diff --git a/sulu-builder/Makefile b/sulu-builder/Makefile
index dd3b3343d65541084339e5516b9a4a29ad06eb45..e2ea538bb6f56e1d6d58f3ee5a24e82b81fa39eb 100644
--- a/sulu-builder/Makefile
+++ b/sulu-builder/Makefile
@@ -152,26 +152,7 @@ define Package/${PKG_NAME}/install
ifeq ($(CONFIG_PACKAGE_skopeo)$(CONFIG_PACKAGE_umoci),yy)
$(CP) $(PKG_BUILD_DIR)/build/src/config/widgets/lcm-store.json $(1)/sulu/config/widgets/
endif
- $(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_BIN) ./files/etc/config/sulu $(1)/etc/config/sulu
-
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/etc/init.d/sulu $(1)/etc/init.d/sulu
-
- $(INSTALL_DIR) $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/conf.d/obuspa.conf $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/conf.d/sulu.conf $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/sulu.password $(1)/etc/mosquitto/sulu.password
-
- $(INSTALL_DIR) $(1)/etc/nginx/conf.d
- $(INSTALL_DATA) ./files/etc/nginx/conf.d/sulu.conf $(1)/etc/nginx/conf.d/
-
- $(INSTALL_DIR) $(1)/etc/sulu
- $(INSTALL_DATA) ./files/etc/sulu/roles.json $(1)/etc/sulu/
- $(INSTALL_BIN) ./files/etc/sulu/sulu.sh $(1)/etc/sulu/
-
- $(INSTALL_DIR) $(1)/etc/uci-defaults
- $(INSTALL_BIN) ./files/etc/uci-defaults/99-fix-sulu-config $(1)/etc/uci-defaults/
+ $(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,${PKG_NAME}))
diff --git a/sulu-builder/files/etc/config/sulu b/sulu-builder/files/etc/config/sulu
deleted file mode 100644
index c9ede9412dc5ab6f0f71371a2132cc3fdc7dd116..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/config/sulu
+++ /dev/null
@@ -1,6 +0,0 @@
-config global 'global'
- option enabled '1'
- option enable_system_credentials '1'
- option role_based_access '1'
- list user 'admin'
- list user 'user'
diff --git a/sulu-builder/files/etc/init.d/sulu b/sulu-builder/files/etc/init.d/sulu
index 6006b7de0776450fbeba8a5cf5b4f8bc35c4a1f8..e339542d1cb4da855f234de2963bc5e4f9786d62 100755
--- a/sulu-builder/files/etc/init.d/sulu
+++ b/sulu-builder/files/etc/init.d/sulu
@@ -1,41 +1,19 @@
#!/bin/sh /etc/rc.common
-USE_PROCD=1
-
START=99
-STOP=01
+STOP=10
-. /lib/functions.sh
-. /etc/sulu/sulu.sh
+USE_PROCD=1
log() {
echo "${@}"|logger -t sulu.init -p debug
}
-validate_sulu_global_section()
-{
- uci_validate_section sulu global global \
- 'enabled:bool:1' \
- 'enable_system_credentials:bool:1' \
- 'role_based_access:bool:0'
-}
-
start_service() {
- local enabled enable_system_credentials role_based_access
-
- config_load sulu
procd_open_instance sulu
-
- validate_sulu_global_section || return 0;
# append sulu connection injection
- if [ "${enabled}" -eq "0" ]; then
- procd_close_instance
- return 0
- fi
-
- configure_sulu "${enable_system_credentials}" "${role_based_access}" 1
- update_nginx_config "${enabled}"
procd_close_instance
+
}
reload_service() {
@@ -45,5 +23,5 @@ reload_service() {
service_triggers()
{
- procd_add_reload_trigger "sulu"
+ procd_add_config_trigger "config.change" "obuspa" /etc/init.d/sulu reload
}
diff --git a/sulu-builder/files/etc/mosquitto/conf.d/sulu.conf b/sulu-builder/files/etc/mosquitto/conf.d/sulu.conf
index 150f43eb735491a1c2c3568f30232fcc211dfe29..dcded9bcbca9f3e0abed506ef5cc524df4c0bb9a 100644
--- a/sulu-builder/files/etc/mosquitto/conf.d/sulu.conf
+++ b/sulu-builder/files/etc/mosquitto/conf.d/sulu.conf
@@ -1,4 +1,5 @@
listener 9001
protocol websockets
+plugin /usr/lib/mosquitto_auth_shadow.so
require_certificate false
allow_anonymous false
diff --git a/sulu-builder/files/etc/mosquitto/sulu.password b/sulu-builder/files/etc/mosquitto/sulu.password
deleted file mode 100644
index f0e1a126738765e7b99dc530f058770857834eba..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/mosquitto/sulu.password
+++ /dev/null
@@ -1 +0,0 @@
-admin:$6$OmM9kU/lYct3KJ9j$iP0WK4ezEtRm8+EAggNp7WbJFoWO0p7IUdI0v/hr1WcVHyfFAC30Pb8Csn7GqwwqI2dcmnDOAITnimo2VNe6ug==
diff --git a/sulu-builder/files/etc/nginx/conf.d/sulu.conf b/sulu-builder/files/etc/nginx/conf.d/sulu.conf
deleted file mode 100644
index 025139c8b5a7b9c01d985dad7a1914d3e7c769cf..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/nginx/conf.d/sulu.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-server {
- listen 8080;
- listen [::]:8080;
- server_name _sulu;
- root /sulu;
- location /config/ {
- autoindex on;
-
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- if ($request_method = 'GET') {
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
- add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
- }
- }
-}
diff --git a/sulu-builder/files/etc/nginx/conf.d/sulu.locations b/sulu-builder/files/etc/nginx/conf.d/sulu.locations
new file mode 100644
index 0000000000000000000000000000000000000000..97b207a4e428ed37a215901272b45bf03aaec88b
