- # Load configuration
- plc-config --shell >/etc/planetlab/plc_config
- . /etc/planetlab/plc_config
-
- # Generate various defaults
- if [ -z "$PLC_DB_PASSWORD" ] ; then
- PLC_DB_PASSWORD=$(uuidgen)
- plc-config --category=plc_db --variable=password --value="$PLC_DB_PASSWORD" --save
- fi
-
- if [ -z "$PLC_API_MAINTENANCE_PASSWORD" ] ; then
- PLC_API_MAINTENANCE_PASSWORD=$(uuidgen)
- plc-config --category=plc_api --variable=maintenance_password --value="$PLC_API_MAINTENANCE_PASSWORD" --save
- fi
-
- if [ -z "$PLC_API_MAINTENANCE_SOURCES" ] ; then
- for server in API BOOT WWW ; do
- eval hostname=\${PLC_${server}_HOST}
- ip=$(gethostbyname $hostname)
- if [ -n "$ip" ] ; then
- if [ -n "$PLC_API_MAINTENANCE_SOURCES" ] ; then
- PLC_API_MAINTENANCE_SOURCES="$PLC_API_MAINTENANCE_SOURCES $ip"
- else
- PLC_API_MAINTENANCE_SOURCES=$ip
- fi
- fi
- done
- plc-config --category=plc_api --variable=maintenance_sources --value="$PLC_API_MAINTENANCE_SOURCES" --save
- fi
-
- # Save configuration
- mkdir -p /etc/planetlab/php
- plc-config --php >/etc/planetlab/php/plc_config.php
- plc-config --shell >/etc/planetlab/plc_config
-
- # For backward compatibility, until we can convert all code to use
- # the now standardized variable names.
-
- # DB constants are all named the same
- ln -sf plc_config /etc/planetlab/plc_db
-
- # API constants
- cat >/etc/planetlab/plc_api <<EOF
-PL_API_SERVER='$PLC_API_HOST'
-PL_API_PATH='$PLC_API_PATH'
-PL_API_PORT=$PLC_API_PORT
-PL_API_CAPABILITY_AUTH_METHOD='capability'
-PL_API_CAPABILITY_PASS='$PLC_API_MAINTENANCE_PASSWORD'
-PL_API_CAPABILITY_USERNAME='$PLC_API_MAINTENANCE_USER'
-PL_API_TICKET_KEY_FILE='$PLC_API_SSL_KEY'
-PLANETLAB_SUPPORT_EMAIL='$PLC_MAIL_SUPPORT_ADDRESS'
-BOOT_MESSAGES_EMAIL='$PLC_MAIL_BOOT_ADDRESS'
-WWW_BASE='$PLC_WWW_HOST'
-BOOT_BASE='$PLC_BOOT_HOST'
-EOF
-
- # The format is
- #
- # ip:max_role_id:organization_id:password
- #
- # It is unlikely that we will let federated sites use the
- # maintenance account to access each others' APIs, so we always
- # set organization_id to -1.
