any production use.
db_password="root123"
db_password = root123
#Turn on or off the self-registration feature
self_registration="on"
self_registration = on
#Turn on or off the custom-generate token
customize_token="on"
#Turn on or off the customize your certicate
customize_crt = on
#token message
crt_countryname="CN"
crt_state="State"
crt_name="name"
crt_organizationname="organization name"
crt_organizationalunitname="organizational unit name"
#fill in your certicate message
crt_countryname = CN
crt_state = State
crt_name = name
crt_organizationname = organization name
crt_organizationalunitname = organizational unit name
#####

View File

@ -22,25 +22,25 @@ conf.seek(0, os.SEEK_SET)
rcp = ConfigParser.RawConfigParser()
rcp.readfp(conf)
hostname = rcp.get("configuration", "hostname").strip('"')
ui_url = rcp.get("configuration", "ui_url_protocol").strip('"') + "://" + hostname
email_server = rcp.get("configuration", "email_server").strip('"')
email_server_port = rcp.get("configuration", "email_server_port").strip('"')
email_username = rcp.get("configuration", "email_username").strip('"')
email_password = rcp.get("configuration", "email_password").strip('"')
email_from = rcp.get("configuration", "email_from").strip('"')
harbor_admin_password = rcp.get("configuration", "harbor_admin_password").strip('"')
auth_mode = rcp.get("configuration", "auth_mode").strip('"')
ldap_url = rcp.get("configuration", "ldap_url").strip('"')
ldap_basedn = rcp.get("configuration", "ldap_basedn").strip('"')
db_password = rcp.get("configuration", "db_password").strip('"')
self_registration = rcp.get("configuration", "self_registration").strip('"')
customize_token = rcp.get("configuration", "customize_token").strip('"')
crt_countryname = rcp.get("configuration", "crt_countryname").strip('"')
crt_state = rcp.get("configuration", "crt_state").strip('"')
crt_name = rcp.get("configuration", "crt_name").strip('"')
crt_organizationname = rcp.get("configuration", "crt_organizationname").strip('"')
crt_organizationalunitname = rcp.get("configuration", "crt_organizationalunitname").strip('"')
hostname = rcp.get("configuration", "hostname")
ui_url = rcp.get("configuration", "ui_url_protocol") + "://" + hostname
email_server = rcp.get("configuration", "email_server")
email_server_port = rcp.get("configuration", "email_server_port")
email_username = rcp.get("configuration", "email_username")
email_password = rcp.get("configuration", "email_password")
email_from = rcp.get("configuration", "email_from")
harbor_admin_password = rcp.get("configuration", "harbor_admin_password")
auth_mode = rcp.get("configuration", "auth_mode")
ldap_url = rcp.get("configuration", "ldap_url")
ldap_basedn = rcp.get("configuration", "ldap_basedn")
db_password = rcp.get("configuration", "db_password")
self_registration = rcp.get("configuration", "self_registration")
customize_crt = rcp.get("configuration", "customize_crt")
crt_countryname = rcp.get("configuration", "crt_countryname")
crt_state = rcp.get("configuration", "crt_state")
crt_name = rcp.get("configuration", "crt_name")
crt_organizationname = rcp.get("configuration", "crt_organizationname")
crt_organizationalunitname = rcp.get("configuration", "crt_organizationalunitname")
########
base_dir = os.path.dirname(__file__)
@ -103,31 +103,40 @@ render(os.path.join(templates_dir, "db", "env"),
db_conf_env,
db_password=db_password)
if customize_token == 'on':
is_fail = 0
private_key_gem = os.path.join(config_dir, "ui", "private_key.pem")
root_crt = os.path.join(config_dir, "registry", "root.crt")
token_conf_files = [ private_key_gem, root_crt ]
rmdir(token_conf_files)
if customize_crt == 'on':
import subprocess
shell_status = subprocess.call(["openssl", "genrsa", "-out", private_key_gem, "4096"])
if shell_status == 0:
print("private_key.gem has been generated in %s/ui" % config_dir)
is_fail = False
FNULL = open(os.devnull, 'w')
shell_status = subprocess.check_call(["which", "openssl"], stdout=FNULL, stderr=subprocess.STDOUT)
if shell_status == 1:
print("cannot find openssl installed in this computer.")
is_fail = True
else:
print("gennerate private_key.gem fail.")
is_fail = 1
subj = "/C={0}/ST={1}/L={2}/O={3}/OU={4}"\
.format(crt_countryname, crt_state, crt_name, crt_organizationname, crt_organizationalunitname)
shell_status = subprocess.call(["openssl", "req", "-new", "-x509", "-key",\
private_key_gem, "-out", root_crt, "-days", "3650", "-subj", subj])
if shell_status == 0:
print("root.crt has been generated in %s/registry" % config_dir)
else:
print("gennerate root.crt fail.")
is_fail = 1
private_key_pem = os.path.join(config_dir, "ui", "private_key.pem")
root_crt = os.path.join(config_dir, "registry", "root.crt")
crt_conf_files = [ private_key_pem, root_crt ]
rmdir(crt_conf_files)
shell_status = subprocess.call(["openssl", "genrsa", "-out", private_key_pem, "4096"],\
stdout=FNULL, stderr=subprocess.STDOUT)
if shell_status == 0:
print("private_key.pem has been generated in %s/ui" % config_dir)
else:
print("gennerate private_key.pem fail.")
is_fail = True
subj = "/C={0}/ST={1}/L={2}/O={3}/OU={4}"\
.format(crt_countryname, crt_state, crt_name, crt_organizationname, crt_organizationalunitname)
shell_status = subprocess.call(["openssl", "req", "-new", "-x509", "-key",\
private_key_pem, "-out", root_crt, "-days", "3650", "-subj", subj], \
stdout=FNULL, stderr=subprocess.STDOUT)
if shell_status == 0:
print("root.crt has been generated in %s/registry" % config_dir)
else:
print("gennerate root.crt fail.")
is_fail = True
FNULL.close()
try:
if is_fail == 1:
print("some problem occurs.")
if is_fail is True:
print("some problems occur.")
sys.exit(1)
except Exception as e:
pass

