2017-11-28 20:00:32 -05:00
#!/bin/sh -e
# Licensed to the Apache Software Foundation (ASF) under one or more
# contributor license agreements. See the NOTICE file distributed with
# this work for additional information regarding copyright ownership.
# The ASF licenses this file to You under the Apache License, Version 2.0
# (the "License"); you may not use this file except in compliance with
# the License. You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
2017-11-28 20:00:32 -05:00
scripts_dir = '/opt/nifi/scripts'
[ -f " ${ scripts_dir } /common.sh " ] && . " ${ scripts_dir } /common.sh "
2017-11-28 20:00:32 -05:00
2019-01-31 16:35:36 -05:00
# Override JVM memory settings
if [ ! -z " ${ NIFI_JVM_HEAP_INIT } " ] ; then
prop_replace 'java.arg.2' " -Xms ${ NIFI_JVM_HEAP_INIT } " ${ nifi_bootstrap_file }
fi
if [ ! -z " ${ NIFI_JVM_HEAP_MAX } " ] ; then
prop_replace 'java.arg.3' " -Xmx ${ NIFI_JVM_HEAP_MAX } " ${ nifi_bootstrap_file }
fi
2019-02-21 20:39:16 -05:00
if [ ! -z " ${ NIFI_JVM_DEBUGGER } " ] ; then
uncomment "java.arg.debug" ${ nifi_bootstrap_file }
fi
2017-11-28 20:00:32 -05:00
# Establish baseline properties
2021-05-11 13:18:08 -04:00
prop_replace 'nifi.web.https.port' " ${ NIFI_WEB_HTTPS_PORT :- 8443 } "
prop_replace 'nifi.web.https.host' " ${ NIFI_WEB_HTTPS_HOST :- $HOSTNAME } "
2021-07-16 16:53:53 -04:00
prop_replace 'nifi.web.proxy.host' " ${ NIFI_WEB_PROXY_HOST } "
2018-01-28 13:23:58 -05:00
prop_replace 'nifi.remote.input.host' " ${ NIFI_REMOTE_INPUT_HOST :- $HOSTNAME } "
prop_replace 'nifi.remote.input.socket.port' " ${ NIFI_REMOTE_INPUT_SOCKET_PORT :- 10000 } "
2021-05-11 13:18:08 -04:00
prop_replace 'nifi.remote.input.secure' 'true'
prop_replace 'nifi.cluster.protocol.is.secure' 'true'
2017-11-28 20:00:32 -05:00
2018-07-27 08:53:39 -04:00
# Set nifi-toolkit properties files and baseUrl
" ${ scripts_dir } /toolkit.sh "
2021-05-11 13:18:08 -04:00
prop_replace 'baseUrl' " https:// ${ NIFI_WEB_HTTPS_HOST :- $HOSTNAME } : ${ NIFI_WEB_HTTPS_PORT :- 8443 } " ${ nifi_toolkit_props_file }
2021-06-23 12:42:44 -04:00
prop_replace 'keystore' " ${ NIFI_HOME } /conf/keystore.p12 " ${ nifi_toolkit_props_file }
prop_replace 'keystoreType' "PKCS12" ${ nifi_toolkit_props_file }
prop_replace 'truststore' " ${ NIFI_HOME } /conf/truststore.p12 " ${ nifi_toolkit_props_file }
prop_replace 'truststoreType' "PKCS12" ${ nifi_toolkit_props_file }
2021-05-11 13:18:08 -04:00
if [ -n " ${ NIFI_WEB_HTTP_PORT } " ] ; then
prop_replace 'nifi.web.https.port' ''
prop_replace 'nifi.web.https.host' ''
prop_replace 'nifi.web.http.port' " ${ NIFI_WEB_HTTP_PORT } "
prop_replace 'nifi.web.http.host' " ${ NIFI_WEB_HTTP_HOST :- $HOSTNAME } "
prop_replace 'nifi.remote.input.secure' 'false'
prop_replace 'nifi.cluster.protocol.is.secure' 'false'
prop_replace 'nifi.security.keystore' ''
prop_replace 'nifi.security.keystoreType' ''
prop_replace 'nifi.security.truststore' ''
prop_replace 'nifi.security.truststoreType' ''
prop_replace 'nifi.security.user.login.identity.provider' ''
2021-06-23 12:42:44 -04:00
prop_replace 'keystore' '' ${ nifi_toolkit_props_file }
prop_replace 'keystoreType' '' ${ nifi_toolkit_props_file }
prop_replace 'truststore' '' ${ nifi_toolkit_props_file }
prop_replace 'truststoreType' '' ${ nifi_toolkit_props_file }
2021-05-11 13:18:08 -04:00
prop_replace 'baseUrl' " http:// ${ NIFI_WEB_HTTP_HOST :- $HOSTNAME } : ${ NIFI_WEB_HTTP_PORT } " ${ nifi_toolkit_props_file }
2021-07-16 16:53:53 -04:00
if [ -n " ${ NIFI_WEB_PROXY_HOST } " ] ; then
echo 'NIFI_WEB_PROXY_HOST was set but NiFi is not configured to run in a secure mode. Unsetting nifi.web.proxy.host.'
