2 # ============LICENSE_START========================================================================
3 # O-RAN-SC : tr-069-adapter
4 # =================================================================================================
5 # Copyright (C) 2020 CommScope Inc Intellectual Property.
6 # =================================================================================================
7 # This tr-069-adapter software file is distributed by CommScope Inc under the Apache License,
8 # Version 2.0 (the "License"); you may not use this file except in compliance with the License. You
9 # may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # This file is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
14 # either express or implied. See the License for the specific language governing permissions and
15 # limitations under the License.
16 # ===============LICENSE_END=======================================================================
18 NGINX_CONF=/etc/nginx/nginx.conf
23 echo "# Checking if TR069Adapter is SSL Enabled..."
24 if [ $tr069adapterComm != "SSL" ]; then
25 echo ": SSL Not enabled, Cleaning up the entries..."
26 perl -pi -e "s/tr069adapterComm//g" $NGINX_CONF
27 sed -i '/tr069adapterSSLCert;/,+4 d' $NGINX_CONF
29 echo ": SSL is enabled, Updating the entries..."
30 perl -pi -e "s/tr069adapterComm/ssl/g" $NGINX_CONF
31 perl -pi -e "s/tr069adapterSSLCert/${tr069adapterSSLCert}/g" $NGINX_CONF
32 perl -pi -e "s/tr069adapterSSLKey/${tr069adapterSSLKey}/g" $NGINX_CONF
33 if [ $tr069adapterSSLClientAuth != "TRUE" ]; then
34 echo ": Client Trusted Certificate verification is NOT Enabled..."
35 sed -i '/tr069adapterSSLClientTrustCRT/,+2 d' $NGINX_CONF
37 echo ": Client Trusted Certificate verification is Enabled..."
38 perl -pi -e "s/tr069adapterSSLClientTrustCRT/${tr069adapterSSLClientTrustCRT}/g" $NGINX_CONF
42 if [ -f /etc/nginx/ssl/${tr069adapterCertPassPhrase} ]; then
43 echo ": Updating the Certificate PassPhrase..."
44 perl -pi -e "s/tr069adapterCertPassPhrase/${tr069adapterCertPassPhrase}/g" $NGINX_CONF
46 echo ": Certificate PassPhrase NOT Available..."
47 perl -pi -e "s/^\s*ssl_password_file.*//g" $NGINX_CONF
48 perl -pi -e "s/^\s*proxy_ssl_password_file.*//g" $NGINX_CONF
51 echo ": Updating the IP Address for $netconfServerIP..."
52 if [[ ${netconfServerIP} =~ .*:.* ]]; then
53 perl -pi -e "s/netconfServerIP/[${netconfServerIP}]/g" $NGINX_CONF
55 perl -pi -e "s/netconfServerIP/${netconfServerIP}/g" $NGINX_CONF
62 echo "# Checking configuration for Fault VES Collector..."
63 echo ": Updating the IP Address and Port for $faultvesCollectorHost..."
64 perl -pi -e "s/faultvesCollectorPort/${faultvesCollectorPort}/g" $NGINX_CONF
65 if [[ ${faultvesCollectorHost} =~ .*:.* ]]; then
66 if [ $faultvesCollectorComm = "noAuth" ]; then
67 perl -pi -e "s|https://faultvesCollectorHost|http://[${faultvesCollectorHost}]|g" $NGINX_CONF
69 perl -pi -e "s/faultvesCollectorHost/[${faultvesCollectorHost}]/g" $NGINX_CONF
72 if [ $faultvesCollectorComm = "noAuth" ]; then
73 perl -pi -e "s|https://faultvesCollectorHost|http://${faultvesCollectorHost}|g" $NGINX_CONF
75 perl -pi -e "s/faultvesCollectorHost/${faultvesCollectorHost}/g" $NGINX_CONF
79 if [ $faultvesCollectorComm = "noAuth" ]; then
80 echo ": SSL Not enabled, Cleaning up the entries..."
81 sed -i '/faultvesCollectorSSLCert/,+9 d' $NGINX_CONF
83 elif [ $faultvesCollectorComm = "basicAuth" ]; then
84 echo ": SSL is enabled as basicAuth, Updating the entries..."
