From e74fbfba5d5857dda528054468be0c9152d1e5ed Mon Sep 17 00:00:00 2001
From: mchyzer <mchyzer@macbook-pro-103.lan>
Date: Mon, 4 May 2020 01:12:02 -0400
Subject: [PATCH] various jiras adding options to grouper container

---
 Dockerfile                                    |   4 +-
 .../tier-support/supervisord-hsqldb.conf      |  10 ++
 container_files/usr-local-bin/daemon          |   1 +
 container_files/usr-local-bin/gsh             |   1 +
 container_files/usr-local-bin/library.sh      | 119 +++++++++++++-----
 container_files/usr-local-bin/quickstart      |  11 ++
 container_files/usr-local-bin/scim            |   1 +
 container_files/usr-local-bin/ui              |   3 +-
 container_files/usr-local-bin/ui-ws           |   3 +-
 container_files/usr-local-bin/ws              |   1 +
 10 files changed, 116 insertions(+), 38 deletions(-)
 create mode 100644 container_files/tier-support/supervisord-hsqldb.conf
 create mode 100755 container_files/usr-local-bin/quickstart

diff --git a/Dockerfile b/Dockerfile
index 9a9f5430..92f29642 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -77,7 +77,9 @@ RUN groupadd -r tomcat \
     && chown -R tomcat:tomcat /opt/tomee  \
     && ln -s $JAVA_HOME/bin/java /etc/alternatives/java \
     && mkdir -p /opt/tomee/conf/Catalina/localhost/ \
-    && chown -R tomcat:tomcat /opt/grouper/grouperWebapp
+    && chown -R tomcat:tomcat /opt/grouper/grouperWebapp \
+    && mkdir /opt/hsqldb \
+    && chown tomcat:tomcat /opt/hsqldb
 
 
 COPY container_files/tier-support/ /opt/tier-support/
diff --git a/container_files/tier-support/supervisord-hsqldb.conf b/container_files/tier-support/supervisord-hsqldb.conf
new file mode 100644
index 00000000..439f68be
--- /dev/null
+++ b/container_files/tier-support/supervisord-hsqldb.conf
@@ -0,0 +1,10 @@
+[program:hsqldb]
+user=tomcat
+directory=/opt/hsqldb
+command=/usr/lib/jvm/java-1.8.0-amazon-corretto/bin/java -cp /opt/grouper/grouperWebapp/WEB-INF/lib/hsqldb-2.3.2.jar org.hsqldb.Server -port 9001 -database.0 file:/opt/hsqldb/grouperHSQL -dbname.0 grouper
+stderr_logfile = /tmp/loghsqldb
+stderr_logfile_maxbytes=0
+stdout_logfile = /tmp/loghsqldb
+stdout_logfile_maxbytes=0
+
+
diff --git a/container_files/usr-local-bin/daemon b/container_files/usr-local-bin/daemon
index 7488460d..7898c89f 100755
--- a/container_files/usr-local-bin/daemon
+++ b/container_files/usr-local-bin/daemon
@@ -3,6 +3,7 @@
 . /usr/local/bin/library.sh
 
 prepDaemon
+finishPrep
 
 export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN"
 
diff --git a/container_files/usr-local-bin/gsh b/container_files/usr-local-bin/gsh
index 1473da7e..5523d562 100755
--- a/container_files/usr-local-bin/gsh
+++ b/container_files/usr-local-bin/gsh
@@ -3,6 +3,7 @@
 . /usr/local/bin/library.sh
 
 prepDaemon
+finishPrep
 
 export GSH_JVMARGS="$GSH_JVMARGS -DENV=$ENV -DUSERTOKEN=$USERTOKEN"
 
diff --git a/container_files/usr-local-bin/library.sh b/container_files/usr-local-bin/library.sh
index 51f06aa5..cc9553f5 100755
--- a/container_files/usr-local-bin/library.sh
+++ b/container_files/usr-local-bin/library.sh
@@ -41,6 +41,11 @@ setupTomcatLogPipe() {
     (cat <> /tmp/logtomcat | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "tomee;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) &
 }
 
+setupHsqldbLogPipe() {
+    setupPipe /tmp/loghsqldb
+    (cat <> /tmp/loghsqldb | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "hsqldb;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) &
+}
+
 setupSupervisordLogPipe() {
     setupPipe /tmp/logsuperd
     (cat <> /tmp/logsuperd | awk -v ENV="$ENV" -v UT="$USERTOKEN" '{printf "supervisord;console;%s;%s;%s\n", ENV, UT, $0; fflush()}' &>/tmp/logpipe) &
@@ -63,30 +68,45 @@ linkGrouperSecrets() {
     done
 }
 