--- /dev/null
+++ b/sulu-builder/files/etc/nginx/conf.d/sulu.locations
@@ -0,0 +1,18 @@
+location /config/ {
+ autoindex on;
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ if ($request_method = 'GET') {
+ add_header 'Access-Control-Allow-Origin' '*' always;
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+ }
+}
diff --git a/sulu-builder/files/etc/sulu/roles.json b/sulu-builder/files/etc/sulu/roles.json
deleted file mode 100644
index 0893750f7142f8da4e485b22f216578e5211c8e3..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/sulu/roles.json
+++ /dev/null
@@ -1,95 +0,0 @@
-{
- "roles": [
- {
- "name": "admin",
- "permission": [
- {
- "object": "Device.",
- "perm": [
- "PERMIT_ALL"
- ]
- }
- ]
- },
- {
- "name": "user",
- "permission": [
- {
- "object": "Device.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO"
- ]
- },
- {
- "object": "Device.LocalAgent.Subscription.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_ADD",
- "PERMIT_SET",
- "PERMIT_DEL"
- ]
- },
- {
- "object": "Device.WiFi.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- },
- {
- "object": "Device.DNS.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- },
- {
- "object": "Device.IP.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- }
- ]
- },
- {
- "name": "undefined-1"
- },
- {
- "name": "undefined-2"
- },
- {
- "name": "undefined-3"
- },
- {
- "name": "undefined-4"
- }
- ]
-}
diff --git a/sulu-builder/files/etc/sulu/sulu.sh b/sulu-builder/files/etc/sulu/sulu.sh
deleted file mode 100644
index 6f888c23cc3c08163c25fcdc3dc42e6aa2f23259..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/sulu/sulu.sh
+++ /dev/null
@@ -1,378 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-SULU_CONFIG="/sulu/config/connectionConfig.json"
-ACL_FILE="/tmp/sulu/mqtt.acl"
-MB_SULU_CONF="/etc/mosquitto/conf.d/sulu.conf"
-_RESTART_SERVICES="0"
-
-mkdir -p /tmp/sulu/
-
-function slog()
-{
- echo "$*" |logger -t sulu.init -p debug
-}
-
-function _get_agent_id()
-{
- local oui serial endpointid
-
- endpointid="$(uci_get obuspa localagent EndpointID)"
- if [ -z "${endpointid}" ]; then
- oui="$(db -q get device.deviceinfo.ManufacturerOUI)"
- serial="$(db -q get device.deviceinfo.SerialNumber)"
- echo "${oui}-${serial}"
- else
- echo "$(echo "${endpointid/::/,}"|cut -d "," -f 2)"
- fi
-}
-
-function _get_endpoint_id()
-{
- local oui serial endpointid
-
- endpointid="$(uci_get obuspa localagent EndpointID)"
- if [ -z "${endpointid}" ]; then
- oui="$(db -q get device.deviceinfo.ManufacturerOUI)"
- serial="$(db -q get device.deviceinfo.SerialNumber)"
- echo "os::${oui}-${serial}"
- else
- echo "${endpointid}"
- fi
-}
-
-function _get_sulu_users()
-{
- echo "$(uci -q get sulu.global.user)"
-}
-
-function generate_sulu_conn_config()
-{
- local rbac users
-
- rbac="${1}"
- users="$(_get_sulu_users)"
-
- json_init;
- if [ "${rbac}" -eq "1" ]; then
- json_add_string 'currentConnection' 'rbac';
- else
- json_add_string 'currentConnection' 'main';
- fi
- json_add_object 'connections';
- json_add_object 'rbac';
- json_add_string 'toId' "$(_get_endpoint_id)";
- json_add_int 'port' 9001;
- json_add_string 'protocol' 'ws';
- json_add_array 'auth';
- json_close_array;
-
- json_add_object 'overrides';
- for f in ${users}; do
- json_add_object "${f}";
- json_add_string 'fromId' "self::sulu-${f}";
- json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${f}/endpoint";
- json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${f}/controller";
- json_close_object;
- done
- json_close_object;
- json_close_object;
-
- # add the default connection
- json_add_object 'main';
- json_add_string 'fromId' 'proto::interop-usp-controller';
- json_add_string 'toId' "$(_get_endpoint_id)";
- json_add_int 'port' 9001;
- json_add_string 'protocol' 'ws';
- json_add_string 'publishEndpoint' "/usp/endpoint";
- json_add_string 'subscribeEndpoint' "/usp/controller";
- json_add_array 'auth';
- json_close_array;
- json_close_object;
- json_close_object;
-
- json_dump > ${SULU_CONFIG}
-}
-
-function set_sulu_connection_mode()
-{
- local rbac profile config
-
- rbac="${1}"
-
- profile="$(jq '.currentConnection' ${SULU_CONFIG})"
- if [ "$rbac" -eq "1" -a "${profile}" == "\"main\"" ]; then
- config="$(jq '.currentConnection = "rbac"' ${SULU_CONFIG})"
- echo "${config}" > ${SULU_CONFIG}
- elif [ "$rbac" -eq "0" -a "${profile}" == "\"rbac\"" ]; then
- config="$(jq '.currentConnection = "main"' ${SULU_CONFIG})"
- echo "${config}" > ${SULU_CONFIG}
- fi
-}
-function _update_obuspa_config()
-{
- local restart
-
- restart=0
- if ! uci_get obuspa localmqtt >/dev/null 2>&1; then
- uci_add obuspa mqtt localmqtt
- uci_set obuspa localmqtt BrokerAddress "127.0.0.1"
- uci_set obuspa localmqtt BrokerPort "1883"