85 sed -i '/faultvesCollectorSSLCert/,+2 d' $NGINX_CONF
86 if [ ! -z ${faultvesCollectorBasicAuthUserPassEncrypt} ]; then
87 perl -pi -e "s/faultvesCollectorBasicAuthUserPassEncrypt/${faultvesCollectorBasicAuthUserPassEncrypt}/g" $NGINX_CONF
89 echo ": Username/Password Credentials not provided...FAILED"
93 elif [ $faultvesCollectorComm = "certOnly" ]; then
94 echo ": SSL is enabled as certOnly, Updating the entries..."
95 if [ -f /etc/nginx/ssl/${faultvesCollectorSSLCert} ]; then
96 perl -pi -e "s/faultvesCollectorSSLCert/${faultvesCollectorSSLCert}/g" $NGINX_CONF
98 echo ": SSL Certificate ${faultvesCollectorSSLCert} not available...FAILED"
102 if [ -f /etc/nginx/ssl/${faultvesCollectorSSLKey} ]; then
103 perl -pi -e "s/faultvesCollectorSSLKey/${faultvesCollectorSSLKey}/g" $NGINX_CONF
105 echo ": SSL Key ${faultvesCollectorSSLKey} not available...FAILED"
109 sed -i 's|proxy_set_header Authorization "Basic faultvesCollectorBasicAuthUserPassEncrypt";||g' $NGINX_CONF
111 elif [ $faultvesCollectorComm = "certBasicAuth" ]; then
112 echo ": SSL is enabled as certBasicAuth, Updating the entries..."
113 if [ ! -z ${faultvesCollectorBasicAuthUserPassEncrypt} ]; then
114 perl -pi -e "s/faultvesCollectorBasicAuthUserPassEncrypt/${faultvesCollectorBasicAuthUserPassEncrypt}/g" $NGINX_CONF
116 echo ": Username/Password Credentials not provided...FAILED"
120 if [ -f /etc/nginx/ssl/${faultvesCollectorSSLCert} ]; then
121 perl -pi -e "s/faultvesCollectorSSLCert/${faultvesCollectorSSLCert}/g" $NGINX_CONF
123 echo ": SSL Certificate ${faultvesCollectorSSLCert} not available...FAILED"
127 if [ -f /etc/nginx/ssl/${faultvesCollectorSSLKey} ]; then
128 perl -pi -e "s/faultvesCollectorSSLKey/${faultvesCollectorSSLKey}/g" $NGINX_CONF
130 echo ": SSL Key ${faultvesCollectorSSLKey} not available...FAILED"
135 echo ": Invalid Option... FAILED"
140 echo "# Checking if Trusted CA Certificate verification is Enabled or Not..."
141 if [ $faultvesCollectorTrustVerify != "TRUE" ]; then
142 echo ": Trusted CA Certificate verification is NOT Enabled..."
143 sed -i '/faultvesCollectorTrustCRT/,+2 d' $NGINX_CONF
145 echo ": Trusted CA Certificate verification is Enabled..."
146 perl -pi -e "s/faultvesCollectorTrustCRT/${faultvesCollectorTrustCRT}/g" $NGINX_CONF
150 echo "# Checking if Fault VES Collector DNS Server Details are Provided..."
151 if [ ! -z ${faultvesCollectorDNSServer} ]; then
152 echo ": DNS Server Details Provided..."
153 perl -pi -e "s/faultvesCollectorDNSServer/${faultvesCollectorDNSServer}/g" $NGINX_CONF
155 echo ": DNS Server Details NOT Provided..."
156 sed -i 's|resolver faultvesCollectorDNSServer;||g' $NGINX_CONF
163 echo "# Checking configuration for Pnf Req VES Collector..."
164 echo ": Updating the IP Address and Port for $pnfregvesCollectorHost..."
165 perl -pi -e "s/pnfregvesCollectorPort/${pnfregvesCollectorPort}/g" $NGINX_CONF
166 if [[ ${pnfregvesCollectorHost} =~ .*:.* ]]; then
167 if [ $pnfregvesCollectorComm = "noAuth" ]; then
168 perl -pi -e "s|https://pnfregvesCollectorHost|http://[${pnfregvesCollectorHost}]|g" $NGINX_CONF
170 perl -pi -e "s/pnfregvesCollectorHost/[${pnfregvesCollectorHost}]/g" $NGINX_CONF
173 if [ $pnfregvesCollectorComm = "noAuth" ]; then
174 perl -pi -e "s|https://pnfregvesCollectorHost|http://${pnfregvesCollectorHost}|g" $NGINX_CONF
176 perl -pi -e "s/pnfregvesCollectorHost/${pnfregvesCollectorHost}/g" $NGINX_CONF
180 if [ $pnfregvesCollectorComm = "noAuth" ]; then
181 echo ": SSL Not enabled, Cleaning up the entries..."
