casjaysdevdocker/tor
1
0
Fork 0
mirror of https://github.com/casjaysdevdocker/tor synced 2026-06-24 14:01:07 -04:00
Code Issues Actions Packages Projects Releases Wiki Activity

♻️ Migrate tor to /config/ source-of-truth architecture ♻️

Browse Source 
Migrate tor Docker image to the new build-time config architecture.
- rootfs/root/docker/setup/03-files.sh: rewrite to canonical form with /tmp/bin, /tmp/var, /tmp/etc, /tmp/usr handlers; remove template-files copy block
- rootfs/usr/local/etc/docker/functions/entrypoint.sh: update to latest template with __init_service_conf, __find_php_ini, __find_php_bin helpers
- rootfs/usr/local/etc/docker/init.d/*.sh: fix $(basename) UUOC → ${var##*/}; move inline comments above code lines; remove commented-out dead code
- rootfs/usr/local/share/template-files/: delete entire directory; config files now deployed via /tmp/etc/ at build time

rootfs/root/docker/setup/03-files.sh
rootfs/usr/local/etc/docker/functions/entrypoint.sh
rootfs/usr/local/etc/docker/init.d/01-tor-server.sh
rootfs/usr/local/etc/docker/init.d/04-tor-exit.sh
rootfs/usr/local/etc/docker/init.d/09-unbound.sh
rootfs/usr/local/etc/docker/init.d/98-privoxy.sh
rootfs/usr/local/etc/docker/init.d/zz-nginx.sh
rootfs/usr/local/share/template-files/config/env/default.sample
rootfs/usr/local/share/template-files/config/env/examples/00-directory.sh
rootfs/usr/local/share/template-files/config/env/examples/addresses.sh
rootfs/usr/local/share/template-files/config/env/examples/certbot.sh
rootfs/usr/local/share/template-files/config/env/examples/couchdb.sh
rootfs/usr/local/share/template-files/config/env/examples/dockerd.sh
rootfs/usr/local/share/template-files/config/env/examples/global.sh
rootfs/usr/local/share/template-files/config/env/examples/healthcheck.sh
rootfs/usr/local/share/template-files/config/env/examples/mariadb.sh
rootfs/usr/local/share/template-files/config/env/examples/mongodb.sh
rootfs/usr/local/share/template-files/config/env/examples/networking.sh
rootfs/usr/local/share/template-files/config/env/examples/other.sh
rootfs/usr/local/share/template-files/config/env/examples/php.sh
rootfs/usr/local/share/template-files/config/env/examples/postgres.sh
rootfs/usr/local/share/template-files/config/env/examples/redis.sh
rootfs/usr/local/share/template-files/config/env/examples/services.sh
rootfs/usr/local/share/template-files/config/env/examples/ssl.sh
rootfs/usr/local/share/template-files/config/env/examples/supabase.sh
rootfs/usr/local/share/template-files/config/env/examples/webservers.sh
rootfs/usr/local/share/template-files/config/env/examples/zz-entrypoint.sh
rootfs/usr/local/share/template-files/config/.gitkeep
rootfs/usr/local/share/template-files/data/.gitkeep
rootfs/usr/local/share/template-files/defaults/.gitkeep
This commit is contained in:
Jason Hempstead
2026-06-04 14:49:19 -04:00
parent f4df3572d5
commit c96a4c7996
30 changed files with 329 additions and 602 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rootfs/usr/local/etc/docker/functions/entrypoint.sh
+114 -145
View File
@@ -1,7 +1,7 @@
#!/usr/bin/env bash
# shellcheck shell=bash
# - - - - - - - - - - - - - - - - - - - - - - - - -
##@Version : 202605241245-git
##@Version : 202606041215-git
# @@Author : Jason Hempstead
# @@Contact : git-admin@casjaysdev.pro
# @@License : LICENSE.md
@@ -273,23 +273,54 @@ __service_banner() {
printf '# - - - %s %-*s %s - - - #\n' "$icon" "$text_width" "$full_message" "$icon"
