diff --git a/apploader/conf/app.yml b/apploader/conf/app.yml index ddf5a3a..0aff50e 100644 --- a/apploader/conf/app.yml +++ b/apploader/conf/app.yml @@ -14,10 +14,10 @@ csvAssistants: type: job entrypoint: /bin/bash env: - ifName: ens3 - ifIp: 10.10.11.237 - ifNetmask: 255.255.255.0 - ifGateway: 10.10.11.254 + IF_NAME: ens3 + IF_IP: 10.10.11.237 + IF_NETMASK: 255.255.255.0 + IF_GATEWAY: 10.10.11.254 args: ["/workplace/csv-agent/csvassistants/network-tool/network-config.sh"] - name: keyProvider type: job diff --git a/cvmassistants/disktool/encryptedDisk.sh b/cvmassistants/disktool/encryptedDisk.sh index a18d965..d2bf120 100644 --- a/cvmassistants/disktool/encryptedDisk.sh +++ b/cvmassistants/disktool/encryptedDisk.sh @@ -5,7 +5,7 @@ # # This script partitions, formats, and mounts disk devices. Supports both # encrypted (LUKS) and unencrypted disks. Environment variables control behavior: -# `mount_path` (mount point), `disk` (device name), `keyType` (only wrapkey supported), +# `MOUNT_PATH` (mount point), `DISK` (device name), `KEY_TYPE` (only wrapkey supported), # and `wrapkey` (encryption key). # # Requirements: @@ -113,22 +113,22 @@ mount_device() { log_info "Starting encrypted disk configuration..." # Check required environment variables -[[ -z "$mount_path" ]] && log_fatal "Mount directory is null" -[[ -z "$disk" ]] && log_fatal "Disk dev name is null" +[[ -z "$MOUNT_PATH" ]] && log_fatal "Mount directory is null" +[[ -z "$DISK" ]] && log_fatal "Disk dev name is null" # Handle only encrypted disk case -[ "$keyType" != "wrapkey" ] && log_fatal "keyType $keyType is not supported" +[ "$KEY_TYPE" != "wrapkey" ] && log_fatal "KEY_TYPE $KEY_TYPE is not supported" log_info "Handling encrypted disk case" [[ -z "$wrapkey" ]] && log_fatal "wrapkey is null" -if [ ! -d "$mount_path" ]; then - log_info "Mount directory $mount_path does not exist" - mkdir -p "$mount_path" && log_info "Created mount directory $mount_path" +if [ ! -d "$MOUNT_PATH" ]; then + log_info "Mount directory $MOUNT_PATH does not exist" + mkdir -p "$MOUNT_PATH" && log_info "Created mount directory $MOUNT_PATH" else - umount "$mount_path" 2>/dev/null && log_info "Unmounted $mount_path" + umount "$MOUNT_PATH" 2>/dev/null && log_info "Unmounted $MOUNT_PATH" fi -diskpath="/dev/$disk" # /dev/vda +diskpath="/dev/$DISK" # /dev/vda part_disk="" mappername="${disk}" @@ -145,6 +145,6 @@ echo "$wrapkey" | cryptsetup open --key-file=- "$part_disk" "$mappername" log_info "cryptsetup open --key-file=- "$part_disk" "$mappername": success" # Mount the device -mount_device "$device_to_mount" "$mount_path" && log_info "Mounted $device_to_mount to $mount_path" +mount_device "$device_to_mount" "$MOUNT_PATH" && log_info "Mounted $device_to_mount to $MOUNT_PATH" log_info "Encrypted disk configuration completed." diff --git a/cvmassistants/disktool/readme.md b/cvmassistants/disktool/readme.md index 0157e77..bf097f9 100644 --- a/cvmassistants/disktool/readme.md +++ b/cvmassistants/disktool/readme.md @@ -4,5 +4,5 @@ All existing data on the partition will be **permanently lost**. Specifically: -- The disk is defined via the `disk` environment variable (e.g., `vda`). +- The disk is defined via the `DISK` environment variable (e.g., `vda`). - The partition affected is the **first partition** of that disk \ No newline at end of file diff --git a/cvmassistants/firewall/setfirewall.sh b/cvmassistants/firewall/setfirewall.sh index bff7ada..20555ba 100644 --- a/cvmassistants/firewall/setfirewall.sh +++ b/cvmassistants/firewall/setfirewall.sh @@ -4,7 +4,7 @@ # Description: Configure UFW firewall rules on Ubuntu systems (e.g., TDX environment) # # This script enables UFW and allows ports defined in the environment variable -# `allowPorts`. Supports single ports and port ranges (e.g., "22,80,3000:3010"). +# `ALLOW_PORTS`. Supports single ports and port ranges (e.g., "22,80,3000:3010"). # # Requirements: # - Must be run as root @@ -51,11 +51,11 @@ fi log_info "UFW enabled." # Get ports from environment variable -if [ -z "${allowPorts}" ]; then - log_info "No ports specified (allowPorts is empty). Skipping rule creation." +if [ -z "${ALLOW_PORTS}" ]; then + log_info "No ports specified (ALLOW_PORTS is empty). Skipping rule creation." else - log_info "Allowing ports: ${allowPorts}" - IFS=',' read -ra PORT_ARRAY <<< "${allowPorts}" + log_info "Allowing ports: ${ALLOW_PORTS}" + IFS=',' read -ra PORT_ARRAY <<< "${ALLOW_PORTS}" for port in "${PORT_ARRAY[@]}"; do port="$(echo "$port" | xargs)" # trim spaces diff --git a/cvmassistants/network-tool/network-config.sh b/cvmassistants/network-tool/network-config.sh index cf533ba..5429ee7 100644 --- a/cvmassistants/network-tool/network-config.sh +++ b/cvmassistants/network-tool/network-config.sh @@ -12,10 +12,10 @@ # - Must run on Ubuntu OS (TDX Trusted Domain Environment) # # Environment Variables Required: -# - ifName: Network interface name (e.g., eth0) -# - ifIp: IP address to assign to the interface -# - ifNetmask: Network subnet mask -# - ifGateway: Gateway IP address +# - IF_NAME: Network interface name (e.g., eth0) +# - IF_IP: IP address to assign to the interface +# - IF_NETMASK: Network subnet mask +# - IF_GATEWAY: Gateway IP address # ############################################################################### @@ -27,20 +27,20 @@ function configureNetwork() { fi # Check if all required environment variables are set - if [ -z "${ifName}" ] || [ -z "${ifIp}" ] || [ -z "${ifNetmask}" ] || [ -z "${ifGateway}" ]; then + if [ -z "${IF_NAME}" ] || [ -z "${IF_IP}" ] || [ -z "${IF_NETMASK}" ] || [ -z "${IF_GATEWAY}" ]; then echo "Error: Missing required environment variables." - echo "Required variables: ifName, ifIp, ifNetmask, ifGateway" + echo "Required variables: IF_NAME, IF_IP, IF_NETMASK, IF_GATEWAY" exit 1 fi echo "nameserver 8.8.8.8" > /etc/resolv.conf cat>/etc/network/interfaces<