Merge branch 'dev'

0-CA/ca_create

@@ -0,0 +1,22 @@
+#! /bin/bash
+
+BIT_ENC=2048
+CA_NAME="SmartME" #same for Organization Name
+EXPIRATION=18250
+
+
+
+mkdir -p ./CA
+cd ./CA
+
+## Generate root CA key
+openssl genrsa -out $CA_NAME"_CA.key" $BIT_ENC
+
+#check
+openssl rsa -in $CA_NAME"_CA.key" -check
+
+## Generate root CA certificate
+openssl req -x509 -new -nodes -key $CA_NAME"_CA.key" -sha256 -days $EXPIRATION  -subj "/C=IT/O="$CA_NAME -out $CA_NAME"_CA.pem"
+
+#check
+openssl x509 -in $CA_NAME"_CA.pem" -text -noout

0-CA/client_cert

@@ -0,0 +1,37 @@
+#! /bin/bash
+
+if [ "$#" -ne 1 ]; then
+        echo "Usage: ./client_cert <CLIENT-CN>"
+        exit
+fi
+
+#$1 -> CN == certificate name
+BIT_ENC=2048
+CA_NAME="SmartME" #same for Organization Name
+EXPIRATION=18250
+
+
+
+mkdir -p "./client_"$1
+cd "./client_"$1
+
+## Generate client key
+openssl genrsa -out $1".key" $BIT_ENC
+
+## Generate client certificate request
+openssl req -new -days $EXPIRATION -subj "/C=IT/O="$CA_NAME"/CN="$1 -key $1".key" -out $1".csr"
+
+#check
+openssl req -text -noout -verify -in $1".csr"
+
+
+## Generate client certificate
+openssl x509 -req -in $1".csr" -CA "../CA/"$CA_NAME"_CA.pem" -CAkey "../CA/"$CA_NAME"_CA.key" -CAcreateserial -out $1".pem" -days $EXPIRATION -sha256
+
+#check
+openssl x509 -in $1".pem" -text -noout
+
+chmod 644 $1".key"
+
+cp ../CA/$CA_NAME"_CA.pem" CA.pem
+

0-docker

@@ -0,0 +1,39 @@
+#! /bin/bash
+
+if [ "$EUID" -ne 0 ]
+  then echo "Please run as root"
+  exit
+fi
+
+COMPOSE_VERSION="2.0.1"
+SYSTEM=$(uname -s | tr '[:upper:]' '[:lower:]')
+
+apt-get update && apt-get install -y \
+    apt-transport-https \
+    ca-certificates \
+    curl \
+    gnupg-agent \
+    software-properties-common 
+
+curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -
+
+add-apt-repository \
+   "deb [arch=amd64] https://download.docker.com/linux/ubuntu \
+   $(lsb_release -cs) \
+   stable"
+
+apt-get update && apt-get install -y docker-ce docker-ce-cli containerd.io
+
+usermod -aG docker $USER
+usermod -aG docker iotronic
+
+systemctl enable docker
+
+curl -L "https://github.com/docker/compose/releases/download/v${COMPOSE_VERSION}/docker-compose-${SYSTEM}-$(uname -m)" -o /usr/local/bin/docker-compose
+
+ln -s /usr/local/bin/docker-compose /usr/bin/docker-compose
+chmod +x /usr/local/bin/docker-compose 
+
+docker network create iotronic_network
+
+echo -e "\e[32mCompleted - Log out and log back in so that your group membership is re-evaluated.\e[0m"

1-mysql/1-mysql

@@ -0,0 +1,27 @@
+#! /bin/bash
+
+
+#if [ "$EUID" -ne 0 ]
+#  then echo "Please run as root"
+#  exit
+#fi
+
+MYSQL_ROOT_PASSWORD="smartme"
+
+
+docker create \
+ --name=smartme_test_iotronic_db\
+ --network=smartme_test_network \
+ -p 53306:3306 \
+ --restart unless-stopped\
+ -e MYSQL_ROOT_PASSWORD=$MYSQL_ROOT_PASSWORD \
+ -v smartme_test_iotronic_db_data:/var/lib/mysql \
+ -v smartme_test_iotronic_db_config:/etc/mysql \
+mariadb:focal
+
+docker cp create_dbs.sql smartme_test_iotronic_db:/docker-entrypoint-initdb.d/create_dbs.sql
+docker cp 99-openstack.conf smartme_test_iotronic_db:/etc/mysql/mariadb.conf.d/99-openstack.cnf
+
+docker start smartme_test_iotronic_db
+
+echo -e "\e[32mCompleted but wait mariadb to be ready using docker logs -f smartme_test_iotronic_db\e[0m"