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__find_php_bin() { find -L '/usr'/*bin -maxdepth 4 -name 'php-fpm*' 2>/dev/null | head -n1; }
__find_php_bin() {
command -v php-fpm &>/dev/null || command -v php &>/dev/null || return 0
find -L '/usr'/*bin -maxdepth 4 -name 'php-fpm*' 2>/dev/null | head -n1
}
__find_php_ini() {
command -v php &>/dev/null || return 0
local f
f=$(find -L '/etc' -maxdepth 4 -name 'php.ini' 2>/dev/null | head -n1)
[ -n "$f" ] && printf '%s\n' "${f%/php.ini}"
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__find_nginx_conf() { find -L '/etc' -maxdepth 4 -name 'nginx.conf' 2>/dev/null | head -n1; }
__find_caddy_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'caddy.conf' 2>/dev/null | head -n1; }
__find_lighttpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'lighttpd.conf' 2>/dev/null | head -n1; }
__find_cherokee_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'cherokee.conf' 2>/dev/null | head -n1; }
__find_httpd_conf() { find -L '/etc' -maxdepth 4 -type f -iname 'httpd.conf' -o -iname 'apache2.conf' 2>/dev/null | head -n1; }
__find_nginx_conf() {
command -v nginx &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -name 'nginx.conf' 2>/dev/null | head -n1
}
__find_caddy_conf() {
command -v caddy &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -type f -iname 'caddy.conf' 2>/dev/null | head -n1
}
__find_lighttpd_conf() {
command -v lighttpd &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -type f -iname 'lighttpd.conf' 2>/dev/null | head -n1
}
__find_cherokee_conf() {
command -v cherokee &>/dev/null || command -v cherokee-admin &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -type f -iname 'cherokee.conf' 2>/dev/null | head -n1
}
__find_httpd_conf() {
command -v httpd &>/dev/null || command -v apache2 &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -type f \( -iname 'httpd.conf' -o -iname 'apache2.conf' \) 2>/dev/null | head -n1
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__find_mysql_conf() { find -L '/etc' -maxdepth 4 -type f -name 'my.cnf' 2>/dev/null | head -n1; }
__find_pgsql_conf() { find -L '/var/lib' '/etc' -maxdepth 8 -type f -name 'postgresql.conf' 2>/dev/null | head -n1; }
__find_couchdb_conf() { return; }
__find_mongodb_conf() { return; }
__find_mysql_conf() {
command -v mysqld &>/dev/null || command -v mariadbd &>/dev/null || command -v mysql &>/dev/null || return 0
find -L '/etc' -maxdepth 4 -type f -name 'my.cnf' 2>/dev/null | head -n1
}
__find_pgsql_conf() {
command -v postgres &>/dev/null || command -v pg_ctl &>/dev/null || return 0
find -L '/var/lib' '/etc' -maxdepth 8 -type f -name 'postgresql.conf' 2>/dev/null | head -n1
}
__find_couchdb_conf() {
command -v couchdb &>/dev/null || return 0
find -L '/opt/couchdb/etc' '/etc/couchdb' -maxdepth 4 -type f \( -name 'local.ini' -o -name 'default.ini' \) 2>/dev/null | head -n1
}
__find_mongodb_conf() {
command -v mongod &>/dev/null || return 0
find -L '/etc/mongodb' '/etc' -maxdepth 4 -type f \( -name 'mongod.conf' -o -name 'mongodb.conf' \) 2>/dev/null | head -n1
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__random_password() { tr -dc '0-9a-zA-Z' < /dev/urandom | head -c${1:-16} && echo ""; }
# - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -426,70 +457,105 @@ __create_ssl_cert() {
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_apache() {
local etc_dir="" conf_dir="" conf_dir="" www_dir="" apache_bin=""
etc_dir="/etc/${1:-apache2}"
conf_dir="/config/${1:-apache2}"
www_dir="${WWW_ROOT_DIR:-/data/htdocs}"
apache_bin="$(type -P 'httpd' || type -P 'apache2')"