- uci_set obuspa localmqtt TransportProtocol "TCP/IP"
- restart=1
- fi
-
- if ! uci_get obuspa agent_mtp >/dev/null 2>&1; then
- uci_add obuspa mtp agent_mtp
- uci_set obuspa agent_mtp Protocol "MQTT"
- uci_set obuspa agent_mtp ResponseTopicConfigured "/usp/endpoint"
- uci_set obuspa agent_mtp mqtt "localmqtt"
- restart=1
- fi
-
- if ! uci_get obuspa localcontroller >/dev/null 2>&1; then
- uci_add obuspa controller localcontroller
- uci_set obuspa localcontroller EndpointID "proto::interop-usp-controller"
- uci_set obuspa localcontroller Protocol "MQTT"
- uci_set obuspa localcontroller Topic "/usp/controller"
- uci_set obuspa localcontroller mqtt "localmqtt"
- uci_set obuspa localcontroller assigned_role_name "full_access"
- restart=1
- fi
- return "${restart}"
-}
-
-function _remove_obuspa_config()
-{
- local restart
-
- restart=0
- if [ "$(uci_get obuspa localmqtt)" == "mqtt" ]; then
- uci_remove obuspa localmqtt
- restart=1
- fi
- if [ "$(uci_get obuspa agent_mtp)" == "mtp" ]; then
- uci_remove obuspa agent_mtp
- restart=1
- fi
- if [ "$(uci_get obuspa localcontroller)" == "controller" ]; then
- uci_remove obuspa localcontroller
- restart=1
- fi
- return "${restart}"
-}
-
-function _update_obuspa_config_rbac() {
- local agent users restart
-
- agent="$(_get_agent_id)"
- users="$(_get_sulu_users)"
- restart=0
-
- for f in ${users}; do
- local sec
-
- # Add mqtt
- sec="mqtt_sulu_${f}"
- if ! uci_get obuspa mqtt ${sec} >/dev/null 2>&1; then
- uci_add obuspa mqtt ${sec}
- uci_set obuspa ${sec} BrokerAddress "127.0.0.1"
- uci_set obuspa ${sec} BrokerPort "1883"
- uci_set obuspa ${sec} TransportProtocol "TCP/IP"
- restart=1
- fi
-
- # Add mtp
- sec="mtp_sulu_${f}"
- if ! uci_get obuspa mtp ${sec} >/dev/null 2>&1; then
- uci_add obuspa mtp ${sec}
- uci_set obuspa ${sec} Protocol "MQTT"
- uci_set obuspa ${sec} ResponseTopicConfigured "/usp/${agent}/${f}/endpoint"
- uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
- restart=1
- fi
-
- # Add controller
- sec="controller_sulu_${f}"
- if ! uci_get obuspa controller ${sec} >/dev/null 2>&1; then
- uci_add obuspa controller ${sec}
- uci_set obuspa ${sec} EndpointID "self::sulu-${f}"
- uci_set obuspa ${sec} Protocol "MQTT"
- uci_set obuspa ${sec} Topic "/usp/${agent}/${f}/controller"
- uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
- uci_set obuspa ${sec} assigned_role_name "$f"
- restart=1
- fi
- done
- if [ -f "/etc/sulu/roles.json" ]; then
- uci_set obuspa global role_file "/etc/sulu/roles.json"
- fi
- return "${restart}"
-}
-
-function _remove_sulu_sec()
-{
- local sec
-
- if [[ "${1}" == *"_sulu_"* ]]; then
- uci_remove obuspa ${1}
- return 1
- fi
- return 0
-}
-
-function _remove_obuspa_config_rbac()
-{
- local restart
-
- restart=0
- config_foreach _remove_sulu_sec mqtt
- restart="$(( restart + $? ))"
- config_foreach _remove_sulu_sec mtp
- restart="$(( restart + $? ))"
- config_foreach _remove_sulu_sec controller
- restart="$(( restart + $? ))"
- uci_set obuspa global role_file ""
-
- return "${restart}"
-}
-
-function _create_acl() {
- local agentid rbac users
-
- rbac="${1:-0}"
-
- [ -f "${ACL_FILE}" ] && rm -f "${ACL_FILE}"
-
- if [ "${rbac}" -eq "0" ]; then
- return 0;
- fi
-
- agentid="$(_get_agent_id)"
- users="$(_get_sulu_users)"
- for f in ${users}; do
- echo "user ${f}" >> ${ACL_FILE}
- echo "topic read /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
- echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
- echo "topic read /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
- echo "" >> ${ACL_FILE}
- done
-}
-
-function update_mosquitto_broker_config()
-{
- local system_cred rbac restart
-
- system_cred="${1}"
- rbac="${2}"
- restart=0
-
- if [ "${system_cred}" -eq "1" ]; then
- if grep -q "password_file " ${MB_SULU_CONF}; then
- sed -i '/password_file /d' ${MB_SULU_CONF}
- restart=1
- fi
- if ! grep -q "plugin .*mosquitto_auth_shadow.so" ${MB_SULU_CONF}; then
- echo "plugin /usr/lib/mosquitto_auth_shadow.so" >> ${MB_SULU_CONF}
- restart=1
- fi
- else
- if grep -q 'plugin .*mosquitto_auth_shadow.so' ${MB_SULU_CONF}; then
- sed -i '/plugin .*mosquitto_auth_shadow.so/d' ${MB_SULU_CONF}
- restart=1
- fi
- if ! grep -q "password_file /etc/mosquitto/sulu.password" ${MB_SULU_CONF}; then
- echo "password_file /etc/mosquitto/sulu.password" >> ${MB_SULU_CONF}
- restart=1
- fi
- fi
-
- if [ "${rbac}" -eq "1" ]; then
- _create_acl "${rbac}"
- if ! grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
- echo "acl_file ${ACL_FILE}" >> ${MB_SULU_CONF}
- restart=1
- fi
- else
- if grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
- sed -i '/acl_file /d' ${MB_SULU_CONF}
- restart=1
- fi
- fi
-
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
- slog "Restarting mqtt broker..."
