diff --git a/src/plugins/persistence/couch/couchdb-compose.yaml b/src/plugins/persistence/couch/couchdb-compose.yaml index 40e58ff0ab..fca4dbcb8f 100644 --- a/src/plugins/persistence/couch/couchdb-compose.yaml +++ b/src/plugins/persistence/couch/couchdb-compose.yaml @@ -1,10 +1,9 @@ version: "3" services: couchdb: - image: couchdb:${COUCHDB_IMAGE_TAG:-3.2.1} + image: couchdb:${COUCHDB_IMAGE_TAG:-3.3.2} ports: - "5984:5984" - - "5986:5986" volumes: - couchdb:/opt/couchdb/data environment: diff --git a/src/plugins/persistence/couch/setup-couchdb.sh b/src/plugins/persistence/couch/setup-couchdb.sh index 482f370f90..fc0df2d1fb 100755 --- a/src/plugins/persistence/couch/setup-couchdb.sh +++ b/src/plugins/persistence/couch/setup-couchdb.sh @@ -1,57 +1,25 @@ #!/bin/bash -e -# Do a couple checks for environment variables we expect to have a value. - -if [ -z "${OPENMCT_DATABASE_NAME}" ] ; then - echo "OPENMCT_DATABASE_NAME has no value" 1>&2 - exit 1 -fi - -if [ -z "${COUCH_ADMIN_USER}" ] ; then - echo "COUCH_ADMIN_USER has no value" 1>&2 - exit 1 -fi - -if [ -z "${COUCH_BASE_LOCAL}" ] ; then - echo "COUCH_BASE_LOCAL has no value" 1>&2 - exit 1 -fi - -# Come up with what we'll be providing to curl's -u option. Always supply the username from the environment, -# and optionally supply the password from the environment, if it has a value. -CURL_USERPASS_ARG="${COUCH_ADMIN_USER}" -if [ "${COUCH_ADMIN_PASSWORD}" ] ; then - CURL_USERPASS_ARG+=":${COUCH_ADMIN_PASSWORD}" -fi - -system_tables_exist () { - resource_exists $COUCH_BASE_LOCAL/_users -} - -create_users_db () { - curl -su "${CURL_USERPASS_ARG}" -X PUT $COUCH_BASE_LOCAL/_users -} - -create_replicator_db () { - curl -su "${CURL_USERPASS_ARG}" -X PUT $COUCH_BASE_LOCAL/_replicator -} - -setup_system_tables () { - users_db_response=$(create_users_db) - if [ "{\"ok\":true}" == "${users_db_response}" ]; then - echo Successfully created users db - replicator_db_response=$(create_replicator_db) - if [ "{\"ok\":true}" == "${replicator_db_response}" ]; then - echo Successfully created replicator DB - else - echo Unable to create replicator DB - fi - else - echo Unable to create users db +# Check if required environment variables have values, exit if not. +check_env_var() { + if [ -z "$1" ]; then + echo "$2 has no value" 1>&2 + exit 1 fi } -resource_exists () { +check_env_var "${OPENMCT_DATABASE_NAME}" "OPENMCT_DATABASE_NAME" +check_env_var "${COUCH_ADMIN_USER}" "COUCH_ADMIN_USER" +check_env_var "${COUCH_BASE_LOCAL}" "COUCH_BASE_LOCAL" + +# Construct curl's -u option value based on COUCH_ADMIN_USER and COUCH_ADMIN_PASSWORD environment variables. +CURL_USERPASS_ARG="${COUCH_ADMIN_USER}" +if [ "${COUCH_ADMIN_PASSWORD}" ]; then + CURL_USERPASS_ARG+=":${COUCH_ADMIN_PASSWORD}" +fi + +# Functions +resource_exists() { response=$(curl -u "${CURL_USERPASS_ARG}" -s -o /dev/null -I -w "%{http_code}" $1); if [ "200" == "${response}" ]; then echo "TRUE" @@ -60,16 +28,16 @@ resource_exists () { fi } -db_exists () { +db_exists() { resource_exists $COUCH_BASE_LOCAL/$OPENMCT_DATABASE_NAME } -create_db () { +create_db() { response=$(curl -su "${CURL_USERPASS_ARG}" -XPUT $COUCH_BASE_LOCAL/$OPENMCT_DATABASE_NAME); echo $response } -admin_user_exists () { +admin_user_exists() { response=$(curl -su "${CURL_USERPASS_ARG}" -o /dev/null -I -w "%{http_code}" $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/admins/$COUCH_ADMIN_USER); if [ "200" == "${response}" ]; then echo "TRUE" @@ -78,7 +46,7 @@ admin_user_exists () { fi } -create_admin_user () { +create_admin_user() { echo Creating admin user curl -X PUT $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/admins/$COUCH_ADMIN_USER -d \'"$COUCH_ADMIN_PASSWORD"\' } @@ -87,7 +55,7 @@ is_cors_enabled() { resource_exists $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/httpd/enable_cors } -enable_cors () { +enable_cors() { curl -su "${CURL_USERPASS_ARG}" -o /dev/null -X PUT $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/httpd/enable_cors -d '"true"' curl -su "${CURL_USERPASS_ARG}" -o /dev/null -X PUT $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/cors/origins -d '"*"' curl -su "${CURL_USERPASS_ARG}" -o /dev/null -X PUT $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/cors/credentials -d '"true"' @@ -95,6 +63,36 @@ enable_cors () { curl -su "${CURL_USERPASS_ARG}" -o /dev/null -X PUT $COUCH_BASE_LOCAL/_node/$COUCH_NODE_NAME/_config/cors/headers -d '"accept, authorization, content-type, origin, referer, x-csrf-token"' } +update_db_permissions() { + local db_name=$1 + echo "Updating ${db_name} database permissions" + response=$(curl -su "${CURL_USERPASS_ARG}" --location \ + --request PUT $COUCH_BASE_LOCAL/$db_name/_security \ + --header 'Content-Type: application/json' \ + --data-raw '{ "admins": {"roles": []},"members": {"roles": []}}') + if [ "{\"ok\":true}" == "${response}" ]; then + echo "Database permissions successfully updated" + else + echo "Database permissions not updated" + fi +} + +create_system_tables() { + local system_tables=("_users" "_replicator") + for table in "${system_tables[@]}"; do + echo "Creating $table database" + response=$(curl -su "${CURL_USERPASS_ARG}" -X PUT $COUCH_BASE_LOCAL/$table) + if [ "{\"ok\":true}" == "${response}" ]; then + echo "Successfully created $table database" + else + echo "Unable to create $table database" + fi + done +} + +# Main script execution + +# Check if the admin user exists; if not, create it. if [ "$(admin_user_exists)" == "FALSE" ]; then echo "Admin user does not exist, creating..." create_admin_user @@ -102,40 +100,32 @@ else echo "Admin user exists" fi -if [ "TRUE" == $(system_tables_exist) ]; then - echo System tables exist, skipping creation +# Check if system tables exist; if not, create them. +system_tables_exist=$(resource_exists $COUCH_BASE_LOCAL/_users) +if [ "TRUE" == "${system_tables_exist}" ]; then + echo "System tables exist, skipping creation" else - echo Is fresh install, creating system tables - setup_system_tables + echo "Fresh install, creating system tables" + create_system_tables fi +# Check if the database exists; if not, create it. if [ "FALSE" == $(db_exists) ]; then response=$(create_db) if [ "{\"ok\":true}" == "${response}" ]; then - echo Database successfully created + echo "Database successfully created" else - echo Database creation failed + echo "Database creation failed" fi else - echo Database already exists, nothing to do + echo "Database already exists, nothing to do" fi -echo "Updating _replicator database permissions" -response=$(curl -su "${CURL_USERPASS_ARG}" --location --request PUT $COUCH_BASE_LOCAL/_replicator/_security --header 'Content-Type: application/json' --data-raw '{ "admins": {"roles": []},"members": {"roles": []}}'); -if [ "{\"ok\":true}" == "${response}" ]; then - echo "Database permissions successfully updated" -else - echo "Database permissions not updated" -fi - -echo "Updating ${OPENMCT_DATABASE_NAME} database permissions" -response=$(curl -su "${CURL_USERPASS_ARG}" --location --request PUT $COUCH_BASE_LOCAL/$OPENMCT_DATABASE_NAME/_security --header 'Content-Type: application/json' --data-raw '{ "admins": {"roles": []},"members": {"roles": []}}'); -if [ "{\"ok\":true}" == "${response}" ]; then - echo "Database permissions successfully updated" -else - echo "Database permissions not updated" -fi +# Update _replicator and OPENMCT_DATABASE_NAME database permissions +update_db_permissions "_replicator" +update_db_permissions "${OPENMCT_DATABASE_NAME}" +# Check if CORS is enabled; if not, enable it. if [ "FALSE" == $(is_cors_enabled) ]; then echo "Enabling CORS" enable_cors