__init_service_conf() {
# Seed /config/$svc/ from build-time baked /etc sources on first container start.
# Copy only — no symlinks. Symlinking /etc back to /config/ is the service's own
# responsibility, done inside __update_conf_files in each init.d/*.sh script so
# each service controls its exact paths and variable substitution order.
#
# Usage: __init_service_conf <conf_dir> <primary_etc_dir> [extra_etc_path ...]
#
# primary_etc_dir directory → contents copied into conf_dir/ when conf_dir is empty
# extra_etc_path directory → copied into conf_dir/<name>/ when that subdir is empty
# extra_etc_path file → copied to conf_dir/<filename> when absent
local conf_dir="$1"
local primary_etc="$2"
shift 2
local src name
mkdir -p "$conf_dir"
if [ -d "$primary_etc" ] && __is_dir_empty "$conf_dir"; then
__copy_templates "$primary_etc/." "$conf_dir/"
fi
for src in "$@"; do
[ -e "$src" ] || continue
name="${src##*/}"
if [ -d "$src" ] && __is_dir_empty "$conf_dir/$name"; then
mkdir -p "$conf_dir/$name"
__copy_templates "$src/." "$conf_dir/$name/"
elif [ -f "$src" ] && [ ! -f "$conf_dir/$name" ]; then
cp -f "$src" "$conf_dir/$name"
fi
done
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_apache() {
command -v httpd &>/dev/null || command -v apache2 &>/dev/null || return 0
local svc="${1:-apache2}"
__init_service_conf "/config/$svc" "/etc/$svc"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_nginx() {
local etc_dir="/etc/${1:-nginx}"
local conf_dir="/config/${1:-nginx}"
local www_dir="${WWW_ROOT_DIR:-/data/htdocs}"
local nginx_bin="$(type -P 'nginx')"
command -v nginx &>/dev/null || return 0
local svc="${1:-nginx}"
__init_service_conf "/config/$svc" "/etc/$svc"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_php() {
local etc_dir="/etc/${1:-php}"
local conf_dir="/config/${1:-php}"
local php_bin="${PHP_BIN_DIR:-$(__find_php_bin)}"
command -v php &>/dev/null || return 0
local php_etc="${PHP_INI_DIR:-$(__find_php_ini)}"
__init_service_conf "/config/php" "${php_etc:-/etc/php}" \
"/etc/php.ini" "/etc/php-fpm" "/etc/php-fpm.conf"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_mysql() {
local db_dir="/data/db/mysql"
local etc_dir="${home:-/etc/${1:-mysql}}"
local db_user="${SERVICE_USER:-mysql}"
local conf_dir="/config/${1:-mysql}"
local user_name="${MARIADB_USER:-root}"
local user_pass="${MARIADB_PASSWORD:-$MARIADB_ROOT_PASSWORD}"
local user_db="${MARIADB_DATABASE}"
local root_pass="$MARIADB_ROOT_PASSWORD"
local mysqld_bin="$(type -P 'mysqld')"
command -v mysqld &>/dev/null || command -v mariadbd &>/dev/null || return 0
local svc="${1:-mysql}"
__init_service_conf "/config/$svc" "/etc/$svc" "/etc/my.ini" "/etc/my.cnf"
[ -d "${DATABASE_DIR:-/data/db/$svc}" ] || mkdir -p "${DATABASE_DIR:-/data/db/$svc}"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_mongodb() {
local home="${MONGODB_CONFIG_FILE:-$(__find_mongodb_conf)}"
local user_name="${INITDB_ROOT_USERNAME:-root}"
local user_pass="${MONGO_INITDB_ROOT_PASSWORD:-$_ROOT_PASSWORD}"
return
command -v mongod &>/dev/null || return 0
__init_service_conf "/config/mongodb" "/etc/mongodb" "/etc/mongod.conf"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_postgres() {
local home="${PGSQL_CONFIG_FILE:-$(__find_pgsql_conf)}"
local user_name="${POSTGRES_USER:-root}"
local user_pass="${POSTGRES_PASSWORD:-$POSTGRES_ROOT_PASSWORD}"
return
command -v postgres &>/dev/null || command -v pg_ctl &>/dev/null || return 0
local pg_etc
pg_etc="${PGSQL_CONFIG_FILE:+${PGSQL_CONFIG_FILE%/*}}"
[ -n "$pg_etc" ] || pg_etc="$(__find_pgsql_conf)"
[ -n "$pg_etc" ] && pg_etc="${pg_etc%/*}"
[ -n "$pg_etc" ] && __init_service_conf "/config/postgres" "$pg_etc"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__init_couchdb() {
local home="${COUCHDB_CONFIG_FILE:-$(__find_couchdb_conf)}"
local user_name="${COUCHDB_USER:-root}"
local user_pass="${COUCHDB_PASSWORD:-$SET_RANDOM_PASS}"
return
command -v couchdb &>/dev/null || return 0
__init_service_conf "/config/couchdb" "/etc/couchdb"
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Show available init functions
__init_help() {
echo '
__update_ssl_certs
__create_ssl_cert
Config seeding (copy /etc → /config, no symlinks):
