From 394dfb2b7d90c35c7eed8da55f0ddbeedfcd20e1 Mon Sep 17 00:00:00 2001 From: Amalka Subasinghe Date: Thu, 15 Jul 2021 11:15:02 +0530 Subject: [PATCH] added scripts --- iot-core/src/assembly/bin.xml | 5 + iot-core/src/core/scripts/change-ip.sh | 161 ++++++++++++++++++ .../scripts/change-superadmin-credentials.sh | 53 ++++++ 3 files changed, 219 insertions(+) create mode 100755 iot-core/src/core/scripts/change-ip.sh create mode 100755 iot-core/src/core/scripts/change-superadmin-credentials.sh diff --git a/iot-core/src/assembly/bin.xml b/iot-core/src/assembly/bin.xml index d3e55ad..4adfea8 100644 --- a/iot-core/src/assembly/bin.xml +++ b/iot-core/src/assembly/bin.xml @@ -68,6 +68,11 @@ ${entgra-iot-core}/bin 755 + + src/core/scripts + ${entgra-iot-core}/scripts + 755 + src/core/resources ${entgra-iot-core}/repository/deployment/server/webapps/authenticationendpoint diff --git a/iot-core/src/core/scripts/change-ip.sh b/iot-core/src/core/scripts/change-ip.sh new file mode 100755 index 0000000..372cf86 --- /dev/null +++ b/iot-core/src/core/scripts/change-ip.sh @@ -0,0 +1,161 @@ +#!/bin/bash + +echo "" +echo "----------------------------------------" +echo "Entgra IoT Server IP configuration tool" +echo "----------------------------------------" + +##################################### IP configs related to core #################################### + +echo "" +echo ">>> Step 1: Change current IP address of the IoT server" + +echo "" +echo "Please enter the IoT Core IP that you need to replace (if you are trying out IoT server for the first time this will be localhost)" +read -r val1; + +while [[ -z $val1 ]]; do #if $val1 is a zero length String + echo "Please enter the IoT Core IP that you need to replace (if you are trying out IoT server for the first time this will be localhost)" + read -r val1; +done + +echo "" +echo "Please enter your current IP" +read -r val2; + +while [[ -z $val2 ]]; do #if $val2 is a zero length String + echo "Please enter your current IP" + read -r val2; +done + +echo "--------------------------------------" +echo "All your " + "$val1" + " IP's are replaced with " + "$val2" ; +echo "--------------------------------------" + +echo "Changing /repository/conf/deployment.toml" +sed -i -e 's/'"$val1"'/'"$val2"'/g' ../repository/conf/deployment.toml +echo "Completed!!" + +echo "Changing /bin/iot-server.sh" +sed -i -e 's/'"$val1"'/'"$val2"'/g' ../bin/iot-server.sh +echo "Completed!!" + +echo "Changing /bin/iot-server.bat" +sed -i -e 's/'"$val1"'/'"$val2"'/g' ../bin/iot-server.bat +echo "Completed!!" + +echo "" +echo "-----------------------------------------------" +echo "Generating SSL certificates for the IoT Server" +echo "-----------------------------------------------" +echo "" + +B_SUBJ='' +C_SUBJ='' +A_SUBJ='' +SAN_NAMES='' +slash='/' +equal='=' + +buildSubject(){ + if [ "$1" = "CN" ]; then + echo "Please provide Common Name " + read -r val + while [[ -z $val ]]; do #if $val is a zero length String + echo "Common name(your server IP/hostname) cannot be null. Please enter the Common name." + read -r val; + done + if [ -n "$val" ]; then #This is true if $val is not empty (If $val is not a non zero length String) + if [ "$3" = "C" ]; then + C_SUBJ="$C_SUBJ$slash$1$equal$val" + return + elif [ "$3" = "B" ]; then + B_SUBJ="$B_SUBJ$slash$1$equal$val" + return + else + A_SUBJ="$A_SUBJ$slash$1$equal$val" + return + fi + fi + fi + + echo "Please provide ""$2"". Press Enter to skip." + read -r val; + if [ -n "$val" ]; then #If $val is not a zero length String; This is same as if[ -n $val]; then + if [ "$3" = "C" ]; then + C_SUBJ="$C_SUBJ$slash$1$equal$val" + return + elif [ "$3" = "B" ]; then + B_SUBJ="$B_SUBJ$slash$1$equal$val" + return + elif [ "$3" = "S" ]; then + SAN_NAMES="DNS:$val$4$SAN_NAMES" + buildSubject 'SAN' 'SAN' 'S' ',' + return + else + A_SUBJ="$A_SUBJ$slash$1$equal$val" + return + fi + fi +} + +if [ -d "tmp" ]; then + rm -rf tmp +fi + +mkdir tmp + +echo '' +echo '=======Enter Values for IoT Core SSL Certificate=======' + +buildSubject 'C' 'Country' 'C' +buildSubject 'ST' 'State' 'C' +buildSubject 'L' 'Location' 'C' +buildSubject 