1-mysql/99-openstack.conf

@@ -0,0 +1,8 @@
+[mysqld]
+bind-address = 0.0.0.0
+
+default-storage-engine = innodb
+innodb_file_per_table = on
+max_connections = 4096
+collation-server = utf8_general_ci
+character-set-server = utf8

1-mysql/Dockerfile

@@ -0,0 +1,4 @@
+FROM mariadb:10.7.1-focal
+
+COPY initfile.sql /docker-entrypoint-initdb.d/initfile.sql
+COPY 99-openstack.conf /etc/mysql/mariadb.conf.d/99-openstack.conf

1-mysql/build

@@ -0,0 +1,4 @@
+#! /bin/bash
+
+VERSION=1.0
+docker build -t smartmeio/mariadb:focal .

1-mysql/create_dbs.sql

@@ -0,0 +1,9 @@
+CREATE DATABASE keystone;
+GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';
+GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';
+CREATE DATABASE iotronic;
+GRANT ALL PRIVILEGES ON iotronic.* TO 'iotronic'@'localhost' IDENTIFIED BY 'IOTRONIC_DBPASS';
+GRANT ALL PRIVILEGES ON iotronic.* TO 'iotronic'@'%' IDENTIFIED BY 'IOTRONIC_DBPASS';
+CREATE DATABASE designate;
+GRANT ALL PRIVILEGES ON designate.* TO 'designate'@'localhost' IDENTIFIED BY 'DESIGNATE_DBPASS';
+GRANT ALL PRIVILEGES ON designate.* TO 'designate'@'%' IDENTIFIED BY 'DESIGNATE_DBPASS';

1-mysql/create_dbs_FELOOCA_TEST.sql

@@ -0,0 +1,6 @@
+CREATE DATABASE felooca_test_keystone;
+GRANT ALL PRIVILEGES ON felooca_test_keystone.* TO 'fe_t_keystone'@'localhost' IDENTIFIED BY 'f3l00caTEST';
+GRANT ALL PRIVILEGES ON felooca_test_keystone.* TO 'fe_t_keystone'@'%' IDENTIFIED BY 'f3l00caTEST';
+CREATE DATABASE felooca_test_iotronic;
+GRANT ALL PRIVILEGES ON felooca_test_iotronic.* TO 'fe_t_iotronic'@'localhost' IDENTIFIED BY 'f3l00caTEST';
+GRANT ALL PRIVILEGES ON felooca_test_iotronic.* TO 'fe_t_iotronic'@'%' IDENTIFIED BY 'f3l00caTEST';

1-mysql/create_dbs_SMARTME_TEST.sql

@@ -0,0 +1,12 @@
+CREATE USER IF NOT EXISTS s4t_keystone@localhost IDENTIFIED BY 'sm3d3m0n';
+SET PASSWORD FOR s4t_keystone@localhost = PASSWORD('sm3d3m0n');
+
+CREATE USER IF NOT EXISTS s4t_iotronic@localhost IDENTIFIED BY 'sm3d3m0n';
+SET PASSWORD FOR s4t_iotronic@localhost = PASSWORD('sm3d3m0n');
+
+CREATE DATABASE s4t_keystone;
+GRANT ALL PRIVILEGES ON s4t_keystone.* TO 's4t_keystone'@'localhost' IDENTIFIED BY 'sm3d3m0n';
+GRANT ALL PRIVILEGES ON s4t_keystone.* TO 's4t_keystone'@'%' IDENTIFIED BY 'sm3d3m0n';
+CREATE DATABASE s4t_iotronic;
+GRANT ALL PRIVILEGES ON s4t_iotronic.* TO 's4t_iotronic'@'localhost' IDENTIFIED BY 'sm3d3m0n';
+GRANT ALL PRIVILEGES ON s4t_iotronic.* TO 's4t_iotronic'@'%' IDENTIFIED BY 'sm3d3m0n';