__init_service_conf <conf_dir> <primary_etc_dir> [extra_etc_path ...]
__init_apache [svc] seeds /config/apache2 from /etc/apache2
__init_nginx [svc] seeds /config/nginx from /etc/nginx
__init_php seeds /config/php from /etc/php* + /etc/php.ini + /etc/php-fpm
__init_mysql [svc] seeds /config/mysql from /etc/mysql + /etc/my.{ini,cnf}
__init_mongodb seeds /config/mongodb from /etc/mongodb + /etc/mongod.conf
__init_postgres seeds /config/postgres from pg data dir
__init_couchdb seeds /config/couchdb from /etc/couchdb
SSL:
__update_ssl_certs
__create_ssl_cert
'
return
}
@@ -1299,100 +1365,6 @@ __initialize_custom_bin_dir() {
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__initialize_default_templates() {
local errors=0
if [ -n "$DEFAULT_TEMPLATE_DIR" ]; then
if [ "$CONFIG_DIR_INITIALIZED" = "no" ] && [ -d "/config" ]; then
__log_info "Copying default config files $DEFAULT_TEMPLATE_DIR > /config"
if [ ! -d "$DEFAULT_TEMPLATE_DIR" ]; then
__log_warn "Template directory not found: $DEFAULT_TEMPLATE_DIR"
return 0
fi
for create_config_template in "$DEFAULT_TEMPLATE_DIR"/*; do
if [ -e "$create_config_template" ]; then
create_template_name="${create_config_template##*/}"
if [ -d "$create_config_template" ]; then
mkdir -p "/config/$create_template_name/" || errors=$((errors + 1))
if __is_dir_empty "/config/$create_template_name"; then
if ! cp -Rf "$create_config_template/." "/config/$create_template_name/" 2>/dev/null; then
__log_warn "Failed to copy template directory: $create_template_name"
errors=$((errors + 1))
fi
fi
elif [ -f "$create_config_template" ]; then
if [ ! -e "/config/$create_template_name" ]; then
if ! cp -Rf "$create_config_template" "/config/$create_template_name" 2>/dev/null; then
__log_warn "Failed to copy template file: $create_template_name"
errors=$((errors + 1))
fi
fi
fi
fi
done
unset create_config_template create_template_name
__log_debug "Template initialization completed with $errors errors"
fi
fi
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__initialize_config_dir() {
local errors=0
if [ -n "$DEFAULT_CONF_DIR" ]; then
if [ "$CONFIG_DIR_INITIALIZED" = "no" ] && [ -d "/config" ]; then
__log_info "Copying custom config files: $DEFAULT_CONF_DIR > /config"
if [ ! -d "$DEFAULT_CONF_DIR" ]; then
__log_warn "Config directory not found: $DEFAULT_CONF_DIR"
return 0
fi
for create_config_template in "$DEFAULT_CONF_DIR"/*; do
if [ -e "$create_config_template" ]; then
create_config_name="${create_config_template##*/}"
if [ -d "$create_config_template" ]; then
mkdir -p "/config/$create_config_name" || errors=$((errors + 1))
if __is_dir_empty "/config/$create_config_name"; then
if ! cp -Rf "$create_config_template/." "/config/$create_config_name/" 2>/dev/null; then
__log_warn "Failed to copy config directory: $create_config_name"
errors=$((errors + 1))
fi
fi
elif [ -f "$create_config_template" ]; then
if [ ! -e "/config/$create_config_name" ]; then
if ! cp -Rf "$create_config_template" "/config/$create_config_name" 2>/dev/null; then
__log_warn "Failed to copy config file: $create_config_name"
errors=$((errors + 1))
fi
fi
fi
fi
done
unset create_config_template create_config_name
__log_debug "Config initialization completed with $errors errors"
fi
