#!/bin/bash
#
-# priority: 800
+# priority: 450
#
-# Bootstrap the database
+# Configure the API. Must be done after SSL certificates are generated
+# and before the API web server is brought up.
#
# Mark Huang <mlhuang@cs.princeton.edu>
# Copyright (C) 2006 The Trustees of Princeton University
#
-# $Id: api,v 1.2 2006/04/10 16:00:47 mlhuang Exp $
+# $Id$
#
# Source function library and configuration
. /etc/plc.d/functions
. /etc/planetlab/plc_config
+local_config=/etc/planetlab/configs/site.xml
-# Export so that we do not have to specify -p to psql invocations
-export PGPORT=$PLC_DB_PORT
+# Be verbose
+set -x
case "$1" in
start)
exit 0
fi
- MESSAGE=$"Bootstrapping the database"
+ MESSAGE=$"Configuring the API"
dialog "$MESSAGE"
- # Update the maintenance account username. This can't be
- # done through the api-config script since it uses the
- # maintenance account to access the API. The maintenance
- # account should be person_id 1 since it is created by the
- # DB schema itself.
- psql -U $PLC_DB_USER -c "UPDATE persons SET email='$PLC_API_MAINTENANCE_USER' WHERE person_id=1" $PLC_DB_NAME
+ # Make sure that the API maintenance account is protected by a
+ # password.
+ if [ -z "$PLC_API_MAINTENANCE_PASSWORD" ] ; then
+ PLC_API_MAINTENANCE_PASSWORD=$(uuidgen)
+ plc-config --category=plc_api --variable=maintenance_password --value="$PLC_API_MAINTENANCE_PASSWORD" --save=$local_config $local_config
+ service plc reload
+ fi
- # Bootstrap the DB
- api-config
- check
+ # Make sure that all PLC servers are allowed to access the API
+ # through the maintenance account.
+ PLC_API_MAINTENANCE_SOURCES=($((
+ for ip in $PLC_API_MAINTENANCE_SOURCES ; do
+ echo $ip
+ done
+ for server in API BOOT WWW ; do
+ hostname=PLC_${server}_HOST
+ gethostbyname ${!hostname}
+ done
+ ) | sort -u))
+ PLC_API_MAINTENANCE_SOURCES=${PLC_API_MAINTENANCE_SOURCES[*]}
+ plc-config --category=plc_api --variable=maintenance_sources --value="$PLC_API_MAINTENANCE_SOURCES" --save=$local_config $local_config
+ service plc reload
result "$MESSAGE"
;;