From 251539d40e89b3bc91dea14ed6afb311788962df Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Mon, 12 May 2025 13:24:37 -0600
Subject: refactor: mimic target deployment filesystem

---
 bin/envoy.sh | 33 +++++++++++++++++++++++++++++++++
 bin/init.sh  |  8 ++++++++
 2 files changed, 41 insertions(+)
 create mode 100755 bin/envoy.sh
 create mode 100755 bin/init.sh

(limited to 'bin')

diff --git a/bin/envoy.sh b/bin/envoy.sh
new file mode 100755
index 0000000..a123c62
--- /dev/null
+++ b/bin/envoy.sh
@@ -0,0 +1,33 @@
+#!/bin/sh
+set -e
+
+[ -n "$DEBUG" ] && set -x
+
+oidc_scheme=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $1}')
+oidc_host=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $4}')
+yaml=$(sed -e "s/OAUTH_CLIENT_ID/$OAUTH_CLIENT_ID/" /etc/envoy/envoy.yaml)
+yaml=$(echo "$yaml" | sed -e "s,https://example.com,$OIDC_ISSUER,")
+yaml=$(echo "$yaml" | sed -e "s/example.com/$oidc_host/")
+
+# For http://gdk.test:3000
+if [ "$oidc_scheme" = "http" ]; then
+  yaml=$(echo "$yaml" | sed -e '/transport_socket:/,+4d')
+  oidc_port=$(echo "$OIDC_ISSUER" | awk -F[/:] '{print $5}')
+  yaml=$(echo "$yaml" | sed -e "s/port_value: 443/port_value: $oidc_port/")
+fi
+
+# I need an adult with access to vault to set this
+if [ -z "$OAUTH_CLIENT_SECRET" ]; then
+  export OAUTH_CLIENT_SECRET="secret"
+fi
+
+# and this.
+if [ -z "$HMAC_SESSION_SECRET" ]; then
+  export HMAC_SESSION_SECRET="$OAUTH_CLIENT_SECRET"
+fi
+
+echo "[$(date "+%H:%M:%S")] ==> Starting…"
+envoy \
+  --config-yaml "$yaml" \
+  --log-level warn \
+  --component-log-level oauth2:trace
diff --git a/bin/init.sh b/bin/init.sh
new file mode 100755
index 0000000..105c85a
--- /dev/null
+++ b/bin/init.sh
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -e
+
+[ -n "$DEBUG" ] && set -x
+
+echo "[$(date "+%H:%M:%S")] ==> Starting…"
+/usr/local/bin/sparkled & /usr/local/bin/envoy.sh
-- 
cgit v1.2.3