1-mysql/initfile.sql

@@ -0,0 +1,20 @@
+CREATE USER IF NOT EXISTS s4t_keystone@localhost IDENTIFIED BY 'sm3d3m0n';
+SET PASSWORD FOR s4t_keystone@localhost = PASSWORD('sm3d3m0n');
+
+CREATE USER IF NOT EXISTS s4t_iotronic@localhost IDENTIFIED BY 'sm3d3m0n';
+SET PASSWORD FOR s4t_iotronic@localhost = PASSWORD('sm3d3m0n');
+
+CREATE USER IF NOT EXISTS s4t_designate@localhost IDENTIFIED BY 'sm3d3m0n';
+SET PASSWORD FOR s4t_designate@localhost = PASSWORD('sm3d3m0n');
+
+CREATE DATABASE s4t_keystone;
+GRANT ALL PRIVILEGES ON s4t_keystone.* TO 's4t_keystone'@'localhost' IDENTIFIED BY 'sm3d3m0n';
+GRANT ALL PRIVILEGES ON s4t_keystone.* TO 's4t_keystone'@'%' IDENTIFIED BY 'sm3d3m0n';
+
+CREATE DATABASE s4t_iotronic;
+GRANT ALL PRIVILEGES ON s4t_iotronic.* TO 's4t_iotronic'@'localhost' IDENTIFIED BY 'sm3d3m0n';
+GRANT ALL PRIVILEGES ON s4t_iotronic.* TO 's4t_iotronic'@'%' IDENTIFIED BY 'sm3d3m0n';
+
+CREATE DATABASE s4t_designate;
+GRANT ALL PRIVILEGES ON s4t_designate.* TO 's4t_designate'@'localhost' IDENTIFIED BY 'sm3d3m0n';
+GRANT ALL PRIVILEGES ON s4t_designate.* TO 's4t_designate'@'%' IDENTIFIED BY 'sm3d3m0n';

1-rabbitmq/1-rabbitmq

@@ -0,0 +1,22 @@
+#! /bin/bash
+
+
+#if [ "$EUID" -ne 0 ]
+#  then echo "Please run as root"
+#  exit
+#cfi
+
+RABBIT_PASS="smartme"
+
+docker run -d \
+ --name=smartme_test_rabbitmq\
+ -p 5672:5672 \
+ --network=host \
+ --restart unless-stopped \
+rabbitmq:3
+
+sleep 30
+docker exec felooca_test_rabbitmq rabbitmqctl add_user openstack $RABBIT_PASS
+docker exec felooca_test_rabbitmq rabbitmqctl set_permissions openstack ".*" ".*" ".*"
+
+echo -e "\e[32mCompleted \e[0m"

1-rabbitmq/Dockerfile

@@ -0,0 +1,7 @@
+FROM rabbitmq:3.9.8
+
+ENV RABBIT_PASS smartme
+
+COPY scripts/rabbitmq-setup.sh /usr/local/bin/rabbitmq-setup
+
+RUN chmod +x /usr/local/bin/rabbitmq-setup

1-rabbitmq/build

@@ -0,0 +1,4 @@
+#! /bin/bash
+
+VERSION=3.9.8
+docker build -t smartmeio/s4t_rabbitmq:$VERSION .

1-rabbitmq/scripts/rabbitmq-setup.sh

@@ -0,0 +1,21 @@
+#! /bin/bash
+
+
+#if [ "$EUID" -ne 0 ]
+#  then echo "Please run as root"
+#  exit
+#cfi
+
+if [ ! -f ${HOME}/.rabbitmq_setup_completed ]
+then
+        RABBIT_PASS="smartme"
+
+        rabbitmqctl add_user openstack $RABBIT_PASS
+        rabbitmqctl set_permissions openstack ".*" ".*" ".*"
+
+        touch ${HOME}/.rabbitmq_setup_completed
+
+        echo -e "\e[32mCompleted \e[0m"
+else
+        echo "no need to setup rabbitmq !"
+fi

