From 6a47728945b70f5d7b3bed0eb5d7bcc4e856e894 Mon Sep 17 00:00:00 2001 From: casjay Date: Wed, 22 Oct 2025 08:14:09 -0400 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20Update=20configuration=20files?= =?UTF-8?q?=20=F0=9F=94=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Dockerfile .env.scripts rootfs/tmp/etc/privoxy/config rootfs/tmp/etc/unbound/unbound.conf rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh --- .env.scripts | 2 +- Dockerfile | 6 +- rootfs/tmp/etc/privoxy/config | 8 + rootfs/tmp/etc/unbound/unbound.conf | 3 +- .../local/etc/docker/init.d/01-tor-bridge.sh | 558 +++++++++--------- 5 files changed, 293 insertions(+), 284 deletions(-) diff --git a/.env.scripts b/.env.scripts index c7c1d00..1f9b140 100644 --- a/.env.scripts +++ b/.env.scripts @@ -56,5 +56,5 @@ DEFAULT_DATA_DIR="/usr/local/share/template-files/data" DEFAULT_CONF_DIR="/usr/local/share/template-files/config" DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -ENV_PACKAGES="tor torsocks nginx php84" +ENV_PACKAGES="tor torsocks lyrebird privoxy unbound nginx php\$PHP_VERSION" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Dockerfile b/Dockerfile index 357510f..3203dfe 100644 --- a/Dockerfile +++ b/Dockerfile @@ -54,7 +54,7 @@ ARG PHP_SERVER ARG SHELL_OPTS ARG PATH -ARG PACK_LIST="tor torsocks nginx php84 " +ARG PACK_LIST="tor torsocks lyrebird privoxy unbound nginx php$PHP_VERSION" ENV ENV=~/.profile ENV SHELL="/bin/sh" @@ -136,7 +136,7 @@ RUN echo "Updating system files "; \ RUN echo "Custom Settings"; \ $SHELL_OPTS; \ -echo "" + echo "" RUN echo "Setting up users and scripts "; \ $SHELL_OPTS; \ @@ -153,7 +153,7 @@ RUN echo "Setting OS Settings "; \ RUN echo "Custom Applications"; \ $SHELL_OPTS; \ -echo "" + echo "" RUN echo "Running custom commands"; \ if [ -f "/root/docker/setup/05-custom.sh" ];then echo "Running the custom script";/root/docker/setup/05-custom.sh||{ echo "Failed to execute /root/docker/setup/05-custom.sh" && exit 10; };echo "Done running the custom script";fi; \ diff --git a/rootfs/tmp/etc/privoxy/config b/rootfs/tmp/etc/privoxy/config index fa80309..20d2992 100644 --- a/rootfs/tmp/etc/privoxy/config +++ b/rootfs/tmp/etc/privoxy/config @@ -1,5 +1,13 @@ +# Route all traffic through Tor with remote DNS forward-socks5t / 127.0.0.1:9050 . +# Listen on all interfaces listen-address 0.0.0.0:8118 +# limits max-client-connections 9999999 listen-backlog 8192 +# Security hardening +toggle 1 +enable-remote-toggle 0 +enable-edit-actions 0 +accept-intercepted-requests 0 trust-x-forwarded-for 1 diff --git a/rootfs/tmp/etc/unbound/unbound.conf b/rootfs/tmp/etc/unbound/unbound.conf index a3da9f8..bc6a29b 100644 --- a/rootfs/tmp/etc/unbound/unbound.conf +++ b/rootfs/tmp/etc/unbound/unbound.conf @@ -16,7 +16,8 @@ server: forward-zone: name: "onion" forward-addr: 127.0.0.1@8053 + forward-zone: name: "." - forward-addr: 148.135.52.175 + forward-addr: 82.29.128.145 forward-addr: 1.1.1.1 diff --git a/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh b/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh index 4bffe0d..688e7d9 100755 --- a/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh +++ b/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh @@ -38,19 +38,19 @@ SCRIPT_NAME="$(basename -- "$SCRIPT_FILE" 2>/dev/null)" # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # exit if __start_init_scripts function hasn't been Initialized if [ ! -f "/run/__start_init_scripts.pid" ]; then - echo "__start_init_scripts function hasn't been Initialized" >&2 - SERVICE_IS_RUNNING="no" - exit 1 + echo "__start_init_scripts function hasn't been Initialized" >&2 + SERVICE_IS_RUNNING="no" + exit 1 fi # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # import the functions file if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then - . "/usr/local/etc/docker/functions/entrypoint.sh" + . "/usr/local/etc/docker/functions/entrypoint.sh" fi # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # import variables for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" + [ -f "$set_env" ] && . "$set_env" done # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - printf '%s\n' "# - - - Initializing $SERVICE_NAME - - - #" @@ -179,69 +179,69 @@ RANDOM_NICK="$(head -n50 '/dev/random' | tr -dc 'a-zA-Z' | tr -d '[:space:]\042\ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Custom commands to run before copying to /config __run_precopy() { - # Define environment - local hostname=${HOSTNAME} - # Define actions/commands + # Define environment + local hostname=${HOSTNAME} + # Define actions/commands - # allow custom functions - if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi + # allow custom functions + if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Custom prerun functions - IE setup WWW_ROOT_DIR __execute_prerun() { - # Define environment - local hostname=${HOSTNAME} - # Define actions/commands + # Define environment + local hostname=${HOSTNAME} + # Define actions/commands - # allow custom functions - if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi + # allow custom functions + if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Run any pre-execution checks __run_pre_execute_checks() { - # Set variables - local exitStatus=0 - local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start - local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion - __banner "$pre_execute_checks_MessageST" - # Put command to execute in parentheses - { - true - } - exitStatus=$? - __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" + # Set variables + local exitStatus=0 + local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start + local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion + __banner "$pre_execute_checks_MessageST" + # Put command to execute in parentheses + { + true + } + exitStatus=$? + __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" - # show exit message - if [ $exitStatus -ne 0 ]; then - echo "The pre-execution check has failed" >&2 - [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" - exit 1 - fi - # allow custom functions - if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi - # exit function - return $exitStatus + # show exit message + if [ $exitStatus -ne 0 ]; then + echo "The pre-execution check has failed" >&2 + [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" + exit 1 + fi + # allow custom functions + if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi + # exit function + return $exitStatus } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # use this function to update config files - IE: change port __update_conf_files() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # delete files - __rm "$CONF_DIR/bridge.conf" + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # delete files + __rm "$CONF_DIR/bridge.conf" - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # custom commands - chmod 600 $RUN_DIR - chown -Rf ${SERVICE_USER:-$RUNAS_USER}:${SERVICE_GROUP:-$RUNAS_USER} $RUN_DIR - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # replace variables + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # custom commands + chmod 600 $RUN_DIR + chown -Rf ${SERVICE_USER:-$RUNAS_USER}:${SERVICE_GROUP:-$RUNAS_USER} $RUN_DIR + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # replace variables - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions - mkdir -p "$CONF_DIR/conf.d" - cat <>"$CONF_DIR/bridge.conf" + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions + mkdir -p "$CONF_DIR/conf.d" + cat <>"$CONF_DIR/bridge.conf" ##### Bridge RunAsDaemon 0 HardwareAccel 1 @@ -293,91 +293,91 @@ ExitPolicy accept *:* %include $CONF_DIR/conf.d/*.conf EOF - [ -f "$CONF_DIR/conf.d/default.conf" ] || touch "$CONF_DIR/conf.d/default.conf" - if [ "$TOR_DEBUG" = "yes" ]; then - sed -i 's|#Log debug|Log debug|g' "$CONF_DIR/bridge.conf" - fi - # allow custom functions - if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi - # exit function - return $exitCode + [ -f "$CONF_DIR/conf.d/default.conf" ] || touch "$CONF_DIR/conf.d/default.conf" + if [ "$TOR_DEBUG" = "yes" ]; then + sed -i 's|#Log debug|Log debug|g' "$CONF_DIR/bridge.conf" + fi + # allow custom functions + if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi + # exit function + return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # function to run before executing __pre_execute() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute if directories is empty - # __is_dir_empty "$CONF_DIR" && true - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions to run after copying to /config + local exitCode=0 # default exit code + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute if directories is empty + # __is_dir_empty "$CONF_DIR" && true + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # define actions to run after copying to /config - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # unset unneeded variables - unset sysname - # Lets wait a few seconds before continuing - sleep 5 - # allow custom functions - if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi - # exit function - return $exitCode + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # unset unneeded variables + unset sysname + # Lets wait a few seconds before continuing + sleep 5 + # allow custom functions + if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi + # exit function + return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # function to run after executing __post_execute() { - local pid="" # init pid var - local retVal=0 # set default exit code - local ctime=${POST_EXECUTE_WAIT_TIME:-1} # how long to wait before executing - local waitTime=$((ctime * 60)) # convert minutes to seconds - local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start - local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion - # wait - sleep $waitTime - # execute commands after waiting - ( - # show message - __banner "$postMessageST" - # commands to execute - sleep 5 - # show exit message - __banner "$postMessageEnd: Status $retVal" - ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & - pid=$! - ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 - # allow custom functions - if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi - # exit function - return $retVal + local pid="" # init pid var + local retVal=0 # set default exit code + local ctime=${POST_EXECUTE_WAIT_TIME:-1} # how long to wait before executing + local waitTime=$((ctime * 60)) # convert minutes to seconds + local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start + local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion + # wait + sleep $waitTime + # execute commands after waiting + ( + # show message + __banner "$postMessageST" + # commands to execute + sleep 5 + # show exit message + __banner "$postMessageEnd: Status $retVal" + ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & + pid=$! + ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 + # allow custom functions + if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi + # exit function + return $retVal } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # use this function to update config files - IE: change port __pre_message() { - local exitCode=0 - [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" - # execute commands + local exitCode=0 + [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" + # execute commands - # allow custom functions - if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi - # exit function - return $exitCode + # allow custom functions + if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi + # exit function + return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # use this function to setup ssl support __update_ssl_conf() { - local exitCode=0 - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute commands + local exitCode=0 + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + # execute commands - # allow custom functions - if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi - # set exitCode - return $exitCode + # allow custom functions + if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi + # set exitCode + return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __create_service_env() { - local exitCode=0 - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then - cat </dev/null + local exitCode=0 + if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then + cat </dev/null # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # root/admin user info [password/random] #ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$TOR_ROOT_USER_NAME}" # root user name @@ -392,84 +392,84 @@ __create_service_env() { #user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password EOF - fi - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" ]; then - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_precopy_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __execute_prerun_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_pre_execute_checks_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_conf_files_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __post_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_message_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_ssl_conf_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - fi - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) - return $exitCode + fi + if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" ]; then + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __run_precopy_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __execute_prerun_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __run_pre_execute_checks_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __update_conf_files_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __pre_execute_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __post_execute_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __pre_message_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + __update_ssl_conf_local() { true; } + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + fi + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) + __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) + return $exitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # script to start server __run_start_script() { - local runExitCode=0 - local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables - local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables - local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables - local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables - local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables - local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables - local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables - local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables - local path="$(eval echo "$PATH")" # expand variables - local message="$(eval echo "")" # expand variables - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" - # - if [ -z "$cmd" ]; then - __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" - retVal=$? - echo "Initializing $SCRIPT_NAME has completed" - exit $retVal - else - # ensure the command exists - if [ ! -x "$cmd" ]; then - echo "$name is not a valid executable" - return 2 - fi - # check and exit if already running - if __proc_check "$name" || __proc_check "$cmd"; then - echo "$name is already running" >&2 - return 0 - else - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # show message if env exists - if [ -n "$cmd" ]; then - [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" - [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" - fi - if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then - export cmd_exec="$pre $cmd $args" - message="Starting service: $name $args through $pre" - else - export cmd_exec="$cmd $args" - message="Starting service: $name $args" - fi - [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" - echo "$message" | tee -a -p "/data/logs/init.txt" - su_cmd touch "$SERVICE_PID_FILE" - if [ "$RESET_ENV" = "yes" ]; then - env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" - execute_command="$(__trim "$su_exec $env_command $cmd_exec")" - if [ ! -f "$START_SCRIPT" ]; then - cat <"$START_SCRIPT" + local runExitCode=0 + local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables + local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables + local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables + local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables + local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables + local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables + local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables + local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables + local path="$(eval echo "$PATH")" # expand variables + local message="$(eval echo "")" # expand variables + local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname + [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" + # + if [ -z "$cmd" ]; then + __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" + retVal=$? + echo "Initializing $SCRIPT_NAME has completed" + exit $retVal + else + # ensure the command exists + if [ ! -x "$cmd" ]; then + echo "$name is not a valid executable" + return 2 + fi + # check and exit if already running + if __proc_check "$name" || __proc_check "$cmd"; then + echo "$name is already running" >&2 + return 0 + else + # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + # show message if env exists + if [ -n "$cmd" ]; then + [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" + [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" + fi + if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then + export cmd_exec="$pre $cmd $args" + message="Starting service: $name $args through $pre" + else + export cmd_exec="$cmd $args" + message="Starting service: $name $args" + fi + [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" + echo "$message" | tee -a -p "/data/logs/init.txt" + su_cmd touch "$SERVICE_PID_FILE" + if [ "$RESET_ENV" = "yes" ]; then + env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" + execute_command="$(__trim "$su_exec $env_command $cmd_exec")" + if [ ! -f "$START_SCRIPT" ]; then + cat <"$START_SCRIPT" #!/usr/bin/env bash trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT # @@ -488,11 +488,11 @@ checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || fal exit \$retVal EOF - fi - else - if [ ! -f "$START_SCRIPT" ]; then - execute_command="$(__trim "$su_exec $cmd_exec")" - cat <"$START_SCRIPT" + fi + else + if [ ! -f "$START_SCRIPT" ]; then + execute_command="$(__trim "$su_exec $cmd_exec")" + cat <"$START_SCRIPT" #!