#!/bin/bash
# Entrypoint for Docker Container
HOST=${HOST:-'ankety.pirati.cz'}
IDP_METADATA=${IDP_METADATA:-'https://auth.pirati.cz/auth/realms/pirati/protocol/saml/descriptor'}
DB_TYPE=${DB_TYPE:-'pgsql'}
DB_HOST=${DB_HOST:-'pg'}
DB_PORT=${DB_PORT:-'5432'}
DB_SOCK=${DB_SOCK:-}
DB_NAME=${DB_NAME:-'limesurvey'}
DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
DB_USERNAME=${DB_USERNAME:-'limesurvey'}
DB_PASSWORD=${DB_PASSWORD:-}
DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
ADMIN_USER=${ADMIN_USER:-'admin'}
ADMIN_NAME=${ADMIN_NAME:-'admin'}
ADMIN_EMAIL=${ADMIN_EMAIL:-'foobar@example.com'}
ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
BASE_URL=${BASE_URL:-}
PUBLIC_URL=${PUBLIC_URL:-}
URL_FORMAT=${URL_FORMAT:-'path'}
SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
TABLE_SESSION=${TABLE_SESSION:-}
DEBUG=${DEBUG:-0}
DEBUG_SQL=${DEBUG_SQL:-0}
if [ ! -d /etc/apache2/saml2 ]; then
mkdir /etc/apache2/saml2
fi
if [ ! -f /etc/apache2/saml2/idp.xml ]; then
curl $IDP_METADATA > /etc/apache2/saml2/idp.xml
fi
# Create mod_auth_mellon service provider config
if [ ! -f /etc/apache2/saml2/sp.xml ]; then
pushd /etc/apache2/saml2
echo -e "Generating new service provider certificate.\n\n"
/usr/sbin/mellon_create_metadata https://${HOST}/mellon/metadata https://${HOST}/mellon
mv http*.xml sp.xml
mv http*.key sp.key
mv http*.cert sp.cert
chmod 644 sp.key
popd
fi
LISTEN_PORT=${LISTEN_PORT:-"8080"}
if [ -z "$DB_PASSWORD" ]; then
echo >&2 'Error: Missing DB_PASSWORD'
exit 1
fi
if [ -z "$ADMIN_PASSWORD" ]; then
echo >&2 'Error: Missing ADMIN_PASSWORD'
exit 1
fi
if [ "$LISTEN_PORT" != "80" ]; then
echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
fi
# Check if database is available
if [ -z "$DB_SOCK" ]; then
until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
do
echo "Info: Waiting for database connection..."
sleep 5
done
fi
# Check if config already provisioned
if [ -f application/config/config.php ]; then
echo 'Info: config.php already provisioned'
else
echo 'Info: Generating config.php'
if [ "$DB_TYPE" = 'mysql' ]; then
echo 'Info: Using MySQL configuration'
DB_CHARSET=${DB_CHARSET:-'utf8mb4'}
fi
if [ "$DB_TYPE" = 'pgsql' ]; then
echo 'Info: Using PostgreSQL configuration'
DB_CHARSET=${DB_CHARSET:-'utf8'}
fi
if [ -n "$DB_SOCK" ]; then
echo 'Info: Using unix socket'
DB_CONNECT='unix_socket'
else
echo 'Info: Using TCP connection'
DB_CONNECT='host'
fi
if [ -z "$PUBLIC_URL" ]; then
echo 'Info: Setting PublicURL'
fi
cat <<EOF > application/config/config.php
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
return array(
'components' => array(
'db' => array(
'connectionString' => '$DB_TYPE:$DB_CONNECT=$DB_HOST;port=$DB_PORT;dbname=$DB_NAME;',
'emulatePrepare' => true,
'username' => '$DB_USERNAME',
'password' => '$DB_PASSWORD',
'charset' => '$DB_CHARSET',
'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
),
//'session' => array (
// 'class' => 'application.core.web.DbHttpSession',
// 'connectionID' => 'db',
// 'sessionTableName' => '{{sessions}}',
//),
'urlManager' => array(
'urlFormat' => '$URL_FORMAT',
'rules' => array(),
'showScriptName' => $SHOW_SCRIPT_NAME,
),
'request' => array(
'baseUrl' => '$BASE_URL',
),
),
'config'=>array(
'publicurl'=>'$PUBLIC_URL',
'debug'=>$DEBUG,
'debugsql'=>$DEBUG_SQL,
'mysqlEngine' => '$DB_MYSQL_ENGINE',
)
);
EOF
fi
# Enable Table Sessions if required
if [ -n "$TABLE_SESSION" ]; then
echo 'Info: Setting Table Session'
# Remove the comments in the config
sed -i "s/\/\///g" application/config/config.php
fi
# Check if security config already provisioned
if [ -f application/config/security.php ]; then
echo 'Info: security.php already provisioned'
else
echo 'Info: Creating security.php'
if [ -n "$ENCRYPT_KEYPAIR" ]; then
cat <<EOF > application/config/security.php
<?php if (!defined('BASEPATH')) exit('No direct script access allowed');
\$config = array();
\$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
\$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
\$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
return \$config;
EOF
else
echo >&2 'Warning: No encryption keys were provided'
echo >&2 'Warning: A security.php config will be created by the application'
echo >&2 'Warning: THIS FILE NEEDS TO BE PERSISTENT'
fi
fi
# Check if LimeSurvey database is provisioned
echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
php application/commands/console.php updatedb
PHP_UPDATEDB_EXIT_CODE=$?
if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
echo 'Info: Database already provisioned'
else
echo ''
echo 'Running console.php install'
php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
fi
exec "$@"