From 01a94297e69200494a8c38137aef3441de4341f9 Mon Sep 17 00:00:00 2001
From: Diego Lendoiro <diego@inestable.org>
Date: Thu, 4 Jan 2018 22:25:28 +0100
Subject: [PATCH] initial clean up and shellcheck fixes

---
 bin/docker-entrypoint.sh | 125 ++++-----------------------------------
 1 file changed, 13 insertions(+), 112 deletions(-)

diff --git a/bin/docker-entrypoint.sh b/bin/docker-entrypoint.sh
index 30fd748..0c5a27e 100755
--- a/bin/docker-entrypoint.sh
+++ b/bin/docker-entrypoint.sh
@@ -4,7 +4,6 @@ set -eo pipefail
 
 gpg_private_key=/var/www/passbolt/config/gpg/serverkey.private.asc
 gpg_public_key=/var/www/passbolt/config/gpg/serverkey.asc
-gpg=$(which gpg)
 
 core_config='/var/www/passbolt/app/Config/core.php'
 db_config='/var/www/passbolt/app/Config/database.php'
@@ -14,7 +13,7 @@ ssl_key='/etc/ssl/certs/certificate.key'
 ssl_cert='/etc/ssl/certs/certificate.crt'
 
 gpg_gen_key() {
-  $gpg --batch --gen-key <<EOF
+  gpg --batch --gen-key <<EOF
     Key-Type: 1
 		Key-Length: ${KEY_LENGTH:-2048}
 		Subkey-Type: 1
@@ -25,105 +24,17 @@ gpg_gen_key() {
 		%commit
 EOF
 
-  $gpg --armor --export-secret-keys $KEY_EMAIL > $gpg_private_key
-  $gpg --armor --export $KEY_EMAIL > $gpg_public_key
-  gpg_auto_fingerprint=`$gpg --fingerprint $KEY_EMAIL | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}'`
+  gpg --armor --export-secret-keys "$KEY_EMAIL" > "$gpg_private_key"
+  gpg --armor --export "$KEY_EMAIL" > "$gpg_public_key"
+  gpg_auto_fingerprint=$(gpg --fingerprint "$KEY_EMAIL" | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}')
 }
 
 gpg_import_key() {
-  local key_id=$(su -m -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/bash nginx)
-
-  su -m -c "$gpg --batch --import $gpg_public_key" -ls /bin/bash nginx
-  su -m -c "gpg -K $key_id" -ls /bin/bash nginx || su -m -c "$gpg --batch --import $gpg_private_key" -ls /bin/bash nginx
-}
-
-core_setup() {
-  #Env vars:
-  # SALT
-  # CIPHERSEED
-  # URL
-
-  local default_salt='DYhG93b0qyJfIxfs2guVoUubWwvniR2G0FgaC9mi'
-  local default_seed='76859309657453542496749683645'
-  local default_url='passbolt.local'
-
-  cp $core_config{.default,}
-  sed -i s:$default_salt:${SALT:-$default_salt}:g $core_config
-  sed -i s:$default_seed:${CIPHERSEED:-$default_seed}:g $core_config
-  sed -i "/example.com/ s:\/\/::" $core_config
-  sed -i s:example.com:${URL:-$default_url}:g $core_config
-  if [ "$ssl" != false ]; then
-    sed -i s:http:https:g $core_config
-  fi
-}
-
-db_setup() {
-  #Env vars:
-  # DB_HOST
-  # DB_USER
-  # DB_PASS
-  # DB_NAME
-
-  local default_host='localhost'
-  local default_user='user'
-  local default_pass='password'
-  local default_db='database_name'
-
-  cp $db_config{.default,}
-  sed -i "/$default_host/a\ \t\t'port' => '${DB_PORT:-3306}'," $db_config
-  sed -i s:$default_host:${DB_HOST:-db}:g $db_config
-  sed -i s:$default_user:${DB_USER:-passbolt}:g $db_config
-  sed -i s:$default_pass\',:${DB_PASS:-P4ssb0lt}\',:g $db_config
-  sed -i s:$default_db:${DB_NAME:-passbolt}:g $db_config
-}
-
-app_setup() {
-  #Env vars:
-  # FINGERPRINT
-  # REGISTRATION
-  # SSL
-
-  local default_public_key='unsecure.key'
-  local default_private_key='unsecure_private.key'
-  local default_fingerprint='2FC8945833C51946E937F9FED47B0811573EE67E'
-
-  cp $app_config{.default,}
-  sed -i s:$default_public_key:serverkey.asc:g $app_config
-  sed -i s:$default_private_key:serverkey.private.asc:g $app_config
-  sed -i s:$default_fingerprint:${FINGERPRINT:-$gpg_auto_fingerprint}:g $app_config
-  sed -i "/force/ s:true:${SSL:-true}:" $app_config
-  sed -i "/'registration'/{n; s:false:${REGISTRATION:-false}:}" $app_config
-}
-
-email_setup() {
-  #Env vars:
-  # EMAIL_TRANSPORT
-  # EMAIL_FROM
-  # EMAIL_HOST
-  # EMAIL_PORT
-  # EMAIL_TIMEOUT
-  # EMAIL_USERNAME
-  # EMAIL_PASSWORD
-  # EMAIL_TLS
-
-  local default_transport='Smtp'
-  local default_from='contact@passbolt.com'
-  local default_host='smtp.mandrillapp.com'
-  local default_port='587'
-  local default_timeout='30'
-  local default_username="''"
-  local default_password="''"
-
-  cp $email_config{.default,}
-  sed -i s:$default_transport:${EMAIL_TRANSPORT:-Smtp}:g $email_config
-  sed -i s:$default_from:${EMAIL_FROM:-contact@mydomain.local}:g $email_config
-  sed -i s:$default_host:${EMAIL_HOST:-localhost}:g $email_config
-  sed -i s:$default_port:${EMAIL_PORT:-587}:g $email_config
-  sed -i s:$default_timeout:${EMAIL_TIMEOUT:-30}:g $email_config
-  sed -i "0,/"$default_username"/s:"$default_username":'${EMAIL_USERNAME:-email_user}':" $email_config
-  sed -i "0,/"$default_password"/s:"$default_password":'${EMAIL_PASSWORD:-email_password}':" $email_config
-  sed -i "0,/tls/s:false:${EMAIL_TLS:-false}:" $email_config
+  local key_id=""
+  key_id=$(su -m -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/bash nginx)
 