+prepQuickstart() {
+    
+    if [ -z "$RUN_HSQLDB" ]; then export RUN_HSQLDB=true; fi
+    if [ -z "$RUN_SHIB_SP" ]; then export RUN_SHIB_SP=false; fi
+    if [ -z "$SELF_SIGNED_CERT" ]; then export SELF_SIGNED_CERT=true; fi
+    if [ -z "$GROUPER_AUTO_DDL_UPTOVERSION" ]; then export GROUPER_AUTO_DDL_UPTOVERSION='v2.5.*'; fi
+    if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='0.0.0.0/0'; fi
+    # wait for database to start
+    if [ -z "$GROUPER_START_DELAY_SECONDS" ]; then export GROUPER_START_DELAY_SECONDS='10'; fi
+    if [ -z "$GROUPER_UI_GROUPER_AUTH" ]; then export GROUPER_UI_GROUPER_AUTH='true'; fi
+    if [ -z "$GROUPER_WS_GROUPER_AUTH" ]; then export GROUPER_WS_GROUPER_AUTH='true'; fi
+    if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=true; fi
+
+    if [ ! -z "$GROUPERSYSTEM_QUICKSTART_PASS" ]
+      then
+        if [ "$GROUPER_UI_GROUPER_AUTH" = 'true' ]
+          then
+            echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties
+            echo 'grouperPasswordConfigOverride_UI_GrouperSystem_pass.elConfig = ${java.lang.System.getenv().get('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties
+        fi
+        if [ "$GROUPER_WS_GROUPER_AUTH" = 'true' ]
+          then         
+            echo '' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.base.properties
+            echo 'grouperPasswordConfigOverride_WS_GrouperSystem_pass.elConfig = ${java.lang.System.getenv().get('"'"'GROUPERSYSTEM_QUICKSTART_PASS'"'"')}' >> /opt/grouper/grouperWebapp/WEB-INF/classes/grouper.hibernate.properties
+        fi
+    fi
+
+}
+
 prepDaemon() {
     
     if [ -z "$GROUPER_DAEMON" ]; then export GROUPER_DAEMON=true; fi
     if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi
-
-    setupLoggingPipe
-    setupGrouperLogPipe
-    #cp /opt/tier-support/grouper.xml /opt/tomee/conf/Catalina/localhost/
-    finishPrep
 }
 
 prepSCIM() {
     if [ -z "$GROUPER_SCIM" ]; then export GROUPER_SCIM=true; fi
     if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi
     if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi
-
-    setupLoggingPipe
-    setupGrouperLogPipe
-    setupHttpdLogPipe
-    setupTomcatLogPipe
-
-    
-    #cp /opt/tier-support/grouper.xml /opt/tomee/conf/Catalina/localhost/
-    finishPrep
 }
 
 prepUI() {
@@ -94,16 +114,6 @@ prepUI() {
     if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi
     if [ -z "$RUN_SHIB_SP" ]; then export RUN_SHIB_SP=true; fi
     if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi
-
-    setupLoggingPipe
-    setupGrouperLogPipe
-    setupHttpdLogPipe
-    setupShibdLogPipe
-    setupTomcatLogPipe
-    setupSupervisordLogPipe
-
-    #cp /opt/tier-support/grouper.xml /opt/tomee/conf/Catalina/localhost/
-    finishPrep
 }
 
 prepWS() {
@@ -111,14 +121,6 @@ prepWS() {
     if [ -z "$GROUPER_WS" ]; then export GROUPER_WS=true; fi
     if [ -z "$RUN_APACHE" ]; then export RUN_APACHE=true; fi
     if [ -z "$RUN_TOMEE" ]; then export RUN_TOMEE=true; fi
-    setupLoggingPipe
-    setupGrouperLogPipe
-    setupHttpdLogPipe
-    setupTomcatLogPipe
-    setupSupervisordLogPipe
-
-    #cp /opt/tier-support/grouper.xml /opt/tomee/conf/Catalina/localhost/
-    finishPrep
 }
 
 
@@ -129,24 +131,70 @@ prepConf() {
 
 finishPrep() {
 
+    setupLoggingPipe
+    setupGrouperLogPipe
+    setupSupervisordLogPipe
+
     # clear out existing supervisord config
     cat /opt/tier-support/supervisord-base.conf > /opt/tier-support/supervisord.conf
 
