bastosmichael · September 19, 2023 17:57
diff --git a/setup_kong_docker.sh b/setup_kong_docker.sh
 #!/bin/bash

 # Generate a self-signed certificate
 openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=localhost"

 # Read the contents of the certificate and private key into environment variables
 CA_CERT=$(cat cert.pem)
 CA_KEY=$(cat key.pem)

 # Cleanup the generated certificate and key files from the local file system
 rm -f cert.pem key.pem

 # Create Docker network
 docker network create kong-net

 # Run a PostgreSQL container with a specified superuser password
 docker run -d --name kong-database \
               --network=kong-net \
               -p 5432:5432 \
               -e "POSTGRES_USER=kong" \
               -e "POSTGRES_DB=kong" \
               -e "POSTGRES_PASSWORD=supersecurepassword" \
               postgres:latest

 # Give the database a moment to initialize
 sleep 20

 # Prepare the Kong database
 docker run --rm \
   --network=kong-net \
   -e "KONG_DATABASE=postgres" \
   -e "KONG_PG_HOST=kong-database" \
   -e "KONG_PG_USER=kong" \
   -e "KONG_PG_DATABASE=kong" \
   -e "KONG_PG_PASSWORD=supersecurepassword" \
   kong:latest kong migrations bootstrap

 # Run the Kong container
 docker run -d --name kong \
  --network=kong-net \
  -e "KONG_DATABASE=postgres" \
  -e "KONG_PG_HOST=kong-database" \
  -e "KONG_PG_USER=kong" \
  -e "KONG_PG_DATABASE=kong" \
  -e "KONG_PG_PASSWORD=supersecurepassword" \
  -e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
  -e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
  -e "KONG_PROXY_ERROR_LOG=/dev/stdout" \
  -e "KONG_ADMIN_ERROR_LOG=/dev/stdout" \
  -e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
  -p 8000:8000 \
  -p 8443:8443 \
  -p 8001:8001 \
  -p 8444:8444 \
  kong:latest

 # Allow Kong to start up
 sleep 10

 # Add the self-signed certificate to Kong using temporary files for cert and key
 echo "$CA_CERT" > temp_cert.pem
 echo "$CA_KEY" > temp_key.pem
 curl -i -X POST --url http://localhost:8001/certificates/ \
  --form "cert=@temp_cert.pem" \
  --form "key=@temp_key.pem"
 rm temp_key.pem

 # Add the CA certificate to Kong's ca_certificates endpoint
 echo "$CA_CERT" > temp_ca_cert.pem
 curl -i -X POST --url http://localhost:8001/ca_certificates/ \
  --form "cert=@temp_ca_cert.pem"
 rm temp_ca_cert.pem

 # Setup a mock backend API using httpbin
 docker run -d --name httpbin --network=kong-net kennethreitz/httpbin

 # Verify if the certificate was added
 curl -i -X GET --url http://localhost:8001/ca_certificates/

 # Verify if the certificate was added
 curl -i -X GET --url http://localhost:8001/certificates/

 echo "Kong is setup with a Postgres database and httpbin as a mock backend. You can access it via http://localhost:8000/httpbin"
	#!/bin/bash

	# Generate a self-signed certificate
	openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj "/CN=localhost"

	# Read the contents of the certificate and private key into environment variables
	CA_CERT=$(cat cert.pem)
	CA_KEY=$(cat key.pem)

	# Cleanup the generated certificate and key files from the local file system
	rm -f cert.pem key.pem

	# Create Docker network
	docker network create kong-net

	# Run a PostgreSQL container with a specified superuser password
	docker run -d --name kong-database \
	--network=kong-net \
	-p 5432:5432 \
	-e "POSTGRES_USER=kong" \
	-e "POSTGRES_DB=kong" \
	-e "POSTGRES_PASSWORD=supersecurepassword" \
	postgres:latest

	# Give the database a moment to initialize
	sleep 20

	# Prepare the Kong database
	docker run --rm \
	--network=kong-net \
	-e "KONG_DATABASE=postgres" \
	-e "KONG_PG_HOST=kong-database" \
	-e "KONG_PG_USER=kong" \
	-e "KONG_PG_DATABASE=kong" \
	-e "KONG_PG_PASSWORD=supersecurepassword" \
	kong:latest kong migrations bootstrap

	# Run the Kong container
	docker run -d --name kong \
	--network=kong-net \
	-e "KONG_DATABASE=postgres" \
	-e "KONG_PG_HOST=kong-database" \
	-e "KONG_PG_USER=kong" \
	-e "KONG_PG_DATABASE=kong" \
	-e "KONG_PG_PASSWORD=supersecurepassword" \
	-e "KONG_PROXY_ACCESS_LOG=/dev/stdout" \
	-e "KONG_ADMIN_ACCESS_LOG=/dev/stdout" \
	-e "KONG_PROXY_ERROR_LOG=/dev/stdout" \
	-e "KONG_ADMIN_ERROR_LOG=/dev/stdout" \
	-e "KONG_ADMIN_LISTEN=0.0.0.0:8001, 0.0.0.0:8444 ssl" \
	-p 8000:8000 \
	-p 8443:8443 \
	-p 8001:8001 \
	-p 8444:8444 \
	kong:latest

	# Allow Kong to start up
	sleep 10

	# Add the self-signed certificate to Kong using temporary files for cert and key
	echo "$CA_CERT" > temp_cert.pem
	echo "$CA_KEY" > temp_key.pem
	curl -i -X POST --url http://localhost:8001/certificates/ \
	--form "cert=@temp_cert.pem" \
	--form "key=@temp_key.pem"
	rm temp_key.pem

	# Add the CA certificate to Kong's ca_certificates endpoint
	echo "$CA_CERT" > temp_ca_cert.pem
	curl -i -X POST --url http://localhost:8001/ca_certificates/ \
	--form "cert=@temp_ca_cert.pem"
	rm temp_ca_cert.pem

	# Setup a mock backend API using httpbin
	docker run -d --name httpbin --network=kong-net kennethreitz/httpbin

	# Verify if the certificate was added
	curl -i -X GET --url http://localhost:8001/ca_certificates/

	# Verify if the certificate was added
	curl -i -X GET --url http://localhost:8001/certificates/

	echo "Kong is setup with a Postgres database and httpbin as a mock backend. You can access it via http://localhost:8000/httpbin"