View File

@ -1,71 +0,0 @@
#!/bin/bash
# Requires: openssl
source ./harbor.cfg
config_path="./config"
ui_path="./config/ui"
db_path="./config/db"
tpl_path="./templates"
mkdir -p $tpl_path
mkdir -p $ui_path $db_path
declare -a arr=("$ui_path/env" "$ui_path/app.conf" "$config_path/registry/config.yml" "$db_path/env")
for i in "${arr[@]}"; do
if [ -e $i ]; then
echo "Clearing the configuration file: "$i
rm $i
fi
done
source $tpl_path/ui/app.conf > $ui_path/app.conf
echo "Generated configuration file: "$ui_path/app.conf
source $tpl_path/ui/env > $ui_path/env
echo "Generated configuration file: "$ui_path/env
source $tpl_path/db/env > $config_path/db/env
echo "Generated configuration file: "$config_path/db/env
source $tpl_path/registry/config.yml > $config_path/registry/config.yml
echo "Generated configuration file: "$config_path/registry/config.yml
is_fail=0
if [ $customize_token == "on" ];then
if [ -e $ui_path/private_key.pem ]; then
echo "clearing the origin private_key.pem in "$ui_pth
rm $ui_path/private_key.pem
fi
openssl genrsa -out $ui_path/private_key.pem 4096
if [ -e $ui_path/private_key.pem ]; then
echo "private_key.gem has been generated in "$ui_path
else echo "generate private_key.gem fail."
is_fail=1
fi
if [ -e $config_path/registry/root.crt ]; then
echo "clearing the origin root.crt in "$config_path"/registry"
rm $config_path/registry/root.crt
fi
openssl req -new -x509 -key $ui_path/private_key.pem -out $config_path/registry/root.crt -days 3650 \
-subj "/C=$crt_countryname/ST=$crt_state/L=$crt_name/O=$crt_organizationname/OU=$crt_organizationalunitname"
if [ -e $config_path/registry/root.crt ]; then
echo "root.crt has been generated in "$config_path"/registry"
else echo "generate root.crt fail."
is_fail=1
fi
elif [ $customize_token != "off" ]; then
echo "wrong args found in customize_token: "$customize_token
is_fail=1
fi
if [ $is_fail -eq 0 ];then
echo "The configuration files are ready, please use docker-compose to start the service."
else
echo "some problem occurs."
fi

View File

@ -1 +1 @@
echo "MYSQL_ROOT_PASSWORD=$db_password"
MYSQL_ROOT_PASSWORD=$db_password

View File

@ -1,4 +1,4 @@
echo "version: 0.1
version: 0.1
log:
level: debug
fields:
@ -32,4 +32,4 @@ notifications:
url: http://ui/service/notifications
timeout: 500
threshold: 5
backoff: 1000"
backoff: 1000

View File

@ -1,4 +1,4 @@
echo "appname = registry
appname = registry
runmode = dev
[lang]
@ -13,4 +13,4 @@ host = $email_server
port = $email_server_port
username = $email_username
password = $email_password
from = $email_from"
from = $email_from

View File

@ -1,4 +1,4 @@
echo "MYSQL_HOST=mysql
MYSQL_HOST=mysql
MYSQL_PORT=3306
MYSQL_USR=root
MYSQL_PWD=$db_password
@ -11,4 +11,4 @@ AUTH_MODE=$auth_mode
LDAP_URL=$ldap_url
LDAP_BASE_DN=$ldap_basedn
SELF_REGISTRATION=$self_registration
LOG_LEVEL=debug"
LOG_LEVEL=debug