#!/bin/bash -x set -e ##### ##### Read the commandline options ##### Only 'configure' is handled with processing, other actions ##### are ignored for now ##### ACTION=${1} ARG_VERSION=${2} # source the debconf library if [ -e "/usr/share/debconf/confmodule" ]; then . /usr/share/debconf/confmodule else echo "debconf must be installed. Exiting." exit 1 fi LONG_DATE=`date +%Y%m%d%H%M%S` TOMCAT_USER=tomcat D1_CONF=/etc/dataone NODE_PROPS="$D1_CONF/node.properties" PROCESS_PORT=5702 D1_LOG_DIR=/var/log/dataone D1_LOG_FILE=dataone-cn-processdaemon.install.log # functions to echo to STDERR or the install log instead of STDOUT logError () { log "ERROR $@" } ##### ##### log() ##### append stdout to a logfile ##### function log() { # # Set Up logging # Reminder: don't echo to stdout, it messes up debconf # if [ ! -e ${D1_LOG_DIR} ]; then mkdir -p ${D1_LOG_DIR} fi chown -R ${TOMCAT_USER}:${TOMCAT_USER} ${D1_LOG_DIR} now=$(date "+%Y-%m-%d %H:%M:%S %Z: ") echo -e "${now} postinst $@" >> ${D1_LOG_DIR}/${D1_LOG_FILE} } ##### ##### exitWithFailureCode( ERROR_CODE ) ##### Ensures that passwords are wiped, database is stopped and exit is called with an error code ##### function exitWithFailureCode() { local errorCode=$1 db_stop exit $errorCode } if ! (chmod +x /etc/init.d/d1-processing >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chmod on /etc/init.d/d1-processing" exitWithFailureCode 1 fi if [ -e ${D1_CONF}/process/hazelcast.xml ]; then if ! (rm ${D1_CONF}/process/hazelcast.xml >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to delete ${D1_CONF}/process/hazelcast.xml" fi fi #these will need to be configured per environment if ! (cp /usr/share/dataone-cn-processdaemon/debian/synchronization.properties ${D1_CONF}/process/synchronization.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/synchronization.properties ${D1_CONF}/process/synchronization.properties" exitWithFailureCode 3 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/logAggregation.properties ${D1_CONF}/process/logAggregation.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/logAggregation.properties ${D1_CONF}/process/logAggregation.properties" exitWithFailureCode 4 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/replication.properties ${D1_CONF}/process/replication.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/replication.properties ${D1_CONF}/process/replication.properties" exitWithFailureCode 5 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/d1client.properties ${D1_CONF}/process/d1client.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/d1client.properties ${D1_CONF}/process/d1client.properties" exitWithFailureCode 6 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/GeoLiteCity.dat ${D1_CONF}/process/GeoLiteCity.dat >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/GeoLiteCity.dat ${D1_CONF}/process/GeoLiteCity.dat" exitWithFailureCode 6 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/fullWebRobotList.txt ${D1_CONF}/process/fullWebRobotList.txt >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/fullWebRobotList.txt ${D1_CONF}/process/fullWebRobotList.txt" exitWithFailureCode 6 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/partialWebRobotList.txt ${D1_CONF}/process/partialWebRobotList.txt >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/partialWebRobotList.txt ${D1_CONF}/process/partialWebRobotList.txt" exitWithFailureCode 6 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/webRobotIPs.csv ${D1_CONF}/process/webRobotIPs.csv >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/webRobotIPs.csv ${D1_CONF}/process/webRobotIPs.csv" exitWithFailureCode 6 fi if ! (cp /usr/share/dataone-cn-processdaemon/debian/DataONE_IPs.csv ${D1_CONF}/process/DataONE_IPs.csv >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/debian/DataONE_IPs.csv ${D1_CONF}/process/DataONE_IPs.csv" exitWithFailureCode 6 fi #HOSTNAME=$(/bin/hostname -f) ## replace the token HOSTNAME in the site file to a hostname as found in debian backend db db_get dataone-cn-os-core/cn.hostname HOSTNAME=$RET if [ "$HOSTNAME" != "" ] then if ! (sed -i.bak 's/SERVER_NAME/'${HOSTNAME}'/' ${D1_CONF}/process/logAggregation.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to modify SERVER_NAME in logAggregation.properties with sed" exitWithFailureCode 7 fi if ! (sed -i.bak 's/SERVER_NAME/'${HOSTNAME}'/' ${D1_CONF}/process/d1client.properties >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to modify SERVER_NAME in d1client.properties with sed" exitWithFailureCode 8 fi else log "HOSTNAME can not be set in ${D1_CONF}/process synchronization.properties,d1client.properties or logAggregation.properties" fi if ! (chown -R ${TOMCAT_USER}:${TOMCAT_USER} /etc/dataone/process >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /etc/dataone/process" exitWithFailureCode 11 fi if ! (cp /usr/share/dataone-cn-processdaemon/d1_process_daemon.jar /usr/share/java >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp /usr/share/dataone-cn-processdaemon/d1_process_daemon.jar to /usr/share/java" exitWithFailureCode 12 fi if ! (chown -R ${TOMCAT_USER}:${TOMCAT_USER} /usr/share/java/d1_process_daemon.jar >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /usr/share/java/d1_process_daemon.jar " exitWithFailureCode 13 fi ################################################################## # Set up logging for background processes ################################################################## if [ ! -e "/var/log/dataone/daemon" ] then if ! (mkdir /var/log/dataone/daemon >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to mkdir /var/log/dataone/daemon " exitWithFailureCode 14 fi if ! (chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/dataone/daemon >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /var/log/dataone/daemon " exitWithFailureCode 15 fi fi if [ ! -e "/var/log/dataone/synchronize" ] then if ! (mkdir /var/log/dataone/synchronize >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to mkdir /var/log/dataone/synchronize " exitWithFailureCode 16 fi if ! (chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/dataone/synchronize >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /var/log/dataone/synchronize " exitWithFailureCode 17 fi fi if [ ! -e "/var/log/dataone/replicate" ] then if ! (mkdir /var/log/dataone/replicate >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to mkdir /var/log/dataone/replicate " exitWithFailureCode 18 fi if ! (chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/dataone/replicate >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /var/log/dataone/replicate " exitWithFailureCode 19 fi fi if [ ! -e "/var/log/dataone/logAggregate" ] then if ! (mkdir /var/log/dataone/logAggregate >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to mkdir /var/log/dataone/logAggregate " exitWithFailureCode 20 fi if ! (chown ${TOMCAT_USER}:${TOMCAT_USER} /var/log/dataone/logAggregate >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown /var/log/dataone/logAggregate " exitWithFailureCode 21 fi fi ############################################################################### # Configure Postgres ############################################################################### PG=postgresql PG_USER=postgres if [ -e "/etc/postgresql/14/main" ]; then PG_CONF=/etc/postgresql/14/main else PG_CONF=/etc/postgresql/10/main fi REPLICATION_HISTORY_DB=d1-replication-history REPLICATION_HISTORY_DB_USER=replicationhistory REPLICATION_HISTORY_DB_PASS=replicationhistory ## modify pg_hba.conf if ! (grep --silent --no-messages "${REPLICATION_HISTORY_DB} ${REPLICATION_HISTORY_DB_USER}" ${PG_CONF}/pg_hba.conf >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then log "backing up ${PG_CONF}/pg_hba.conf to ${PG_CONF}/pg_hba.conf.bak.replication.history" if ! (cp ${PG_CONF}/pg_hba.conf ${PG_CONF}/pg_hba.conf.bak.replication.history >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to cp ${PG_CONF}/pg_hba.conf ${PG_CONF}/pg_hba.conf.bak.replication.history " # None fail error fi if ! (chown ${PG_USER} ${PG_CONF}/pg_hba.conf >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown ${PG_USER} ${PG_CONF}/pg_hba.conf " exitWithFailureCode 22 fi if ! (chgrp ${PG_USER} ${PG_CONF}/pg_hba.conf >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to chown ${PG_USER} ${PG_CONF}/pg_hba.conf " exitWithFailureCode 23 fi log "appending 'host ${REPLICATION_HISTORY_DB} ${REPLICATION_HISTORY_DB_USER} 127.0.0.1 255.255.255.255 password' to ${PG_CONF}/pg_hba.conf" echo "host ${REPLICATION_HISTORY_DB} ${REPLICATION_HISTORY_DB_USER} 127.0.0.1 255.255.255.255 password" >> ${PG_CONF}/pg_hba.conf fi ## This should be removed after we upgrade the jdbc driver log "commenting out the lines with the authorization method md5 in ${PG_CONF}/pg_hba.conf" sed -i '/^[^#].*md5/ s/^/#/' ${PG_CONF}/pg_hba.conf ## create replication history schema and user log "Creating replication history database schema" if su ${PG_USER} -c "psql -lqt | cut -d \| -f 1 | grep -qw $REPLICATION_HISTORY_DB" ; then log "DB $REPLICATION_HISTORY_DB exists and we will not create it" else log "DB $REPLICATION_HISTORY_DB does not exist and we will create it" if ! (su ${PG_USER} -c "createdb ${REPLICATION_HISTORY_DB}" >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to createdb ${REPLICATION_HISTORY_DB}" exitWithFailureCode 24 fi fi log "Creating replication history db user - replicationHistory" if su - $PG_USER -c "psql -t -c '\du'| cut -d \| -f 1 | grep -qw $REPLICATION_HISTORY_DB_USER" ; then log "User $REPLICATION_HISTORY_DB_USER exists and we will not create it" else log "User $REPLICATION_HISTORY_DB_USER does not exist and we will create it" if ! (su ${PG_USER} -c "psql -c \"CREATE USER ${REPLICATION_HISTORY_DB_USER} WITH PASSWORD '${REPLICATION_HISTORY_DB_PASS}'\"" >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "Unable to CREATE USER ${REPLICATION_HISTORY_DB_USER}" exitWithFailureCode 25 fi fi ## Restart the postgres db log "Restarting postgres database" if ! (/etc/init.d/${PG} restart >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "${PG} failed to restart" exitWithFailureCode 26 fi ###################################################### iplistArray=($IPLIST) for ip in "${iplistArray[@]}"; do IP_ADDRESS=${ip} log "Adding 'ufw allow to any port ${PROCESS_PORT} from ${IP_ADDRESS}' rule" if ! (ufw allow to any port ${PROCESS_PORT} from ${IP_ADDRESS} >> ${D1_LOG_DIR}/${D1_LOG_FILE} 2>&1 ); then logError "ufw allow to any port ${PROCESS_PORT} from ${IP_ADDRESS} . Nonfatal." fi done ## Update DateONE Version Info Doc if ! (java -jar /usr/share/dataone-cn-version-tool/dataone-cn-version-tool.jar -F/usr/share/dataone-cn-version-tool/version-tool.properties -html > /var/www/cn-version.html 2>&1 ); then logError "dataone-cn-version-tool.jar. Nonfatal." fi log "Start Sychronization with /etc/init.d/d1-processing start" db_stop exit 0