'O' 'Organization' 'C' +buildSubject 'OU' 'Organizational Unit' 'C' +buildSubject 'emailAddress' 'Email Address' 'C' +buildSubject 'CN' 'Common Name' 'C' +buildSubject 'SAN' 'SAN' 'S' + +echo "" +echo 'Provided IoT Core SSL Subject : ' "$C_SUBJ" + +echo 'If you have a different IoT Core Keystore password please enter it here. Press Enter to use the default password.' +read -r -s password +if [ -n "$password" ]; then + SSL_PASS=$password +else + SSL_PASS="wso2carbon" +fi + +echo "" +echo "Generating SSL Certificate for IoT Core" +openssl genrsa -out ./tmp/c.key 4096 +openssl req -new -key ./tmp/c.key -out ./tmp/c.csr -subj "$C_SUBJ" +if [ -z "$SAN_NAMES" ]; then + openssl x509 -req -days 730 -in ./tmp/c.csr -signkey ./tmp/c.key -set_serial 044324884 -sha256 -out ./tmp/c.crt +else + openssl x509 -req -extfile <(printf "subjectAltName=%s" "$SAN_NAMES") -days 730 -in ./tmp/c.csr -signkey ./tmp/c.key -set_serial 044324884 -sha256 -out ./tmp/c.crt +fi + +echo "Export to PKCS12" +openssl pkcs12 -export -out ./tmp/CKEYSTORE.p12 -inkey ./tmp/c.key -in ./tmp/c.crt -name "wso2carbon" -password pass:$SSL_PASS + +echo "Export PKCS12 to JKS" +keytool -importkeystore -srckeystore ./tmp/CKEYSTORE.p12 -srcstoretype PKCS12 -destkeystore ../repository/resources/security/wso2carbon.jks -deststorepass wso2carbon -srcstorepass wso2carbon -noprompt +keytool -importkeystore -srckeystore ./tmp/CKEYSTORE.p12 -srcstoretype PKCS12 -destkeystore ../repository/resources/security/client-truststore.jks -deststorepass wso2carbon -srcstorepass wso2carbon -noprompt + +echo "" +echo "Setting up the public certificate for the default idp" +if hash tac; then + VAR=$(keytool -exportcert -alias wso2carbon -keystore ../repository/resources/security/wso2carbon.jks -rfc -storepass wso2carbon | tail -n +2 | tac | tail -n +2 | tac | tr -cd "[:print:]"); +else + VAR=$(keytool -exportcert -alias wso2carbon -keystore ../repository/resources/security/wso2carbon.jks -rfc -storepass wso2carbon | tail -n +2 | tail -r | tail -n +2 | tail -r | tr -cd "[:print:]"); fi + +echo "" +echo "Printing certificate" +echo "-----------------------" +echo "$VAR" + +echo "" +echo "Configuration Completed!!!" diff --git a/iot-core/src/core/scripts/change-superadmin-credentials.sh b/iot-core/src/core/scripts/change-superadmin-credentials.sh new file mode 100755 index 0000000..f532c72 --- /dev/null +++ b/iot-core/src/core/scripts/change-superadmin-credentials.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +echo "" +echo "----------------------------------------" +echo "Entgra IoT Server Super Admin Credentials Changing tool" +echo "----------------------------------------" + +##################################### Super Admin Credentials Change #################################### + +echo "" +echo ">>> Change current super admin username and password of the IoT server" + +echo "" +echo "Please enter the old username and password of the IoTS super Admin" +echo "if you are trying out IoTS for the first time username/password will be 'admin/admin'" +echo "Old Username : " +read val1; +echo "Old Password : " +read val2; + +while [[ -z $val1 || -z $val2 ]]; do #if $val1 is a zero length String + echo "Username or Password couldn't be empty, Hence Re-Enter old username and password of IoTS Super Admin" + echo "Old Username : " + read val1; + echo "Old Password : " + read val2; +done + +echo "" +echo "Please enter the new password of the IoTS super admin" +echo "New Username : " +read val3; +echo "New Password : " +read val4; + +while [[ -z $val3 || -z $val4 ]]; do #if $val2 is a zero length String + echo "Username or Password couldn't be empty, Hence Re-Enter new username and password of IoTS Super Admin" + echo "New Username : " + read val3; + echo "New Password : " + read val4; +done + +username = "admin" +password = "admin" + +echo "Changing /repository/conf/deployment.toml" +sed -i -e 's/username = "'$val1'"/username = "'$val3'"/g' ../repository/conf/deployment.toml +sed -i -e 's/password = "'$val2'"/password = "'$val4'"/g' ../repository/conf/deployment.toml +echo "Completed!!" + +echo "" +echo "Configuration Completed!!!"