+    # default a lot of env variables
+    # morph defaults to null
+    if [ -z "$GROUPER_DATABASE_URL_FILE" ] && [ -z "$GROUPER_DATABASE_URL" ] ; then export GROUPER_DATABASE_URL=jdbc:hsqldb:hsql://localhost:9001/grouper; fi
+    if [ -z "$GROUPER_DATABASE_USERNAME_FILE" ] && [ -z "$GROUPER_DATABASE_USERNAME" ] ; then export GROUPER_DATABASE_USERNAME=sa; fi
+    # database password defaults to null
+    if [ -z "$GROUPER_UI_GROUPER_AUTH" ] ; then export GROUPER_UI_GROUPER_AUTH=false; fi
+    if [ -z "$GROUPER_WS_GROUPER_AUTH" ] ; then export GROUPER_WS_GROUPER_AUTH=false; fi
+    if [ -z "$GROUPER_SCIM_GROUPER_AUTH" ] ; then export GROUPER_SCIM_GROUPER_AUTH=false; fi
+    if [ -z "$GROUPER_CHOWN_DIRS" ] ; then export GROUPER_CHOWN_DIRS=true; fi
+    
+    if [ "$GROUPER_LOG_TO_HOST" = "true" ]
+      then
+        cp /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.grouperContainerHost.properties /opt/grouper/grouperWebapp/WEB-INF/classes/log4j.properties
+    fi
+    if [ "$GROUPER_WS_TOMCAT_AUTHN" = "true" ]
+      then
+        cp /opt/grouper/grouperWebapp/WEB-INF/web.wsTomcatAuthn.xml /opt/grouper/grouperWebapp/WEB-INF/web.xml
+        cp /opt/grouper/grouperWebapp/WEB-INF/server.wsTomcatAuthn.xml /opt/tomee/conf/server.xml
+    fi
+
+    # do this last
+    if [ "$GROUPER_CHOWN_DIRS" = "true" ]
+      then
+        chown -R tomcat:tomcat /opt/grouper/grouperWebapp
+    fi
+
+
     # construct the supervisord file based on FLAGS passed in or what was in CMD
+
+    if [ "$RUN_HSQLDB" = "true" ]
+      then
+        setupHsqldbLogPipe
+        cat /opt/tier-support/supervisord-hsqldb.conf >> /opt/tier-support/supervisord.conf
+    fi
+
     if [ "$RUN_APACHE" = "true" ]
       then
+        setupHttpdLogPipe
         cat /opt/tier-support/supervisord-httpd.conf >> /opt/tier-support/supervisord.conf
     fi
 
 
     if [ "$RUN_TOMEE" = "true" ]
       then
+        setupTomcatLogPipe
         cat /opt/tier-support/supervisord-tomee.conf >> /opt/tier-support/supervisord.conf
     fi
     
-    mv /etc/httpd/conf.d/shib.conf /etc/httpd/conf.d/shib.conf.dontuse
+    if [ -f /etc/httpd/conf.d/shib.conf ]
+      then
+        mv /etc/httpd/conf.d/shib.conf /etc/httpd/conf.d/shib.conf.dontuse
+    fi
+    
     if [ "$RUN_SHIB_SP" = "true" ]
       then
+        setupShibdLogPipe
+        export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH
         cat /opt/tier-support/supervisord-shibsp.conf >> /opt/tier-support/supervisord.conf
         cp /opt/tier-support/httpd-shib.conf /etc/httpd/conf.d/
         mv /etc/httpd/conf.d/shib.conf.dontuse /etc/httpd/conf.d/shib.conf
@@ -163,6 +211,11 @@ finishPrep() {
          cp -r $dest/libScim/* $dest/lib/
     fi
 
+    if [ "$GROUPER_UI" = "true" ]
+      then
+      if [ -z "$GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES" ]; then export GROUPER_UI_CONFIGURATION_EDITOR_SOURCEIPADDRESSES='127.0.0.1/32'; fi
+    fi
+
     if [ "$GROUPER_UI" = "true" ] || [ "$GROUPER_DAEMON" = "true" ]
        then
          cp -r $dest/libUiAndDaemon/* $dest/lib/
diff --git a/container_files/usr-local-bin/quickstart b/container_files/usr-local-bin/quickstart
new file mode 100755
index 00000000..a25962b8
--- /dev/null
+++ b/container_files/usr-local-bin/quickstart
@@ -0,0 +1,11 @@
+#!/bin/bash
+
+. /usr/local/bin/library.sh
+
+prepQuickstart
+prepUI
+prepWS
+prepDaemon
+finishPrep
+
+exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf
diff --git a/container_files/usr-local-bin/scim b/container_files/usr-local-bin/scim
index 9ab7c7b4..9d208d37 100755
--- a/container_files/usr-local-bin/scim
+++ b/container_files/usr-local-bin/scim
@@ -3,5 +3,6 @@
 . /usr/local/bin/library.sh
 
 prepSCIM
+finishPrep
 
 exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf
diff --git a/container_files/usr-local-bin/ui b/container_files/usr-local-bin/ui
index 59994da0..af4d3cb4 100755
--- a/container_files/usr-local-bin/ui
+++ b/container_files/usr-local-bin/ui
@@ -3,7 +3,6 @@
 . /usr/local/bin/library.sh
 
 prepUI
-
-export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH
+finishPrep
 
 exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf
diff --git a/container_files/usr-local-bin/ui-ws b/container_files/usr-local-bin/ui-ws
index 3eee072e..75b8d99f 100755
--- a/container_files/usr-local-bin/ui-ws
+++ b/container_files/usr-local-bin/ui-ws
@@ -4,7 +4,6 @@
 
 prepUI
 prepWS
-
-export LD_LIBRARY_PATH=/opt/shibboleth/lib64:$LD_LIBRARY_PATH
+finishPrep
 
 exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf
diff --git a/container_files/usr-local-bin/ws b/container_files/usr-local-bin/ws
index 99f893ee..101461c3 100755
--- a/container_files/usr-local-bin/ws
+++ b/container_files/usr-local-bin/ws
@@ -3,5 +3,6 @@
 . /usr/local/bin/library.sh
 
 prepWS
+finishPrep
 
 exec /usr/bin/supervisord -c /opt/tier-support/supervisord.conf