2-keystone/2-keystone

@@ -0,0 +1,57 @@
+#! /bin/bash
+
+
+#if [ "$EUID" -ne 0 ]
+#  then echo "Please run as root"
+#  exit
+#fi
+
+VERSION="stein"
+
+HOST="demo-controller.smartme.io"
+HTTPS=true
+ADMIN_PASS="smartme"
+
+OS_AUTH_URL="http://$HOST:5000/v3"
+if [ "$HTTPS" = true ] ; then
+    OS_AUTH_URL="https://$HOST:5000/v3"
+fi
+
+echo $OS_AUTH_URL
+file="conf/adminrc"
+
+sed -i "s|OS_AUTH_URL=.*|OS_AUTH_URL=$OS_AUTH_URL|g" $file
+sed -i "s|OS_PASSWORD=.*|OS_PASSWORD=$ADMIN_PASS|g" $file
+
+echo -e "\e[32mThis is your adminrc file\n\n"
+
+while IFS= read -r line
+do
+	printf 'export %s\n' "$line"
+done <"$file"
+
+echo -e "\e[0m"
+
+docker create \
+ --env-file conf/adminrc \
+ --name=s4t_keystone \
+ --restart unless-stopped\
+ --network=s4t_network \
+ -p 5001:5000 \
+ -v s4t_keystone_config:/etc/keystone/ \
+ -v s4t_keystone_data:/var/lib/keystone/ \
+ -v /var/log/keystone:/var/log/keystone \
+ -v /var/log/keystone-api:/var/log/apache2 \
+smartmeio/s4t_keystone:$VERSION
+
+
+docker cp conf/keystone.conf s4t_keystone:/etc/keystone/
+
+docker run --rm \
+ -v /var/log/keystone:/var/log/keystone \
+ -v /var/log/keystone-api:/var/log/apache2 \
+smartmeio/keystone-wallaby:$VERSION \
+/bin/sh -c "chown -R keystone:keystone /var/log/keystone/" 
+
+docker start s4t_keystone
+

2-keystone/2.5-keystone

@@ -0,0 +1,34 @@
+#! /bin/bash
+
+HOST="demo-controller.smartme.io"
+HTTPS=true
+ADMIN_PASS="smartme"
+
+URL="http://$HOST:5001/v3"
+if [ "$HTTPS" = true ] ; then
+    URL="https://$HOST:5001/v3"
+fi
+
+echo $URL
+
+docker exec s4t_keystone /bin/sh -c "keystone-manage db_sync" keystone
+echo "db_sync"
+docker exec s4t_keystone keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
+echo "fernet_setup"
+docker exec s4t_keystone keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
+
+
+docker exec s4t_keystone keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \
+  --bootstrap-admin-url $URL \
+  --bootstrap-internal-url $URL \
+  --bootstrap-public-url $URL \
+  --bootstrap-region-id RegionOne
+
+echo "bootstrap"
+
+docker restart s4t_keystone
+echo "restarting in 5 seconds"
+sleep 5
+
+docker exec s4t_keystone openstack project create --domain default  --description "Service Project" service
+echo "project created"

2-keystone/build/Dockerfile

@@ -0,0 +1,37 @@
+FROM ubuntu:bionic
+#ENV VERSION=2.3.9
+
+RUN : \
+	&& apt-get update \
+	&& DEBIAN_FRONTEND=noninteractive apt-get install -y nocache software-properties-common \
+		 python3-openstackclient nano iputils-ping net-tools keystone wget curl vim nano \
+	&& add-apt-repository -y cloud-archive:stein \
+	&& apt-get update && apt-get -y dist-upgrade \
+	&& apt-get clean \
+	&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
+	&& wget -qO- https://bootstrap.pypa.io/pip/get-pip.py | python3 \
+	&& :
+
+# RUN apt-get install nocache keystone -y
+
+RUN mkdir -p /var/log/keystone \
+  && touch /var/log/keystone/keystone-manage.log \
+  && touch /var/log/keystone/keystone-wsgi-public.log \
+  && touch /var/log/keystone/keystone.log \
+  && chown -R keystone:keystone /var/log/keystone/
+
+COPY scripts/keystone-setup.sh /usr/local/bin/keystone-setup
+
+COPY conf/keystone.conf /etc/keystone/
+
+RUN chmod +x /usr/local/bin/keystone-setup
+
+RUN echo 'ServerName demo-controller' > /etc/apache2/conf-available/server-name.conf
+
+RUN a2enconf server-name
+
+VOLUME ["/etc/keystone"]
+VOLUME ["/var/log/keystone"]
+
+EXPOSE 5000
+CMD ["/usr/sbin/apache2ctl", "-D","FOREGROUND"]