prop_replace 'nifi.web.proxy.host' ''
fi
else
if [ -z " ${ NIFI_WEB_PROXY_HOST } " ] ; then
echo 'NIFI_WEB_PROXY_HOST was not set but NiFi is configured to run in a secure mode. The NiFi UI may be inaccessible if using port mapping or connecting through a proxy.'
fi
2021-05-11 13:18:08 -04:00
fi
2018-07-27 08:53:39 -04:00
2018-06-29 20:48:08 -04:00
prop_replace 'nifi.cluster.is.node' " ${ NIFI_CLUSTER_IS_NODE :- false } "
prop_replace 'nifi.cluster.node.address' " ${ NIFI_CLUSTER_ADDRESS :- $HOSTNAME } "
prop_replace 'nifi.cluster.node.protocol.port' " ${ NIFI_CLUSTER_NODE_PROTOCOL_PORT :- } "
prop_replace 'nifi.cluster.node.protocol.max.threads' " ${ NIFI_CLUSTER_NODE_PROTOCOL_MAX_THREADS :- 50 } "
prop_replace 'nifi.zookeeper.connect.string' " ${ NIFI_ZK_CONNECT_STRING :- } "
prop_replace 'nifi.zookeeper.root.node' " ${ NIFI_ZK_ROOT_NODE :- /nifi } "
prop_replace 'nifi.cluster.flow.election.max.wait.time' " ${ NIFI_ELECTION_MAX_WAIT :- 5 mins } "
prop_replace 'nifi.cluster.flow.election.max.candidates' " ${ NIFI_ELECTION_MAX_CANDIDATES :- } "
2018-10-29 13:29:28 -04:00
prop_replace 'nifi.web.proxy.context.path' " ${ NIFI_WEB_PROXY_CONTEXT_PATH :- } "
2018-06-29 20:48:08 -04:00
2023-03-07 14:14:24 -05:00
# Set leader election and state management properties
prop_replace 'nifi.cluster.leader.election.implementation' " ${ NIFI_LEADER_ELECTION_IMPLEMENTATION :- CuratorLeaderElectionManager } "
prop_replace 'nifi.state.management.provider.cluster' " ${ NIFI_STATE_MANAGEMENT_CLUSTER_PROVIDER :- zk -provider } "
2020-04-13 09:02:05 -04:00
# Set analytics properties
prop_replace 'nifi.analytics.predict.enabled' " ${ NIFI_ANALYTICS_PREDICT_ENABLED :- false } "
prop_replace 'nifi.analytics.predict.interval' " ${ NIFI_ANALYTICS_PREDICT_INTERVAL :- 3 mins } "
prop_replace 'nifi.analytics.query.interval' " ${ NIFI_ANALYTICS_QUERY_INTERVAL :- 5 mins } "
prop_replace 'nifi.analytics.connection.model.implementation' " ${ NIFI_ANALYTICS_MODEL_IMPLEMENTATION :- org .apache.nifi.controller.status.analytics.models.OrdinaryLeastSquares } "
prop_replace 'nifi.analytics.connection.model.score.name' " ${ NIFI_ANALYTICS_MODEL_SCORE_NAME :- rSquared } "
prop_replace 'nifi.analytics.connection.model.score.threshold' " ${ NIFI_ANALYTICS_MODEL_SCORE_THRESHOLD :- .90 } "
