diff --git a/sulu/sulu-builder/files/etc/sulu/sulu.sh b/sulu/sulu-builder/files/etc/sulu/sulu.sh index 602542540..02e90d5bd 100644 --- a/sulu/sulu-builder/files/etc/sulu/sulu.sh +++ b/sulu/sulu-builder/files/etc/sulu/sulu.sh @@ -5,8 +5,9 @@ . /lib/functions.sh . /usr/share/libubox/jshn.sh -RESTART_REQ=0 -_RESTART_SERVICES="0" +SULU_CON_CONFIG="/sulu/presets/connection-config.json" +SULU_ACL_FILE="" +SULU_CON_ROLES="" slog() { echo "$*" | logger -t sulu.sh -p debug @@ -27,49 +28,21 @@ _get_agent_id() { fi } -_get_sulu_user_roles() { - roles=$(uci -q get userinterface._sulu_s.role) - - for role in ${roles}; do - sulu_user_roles="${sulu_user_roles} ${role}" - done - - if [ -n "${sulu_user_roles}" ]; then - sulu_user_roles=$(echo -e "${sulu_user_roles// /\\n}" | sort | uniq) - fi - - echo "${sulu_user_roles}" -} - -_get_sulu_root() { - local root - - root="$(uci -q get nginx._sulu_s.root)" - echo "${root:-/sulu}" -} - -_get_sulu_connection_config() { - local config - - config="$(_get_sulu_root)/presets/connection-config.json" - echo "${config}" -} - -_get_sulu_session_mode() { - uci -q get sulu.global.SessionMode -} - _get_sulu_acl_file() { uci -q get mosquitto.sulu.acl_file } +_sulu_conn_config_users() { + for user in ${SULU_CON_ROLES}; do + json_add_object "${user}" + json_add_string 'fromId' "self::sulu-${user}" + json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${user}/endpoint" + json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${user}/controller" + json_close_object + done +} + generate_sulu_conn_config() { - local users SCONFIG session - - users="$(_get_sulu_user_roles)" - session="$(_get_sulu_session_mode)" - SCONFIG="$(_get_sulu_connection_config)" - json_init json_add_string 'Current-connection' 'main' json_add_object 'Connections' @@ -79,41 +52,25 @@ generate_sulu_conn_config() { json_add_string 'toId' "os::$(_get_agent_id)" json_add_string 'port' "auto" json_add_string 'path' "/wss" - - if [ "${session}" = "Require" ]; then - json_add_boolean 'useSession' 1 - fi - json_add_string 'protocol' 'autoWs' + json_add_object 'overrides' { - for user in ${users}; do - json_add_object "${user}" - { - json_add_string 'fromId' "self::sulu-${user}" - json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${user}/endpoint" - json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${user}/controller" - json_close_object - } - done + _sulu_conn_config_users json_close_object } json_close_object } json_close_object } - - json_dump >"${SCONFIG}" + json_dump >"${SULU_CON_CONFIG}" } -_update_obuspa_config_rbac() { - local agent users session +update_obuspa_config() { + local agent agent="$(_get_agent_id)" - users="$(_get_sulu_user_roles)" - session="$(_get_sulu_session_mode)" - - for user in ${users}; do + for user in ${SULU_CON_ROLES}; do local section # Add mqtt @@ -123,7 +80,6 @@ _update_obuspa_config_rbac() { uci_set obuspa "${section}" BrokerAddress "127.0.0.1" uci_set obuspa "${section}" BrokerPort "1883" uci_set obuspa "${section}" TransportProtocol "TCP/IP" - RESTART_REQ=1 fi # Add mtp @@ -133,7 +89,6 @@ _update_obuspa_config_rbac() { uci_set obuspa "${section}" Protocol "MQTT" uci_set obuspa "${section}" ResponseTopicConfigured "/usp/${agent}/${user}/endpoint" uci_set obuspa "${section}" mqtt "mqtt_sulu_$user" - RESTART_REQ=1 fi # Add controller @@ -145,88 +100,59 @@ _update_obuspa_config_rbac() { uci_set