musician: make it build and run, missing IDP binds

.env.example

@@ -6,10 +6,11 @@
 # MUSICIAN
 ####
 
-#MUSICIAN_SECRET_KEY='uncomment-it-and-fill-this'
+MUSICIAN_SECRET_KEY='changeme_v9&&N$Lt9t*5EGwm0w'
 # specially useful if you want to deploy in a specific domain
-#MUSICIAN_API_BASE_URL='https://orchestra.example.org'
-#MUSICIAN_ALLOWED_HOSTS='musician.example.org'
+MUSICIAN_API_BASE_URL='https://orchestra.example.org'
+MUSICIAN_ALLOWED_HOSTS='musician.example.org'
+DOMAIN='musician.example.org'
 
 # DEVICEHUB
 ####

docker-compose__pilot-pangea.yml

@@ -21,6 +21,7 @@ services:
       - SECRET_KEY=${MUSICIAN_SECRET_KEY:-publicsecretisnotsecureVtmKBfxpVV47PpBCF2Nzz2H6qnbd}
       - API_BASE_URL=${MUSICIAN_API_BASE_URL:-http://nginx-orchestra-api:3000}
       - ALLOWED_HOSTS=${MUSICIAN_ALLOWED_HOSTS:-*}
+      - DOMAIN=${MUSICIAN_DOMAIN}
     # TODO configure volumes
     #volumes:
     #  - .:/home

docker/musician.entrypoint.sh

@@ -1,21 +1,62 @@
 #!/bin/sh
 
 set -e
-set -u
-#set -x
+# TODO fix the env so configures it to idp, then uncomment this checker
+#set -u
+# DEBUG
+set -x
 
-# go to the same path as the script
-cd "$(dirname ${0})"
+# this function is similar to the client_id part of config_oidc (devicehub)
+oidc_config() {
+        # in DEVICEHUB_HOST we remove anything before ://
+        client_id_config="/shared/client_id_${SERVER_ID_HOST#*://}"
+        CLIENT_ID=
+        CLIENT_SECRET=
 
-cat > .env <<END
-SECRET_KEY=${SECRET_KEY}
-API_BASE_URL=${API_BASE_URL}
-ALLOWED_HOSTS=${ALLOWED_HOSTS:-.localhost,127.0.0.1}
-STATIC_ROOT=${STATIC_ROOT:-/static/}
-DEBUG=True
+        # wait that the file generated by the server_id is readable
+        while true; do
+                if [ -f "${client_id_config}" ]; then
+                        CLIENT_ID="$(cat "${client_id_config}" | jq -r '.client_id')"
+                        CLIENT_SECRET="$(cat "${client_id_config}" | jq -r '.client_secret')"
+                        if [ "${CLIENT_ID}" ] && [ "${CLIENT_SECRET}" ]; then
+                                break
+                        fi
+                fi
+                sleep 1
+        done
+}
+
+populate_env() {
+        cat > .env <<END
+SECRET_KEY="${SECRET_KEY}"
+API_BASE_URL="${API_BASE_URL}"
+ALLOWED_HOSTS="${ALLOWED_HOSTS:-.localhost,127.0.0.1}"
+STATIC_ROOT="${STATIC_ROOT:-/static/}"
+DEBUG="True"
+CLIENT_ID="${CLIENT_ID}"
+CLIENT_SECRET="${CLIENT_SECRET}"
+SERVER_ID_HOST="${SERVER_ID_HOST}"
+# path for goautentik idp (TODO)
+#OIDC_PROVIDER="${SERVER_ID_HOST}/application/o/authorize"
+# path for devicehub idp
+OIDC_PROVIDER="${SERVER_ID_HOST}/oauth/authorize"
 END
+}
+
+main() {
+        # go to the same path as the script
+        cd "$(dirname ${0})"
+
+        # TODO fix the env so configures it to idp, then uncomment this command:
+        #oidc_config
+
+        populate_env
+
+        # move the migrate thing in docker entrypoint
+        #   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
+        ./manage.py migrate
+        ./manage.py runserver 0.0.0.0:8080
+}
+
+main "${@}"
 
-# move the migrate thing in docker entrypoint
-#   inspired by https://medium.com/analytics-vidhya/django-with-docker-and-docker-compose-python-part-2-8415976470cc
-./manage.py migrate
-./manage.py runserver 0.0.0.0:8080