mirror of
https://github.com/bigchaindb/bigchaindb.git
synced 2024-10-13 13:34:05 +00:00
b6ec3e5f5c
* Support for secure TLS communication in MongoDB, MongoDB Monitoring Agent and MongoDB Backup Agent - Move from Golang to Bash for entrypoint program - Update image tag to 2.0 for Backup and Monitoring Agents and to 3.4.4 for MongoDB - Add documentation * changed title & rewrote Step 1 of workflow.rst * copy-edited ca-installation.rst * copy-edited & modified structure of workflow.rst * moved repeated Easy-RSA install & config docs to new page * edited the sentences describing the Easy-RSA dirs * copy-edited the page about generating server certificate * copy-edited the page about generating client certificate * renamed page to 'How to Set Up a Self-Signed Certificate Authority' * copy-edited page about how to revoke a certificate * Comments on how to uniquely name all instances in the cluster * Added comments about the other questions when setting up a CA * Added note about one Agent Api Key per Cloud Manager backup * docs: clarified instructions for generating server CSR * docs: added back 'from your PKI infrastructure' * docs: fixed step & added step re/ FQDNs & certs in workflow.rst * docs: added note re/ the Distinguished Name * Update docs for env vars setup * docs: added tip: how to get help with the easyrsa command
42 lines
1.5 KiB
Bash
Executable File
42 lines
1.5 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -euo pipefail
|
|
# -e Abort at the first failed line (i.e. if exit status is not 0)
|
|
# -u Abort when undefined variable is used
|
|
# -o pipefail (Bash-only) Piped commands return the status
|
|
# of the last failed command, rather than the status of the last command
|
|
|
|
MONGODB_MON_CONF_FILE=/etc/mongodb-mms/monitoring-agent.config
|
|
|
|
mms_api_key=`printenv MMS_API_KEY`
|
|
ca_crt_path=`printenv CA_CRT_PATH`
|
|
monitoring_crt_path=`printenv MONITORING_PEM_PATH`
|
|
|
|
if [[ -z "${mms_api_key}" || \
|
|
-z "${ca_crt_path}" || \
|
|
-z "${monitoring_crt_path}" ]]; then
|
|
echo "Invalid environment settings detected. Exiting!"
|
|
exit 1
|
|
fi
|
|
|
|
# Delete all lines containing "mmsApiKey" in the MongoDB Monitoring Agent
|
|
# config file /etc/mongodb-mms/monitoring-agent.config
|
|
sed -i '/mmsApiKey/d' $MONGODB_MON_CONF_FILE
|
|
|
|
# Append a new line of the form
|
|
# mmsApiKey=value_of_MMS_API_KEY
|
|
echo "mmsApiKey="${mms_api_key} >> ${MONGODB_MON_CONF_FILE}
|
|
|
|
# Append SSL settings to the config file
|
|
echo "useSslForAllConnections=true" >> ${MONGODB_MON_CONF_FILE}
|
|
echo "sslRequireValidServerCertificates=true" >> ${MONGODB_MON_CONF_FILE}
|
|
echo "sslTrustedServerCertificates="${ca_crt_path} >> ${MONGODB_MON_CONF_FILE}
|
|
echo "sslClientCertificate="${monitoring_crt_path} >> ${MONGODB_MON_CONF_FILE}
|
|
echo "#sslClientCertificatePassword=<password>" >> ${MONGODB_MON_CONF_FILE}
|
|
|
|
# start mdb monitoring agent
|
|
echo "INFO: starting mdb monitor..."
|
|
exec mongodb-mms-monitoring-agent \
|
|
--conf $MONGODB_MON_CONF_FILE \
|
|
--loglevel debug
|