+  su -m -c "gpg --batch --import $gpg_public_key" -ls /bin/bash nginx
+  su -m -c "gpg -K $key_id" -ls /bin/bash nginx || su -m -c "gpg --batch --import $gpg_private_key" -ls /bin/bash nginx
 }
 
 gen_ssl_cert() {
@@ -133,25 +44,15 @@ gen_ssl_cert() {
 }
 
 install() {
-  local database_host=${DB_HOST:-$(cat $db_config | grep -m1 "'host'" | sed -r "s/\s*'host' => '(.*)',/\1/")}
-  local database_port=${DB_PORT:-$(cat $db_config | grep -m1 "'port' => '\d" | sed -r "s/\s*'port' => '(.*)',/\1/")}
-  local database_user=${DB_USER:-$(cat $db_config | grep -m1 "'login'" | sed -r "s/\s*'login' => '(.*)',/\1/")}
-  local database_pass=${DB_PASS:-$(cat $db_config | grep -m1 "'password'" | sed -r "s/\s*'password' => '(.*)',/\1/")}
-  local database_name=${DB_NAME:-$(cat $db_config | grep -m1 "'database'" | sed -r "s/\s*'database' => '(.*)',/\1/")}
-  tables=$(mysql -u ${database_user:-passbolt} -h $database_host -P $database_port -p -BN -e "SHOW TABLES FROM ${database_name:-passbolt}" -p${database_pass:-P4ssb0lt} |wc -l)
+  tables=$(mysql -u "$DATABASE_USER" -h "$DB_HOST" -P "$DB_HOST" -p -BN -e "SHOW TABLES FROM $DB_NAME" -p"$DB_PASS" |wc -l)
 
-  if [ $tables -eq 0 ]; then
+  if [ "$tables" -eq 0 ]; then
     su -c "/var/www/passbolt/app/Console/cake install --send-anonymous-statistics true --no-admin" -ls /bin/bash nginx
   else
     echo "Enjoy! ☮"
   fi
 }
 
-php_fpm_setup() {
-  sed -i '/^user\s/ s:nobody:nginx:g' /etc/php7/php-fpm.d/www.conf
-  sed -i '/^group\s/ s:nobody:nginx:g' /etc/php7/php-fpm.d/www.conf
-}
-
 email_cron_job() {
   local root_crontab='/etc/crontabs/root'
   local cron_task_dir='/etc/periodic/1min'
@@ -172,9 +73,9 @@ email_cron_job() {
 if [ ! -f $gpg_private_key ] && [ ! -L $gpg_private_key ] || \
    [ ! -f $gpg_public_key ] && [ ! -L $gpg_public_key ]; then
   echo 'not yet implemented'
-  #su -c "gpg --list-keys" -ls /bin/bash nginx
-  #gpg_gen_key
-  #gpg_import_key
+  su -c "gpg --list-keys" -ls /bin/bash nginx
+  gpg_gen_key
+  gpg_import_key
 else
   echo 'not yet implemented'
   #gpg_import_key