/usr/bin/env bash trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT # @@ -511,36 +511,36 @@ checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || fal exit \$retVal EOF - fi - fi - fi - [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" - [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" - runExitCode=$? - fi - return $runExitCode + fi + fi + fi + [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" + [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" + runExitCode=$? + fi + return $runExitCode } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # username and password actions __run_secure_function() { - local filesperms - if [ -n "$user_name" ] || [ -n "$user_pass" ]; then - for filesperms in "${USER_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then - for filesperms in "${ROOT_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - unset filesperms + local filesperms + if [ -n "$user_name" ] || [ -n "$user_pass" ]; then + for filesperms in "${USER_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "/data/logs/init.txt" + fi + if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then + for filesperms in "${ROOT_FILE_PREFIX}"/*; do + if [ -e "$filesperms" ]; then + chmod -Rf 600 "$filesperms" + chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null + fi + done 2>/dev/null | tee -p -a "/data/logs/init.txt" + fi + unset filesperms } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Allow ENV_ variable - Import env file @@ -574,68 +574,68 @@ __check_service "$1" && SERVICE_IS_RUNNING=yes # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Database env if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then - RESET_ENV="no" - DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" - DATABASE_USER_NORMAL="${ENV_DATABASE_USER:-${DATABASE_USER_NORMAL:-$user_name}}" - DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" - DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" - DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" - if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then - echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" - fi - if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then - echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" - fi + RESET_ENV="no" + DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" + DATABASE_USER_NORMAL="${ENV_DATABASE_USER:-${DATABASE_USER_NORMAL:-$user_name}}" + DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" + DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" + DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" + if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then + echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" + fi + if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then + echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" + fi fi # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # [DATABASE_DIR_[SQLITE,REDIS,POSTGRES,MARIADB,COUCHDB,MONGODB,SUPABASE]] if [ "$DATABASE_SERVICE_TYPE" = "custom" ]; then - DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" + DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" + DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" elif [ "$SERVICE_NAME" = "redis" ] || [ "$DATABASE_SERVICE_TYPE" = "redis" ]; then - DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" + DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" + DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" elif [ "$SERVICE_NAME" = "postgres" ] || [ "$DATABASE_SERVICE_TYPE" = "postgres" ]; then - DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" + DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" + DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" elif [ "$SERVICE_NAME" = "mariadb" ] || [ "$DATABASE_SERVICE_TYPE" = "mariadb" ]; then - DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" + DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" + DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" elif [ "$SERVICE_NAME" = "mysql" ] || [ "$DATABASE_SERVICE_TYPE" = "mysql" ]; then - DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" + DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" + DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" elif [ "$SERVICE_NAME" = "couchdb" ] || [ "$DATABASE_SERVICE_TYPE" = "couchdb" ]; then - DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" + DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" + DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" elif [ "$SERVICE_NAME" = "mongodb" ] || [ "$DATABASE_SERVICE_TYPE" = "mongodb" ]; then - DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" + DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" + DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" elif [ "$SERVICE_NAME" = "supabase" ] || [ "$DATABASE_SERVICE_TYPE" = "supabase" ]; then - DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" + DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" + DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" elif [ "$SERVICE_NAME" = "sqlite" ] || [ "$DATABASE_SERVICE_TYPE" = "sqlite" ]; then - DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" - [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" - chmod 777 "$DATABASE_DIR" + DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" + DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" + DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" + [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" + [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" + chmod 777 "$DATABASE_DIR" fi [ -n "$DATABASE_ADMIN_WWW_ROOT" ] && { [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ] || mkdir -p "${DATABASE_ADMIN_WWW_ROOT}"; } # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - @@ -708,7 +708,7 @@ __run_precopy # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Copy /config to /etc for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do - __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "/data/logs/init.txt" + __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "/data/logs/init.txt" done # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # Replace variables @@ -732,15 +732,15 @@ __run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" " __run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" errorCode=$? if [ -n "$EXEC_CMD_BIN" ]; then - if [ "$errorCode" -eq 0 ]; then - SERVICE_EXIT_CODE=0 - SERVICE_IS_RUNNING="yes" - else - SERVICE_EXIT_CODE=$errorCode - SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" - [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" - fi - SERVICE_EXIT_CODE=0 + if [ "$errorCode" -eq 0 ]; then + SERVICE_EXIT_CODE=0 + SERVICE_IS_RUNNING="yes" + else + SERVICE_EXIT_CODE=$errorCode + SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" + [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" + fi + SERVICE_EXIT_CODE=0 fi # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # start the post execute function in background