#!/bin/bash want_cic_cache_version=0.3.0a2 want_cicada_version=0.0.6rc1 setup_debug(){ . aux/bdbg/bdbg.sh _level=${BASH_DEBUG_LEVEL:-2} _debug=${BASH_DEBUG:-0} debug_flag= if [ ! -z "$_debug"] && [ "$_level" -eq 1 ]; then debug_flag="$debug_flag" elif [ ! -z "$_debug"] && [ "$_level" -gt 1 ]; then debug_flag="-v" fi } setup_cic_gpg(){ mkdir -vp $HOME/.local/share/cic/.gnupg chmod 700 $HOME/.local/share/cic/.gnupg for f in ./keys/*.asc; do gpg --homedir $HOME/.local/share/cic/.gnupg --import $f done gpg --homedir $HOME/.local/share/cic/.gnupg --import-ownertrust ./keys/trust } get_default_enviroment(){ dbg $dbg_debug "load default environment" config_directives=(CIC_REGISTRY_ADDRESS CIC_TRUST_ADDRESS META_URL TX_CACHE_URL CHAIN_SPEC) for c in ${config_directives[@]}; do v=${!c} dbg $dbg_debug "CIC_ROOT_CA_FILE $CIC_ROOT_CA_FILE" if [ -z "$v" ]; then d=`mktemp -d` curl -X GET --cacert $CIC_ROOT_CA_FILE $CIC_ROOT_URL/$c -o $d/$c gpg --homedir $HOME/.local/share/cic/.gnupg --verify $d/$c v=`gpg --homedir $HOME/.local/share/cic/.gnupg -d $d/$c` # Decrypt echo $v >> $t dbg $dbg_debug "fetched environment variable $v" else dbg $dbg_debug "using predefined environment variable for $c = $v" fi done } init_env(){ dbg $dbg_debug "identify root values" t=`mktemp` set -e # Exit immediately if a command exits with a non-zero status get_default_enviroment set -a . $t set +a # DATABASE_NAME set here works as long as only one database is involved... export DATABASE_PREFIX=$HOME/.local/share/cic/cache/${DATABASE_PREFIX:-staffclient} export DATABASE_ENGINE=sqlite export DATABASE_DRIVER=pysqlite export DATABASE_DEBUG=0 export DATABASE_POOL_SIZE=0 export DATABASE_USER=postgres export DATABASE_PASSWORD=`dd if=/dev/urandom bs=32 count=1 2> /dev/null | hexdump -v -n 32 -e '1/1 "%02x"'` if [ -d "$HOME/.config/cic/staff-client/.gnupg" ]; then echo "Staff Client GPG keyring already exists" else dbg $dbg_debug "set up keys" if [ -z "$AUTH_KEY" ]; then . setup_key.sh else t=`mktemp` gpg --export -a $AUTH_KEY > $t echo -n $AUTH_KEY > $HOME/.config/cic/staff-client/key_fingerprint dbg $dbg_info "using key $AUTH_KEY" fi fi export AUTH_KEY=`cat $HOME/.config/cic/staff-client/key_fingerprint` export AUTH_KEYRING_PATH=$HOME/.config/cic/staff-client/.gnupg export AUTH_DB_PATH=$HOME/.local/share/cic/clicada touch "$HOME/.config/cic/staff-client/.envinit" } check_cache_version(){ v=`pip show cic-cache | awk '/^Version/ {print $2;}'` if [ "$?" -ne 0 ]; then dbg $dbg_warn "cic-cache is not installed. will update" update=1 elif [ "$v" != "$want_cic_cache_version" ]; then dbg $dbg_warn "cic-cache version $v installed but need $want_cic_cache_version, will update" update=1 else dbg $dbg_info "cic-cache version $v found" fi } check_cicada_version(){ v=`pip show clicada | awk '/^Version/ {print $2;}'` if [ "$?" -ne 0 ]; then dbg $dbg_warn "clicada is not installed, will update" update=1 elif [ "$v" != "$want_cicada_version" ]; then dbg $dbg_warn "clicada version $v installed but need $want_cicada_version, will update" update=1 else dbg $dbg_info "clicada version $v found" fi } update_requirements(){ if [ $update -gt 0 ]; then dbg $dbg_debug "installing application files" pip install --index-url $PIP_INDEX_URL --extra-index-url $PIP_EXTRA_INDEX_URL $PIP_EXTRA_ARGS $debug_flag -r requirements.txt update_path $HOME/.local/bin fi } install_cache_configuration(){ if [ -f $HOME/.config/cic/cache/config.ini ]; then dbg $dbg_debug "migrating existing configuration" cic_cache_config_flag="-c $HOME/.config/cic/cache" fi cic-cache-trackerd --dumpconfig ini $cic_cache_config_flag $debug_flag > $t mkdir -vp $HOME/.config/cic/cache mv -v $t $HOME/.config/cic/cache/config.ini } install_clicada_configuration(){ if [ -d $HOME/.config/cic/clicada/config.ini ]; then dbg $dbg_debug "migrating existing clicada configuration" clicada_config_flag="-c $HOME/.config/cic/clicada" fi clicada --dumpconfig ini $clicada_config_flag > $t mkdir -vp $HOME/.config/cic/clicada mv -v $t $HOME/.config/cic/clicada/config.ini } export_cache_tracker_config(){ t=`mktemp` cic-cache-trackerd --dumpconfig env $cic_cache_config_flag $debug_flag > $t set -a # Forces a variable to be exported even if it wasn't before . $t set +a } execute_cache_database_migrations(){ dbg $dbg_debug "execute database migrations" mkdir -vp $HOME/.local/share/cic/cache # This has the default log level set to debug migrate_cic_cache.py -c $HOME/.config/cic/cache/ } export_clicada_config(){ t=`mktemp` clicada --dumpconfig env $clicada_config_flag $debug_flag > $t set -a . $t set +a } setup_debug PIP_EXTRA_ARGS=$PIP_EXTRA_ARGS PIP_EXTRA_INDEX_URL=${PIP_EXTRA_INDEX_URL:-https://pip.grassrootseconomics.net} PIP_INDEX_URL=${PIP_INDEX_URL:-"https://pypi.org/simple"} CIC_SETUP_TRUSTED_FINGERPRINT=${CIC_SETUP_TRUSTED_FINGERPRINT:-0826EDA1702D1E87C6E2875121D2E7BB88C2A746} CIC_ROOT_URL=${CIC_ROOT_URL:-https://root.grassrootseconomics.net/env/dev} default_root_ca_file=`realpath ./keys/ge.ca` CIC_ROOT_CA_FILE=${CIC_ROOT_CA_FILE:-$default_root_ca_file} if [ "$UID" -eq 0 ]; then dbg $dbg_error "This cannot be run as root" exit 1 fi . setup_check.sh . setup_path.sh mkdir -vp $HOME/.local/bin dbg $dbg_debug "importing keys" setup_cic_gpg # check if we have existing setup if [ ! -e "$HOME/.config/cic/staff-client/.envinit" ]; then init_env fi set +e dbg $dbg_debug "checking installed versions" update=0 check_cache_version check_cicada_version set -e update_requirements dbg $dbg_debug "installing configurations" t=`mktemp` install_cache_configuration install_clicada_configuration export_cache_tracker_config execute_cache_database_migrations export_clicada_config . setup_systemd.sh