forked from City-of-Helsinki/tunnistamo
-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathdocker-entrypoint.sh
executable file
·96 lines (81 loc) · 2.93 KB
/
docker-entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#!/bin/bash
set -e
if [ -n "$DATABASE_HOST" ]; then
until nc -z -v -w30 "$DATABASE_HOST" 5432
do
echo "Waiting for postgres database connection..."
sleep 1
done
echo "Database is up!"
fi
# Apply database migrations
if [[ "$APPLY_MIGRATIONS" = "1" ]]; then
echo "Applying database migrations..."
./manage.py migrate --noinput
fi
if [[ "$SETUP_DEV_OIDC" = "1" ]]; then
echo "Setting up a OIDC test environments"
./manage.py add_oidc_client \
--confidential \
--name Helsinkiprofile \
--response_types "id_token token" \
--redirect_uris https://oidcdebugger.com/debug \
--client_id https://api.hel.fi/auth/helsinkiprofile \
--site_type dev \
--login_methods github
./manage.py add_oidc_client \
--confidential \
--name Project \
--response_types code \
--redirect_uris \
http://localhost:8001/complete/tunnistamo/ \
http://omahelsinki:8001/complete/tunnistamo/ \
https://oidcdebugger.com/debug \
http://tunnistamo-backend:8000/accounts/github/login/callback/ \
--client_id http://tunnistamo-backend:8000/project \
--site_type dev \
--login_methods github \
--scopes "https://api.hel.fi/auth/helsinkiprofile login_entries consents email profile"
./manage.py add_oidc_api \
--name helsinkiprofile \
--domain https://api.hel.fi/auth \
--scopes profile email \
--client_id https://api.hel.fi/auth/helsinkiprofile
./manage.py add_oidc_api_scope \
--name Helsinkiprofile \
--api_name helsinkiprofile \
--description "Profile backend" \
--client_ids https://api.hel.fi/auth/helsinkiprofile
echo "The following test OIDC environments are available:
# PROFILE CLIENT & API
Client id : https://api.hel.fi/auth/helsinkiprofile
Response types : id_token token
Login methods : GitHub
Redirect URLs : https://oidcdebugger.com/debug
API Scope : profile, email
# PROJECT CLIENT
Client id : http://tunnistamo-backend:8000/project (please add 'tunnistamo-backend' to your hosts file)
Response types : code
Login methods : GitHub, Google, Yle Tunnus
Redirect URLs : http://localhost:8000/complete/tunnistamo/ & https://oidcdebugger.com/debug
Scopes: https://api.hel.fi/auth/helsinkiprofile login_entries consents email profile
To change the settings, please visit the admin panel and change
the Client, API and API Scope accordingly.
"
fi
if [[ "$GENERATE_OPENID_KEY" = "1" ]]; then
# (Re-)Generate OpenID RSA key if needed
./manage.py manage_openid_keys
fi
if [[ "$CREATE_SUPERUSER" = "1" ]]; then
./manage.py add_admin_user -u admin -p admin -e [email protected]
echo "Admin user created with credentials admin:admin (email: [email protected])"
fi
# Start server
if [[ ! -z "$@" ]]; then
"$@"
elif [[ "$DEV_SERVER" = "1" ]]; then
python ./manage.py runserver 0.0.0.0:8000
else
uwsgi --ini .prod/uwsgi.ini
fi