forked from postwork-io/deadline_docker
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathclient_entrypoint.sh
222 lines (185 loc) · 7.64 KB
/
client_entrypoint.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
#!/bin/bash
RCS_BIN=/opt/Thinkbox/Deadline10/bin/deadlinercs
WEB_BIN=/opt/Thinkbox/Deadline10/bin/deadlinewebservice
WORKER_BIN=/opt/Thinkbox/Deadline10/bin/deadlineworker
FORWARDER_BIN=/opt/Thinkbox/Deadline10/bin/deadlinelicenseforwarder
DEADLINE_CMD=/opt/Thinkbox/Deadline10/bin/deadlinecommand
configure_from_env () {
if [[ -z "$DEADLINE_REGION" ]]; then
$DEADLINE_CMD SetIniFileSetting Region $DEADLINE_REGION
fi
}
install_repository () {
if [ ! -f /repo/settings/repository.ini ]; then
echo "Install Repository"
./DeadlineRepository-${DEADLINE_VERSION}-linux-x64-installer.run --mode unattended \
--dbhost $DB_HOST \
--dbport 27100 \
--installmongodb false \
--installSecretsManagement true \
--secretsAdminName $SECRETS_USERNAME \
--secretsAdminPassword $SECRETS_PASSWORD \
--prefix /repo \
--dbname deadline10db \
--dbclientcert /client_certs/deadline-client.pfx \
--dbcertpass $DB_CERT_PASS \
--dbssl true
echo "Install Custom Elements from https://github.com/postwork-io/custom.git"
git clone https://github.com/postwork-io/custom.git
rsync --ignore-existing -raz ./custom /repo
else
echo "Repository Already Installed"
fi
}
download_additional_installers () {
mkdir -p /installers
if [ ! -e "/installers/Deadline-$DEADLINE_VERSION-linux-installers.tar" ]; then
echo "Downloading Linux Installers"
mv Deadline-$DEADLINE_VERSION-linux-installers.tar /installers/Deadline-$DEADLINE_VERSION-linux-installers.tar
fi
if [ ! -e "/installers/Deadline-$DEADLINE_VERSION-windows-installers.zip" ]; then
echo "Downloading Windows Installers"
echo "/installers/Deadline-$DEADLINE_VERSION-windows-installers.zip"
aws s3 cp --region us-west-2 --no-sign-request s3://thinkbox-installers/$DEADLINE_INSTALLER_BASE-windows-installers.zip /installers/Deadline-$DEADLINE_VERSION-windows-installers.zip &
fi
if [ ! -e "/installers/Deadline-$DEADLINE_VERSION-osx-installers.dmg" ]; then
echo "Downloading Mac Installers"
aws s3 cp --region us-west-2 --no-sign-request s3://thinkbox-installers/$DEADLINE_INSTALLER_BASE-osx-installers.dmg /installers/Deadline-$DEADLINE_VERSION-osx-installers.dmg &
fi
wait
}
cleanup_installer () {
rm /build/Deadline*
rm /build/AWSPortalLink*
rm -rf /build/custom
}
if [ "$1" == "rcs" ]; then
install_repository
echo "Deadline Remote Connection Server"
if [ -e "$RCS_BIN" ]; then
/bin/bash -c "$RCS_BIN"
else
download_additional_installers &
echo "Initializing Remote Connection Server"
if [ "$USE_RCS_TLS" != "TRUE" ]; then
echo "Using unencrypted RCS Server!"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--enable-components proxyconfig \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--httpport $RCS_HTTP_PORT \
--enabletls false \
elif [ -e /client_certs/Deadline10RemoteClient.pfx ]; then
echo "Using existing certificates"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--enable-components proxyconfig \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--httpport $RCS_HTTP_PORT \
--tlsport $RCS_TLS_PORT \
--enabletls true \
--tlscertificates existing \
--servercert /server_certs/$HOSTNAME.pfx \
--cacert /server_certs/ca.crt \
--secretsAdminName $SECRETS_USERNAME \
--secretsAdminPassword $SECRETS_PASSWORD \
--osUsername root
else
echo "Generating Certificates"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--enable-components proxyconfig \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--httpport $RCS_HTTP_PORT \
--tlsport $RCS_TLS_PORT \
--enabletls true \
--tlscertificates generate \
--generatedcertdir ~/certs \
--clientcert_pass $RCS_CERT_PASS \
--secretsAdminName $SECRETS_USERNAME \
--secretsAdminPassword $SECRETS_PASSWORD \
--osUsername root
cp /root/certs/Deadline10RemoteClient.pfx /client_certs/Deadline10RemoteClient.pfx
cp /root/certs/$HOSTNAME.pfx /server_certs/$HOSTNAME.pfx
cp /root/certs/ca.crt /server_certs/ca.crt
fi
cleanup_installer
"$DEADLINE_CMD" secrets ConfigureServerMachine $SECRETS_USERNAME defaultKey root --password env:SECRETS_PASSWORD
"$RCS_BIN"
fi
elif [ "$1" == "webservice" ] && [ "$USE_WEBSERVICE" == "TRUE" ]; then
if [ -e "$WEB_BIN" ]; then
/bin/bash -c "$WEB_BIN"
else
echo "Initializing Deadline Webservice"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--enable-components webservice_config \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--webservice_enabletls false
cleanup_installer
"$WEB_BIN"
fi
elif [ "$1" == "worker" ]; then
echo "not yet implemented"
elif [ "$1" == "forwarder" ] && [ "$USE_LICENSE_FORWARDER" == "TRUE" ]; then
if [ -e "$FORWARDER_BIN" ]; then
/bin/bash -c "$FORWARDER_BIN"
else
echo "Initializing License Forwarder"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--secretsAdminName $SECRETS_USERNAME \
--secretsAdminPassword $SECRETS_PASSWORD \
cleanup_installer
"$FORWARDER_BIN" -sslpath /client_certs
fi
elif [ "$1" == "zt-forwarder" ] && [ "$USE_LICENSE_FORWARDER" == "TRUE" ]; then
if [ -e "$FORWARDER_BIN" ]; then
/usr/sbin/zerotier-one -d
/bin/bash -c "$FORWARDER_BIN"
else
echo "Initializing ZT License Forwarder"
/build/DeadlineClient-$DEADLINE_VERSION-linux-x64-installer.run \
--mode unattended \
--repositorydir /repo \
--dbsslcertificate /client_certs/deadline-client.pfx \
--dbsslpassword $DB_CERT_PASS \
--noguimode true \
--slavestartup false \
--secretsAdminName $SECRETS_USERNAME \
--secretsAdminPassword $SECRETS_PASSWORD \
cleanup_installer
curl -s https://install.zerotier.com | /bin/bash
echo 9994 > /var/lib/zerotier-one/zerotier-one.port
chmod 0600 /var/lib/zerotier-one/zerotier-one.port
/usr/sbin/zerotier-one -d
sleep 5
/usr/sbin/zerotier-cli status
/usr/sbin/zerotier-cli join $ZT_NETWORK_ID
"$FORWARDER_BIN" -sslpath /client_certs
fi
else
/bin/bash
fi