fi
return 0
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__initialize_data_dir() {
[ "$DATA_DIR_INITIALIZED" = "no" ] || return 0
if [ -d "/data" ]; then
if [ -n "$DEFAULT_DATA_DIR" ]; then
__log_info "Copying data files $DEFAULT_DATA_DIR > /data"
for create_data_template in "$DEFAULT_DATA_DIR"/*; do
create_data_name="${create_data_template##*/}"
if [ -n "$create_data_template" ]; then
if [ -d "$create_data_template" ]; then
mkdir -p "/data/$create_data_name"
__is_dir_empty "/data/$create_data_name" && cp -Rf "$create_data_template/." "/data/$create_data_name/" 2>/dev/null
elif [ -e "$create_data_template" ]; then
[ -e "/data/$create_data_name" ] || cp -Rf "$create_data_template" "/data/$create_data_name" 2>/dev/null
fi
fi
done
unset create_data_template
fi
fi
}
# - - - - - - - - - - - - - - - - - - - - - - - - -
__initialize_www_root() {
local WWW_INIT=""
@@ -1406,7 +1378,7 @@ __initialize_www_root() {
WWW_INIT="false"
fi
if [ "$WWW_INIT" = "true" ] && [ -d "$WWW_TEMPLATE" ]; then
cp -Rf "$DEFAULT_DATA_DIR/data/htdocs/." "$WWW_ROOT_DIR/" 2>/dev/null
cp -Rf "$WWW_TEMPLATE/." "$WWW_ROOT_DIR/" 2>/dev/null
fi
__initialize_web_health "$WWW_ROOT_DIR"
}
@@ -1586,9 +1558,6 @@ export SSL_CA="${SSL_CA:-/config/ssl/ca.crt}"
export SSL_KEY="${SSL_KEY:-/config/ssl/localhost.pem}"
export SSL_CERT="${SSL_CERT:-/config/ssl/localhost.crt}"
export LOCAL_BIN_DIR="${LOCAL_BIN_DIR:-/usr/local/bin}"
export DEFAULT_DATA_DIR="${DEFAULT_DATA_DIR:-/usr/local/share/template-files/data}"
export DEFAULT_CONF_DIR="${DEFAULT_CONF_DIR:-/usr/local/share/template-files/config}"
export DEFAULT_TEMPLATE_DIR="${DEFAULT_TEMPLATE_DIR:-/usr/local/share/template-files/defaults}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Backup settings
export BACKUP_MAX_DAYS="${BACKUP_MAX_DAYS:-}"
rootfs/usr/local/etc/docker/init.d/01-tor-server.sh
+1 -1
View File
@@ -513,7 +513,7 @@ __post_execute() {
[ -f "$WWW_ROOT_DIR/hostnames.html" ] && rm -f "$WWW_ROOT_DIR/hostnames.html"
for host in "$TOR_HIDDEN_SERVICE_DIR"/*/hostname; do
d="$(dirname -- $host)"
name="$(basename "$d")"
name="${d##*/}"
url="$(<"$host")"
site="$(echo "$url" | sed 's|\.onion$||g')"
echo "$name: $url"
rootfs/usr/local/etc/docker/init.d/04-tor-exit.sh
+66 -33
View File
@@ -395,39 +395,72 @@ RelayBandwidthBurst 192 KB
AccountingStart month 1 00:00
# Blocks mail, BitTorrent, and other high-abuse protocols
ExitPolicy reject *:25 # SMTP
ExitPolicy reject *:119 # NNTP
ExitPolicy reject *:135-139 # NetBIOS
ExitPolicy reject *:445 # SMB
ExitPolicy reject *:465 # SMTPS
ExitPolicy reject *:563 # NNTP over TLS
ExitPolicy reject *:587 # Submission
ExitPolicy reject *:1214 # Kazaa
ExitPolicy reject *:4661-4666 # eMule
ExitPolicy reject *:6346-6429 # Gnutella
ExitPolicy reject *:6699 # WinMX
ExitPolicy reject *:6881-6999 # BitTorrent
ExitPolicy accept *:20-21 # FTP
ExitPolicy accept *:22 # SSH
ExitPolicy accept *:43 # WHOIS
ExitPolicy accept *:53 # DNS
ExitPolicy accept *:80 # HTTP
ExitPolicy accept *:110 # POP3
ExitPolicy accept *:143 # IMAP
ExitPolicy accept *:220 # IMAP3
ExitPolicy accept *:443 # HTTPS
ExitPolicy accept *:873 # rsync
ExitPolicy accept *:989-995 # FTPS, Netnews, IMAP/POP3 over TLS
ExitPolicy accept *:1293 # IPsec
