authelia/scripts/authelia-scripts-bootstrap
Clement Michaud 4016ff1bba [BREAKING] Create a suite for Traefik proxy.
* Removal of the Redirect header sent by Authelia /api/verify endpoint.
* Authelia does not consume Host header anymore but X-Forwarded-Proto and X-Forwarded-Host
  to compute the link sent in identity verification emails.
* Authelia used Host header as the application name for U2F authentication but it's now using
  X-Forwarded-* headers.
2019-04-12 09:24:54 +02:00

86 lines
3.6 KiB
JavaScript
Executable File

#!/usr/bin/env node
var { exec } = require('./utils/exec');
var fs = require('fs');
async function buildDockerImages() {
console.log("[BOOTSTRAP] Building required Docker images...");
console.log('Build authelia-example-backend docker image.')
await exec('docker build -t authelia-example-backend example/compose/nginx/backend');
console.log('Build authelia-duo-api docker image.')
await exec('docker build -t authelia-duo-api example/compose/duo-api');
}
async function checkHostsFile() {
async function checkAndFixEntry(entries, domain, ip) {
const foundEntry = entries.filter(l => l[1] == domain);
if (foundEntry.length > 0) {
if (foundEntry[0][0] == ip) {
// The entry exists and is correct.
return;
}
else {
// We need to remove the entry and replace it.
console.log(`Update entry for ${domain}.`);
await exec(`cat /etc/hosts | grep -v "${domain}" | /usr/bin/sudo tee /etc/hosts > /dev/null`);
await exec(`echo "${ip} ${domain}" | /usr/bin/sudo tee -a /etc/hosts > /dev/null`);
}
}
else {
// We need to add the new entry.
console.log(`Add entry for ${domain}.`);
await exec(`echo "${ip} ${domain}" | /usr/bin/sudo tee -a /etc/hosts > /dev/null`);
}
}
console.log("[BOOTSTRAP] Checking if example.com domain is forwarded to your machine...");
const actualEntries = fs.readFileSync("/etc/hosts").toString("utf-8")
.split("\n").filter(l => l !== '').map(l => l.split(" ").filter(w => w !== ''));
await checkAndFixEntry(actualEntries, 'login.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'admin.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'singlefactor.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'dev.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'home.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'mx1.mail.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'mx2.mail.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'public.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'secure.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'mail.example.com', '192.168.240.100');
await checkAndFixEntry(actualEntries, 'duo.example.com', '192.168.240.100');
// For Traefik suite.
await checkAndFixEntry(actualEntries, 'traefik.example.com', '192.168.240.100');
// For testing network ACLs.
await checkAndFixEntry(actualEntries, 'proxy-client1.example.com', '192.168.240.201');
await checkAndFixEntry(actualEntries, 'proxy-client2.example.com', '192.168.240.202');
await checkAndFixEntry(actualEntries, 'proxy-client3.example.com', '192.168.240.203');
}
async function checkKubernetesDependencies() {
console.log("[BOOTSTRAP] Checking Kubernetes tools in /tmp to allow testing a Kube cluster... (no junk installed on host)");
if (!fs.existsSync('/tmp/kind')) {
console.log('Install Kind for spawning a Kubernetes cluster.');
await exec('wget https://github.com/clems4ever/kind/releases/download/0.1.0-cmic1/kind-linux-amd64 -O /tmp/kind && chmod +x /tmp/kind');
}
if (!fs.existsSync('/tmp/kubectl')) {
console.log('Install Kubectl for interacting with Kubernetes.');
await exec('wget https://storage.googleapis.com/kubernetes-release/release/v1.13.0/bin/linux/amd64/kubectl -O /tmp/kubectl && chmod +x /tmp/kubectl');
}
}
async function main() {
await checkHostsFile();
await buildDockerImages();
await checkKubernetesDependencies();
}
main().catch((err) => {
console.error(err);
process.exit(1);
})