182 sed -i '/pnfregvesCollectorSSLCert/,+9 d' $NGINX_CONF
184 elif [ $pnfregvesCollectorComm = "basicAuth" ]; then
185 echo ": SSL is enabled as basicAuth, Updating the entries..."
186 sed -i '/pnfregvesCollectorSSLCert/,+2 d' $NGINX_CONF
187 if [ ! -z ${pnfregvesCollectorBasicAuthUserPassEncrypt} ]; then
188 perl -pi -e "s/pnfregvesCollectorBasicAuthUserPassEncrypt/${pnfregvesCollectorBasicAuthUserPassEncrypt}/g" $NGINX_CONF
190 echo ": Username/Password Credentials not provided...FAILED"
194 elif [ $pnfregvesCollectorComm = "certOnly" ]; then
195 echo ": SSL is enabled as certOnly, Updating the entries..."
196 if [ -f /etc/nginx/ssl/${pnfregvesCollectorSSLCert} ]; then
197 perl -pi -e "s/pnfregvesCollectorSSLCert/${pnfregvesCollectorSSLCert}/g" $NGINX_CONF
199 echo ": SSL Certificate ${pnfregvesCollectorSSLCert} not available...FAILED"
203 if [ -f /etc/nginx/ssl/${pnfregvesCollectorSSLKey} ]; then
204 perl -pi -e "s/pnfregvesCollectorSSLKey/${pnfregvesCollectorSSLKey}/g" $NGINX_CONF
206 echo ": SSL Key ${pnfregvesCollectorSSLKey} not available...FAILED"
210 sed -i 's|proxy_set_header Authorization "Basic pnfregvesCollectorBasicAuthUserPassEncrypt";||g' $NGINX_CONF
212 elif [ $pnfregvesCollectorComm = "certBasicAuth" ]; then
213 echo ": SSL is enabled as certBasicAuth, Updating the entries..."
214 if [ ! -z ${pnfregvesCollectorBasicAuthUserPassEncrypt} ]; then
215 perl -pi -e "s/pnfregvesCollectorBasicAuthUserPassEncrypt/${pnfregvesCollectorBasicAuthUserPassEncrypt}/g" $NGINX_CONF
217 echo ": Username/Password Credentials not provided...FAILED"
221 if [ -f /etc/nginx/ssl/${pnfregvesCollectorSSLCert} ]; then
222 perl -pi -e "s/pnfregvesCollectorSSLCert/${pnfregvesCollectorSSLCert}/g" $NGINX_CONF
224 echo ": SSL Certificate ${pnfregvesCollectorSSLCert} not available...FAILED"
228 if [ -f /etc/nginx/ssl/${pnfregvesCollectorSSLKey} ]; then
229 perl -pi -e "s/pnfregvesCollectorSSLKey/${pnfregvesCollectorSSLKey}/g" $NGINX_CONF
231 echo ": SSL Key ${pnfregvesCollectorSSLKey} not available...FAILED"
236 echo ": Invalid Option... FAILED"
241 echo "# Checking if Trusted CA Certificate verification is Enabled or Not..."
242 if [ $pnfregvesCollectorTrustVerify != "TRUE" ]; then
243 echo ": Trusted CA Certificate verification is NOT Enabled..."
244 sed -i '/pnfregvesCollectorTrustCRT/,+2 d' $NGINX_CONF
246 echo ": Trusted CA Certificate verification is Enabled..."
247 perl -pi -e "s/pnfregvesCollectorTrustCRT/${pnfregvesCollectorTrustCRT}/g" $NGINX_CONF
251 echo "# Checking if PNF VES Collector DNS Server Details are Provided..."
252 if [ ! -z ${pnfregvesCollectorDNSServer} ]; then
253 echo ": DNS Server Details Provided..."
254 perl -pi -e "s/pnfregvesCollectorDNSServer/${pnfregvesCollectorDNSServer}/g" $NGINX_CONF
256 echo ": DNS Server Details NOT Provided..."
257 sed -i 's|resolver pnfregvesCollectorDNSServer;||g' $NGINX_CONF
269 exec nginx -g 'daemon off;'