@@ -220,6 +220,23 @@ data:
220220 echo $message >> /tmp/script.log
221221 }
222222
223+ ###############################################################
224+ # Function to get the current host protocol
225+ # $1: The host name
226+ # $2: The port number (default 8001)
227+ ###############################################################
228+ get_current_host_protocol() {
229+ local hostname port protocol resp_code
230+ hostname="${1:-localhost}"
231+ port="${2:-8001}"
232+ protocol="http"
233+ resp_code=$(curl -s -o /dev/null -w '%{http_code}' http://$hostname:$port)
234+ if [[ $resp_code -eq 403 ]]; then
235+ protocol="https"
236+ fi
237+ echo $protocol
238+ }
239+
223240 ###############################################################
224241 # Env Setup of MarkLogic
225242 ###############################################################
@@ -336,9 +353,10 @@ data:
336353 if [ -z "${timestamp}" ]; then
337354 info "${host} - not responding yet"
338355 sleep 5s
339- wait_until_marklogic_ready $host
356+ wait_until_marklogic_ready $host
357+ return 0
340358 else
341- info "${host} - responding, calling init "
359+ info "${host} - responding with $timestamp "
342360 out="/tmp/${host}.out"
343361
344362 response_code=$( \
@@ -537,15 +555,23 @@ data:
537555 # return
538556 ################################################################
539557 function configure_group {
558+ local LOCAL_HTTP_PROTOCOL LOCAL_HTTPS_OPTION
559+ LOCAL_HTTP_PROTOCOL="http"
560+ LOCAL_HTTPS_OPTION=""
561+ protocol=$(get_current_host_protocol $MARKLOGIC_BOOTSTRAP_HOST)
562+ if [[ $protocol == "https" ]]; then
563+ LOCAL_HTTP_PROTOCOL="https"
564+ LOCAL_HTTPS_OPTION="-k"
565+ fi
540566 log "configuring group"
541567 if [[ "$IS_BOOTSTRAP_HOST" == "true" ]]; then
542568 group_cfg_template='{"group-name":"%s", "xdqp-ssl-enabled":"%s"}'
543569 group_cfg=$(printf "$group_cfg_template" "$MARKLOGIC_GROUP" "$XDQP_SSL_ENABLED")
544570
545571 # check if host is already in and get the current cluster
546- curl_retry_validate false "http ://${MARKLOGIC_BOOTSTRAP_HOST}:8002/manage/v2/hosts/${HOST_FQDN}/properties?format=xml" 200 \
572+ curl_retry_validate false "$LOCAL_HTTP_PROTOCOL ://${MARKLOGIC_BOOTSTRAP_HOST}:8002/manage/v2/hosts/${HOST_FQDN}/properties?format=xml" 200 \
547573 "--anyauth" "--user" "${MARKLOGIC_ADMIN_USERNAME}:${MARKLOGIC_ADMIN_PASSWORD}" \
548- "-o" "/tmp/marklogic/groups.out"
574+ "-o" "/tmp/marklogic/groups.out" $LOCAL_HTTPS_OPTION
549575
550576 response_code=$?
551577 if [ "${response_code}" = "200" ]; then
@@ -558,15 +584,14 @@ data:
558584 info "current_group: $current_group"
559585 info "group_cfg: $group_cfg"
560586
561- # curl retry doesn't work in the lower version
562587 response_code=$( \
563588 curl -s --anyauth \
564589 --user ${MARKLOGIC_ADMIN_USERNAME}:${MARKLOGIC_ADMIN_PASSWORD} \
565590 -w '%{http_code}' \
566591 -X PUT \
567592 -H "Content-type: application/json" \
568- -d "${group_cfg}" \
569- http ://${MARKLOGIC_BOOTSTRAP_HOST}:8002/manage/v2/groups/${current_group}/properties \
593+ $LOCAL_HTTPS_OPTION -d "${group_cfg}" \
594+ $LOCAL_HTTP_PROTOCOL ://${MARKLOGIC_BOOTSTRAP_HOST}:8002/manage/v2/groups/${current_group}/properties \
570595 )
571596
572597 info "response_code: $response_code"
@@ -607,6 +632,16 @@ data:
607632 }
608633
609634 function configure_tls {
635+ local protocol
636+ if [[ "$IS_BOOTSTRAP_HOST" == "true" ]] && [[ $MARKLOGIC_CLUSTER_TYPE == "bootstrap" ]]; then
637+ protocol=$(get_current_host_protocol)
638+ log "Info: Current host protocol: $protocol"
639+ if [[ $protocol == "https" ]]; then
640+ log "Info: MarkLogic server has already configured HTTPS for bootstrap host."