- /etc/init.d/mosquitto restart &
- fi
-}
-
-function update_obuspa_config()
-{
- local rbac restart
-
- rbac="${1}"
- restart=0
-
- uci_load obuspa
- if [ "${rbac}" -eq "1" ]; then
- _remove_obuspa_config
- restart="$(( restart + $? ))"
- _update_obuspa_config_rbac
- restart="$(( restart + $? ))"
- else
- _remove_obuspa_config_rbac
- restart="$(( restart + $? ))"
- _update_obuspa_config
- restart="$(( restart + $? ))"
- fi
- uci_commit obuspa
-
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -gt "0" ]; then
- slog "Restarting obuspa..."
- ubus call uci commit '{"config":"obuspa"}'
- fi
-}
-
-function update_nginx_config()
-{
- local enabled restart
-
- restart=0
- enabled="${1:-0}"
- if [ "${enabled}" -eq "1" ]; then
- if [ ! -f "/etc/nginx/conf.d/sulu.conf" ]; then
- cp /etc/sulu/nginx.conf /etc/nginx/conf.d/sulu.conf
- restart=1
- fi
- else
- if [ -f "/etc/nginx/conf.d/sulu.conf" ]; then
- rm -f /etc/nginx/conf.d/sulu.conf
- restart=1
- fi
- fi
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
- slog "Restarting nginx..."
- ubus call uci commit '{"config":"nginx"}'
- fi
-}
-
-function configure_sulu()
-{
- local sys_cred rbac restart
-
- sys_cred="${1}"
- rbac="${2}"
- restart="${3:-0}"
-
- if [ -z "${sys_cred}" -o -z "${rbac}" ]; then
- slog "Invalid inputs"
- return 0
- fi
-
- _RESTART_SERVICES="${restart}"
-
- update_mosquitto_broker_config "${sys_cred}" "${rbac}"
- set_sulu_connection_mode "${rbac}"
- update_obuspa_config "${rbac}"
-}
diff --git a/sulu-builder/files/etc/uci-defaults/90-sulu-set-nginx-conf b/sulu-builder/files/etc/uci-defaults/90-sulu-set-nginx-conf
new file mode 100644
index 0000000000000000000000000000000000000000..7b74aabaf3c474a55c19a455377feba17430c879
--- /dev/null
+++ b/sulu-builder/files/etc/uci-defaults/90-sulu-set-nginx-conf
@@ -0,0 +1,10 @@
+mkdir -p /tmp/sulu
+
+uci -q get nginx._sulu && exit 0
+
+uci -q set nginx._sulu=server
+uci -q add_list nginx._sulu.listen='8080'
+uci -q add_list nginx._sulu.listen='[::]:8080'
+uci -q set nginx._sulu.root='/sulu'
+uci -q set nginx._sulu.server_name='_sulu'
+uci -q add_list nginx._sulu.include='conf.d/sulu.locations'
diff --git a/sulu-builder/files/etc/uci-defaults/99-fix-sulu-config b/sulu-builder/files/etc/uci-defaults/99-fix-sulu-config
deleted file mode 100644
index 8db027ef985ac2c0dca86f71552c4aa86d96d72a..0000000000000000000000000000000000000000
--- a/sulu-builder/files/etc/uci-defaults/99-fix-sulu-config
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-. /etc/sulu/sulu.sh
-
-config_load sulu
-config_get enable_system_credentials global enable_system_credentials 1
-config_get role_based_access global role_based_access 0
-config_get enabled global enabled 0
-
-configure_sulu "${enable_system_credentials}" "${role_based_access}" 0
-update_nginx_config "${enabled}"
-generate_sulu_conn_config "${role_based_access}"
diff --git a/sulu/Makefile b/sulu/Makefile
index dff40ae6f872321828a0473276ffbde80b3ef1c4..a11877783024acbfe6d6e3d97e2797f02e008038 100644
--- a/sulu/Makefile
+++ b/sulu/Makefile
@@ -35,7 +35,11 @@ define Package/sulu/description
endef
define Package/sulu/install
+ $(INSTALL_DIR) $(1)/sulu
+ $(INSTALL_DIR) $(1)/sulu/config
$(INSTALL_DIR) $(1)/sulu/config/widgets
+ $(INSTALL_DIR) $(1)/etc/nginx/
+ $(INSTALL_DIR) $(1)/etc/mosquitto/conf.d/
$(CP) $(PKG_BUILD_DIR)/dist/* $(1)/sulu
$(CP) $(PKG_BUILD_DIR)/config/*.json $(1)/sulu/config
$(CP) $(PKG_BUILD_DIR)/config/widgets/diagnostics.json $(1)/sulu/config/widgets/
@@ -43,26 +47,7 @@ define Package/sulu/install
ifeq ($(CONFIG_PACKAGE_skopeo)$(CONFIG_PACKAGE_umoci),yy)
$(CP) $(PKG_BUILD_DIR)/config/widgets/lcm-store.json $(1)/sulu/config/widgets/
endif
- $(INSTALL_DIR) $(1)/etc/config
- $(INSTALL_BIN) ./files/etc/config/sulu $(1)/etc/config/sulu
-
- $(INSTALL_DIR) $(1)/etc/init.d
- $(INSTALL_BIN) ./files/etc/init.d/sulu $(1)/etc/init.d/sulu
-
- $(INSTALL_DIR) $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/conf.d/obuspa.conf $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/conf.d/sulu.conf $(1)/etc/mosquitto/conf.d/
- $(INSTALL_DATA) ./files/etc/mosquitto/sulu.password $(1)/etc/mosquitto/sulu.password
-
- $(INSTALL_DIR) $(1)/etc/nginx/conf.d