2023-01-13 11:34:44 -05:00
# Add NAR provider properties
# nifi-registry NAR provider
if [ -n " ${ NIFI_NAR_LIBRARY_PROVIDER_NIFI_REGISTRY_URL } " ] ; then
prop_add_or_replace 'nifi.nar.library.provider.nifi-registry.implementation' 'org.apache.nifi.registry.extension.NiFiRegistryExternalResourceProvider'
prop_add_or_replace 'nifi.nar.library.provider.nifi-registry.url' " ${ NIFI_NAR_LIBRARY_PROVIDER_NIFI_REGISTRY_URL } "
fi
2021-07-23 09:02:33 -04:00
if [ -n " ${ NIFI_SENSITIVE_PROPS_KEY } " ] ; then
prop_replace 'nifi.sensitive.props.key' " ${ NIFI_SENSITIVE_PROPS_KEY } "
fi
2021-06-04 12:07:42 -04:00
2021-06-23 12:42:44 -04:00
if [ -n " ${ SINGLE_USER_CREDENTIALS_USERNAME } " ] && [ -n " ${ SINGLE_USER_CREDENTIALS_PASSWORD } " ] ; then
${ NIFI_HOME } /bin/nifi.sh set-single-user-credentials " ${ SINGLE_USER_CREDENTIALS_USERNAME } " " ${ SINGLE_USER_CREDENTIALS_PASSWORD } "
fi
2018-06-29 20:48:08 -04:00
. " ${ scripts_dir } /update_cluster_state_management.sh "
2018-07-02 05:57:59 -04:00
2017-11-28 20:00:32 -05:00
# Check if we are secured or unsecured
case ${ AUTH } in
tls)
echo 'Enabling Two-Way SSL user authentication'
2017-11-28 20:00:32 -05:00
. " ${ scripts_dir } /secure.sh "
; ;
ldap)
echo 'Enabling LDAP user authentication'
# Reference ldap-provider in properties
2021-05-11 13:18:08 -04:00
export NIFI_SECURITY_USER_LOGIN_IDENTITY_PROVIDER = "ldap-provider"
2017-11-28 20:00:32 -05:00
. " ${ scripts_dir } /secure.sh "
. " ${ scripts_dir } /update_login_providers.sh "
2017-11-28 20:00:32 -05:00
; ;
2022-11-10 22:06:46 -05:00
oidc)
echo 'Enabling OIDC user authentication'
. " ${ scripts_dir } /secure.sh "
. " ${ scripts_dir } /update_oidc_properties.sh "
; ;
2017-11-28 20:00:32 -05:00
esac
2021-07-16 16:53:53 -04:00
# Continuously provide logs so that 'docker logs' can produce them
2017-11-28 20:00:32 -05:00
" ${ NIFI_HOME } /bin/nifi.sh " run &
2017-11-28 20:00:32 -05:00
nifi_pid = " $! "
2020-04-04 08:50:24 -04:00
tail -F --pid= ${ nifi_pid } " ${ NIFI_HOME } /logs/nifi-app.log " &
2017-11-28 20:00:32 -05:00
2020-04-04 08:50:24 -04:00
trap 'echo Received trapped signal, beginning shutdown...;./bin/nifi.sh stop;exit 0;' TERM HUP INT;
trap ":" EXIT
2017-11-28 20:00:32 -05:00
echo NiFi running with PID ${ nifi_pid } .
2018-06-29 20:48:08 -04:00
wait ${ nifi_pid }