obuspa "${section}" Topic "/usp/${agent}/${user}/controller" uci_set obuspa "${section}" mqtt "mqtt_sulu_$user" uci_set obuspa "${section}" assigned_role_name "$user" - RESTART_REQ=1 - fi - - obMode="$(uci_get obuspa "${section}" SessionMode)" - if [ "${session}" != "${obMode}" ]; then - uci_set obuspa "${section}" SessionMode "${session}" - RESTART_REQ=1 fi done } -_create_mosquitto_acl() { - local agentid users - local ACL_FILE acl_users +create_mosquitto_acl() { + local agentid + local acl_users - RESTART_REQ="0" - - ACL_FILE="$(_get_sulu_acl_file)" - if [ -z "${ACL_FILE}" ]; then + SULU_ACL_FILE="$(_get_sulu_acl_file)" + if [ -z "${SULU_ACL_FILE}" ]; then return 0 fi - users="$(_get_sulu_user_roles)" - if [ -f "${ACL_FILE}" ]; then - acl_users="$(awk '/^user / {print $2}' "${ACL_FILE}")" - for user in ${acl_users}; do - if ! echo "$users" | grep -qwF "$user"; then - rm -f "${ACL_FILE}" - RESTART_REQ="1" - break - fi - done - fi - [ -f "${ACL_FILE}" ] || touch "${ACL_FILE}" - + echo > "${SULU_ACL_FILE}" agentid="$(_get_agent_id)" - for user in ${users}; do - if ! grep -qxF "user $user" "${ACL_FILE}"; then + for user in ${SULU_CON_ROLES}; do + if ! grep -qxF "user $user" "${SULU_ACL_FILE}"; then { echo "user ${user}" echo "topic read /usp/${agentid}/${user}/controller/reply-to" echo "topic write /usp/${agentid}/${user}/endpoint" echo "topic read /usp/${agentid}/${user}/controller" echo "" - } >> "${ACL_FILE}" - RESTART_REQ="1" + } >> "${SULU_ACL_FILE}" fi done +} - if [ "${_RESTART_SERVICES}" -eq "1" ] && [ "${RESTART_REQ}" -gt "0" ]; then - slog "Restarting mosquitto..." - ubus call uci commit '{"config":"mosquitto"}' +get_sulu_roles() { + local sec path_prefix redirect role + + sec="${1}" + + config_get path_prefix "${sec}" path_prefix "" + config_get redirect "${sec}" redirect "" + config_get role "${sec}" role "" + + if [ -n "${redirect}" ]; then + return 0 + fi + + if [ "${path_prefix}" != "/sulu" ]; then + return 0 + fi + + if [ -n "${role}" ]; then + SULU_CON_ROLES="${SULU_CON_ROLES} ${role}" fi } -update_obuspa_config() { - RESTART_REQ=0 - _update_obuspa_config_rbac - uci_commit obuspa +config_load userinterface +config_foreach get_sulu_roles http_access - if [ "${_RESTART_SERVICES}" -eq "1" ] && [ "${RESTART_REQ}" -gt "0" ]; then - slog "Restarting obuspa..." - ubus call uci commit '{"config":"obuspa"}' - fi -} - -configure_sulu() { - _create_mosquitto_acl - update_obuspa_config - generate_sulu_conn_config -} - -while getopts ":r" opt; do - case ${opt} in - r) - _RESTART_SERVICES="1" - ;; - *) - slog "Invalid option: ${OPTARG}" - exit 1 - ;; - esac -done - -configure_sulu +generate_sulu_conn_config +create_mosquitto_acl +update_obuspa_config diff --git a/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config b/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config index 005df0aa5..50dbeb7f8 100644 --- a/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config +++ b/sulu/sulu-builder/files/etc/uci-defaults/40-add-sulu-config @@ -39,7 +39,8 @@ add_sulu_config_to_mosquitto() add_sulu_userinterface_uci() { - if [ -f "/etc/config/userinterface" ]; then + # check if sulu already configured + if ! uci show userinterface| grep -q "path_prefix='/sulu'"; then uci_add userinterface http_access _sulu_s uci_set userinterface _sulu_s path_prefix '/sulu' uci_set userinterface _sulu_s port '8443'