- (
- echo -n "PL_API_CAPABILITY_SOURCES='"
- first=1
- for ip in $PLC_API_MAINTENANCE_SOURCES ; do
- if [ $first -ne 1 ] ; then
- echo -n " "
- fi
- first=0
- echo -n "$ip:-1:-1:$PLC_API_MAINTENANCE_PASSWORD"
- done
- echo "'"
- ) >>/etc/planetlab/plc_api
-
- cat >/etc/planetlab/php/site_constants.php <<"EOF"
-<?php
-include('plc_config.php');
-
-DEFINE('PL_API_SERVER', PLC_API_HOST);
-DEFINE('PL_API_PATH', PLC_API_PATH);
-DEFINE('PL_API_PORT', PLC_API_PORT);
-DEFINE('PL_API_CAPABILITY_AUTH_METHOD', 'capability');
-DEFINE('PL_API_CAPABILITY_PASS', PLC_API_MAINTENANCE_PASSWORD);
-DEFINE('PL_API_CAPABILITY_USERNAME', PLC_API_MAINTENANCE_USER);
-DEFINE('WWW_BASE', PLC_WWW_HOST);
-DEFINE('BOOT_BASE', PLC_BOOT_HOST);
-DEFINE('DEBUG', PLC_WWW_DEBUG);
-DEFINE('API_CALL_DEBUG', PLC_API_DEBUG);
-DEFINE('SENDMAIL', PLC_MAIL_ENABLED);
-DEFINE('PLANETLAB_SUPPORT_EMAIL', PLC_NAME . 'Support <' . PLC_MAIL_SUPPORT_ADDRESS . '>');
-DEFINE('PLANETLAB_SUPPORT_EMAIL_ONLY', PLC_MAIL_SUPPORT_ADDRESS);
-?>
-EOF
-}
-
-config_network ()
-{
- case "$1" in
- start)
- # Minimal /etc/hosts
- (
- echo "127.0.0.1 localhost.localdomain localhost"
- for server in API BOOT WWW ; do
- eval hostname=\${PLC_${server}_HOST}
- ip=$(gethostbyname $hostname)
- if [ -n "$ip" ] ; then
- echo "$ip $hostname"
- fi
- done
- ) >/etc/hosts
-
- # Set up nameservers
- (
- [ -n "$PLC_NET_DNS1" ] && echo "nameserver $PLC_NET_DNS1"
- [ -n "$PLC_NET_DNS2" ] && echo "nameserver $PLC_NET_DNS2"
- ) >/etc/resolv.conf
- ;;
- esac
-}
-
-config_syslog ()
-{
- service syslog $1
- RETVAL=$?
-}
-
-config_postgresql ()
-{
- # Default locations
- PGDATA=/var/lib/pgsql/data
- postgresql_conf=$PGDATA/postgresql.conf
- pghba_conf=$PGDATA/pg_hba.conf
-
- case "$1" in
- start)
- if [ "$PLC_DB_ENABLED" != "1" ] ; then
- return 0
- fi
-
- # Set data directory and redirect startup output to /var/log/pgsql
- mkdir -p /etc/sysconfig/pgsql
- (
- echo "PGDATA=$PGDATA"
- echo "PGLOG=/var/log/pgsql"
- ) >>/etc/sysconfig/pgsql/postgresql
-
- # Fix ownership (rpm installation may have changed it)
- chown -R -H postgres:postgres $(dirname $PGDATA)
-
- # PostgreSQL must be started at least once to bootstrap
- # /var/lib/pgsql/data
- if [ ! -f $postgresql_conf ] ; then
- service postgresql start
- service postgresql stop
- fi
-
- # Enable DB server. PostgreSQL >=8.0 defines listen_addresses,
- # PostgreSQL 7.x uses tcpip_socket.
- if grep -q listen_addresses $postgresql_conf ; then
- sed -i -e '/^listen_addresses/d' $postgresql_conf
- echo "listen_addresses = '*'" >>$postgresql_conf
- elif grep -q tcpip_socket $postgresql_conf ; then
- sed -i -e '/^tcpip_socket/d' $postgresql_conf
- echo "tcpip_socket = true" >>$postgresql_conf
- fi
-
- # Disable access to all DBs from all hosts
- sed -i -e '/^\(host\|local\)/d' $pghba_conf
-
- # Enable passwordless localhost access
- echo "local all all trust" >>$pghba_conf
-
- # Enable access from the API and web servers
- PLC_API_IP=$(gethostbyname $PLC_API_HOST)
- PLC_WWW_IP=$(gethostbyname $PLC_WWW_HOST)
- (
- echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_API_IP/32 password"
- echo "host $PLC_DB_NAME $PLC_DB_USER $PLC_WWW_IP/32 password"
- ) >>$pghba_conf
-
- # Fix ownership (sed -i changes it)
- chown postgres:postgres $postgresql_conf $pghba_conf
-
- # Start up the server
- service postgresql start
- # /etc/init.d/postgresql always returns 0, even on failure
- status postmaster
- RETVAL=$?
-
- # Create/update the unprivileged database user and password
- if ! psql -U $PLC_DB_USER -c "" template1 >/dev/null 2>&1 ; then
- psql -U postgres -c "CREATE USER $PLC_DB_USER PASSWORD '$PLC_DB_PASSWORD'" template1