diff --git a/node/cordite-config-generator.sh b/node/cordite-config-generator.sh index 66594a1c4d6096803897acfced11ba68ecb41341..9e7253f793f557220df425ca3590e216a08f6a52 100755 --- a/node/cordite-config-generator.sh +++ b/node/cordite-config-generator.sh @@ -26,31 +26,15 @@ CORDITE_COMPATIBILITY_ZONE_URL=${CORDITE_COMPATIBILITY_ZONE_URL:-https://nms-tes NETWORK_MAP_URL=${NETWORK_MAP_URL:-$CORDITE_COMPATIBILITY_ZONE_URL} DOORMAN_URL=${DOORMAN_URL:-$NETWORK_MAP_URL} -# CORDITE EDGE -if [ "${NETWORK_MAP_URL}" == "https://nms-edge.cordite.foundation" ]; then - DOORMAN_URL=${NETWORK_MAP_URL} - TRUST_STORE_NAME="truststore.jks" - NETWORK_TRUST_PASSWORD="trustpass" - curl https://nms-edge.cordite.foundation/network-map/truststore --output ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} --silent - CORDITE_DEV_MODE=false -fi - -# CORDITE TEST -if [ "${NETWORK_MAP_URL}" == "https://nms-test.cordite.foundation" ]; then - DOORMAN_URL=${NETWORK_MAP_URL} - TRUST_STORE_NAME="truststore.jks" - NETWORK_TRUST_PASSWORD="trustpass" - curl https://nms-test.cordite.foundation/network-map/truststore --output ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} --silent - CORDITE_DEV_MODE=false -fi +# Truststore +TRUST_STORE_NAME=${TRUST_STORE_NAME:-truststore.jks} +NETWORK_TRUST_PASSWORD=${NETWORK_TRUST_PASSWORD:-trustpass} # CORDA NETWORK UAT if [ "${NETWORK_MAP_URL}" == "https://netmap.uat.corda.network/3FCF6CEB-20BD-4B4F-9C72-1EFE7689D85B" ]; then DOORMAN_URL="https://doorman.uat.corda.network/3FCF6CEB-20BD-4B4F-9C72-1EFE7689D85B" TLS_CERT_CRL_DIST_POINT="http://crl.uat.corda.network/nodetls.crl" TLS_CERT_CERL_ISSUER="CN=Corda TLS CRL Authority,OU=Corda UAT,O=R3 HoldCo LLC,L=New York,C=US" - TRUST_STORE_NAME="truststore.jks" - NETWORK_TRUST_PASSWORD="trustpass" cp /opt/corda/corda-uat-network-root-truststore.jks ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} CORDITE_DEV_MODE=false fi @@ -60,19 +44,27 @@ if [ "${NETWORK_MAP_URL}" == "https://prod-netmap2-01.corda.network/ED5D077E-F97 DOORMAN_URL="https://prod-doorman2-01.corda.network/ED5D077E-F970-428B-8091-F7FCBDA06F8C" TLS_CERT_CRL_DIST_POINT="http://crl.corda.network/nodetls.crl" TLS_CERT_CERL_ISSUER="CN=Corda TLS CRL Authority,OU=Corda Network,O=R3 HoldCo LLC,L=New York,C=US" - TRUST_STORE_NAME="truststore.jks" - NETWORK_TRUST_PASSWORD="trustpass" # to do : Truststore needs to be added to docker image #cp /opt/corda/corda-prod-network-root-truststore.jks ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} CORDITE_DEV_MODE=false fi +# Cordite NMS +if [[ -f ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} ]]; then + echo "Network Trust Root file found at ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME}, using this" +else + if [ "$(curl -sk -o ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} -w ''%{http_code}'' ${NETWORK_MAP_URL}/network-map/truststore)" = "200" ]; then + echo "Truststore downloaded to ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME}" + else + echo "Truststore not downloaded." + rm -f ${CERTIFICATES_FOLDER}/${TRUST_STORE_NAME} + fi +fi + # Corda official environment variables. If set will be used instead of defaults MY_LEGAL_NAME=${MY_LEGAL_NAME:-O=Cordite-${RANDOM}, OU=Cordite, L=London, C=GB} MY_PUBLIC_ADDRESS=${MY_PUBLIC_ADDRESS:-localhost} # MY_P2P_PORT=10200 <- default set in corda dockerfile -TRUST_STORE_NAME=${TRUST_STORE_NAME:-truststore.jks} -NETWORK_TRUST_PASSWORD=${NETWORK_TRUST_PASSWORD:-trustpass} MY_EMAIL_ADDRESS=${MY_EMAIL_ADDRESS:-noreply@cordite.foundation} # RPC_PASSWORD=$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1) <- not used # MY_RPC_PORT=10201 <- default set in corda dockerfile. @@ -91,7 +83,7 @@ CORDITE_DB_DRIVER=${CORDITE_DB_DRIVER:-org.h2.jdbcx.JdbcDataSource} CORDITE_DB_DIR=${CORDITE_DB_DIR:-$PERSISTENCE_FOLDER} CORDITE_DB_MAX_POOL_SIZE=${CORDITE_DB_MAX_POOL_SIZE:-10} CORDITE_BRAID_PORT=${CORDITE_BRAID_PORT:-8080} -CORDITE_DEV_MODE=${CORDITE_DEV_MODE:-true} +CORDITE_DEV_MODE=${CORDITE_DEV_MODE:-false} CORDITE_DETECT_IP=${CORDITE_DETECT_IP:-false} CORDITE_CACHE_NODEINFO=${CORDITE_CACHE_NODEINFO:-false} CORDITE_LOG_MODE=${CORDITE_LOG_MODE:-normal}