rems/docker-entrypoint.sh at master · AustralianBioCommons/rems · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
#!/bin/bash
set -euo pipefail
set -x

# Encode DB password to safely use in JDBC URL
urlencode() {
  local raw="$1"
  local encoded=""
  local i c
  for (( i = 0; i < ${#raw}; i++ )); do
    c="${raw:$i:1}"
    case "$c" in
      [a-zA-Z0-9.~_-]) encoded+="$c" ;;
      *) encoded+=$(printf '%%%02X' "'$c") ;;
    esac
  done
  echo "$encoded"
}

# Ensure PUBLIC_URL ends with a trailing slash for post_logout_redirect_uri
PUBLIC_URL="${PUBLIC_URL%/}/"

# Derive Auth0 base from the configured OIDC metadata URL
# e.g. https://tenant.au.auth0.com/.well-known/openid-configuration -> https://tenant.au.auth0.com
AUTH0_BASE="${OIDC_METADATA_URL%/.well-known/openid-configuration}"
AUTH0_BASE="${AUTH0_BASE%/}"

# Build the logout URL dynamically (no hard-coding)
ENC_RETURN="$(urlencode "${PUBLIC_URL}")"
export OIDC_LOGOUT_REDIRECT_URL="${AUTH0_BASE}/oidc/logout?client_id=${OIDC_CLIENT_ID}&post_logout_redirect_uri=${ENC_RETURN}"

export DB_PASSWORD_ENCODED=$(urlencode "$DB_PASSWORD")

# Write Visa key files
echo "$PRIVATE_KEY" > /rems/keys/private-key.jwk
echo "$PUBLIC_KEY" > /rems/keys/public-key.jwk

# Generate config.edn
envsubst < /rems/config/config.edn.template > /rems/config/config.edn

echo "========================"
echo "Generated config.edn:"
cat /rems/config/config.edn
echo "========================"

# Optional: install custom cert if provided
certfile=$(ls /rems/certs 2>/dev/null || true)
if [ -n "${certfile}" ] && [ "${certfile}" != "null" ]; then
  keytool -importcert -cacerts -noprompt \
          -storepass changeit \
          -file "/rems/certs/${certfile}" \
          -alias "${certfile}"

  keytool -storepasswd -cacerts \
          -storepass changeit \
          -new "$(head /dev/urandom | tr -dc A-Za-z0-9 | head -c 20)"
fi

# Dispatch by CMD
case "${CMD:-start}" in
  migrate)
    echo "########## RUNNING REMS MIGRATION ##########"
    exec java -Drems.config=config/config.edn -jar rems.jar migrate
    ;;
  start)
    echo "########## STARTING REMS ##########"
    exec java -Drems.config=config/config.edn -jar rems.jar run
    ;;
  *)
    echo "Unknown CMD: '${CMD}' — valid options are: start, migrate"
    exit 1
    ;;
esac


echo "####################"
echo "########## CONTAINER STARTUP FINISHED"
echo "####################"