- $(INSTALL_DATA) ./files/etc/nginx/conf.d/sulu.conf $(1)/etc/nginx/conf.d/
-
- $(INSTALL_DIR) $(1)/etc/sulu
- $(INSTALL_DATA) ./files/etc/sulu/roles.json $(1)/etc/sulu/
- $(INSTALL_BIN) ./files/etc/sulu/sulu.sh $(1)/etc/sulu/
-
- $(INSTALL_DIR) $(1)/etc/uci-defaults
- $(INSTALL_BIN) ./files/etc/uci-defaults/99-fix-sulu-config $(1)/etc/uci-defaults/
+ $(CP) ./files/* $(1)/
endef
$(eval $(call BuildPackage,sulu))
diff --git a/sulu/files/etc/config/sulu b/sulu/files/etc/config/sulu
deleted file mode 100644
index c9ede9412dc5ab6f0f71371a2132cc3fdc7dd116..0000000000000000000000000000000000000000
--- a/sulu/files/etc/config/sulu
+++ /dev/null
@@ -1,6 +0,0 @@
-config global 'global'
- option enabled '1'
- option enable_system_credentials '1'
- option role_based_access '1'
- list user 'admin'
- list user 'user'
diff --git a/sulu/files/etc/init.d/sulu b/sulu/files/etc/init.d/sulu
index 6006b7de0776450fbeba8a5cf5b4f8bc35c4a1f8..e339542d1cb4da855f234de2963bc5e4f9786d62 100755
--- a/sulu/files/etc/init.d/sulu
+++ b/sulu/files/etc/init.d/sulu
@@ -1,41 +1,19 @@
#!/bin/sh /etc/rc.common
-USE_PROCD=1
-
START=99
-STOP=01
+STOP=10
-. /lib/functions.sh
-. /etc/sulu/sulu.sh
+USE_PROCD=1
log() {
echo "${@}"|logger -t sulu.init -p debug
}
-validate_sulu_global_section()
-{
- uci_validate_section sulu global global \
- 'enabled:bool:1' \
- 'enable_system_credentials:bool:1' \
- 'role_based_access:bool:0'
-}
-
start_service() {
- local enabled enable_system_credentials role_based_access
-
- config_load sulu
procd_open_instance sulu
-
- validate_sulu_global_section || return 0;
# append sulu connection injection
- if [ "${enabled}" -eq "0" ]; then
- procd_close_instance
- return 0
- fi
-
- configure_sulu "${enable_system_credentials}" "${role_based_access}" 1
- update_nginx_config "${enabled}"
procd_close_instance
+
}
reload_service() {
@@ -45,5 +23,5 @@ reload_service() {
service_triggers()
{
- procd_add_reload_trigger "sulu"
+ procd_add_config_trigger "config.change" "obuspa" /etc/init.d/sulu reload
}
diff --git a/sulu/files/etc/mosquitto/conf.d/sulu.conf b/sulu/files/etc/mosquitto/conf.d/sulu.conf
index 150f43eb735491a1c2c3568f30232fcc211dfe29..dcded9bcbca9f3e0abed506ef5cc524df4c0bb9a 100644
--- a/sulu/files/etc/mosquitto/conf.d/sulu.conf
+++ b/sulu/files/etc/mosquitto/conf.d/sulu.conf
@@ -1,4 +1,5 @@
listener 9001
protocol websockets
+plugin /usr/lib/mosquitto_auth_shadow.so
require_certificate false
allow_anonymous false
diff --git a/sulu/files/etc/mosquitto/sulu.password b/sulu/files/etc/mosquitto/sulu.password
deleted file mode 100644
index f0e1a126738765e7b99dc530f058770857834eba..0000000000000000000000000000000000000000
--- a/sulu/files/etc/mosquitto/sulu.password
+++ /dev/null
@@ -1 +0,0 @@
-admin:$6$OmM9kU/lYct3KJ9j$iP0WK4ezEtRm8+EAggNp7WbJFoWO0p7IUdI0v/hr1WcVHyfFAC30Pb8Csn7GqwwqI2dcmnDOAITnimo2VNe6ug==
diff --git a/sulu/files/etc/nginx/conf.d/sulu.conf b/sulu/files/etc/nginx/conf.d/sulu.conf
deleted file mode 100644
index 025139c8b5a7b9c01d985dad7a1914d3e7c769cf..0000000000000000000000000000000000000000
--- a/sulu/files/etc/nginx/conf.d/sulu.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-server {
- listen 8080;
- listen [::]:8080;
- server_name _sulu;
- root /sulu;
- location /config/ {
- autoindex on;
-
- if ($request_method = 'OPTIONS') {
- add_header 'Access-Control-Allow-Origin' '*';
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
- add_header 'Access-Control-Max-Age' 1728000;
- add_header 'Content-Type' 'text/plain; charset=utf-8';
- add_header 'Content-Length' 0;
- return 204;
- }
- if ($request_method = 'GET') {
- add_header 'Access-Control-Allow-Origin' '*' always;
- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
- add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
- }
- }
-}
diff --git a/sulu/files/etc/nginx/conf.d/sulu.locations b/sulu/files/etc/nginx/conf.d/sulu.locations
new file mode 100644
index 0000000000000000000000000000000000000000..97b207a4e428ed37a215901272b45bf03aaec88b
--- /dev/null
+++ b/sulu/files/etc/nginx/conf.d/sulu.locations
@@ -0,0 +1,18 @@
+location /config/ {
+ autoindex on;
+ if ($request_method = 'OPTIONS') {
+ add_header 'Access-Control-Allow-Origin' '*';
