structured-proxy 2.2.1

Universal gRPC→REST transcoding proxy — config-driven, works with any gRPC service
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27

#!/bin/sh
set -e

# Debian/Ubuntu does not auto-process /usr/lib/sysusers.d on package install
# (unlike Fedora). Create the system user explicitly so the config file can be
# owned by it.
if ! getent passwd structured-proxy >/dev/null; then
    adduser --system --group --no-create-home \
            --home /nonexistent \
            --shell /usr/sbin/nologin \
            --gecos "structured-proxy transcoding proxy" \
            structured-proxy >/dev/null
fi

# Lock down the config: readable by the service user, not world-readable (it
# may reference key/JWKS paths or a Redis URL with credentials). Do not mask
# failures (set -e is in effect): if ownership can't be set the service would
# not be able to read its config, so the install must fail loudly rather than
# report success with an unreadable config.
if [ -f /etc/structured-proxy/config.yaml ]; then
    chown root:structured-proxy /etc/structured-proxy/config.yaml
    chmod 0640 /etc/structured-proxy/config.yaml
fi

#DEBHELPER#

exit 0