16314: Clean up long bool expressions.

[arvados.git] / tools / arvbox / lib / arvbox / docker / service / sso / run-service

diff --git a/tools/arvbox/lib/arvbox/docker/service/sso/run-service b/tools/arvbox/lib/arvbox/docker/service/sso/run-service
index 4c2407a4e7e737f6414feafbede72b91a09e7ca1..e30e34f7c116352e53e8d701d268115427f24b6c 100755 (executable)
--- a/tools/arvbox/lib/arvbox/docker/service/sso/run-service
+++ b/tools/arvbox/lib/arvbox/docker/service/sso/run-service
@@ -1,4 +1,7 @@
 #!/bin/bash
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: AGPL-3.0
 
 exec 2>&1
 set -ex -o pipefail
@@ -6,10 +9,15 @@ set -ex -o pipefail
 . /usr/local/lib/arvbox/common.sh
 
 cd /usr/src/sso
-export RAILS_ENV=development
+if test -s /var/lib/arvados/sso_rails_env ; then
+  export RAILS_ENV=$(cat /var/lib/arvados/sso_rails_env)
+else
+  export RAILS_ENV=development
+fi
 
 run_bundler --without=development
-bundle exec passenger start --runtime-check-only --runtime-dir=/var/lib/passenger
+bundle exec passenger-config build-native-support
+bundle exec passenger-config install-standalone-runtime
 
 if test "$1" = "--only-deps" ; then
     exit
@@ -17,29 +25,24 @@ fi
 
 set -u
 
-if ! test -s /var/lib/arvados/sso_uuid_prefix ; then
-  ruby -e 'puts "#{rand(2**64).to_s(36)[0,5]}"' > /var/lib/arvados/sso_uuid_prefix
-fi
-uuid_prefix=$(cat /var/lib/arvados/sso_uuid_prefix)
+uuid_prefix=$(cat /var/lib/arvados/api_uuid_prefix)
 
 if ! test -s /var/lib/arvados/sso_secret_token ; then
   ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_secret_token
 fi
 secret_token=$(cat /var/lib/arvados/sso_secret_token)
 
-if ! test -s /var/lib/arvados/self-signed.key ; then
-  openssl req -new -x509 -nodes -out /var/lib/arvados/self-signed.pem -keyout /var/lib/arvados/self-signed.key -days 365 -subj '/CN=localhost'
-fi
+openssl verify -CAfile $root_cert $server_cert
 
 cat >config/application.yml <<EOF
-development:
+$RAILS_ENV:
   uuid_prefix: $uuid_prefix
   secret_token: $secret_token
   default_link_url: "http://$localip"
   allow_account_registration: true
 EOF
 
-(cd config && /usr/local/lib/arvbox/application_yml_override.py)
+(cd config && /usr/local/lib/arvbox/yml_override.py application.yml)
 
 if ! test -f /var/lib/arvados/sso_database_pw ; then
     ruby -e 'puts rand(2**128).to_s(36)' > /var/lib/arvados/sso_database_pw
@@ -56,9 +59,6 @@ sed "s/password:.*/password: $database_pw/" <config/database.yml.example >config
 if ! test -f /var/lib/arvados/sso_database_setup ; then
    bundle exec rake db:setup
 
-   if ! test -s /var/lib/arvados/sso_app_secret ; then
-       ruby -e 'puts rand(2**400).to_s(36)' > /var/lib/arvados/sso_app_secret
-   fi
    app_secret=$(cat /var/lib/arvados/sso_app_secret)
 
    bundle exec rails console <<EOF
@@ -75,6 +75,7 @@ fi
 rm -rf tmp
 mkdir -p tmp/cache
 
+bundle exec rake assets:precompile
 bundle exec rake db:migrate
 
 set +u
@@ -83,6 +84,5 @@ if test "$1" = "--only-setup" ; then
 fi
 
 exec bundle exec passenger start --port=${services[sso]} \
-     --runtime-dir=/var/lib/passenger \
-     --ssl --ssl-certificate=/var/lib/arvados/self-signed.pem \
-     --ssl-certificate-key=/var/lib/arvados/self-signed.key
+     --ssl --ssl-certificate=/var/lib/arvados/server-cert-${localip}.pem \
+     --ssl-certificate-key=/var/lib/arvados/server-cert-${localip}.key