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
+ add_header 'Access-Control-Max-Age' 1728000;
+ add_header 'Content-Type' 'text/plain; charset=utf-8';
+ add_header 'Content-Length' 0;
+ return 204;
+ }
+ if ($request_method = 'GET') {
+ add_header 'Access-Control-Allow-Origin' '*' always;
+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;
+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;
+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+ }
+}
diff --git a/sulu/files/etc/sulu/roles.json b/sulu/files/etc/sulu/roles.json
deleted file mode 100644
index 0893750f7142f8da4e485b22f216578e5211c8e3..0000000000000000000000000000000000000000
--- a/sulu/files/etc/sulu/roles.json
+++ /dev/null
@@ -1,95 +0,0 @@
-{
- "roles": [
- {
- "name": "admin",
- "permission": [
- {
- "object": "Device.",
- "perm": [
- "PERMIT_ALL"
- ]
- }
- ]
- },
- {
- "name": "user",
- "permission": [
- {
- "object": "Device.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO"
- ]
- },
- {
- "object": "Device.LocalAgent.Subscription.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_ADD",
- "PERMIT_SET",
- "PERMIT_DEL"
- ]
- },
- {
- "object": "Device.WiFi.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- },
- {
- "object": "Device.DNS.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- },
- {
- "object": "Device.IP.",
- "perm": [
- "PERMIT_GET",
- "PERMIT_GET_INST",
- "PERMIT_OBJ_INFO",
- "PERMIT_CMD_INFO",
- "PERMIT_OPER",
- "PERMIT_SUBS_VAL_CHANGE",
- "PERMIT_SUBS_OBJ_ADD",
- "PERMIT_SUBS_OBJ_DEL",
- "PERMIT_SUBS_EVT_OPER_COMP"
- ]
- }
- ]
- },
- {
- "name": "undefined-1"
- },
- {
- "name": "undefined-2"
- },
- {
- "name": "undefined-3"
- },
- {
- "name": "undefined-4"
- }
- ]
-}
diff --git a/sulu/files/etc/sulu/sulu.sh b/sulu/files/etc/sulu/sulu.sh
deleted file mode 100644
index 6f888c23cc3c08163c25fcdc3dc42e6aa2f23259..0000000000000000000000000000000000000000
--- a/sulu/files/etc/sulu/sulu.sh
+++ /dev/null
@@ -1,378 +0,0 @@
-#!/bin/sh
-
-. /lib/functions.sh
-
-SULU_CONFIG="/sulu/config/connectionConfig.json"
-ACL_FILE="/tmp/sulu/mqtt.acl"
-MB_SULU_CONF="/etc/mosquitto/conf.d/sulu.conf"
-_RESTART_SERVICES="0"
-
-mkdir -p /tmp/sulu/
-
-function slog()
-{
- echo "$*" |logger -t sulu.init -p debug
-}
-
-function _get_agent_id()
-{
- local oui serial endpointid
-
- endpointid="$(uci_get obuspa localagent EndpointID)"
- if [ -z "${endpointid}" ]; then
- oui="$(db -q get device.deviceinfo.ManufacturerOUI)"
- serial="$(db -q get device.deviceinfo.SerialNumber)"
- echo "${oui}-${serial}"
- else
- echo "$(echo "${endpointid/::/,}"|cut -d "," -f 2)"
- fi
-}
-
-function _get_endpoint_id()
-{
- local oui serial endpointid
-
- endpointid="$(uci_get obuspa localagent EndpointID)"
- if [ -z "${endpointid}" ]; then
- oui="$(db -q get device.deviceinfo.ManufacturerOUI)"
- serial="$(db -q get device.deviceinfo.SerialNumber)"
- echo "os::${oui}-${serial}"
- else
- echo "${endpointid}"
- fi
-}
-
-function _get_sulu_users()
-{
- echo "$(uci -q get sulu.global.user)"
-}
-
-function generate_sulu_conn_config()
-{
- local rbac users
-
- rbac="${1}"
- users="$(_get_sulu_users)"
-
- json_init;
- if [ "${rbac}" -eq "1" ]; then
- json_add_string 'currentConnection' 'rbac';
- else
- json_add_string 'currentConnection' 'main';
- fi
- json_add_object 'connections';
- json_add_object 'rbac';
- json_add_string 'toId' "$(_get_endpoint_id)";
- json_add_int 'port' 9001;
- json_add_string 'protocol' 'ws';
- json_add_array 'auth';
- json_close_array;
-
- json_add_object 'overrides';
- for f in ${users}; do
- json_add_object "${f}";
- json_add_string 'fromId' "self::sulu-${f}";
- json_add_string 'publishEndpoint' "/usp/$(_get_agent_id)/${f}/endpoint";
- json_add_string 'subscribeEndpoint' "/usp/$(_get_agent_id)/${f}/controller";
- json_close_object;
- done
- json_close_object;
- json_close_object;
-
- # add the default connection
- json_add_object 'main';
- json_add_string 'fromId' 'proto::interop-usp-controller';
- json_add_string 'toId' "$(_get_endpoint_id)";
- json_add_int 'port' 9001;
- json_add_string 'protocol' 'ws';
- json_add_string 'publishEndpoint' "/usp/endpoint";
- json_add_string 'subscribeEndpoint' "/usp/controller";
- json_add_array 'auth';