641+ return 0
642+ fi
643+ fi
644+
610645 info "Configuring TLS for App Servers"
611646
612647 AUTH_CURL="curl --anyauth --user $MARKLOGIC_ADMIN_USERNAME:$MARKLOGIC_ADMIN_PASSWORD -m 20 -s "
@@ -638,7 +673,7 @@ data:
638673 }
639674 EOF
640675
641- if [[ $POD_NAME == *-0 ]] && [[ $MARKLOGIC_CLUSTER_TYPE == "bootstrap" ]]; then
676+ if [[ "$IS_BOOTSTRAP_HOST" == "true" ]] && [[ $MARKLOGIC_CLUSTER_TYPE == "bootstrap" ]]; then
642677 log "Info: creating default certificate Template"
643678 response=$($AUTH_CURL -X POST --header "Content-Type:application/json" -d @defaultCertificateTemplate.json http://localhost:8002/manage/v2/certificate-templates)
644679 sleep 5s
@@ -707,7 +742,7 @@ data:
707742
708743 log "Info: inserting following certificates for $cert_path for $MARKLOGIC_CLUSTER_TYPE"
709744
710- if [[ $POD_NAME == *-0 ]]; then
745+ if [[ "$IS_BOOTSTRAP_HOST" == "true" ]]; then
711746 res=$($AUTH_CURL -X POST --header "Content-Type:application/json" -d @insert_cert_payload.json http://localhost:8002/manage/v2/certificate-templates/defaultTemplate 2>&1)
712747 else
713748 res=$($AUTH_CURL -k -X POST --header "Content-Type:application/json" -d @insert_cert_payload.json https://localhost:8002/manage/v2/certificate-templates/defaultTemplate 2>&1)
@@ -716,7 +751,7 @@ data:
716751 sleep 5s
717752 fi
718753
719- if [[ $POD_NAME == *-0 ]]; then
754+ if [[ "$IS_BOOTSTRAP_HOST" == "true" ]]; then
720755 if [[ $MARKLOGIC_CLUSTER_TYPE == "bootstrap" ]]; then
721756 log "Info: Generating Temporary CA Certificate"
722757 $AUTH_CURL -X POST -i -d @generateCA.xqy \
@@ -774,7 +809,7 @@ data:
774809 sleep 5s
775810
776811 # Authentication configuration when path based is used
777- if [[ $POD_NAME == *-0 ]] && [[ $PATH_BASED_ROUTING == "true" ]]; then
812+ if [[ "$IS_BOOTSTRAP_HOST" == "true" ]] && [[ $PATH_BASED_ROUTING == "true" ]]; then
778813 log "Info: path based routing is set. Adapting authentication method"
779814 resp=$(curl --anyauth -w "%{http_code}" --user $MARKLOGIC_ADMIN_USERNAME:$MARKLOGIC_ADMIN_PASSWORD -m 20 -s -X PUT -H "Content-type: application/json" -d '{"authentication":"basic"}' http://localhost:8002/manage/v2/servers/Admin/properties?group-id=${MARKLOGIC_GROUP})
780815 log "Info: Admin-Servers response code: $resp"
0 commit comments