- json_close_array;
- json_close_object;
- json_close_object;
-
- json_dump > ${SULU_CONFIG}
-}
-
-function set_sulu_connection_mode()
-{
- local rbac profile config
-
- rbac="${1}"
-
- profile="$(jq '.currentConnection' ${SULU_CONFIG})"
- if [ "$rbac" -eq "1" -a "${profile}" == "\"main\"" ]; then
- config="$(jq '.currentConnection = "rbac"' ${SULU_CONFIG})"
- echo "${config}" > ${SULU_CONFIG}
- elif [ "$rbac" -eq "0" -a "${profile}" == "\"rbac\"" ]; then
- config="$(jq '.currentConnection = "main"' ${SULU_CONFIG})"
- echo "${config}" > ${SULU_CONFIG}
- fi
-}
-function _update_obuspa_config()
-{
- local restart
-
- restart=0
- if ! uci_get obuspa localmqtt >/dev/null 2>&1; then
- uci_add obuspa mqtt localmqtt
- uci_set obuspa localmqtt BrokerAddress "127.0.0.1"
- uci_set obuspa localmqtt BrokerPort "1883"
- uci_set obuspa localmqtt TransportProtocol "TCP/IP"
- restart=1
- fi
-
- if ! uci_get obuspa agent_mtp >/dev/null 2>&1; then
- uci_add obuspa mtp agent_mtp
- uci_set obuspa agent_mtp Protocol "MQTT"
- uci_set obuspa agent_mtp ResponseTopicConfigured "/usp/endpoint"
- uci_set obuspa agent_mtp mqtt "localmqtt"
- restart=1
- fi
-
- if ! uci_get obuspa localcontroller >/dev/null 2>&1; then
- uci_add obuspa controller localcontroller
- uci_set obuspa localcontroller EndpointID "proto::interop-usp-controller"
- uci_set obuspa localcontroller Protocol "MQTT"
- uci_set obuspa localcontroller Topic "/usp/controller"
- uci_set obuspa localcontroller mqtt "localmqtt"
- uci_set obuspa localcontroller assigned_role_name "full_access"
- restart=1
- fi
- return "${restart}"
-}
-
-function _remove_obuspa_config()
-{
- local restart
-
- restart=0
- if [ "$(uci_get obuspa localmqtt)" == "mqtt" ]; then
- uci_remove obuspa localmqtt
- restart=1
- fi
- if [ "$(uci_get obuspa agent_mtp)" == "mtp" ]; then
- uci_remove obuspa agent_mtp
- restart=1
- fi
- if [ "$(uci_get obuspa localcontroller)" == "controller" ]; then
- uci_remove obuspa localcontroller
- restart=1
- fi
- return "${restart}"
-}
-
-function _update_obuspa_config_rbac() {
- local agent users restart
-
- agent="$(_get_agent_id)"
- users="$(_get_sulu_users)"
- restart=0
-
- for f in ${users}; do
- local sec
-
- # Add mqtt
- sec="mqtt_sulu_${f}"
- if ! uci_get obuspa mqtt ${sec} >/dev/null 2>&1; then
- uci_add obuspa mqtt ${sec}
- uci_set obuspa ${sec} BrokerAddress "127.0.0.1"
- uci_set obuspa ${sec} BrokerPort "1883"
- uci_set obuspa ${sec} TransportProtocol "TCP/IP"
- restart=1
- fi
-
- # Add mtp
- sec="mtp_sulu_${f}"
- if ! uci_get obuspa mtp ${sec} >/dev/null 2>&1; then
- uci_add obuspa mtp ${sec}
- uci_set obuspa ${sec} Protocol "MQTT"
- uci_set obuspa ${sec} ResponseTopicConfigured "/usp/${agent}/${f}/endpoint"
- uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
- restart=1
- fi
-
- # Add controller
- sec="controller_sulu_${f}"
- if ! uci_get obuspa controller ${sec} >/dev/null 2>&1; then
- uci_add obuspa controller ${sec}
- uci_set obuspa ${sec} EndpointID "self::sulu-${f}"
- uci_set obuspa ${sec} Protocol "MQTT"
- uci_set obuspa ${sec} Topic "/usp/${agent}/${f}/controller"
- uci_set obuspa ${sec} mqtt "mqtt_sulu_$f"
- uci_set obuspa ${sec} assigned_role_name "$f"
- restart=1
- fi
- done
- if [ -f "/etc/sulu/roles.json" ]; then
- uci_set obuspa global role_file "/etc/sulu/roles.json"
- fi
- return "${restart}"
-}
-
-function _remove_sulu_sec()
-{
- local sec
-
- if [[ "${1}" == *"_sulu_"* ]]; then
- uci_remove obuspa ${1}
- return 1
- fi
- return 0
-}
-
-function _remove_obuspa_config_rbac()
-{
- local restart
-
- restart=0
- config_foreach _remove_sulu_sec mqtt
- restart="$(( restart + $? ))"
- config_foreach _remove_sulu_sec mtp
- restart="$(( restart + $? ))"
- config_foreach _remove_sulu_sec controller
- restart="$(( restart + $? ))"
- uci_set obuspa global role_file ""
-
- return "${restart}"
-}
-
-function _create_acl() {
- local agentid rbac users
-
- rbac="${1:-0}"
-
- [ -f "${ACL_FILE}" ] && rm -f "${ACL_FILE}"
-
- if [ "${rbac}" -eq "0" ]; then
- return 0;
- fi
-
- agentid="$(_get_agent_id)"
- users="$(_get_sulu_users)"
- for f in ${users}; do
- echo "user ${f}" >> ${ACL_FILE}
- echo "topic read /usp/${agentid}/${f}/controller/reply-to/#" >> ${ACL_FILE}
- echo "topic write /usp/${agentid}/${f}/endpoint/#" >> ${ACL_FILE}
- echo "topic read /usp/${agentid}/${f}/controller/#" >> ${ACL_FILE}
- echo "" >> ${ACL_FILE}
- done
-}
-
-function update_mosquitto_broker_config()
-{
- local system_cred rbac restart
-
- system_cred="${1}"
- rbac="${2}"
- restart=0
-
- if [ "${system_cred}" -eq "1" ]; then
- if grep -q "password_file " ${MB_SULU_CONF}; then
- sed -i '/password_file /d' ${MB_SULU_CONF}
- restart=1
- fi
- if ! grep -q "plugin .*mosquitto_auth_shadow.so" ${MB_SULU_CONF}; then
- echo "plugin /usr/lib/mosquitto_auth_shadow.so" >> ${MB_SULU_CONF}
- restart=1
- fi
- else
- if grep -q 'plugin .*mosquitto_auth_shadow.so' ${MB_SULU_CONF}; then
- sed -i '/plugin .*mosquitto_auth_shadow.so/d' ${MB_SULU_CONF}
- restart=1
- fi
- if ! grep -q "password_file /etc/mosquitto/sulu.password" ${MB_SULU_CONF}; then
- echo "password_file /etc/mosquitto/sulu.password" >> ${MB_SULU_CONF}
- restart=1
- fi
- fi
-
- if [ "${rbac}" -eq "1" ]; then
- _create_acl "${rbac}"
- if ! grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
- echo "acl_file ${ACL_FILE}" >> ${MB_SULU_CONF}
- restart=1
- fi
- else
- if grep -q "acl_file ${ACL_FILE}" ${MB_SULU_CONF}; then
- sed -i '/acl_file /d' ${MB_SULU_CONF}
- restart=1
- fi
- fi
-
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
- slog "Restarting mqtt broker..."
- /etc/init.d/mosquitto restart &
- fi
-}
-
-function update_obuspa_config()
-{
- local rbac restart
-
- rbac="${1}"
- restart=0
-
- uci_load obuspa
- if [ "${rbac}" -eq "1" ]; then
- _remove_obuspa_config
- restart="$(( restart + $? ))"
- _update_obuspa_config_rbac
- restart="$(( restart + $? ))"
- else
- _remove_obuspa_config_rbac
- restart="$(( restart + $? ))"
- _update_obuspa_config
- restart="$(( restart + $? ))"
- fi
- uci_commit obuspa
-
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -gt "0" ]; then
- slog "Restarting obuspa..."
- ubus call uci commit '{"config":"obuspa"}'
- fi
-}
-
-function update_nginx_config()
-{
- local enabled restart
-
- restart=0
- enabled="${1:-0}"
- if [ "${enabled}" -eq "1" ]; then
- if [ ! -f "/etc/nginx/conf.d/sulu.conf" ]; then
- cp /etc/sulu/nginx.conf /etc/nginx/conf.d/sulu.conf
- restart=1
- fi
- else
- if [ -f "/etc/nginx/conf.d/sulu.conf" ]; then
- rm -f /etc/nginx/conf.d/sulu.conf
- restart=1
- fi
- fi
- if [ "${_RESTART_SERVICES}" -eq "1" -a "${restart}" -eq "1" ]; then
- slog "Restarting nginx..."
- ubus call uci commit '{"config":"nginx"}'
- fi
-}
-
-function configure_sulu()
-{
- local sys_cred rbac restart
-
- sys_cred="${1}"
- rbac="${2}"
- restart="${3:-0}"
-
- if [ -z "${sys_cred}" -o -z "${rbac}" ]; then
- slog "Invalid inputs"
- return 0
- fi
-
- _RESTART_SERVICES="${restart}"
-
- update_mosquitto_broker_config "${sys_cred}" "${rbac}"
- set_sulu_connection_mode "${rbac}"
- update_obuspa_config "${rbac}"
-}
diff --git a/sulu/files/etc/uci-defaults/90-sulu-set-nginx-conf b/sulu/files/etc/uci-defaults/90-sulu-set-nginx-conf
new file mode 100644
index 0000000000000000000000000000000000000000..7b74aabaf3c474a55c19a455377feba17430c879
--- /dev/null
+++ b/sulu/files/etc/uci-defaults/90-sulu-set-nginx-conf
@@ -0,0 +1,10 @@
+mkdir -p /tmp/sulu
+
+uci -q get nginx._sulu && exit 0
+
+uci -q set nginx._sulu=server
+uci -q add_list nginx._sulu.listen='8080'
+uci -q add_list nginx._sulu.listen='[::]:8080'
+uci -q set nginx._sulu.root='/sulu'
+uci -q set nginx._sulu.server_name='_sulu'
+uci -q add_list nginx._sulu.include='conf.d/sulu.locations'
diff --git a/sulu/files/etc/uci-defaults/99-fix-sulu-config b/sulu/files/etc/uci-defaults/99-fix-sulu-config
deleted file mode 100644
index 8db027ef985ac2c0dca86f71552c4aa86d96d72a..0000000000000000000000000000000000000000
--- a/sulu/files/etc/uci-defaults/99-fix-sulu-config
+++ /dev/null
@@ -1,12 +0,0 @@
-#!/bin/sh
-
-. /etc/sulu/sulu.sh
-
-config_load sulu
-config_get enable_system_credentials global enable_system_credentials 1
-config_get role_based_access global role_based_access 0
-config_get enabled global enabled 0
-
-configure_sulu "${enable_system_credentials}" "${role_based_access}" 0
-update_nginx_config "${enabled}"
-generate_sulu_conn_config "${role_based_access}"