ExitPolicy accept *:3690 # SVN
ExitPolicy accept *:4321 # RWHOIS
ExitPolicy accept *:5222-5223 # XMPP, Jabber
ExitPolicy accept *:8008 # HTTP
ExitPolicy accept *:8080 # HTTP Proxies
ExitPolicy accept *:8443 # HTTPS alt
ExitPolicy accept *:8888 # HTTP alt
ExitPolicy accept *:9418 # Git
ExitPolicy reject *:* # Reject everything else
# SMTP
ExitPolicy reject *:25
# NNTP
ExitPolicy reject *:119
# NetBIOS
ExitPolicy reject *:135-139
# SMB
ExitPolicy reject *:445
# SMTPS
ExitPolicy reject *:465
# NNTP over TLS
ExitPolicy reject *:563
# Submission
ExitPolicy reject *:587
# Kazaa
ExitPolicy reject *:1214
# eMule
ExitPolicy reject *:4661-4666
# Gnutella
ExitPolicy reject *:6346-6429
# WinMX
ExitPolicy reject *:6699
# BitTorrent
ExitPolicy reject *:6881-6999
# FTP
ExitPolicy accept *:20-21
# SSH
ExitPolicy accept *:22
# WHOIS
ExitPolicy accept *:43
# DNS
ExitPolicy accept *:53
# HTTP
ExitPolicy accept *:80
# POP3
ExitPolicy accept *:110
# IMAP
ExitPolicy accept *:143
# IMAP3
ExitPolicy accept *:220
# HTTPS
ExitPolicy accept *:443
# rsync
ExitPolicy accept *:873
# FTPS, Netnews, IMAP/POP3 over TLS
ExitPolicy accept *:989-995
# IPsec
ExitPolicy accept *:1293
# SVN
ExitPolicy accept *:3690
# RWHOIS
ExitPolicy accept *:4321
# XMPP, Jabber
ExitPolicy accept *:5222-5223
# HTTP
ExitPolicy accept *:8008
# HTTP Proxies
ExitPolicy accept *:8080
# HTTPS alt
ExitPolicy accept *:8443
# HTTP alt
ExitPolicy accept *:8888
# Git
ExitPolicy accept *:9418
# Reject everything else
ExitPolicy reject *:*
# DNS Configuration
DNSPort 5353
rootfs/usr/local/etc/docker/init.d/09-unbound.sh
+36 -18
View File
@@ -126,8 +126,10 @@ RESET_ENV="no"
WWW_ROOT_DIR="/usr/local/share/httpd/default"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data/unbound" # set data directory
CONF_DIR="/config/unbound" # set config directory
# set data directory
DATA_DIR="/data/unbound"
# set config directory
CONF_DIR="/config/unbound"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/unbound"
@@ -135,9 +137,12 @@ ETC_DIR="/etc/unbound"
# set the var dir
VAR_DIR=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
TMP_DIR="/tmp/unbound" # set the temp dir
RUN_DIR="/run/unbound" # set scripts pid dir
LOG_DIR="/data/logs/unbound" # set log directory
# set the temp dir
TMP_DIR="/tmp/unbound"
# set scripts pid dir
RUN_DIR="/run/unbound"
# set log directory
LOG_DIR="/data/logs/unbound"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR=""
@@ -150,21 +155,28 @@ SERVICE_PORT="9053"
RUNAS_USER="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# User and group in which the service switches to - IE: nginx,apache,mysql,postgres
SERVICE_USER="root" # execute command as another user
SERVICE_GROUP="root" # Set the service group
# execute command as another user
SERVICE_USER="root"
# Set the service group
SERVICE_GROUP="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set password length
RANDOM_PASS_USER=""
RANDOM_PASS_ROOT=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set user and group ID
SERVICE_UID="0" # set the user id
SERVICE_GID="0" # set the group id
# set the user id
SERVICE_UID="0"
# set the group id
SERVICE_GID="0"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables - keep single quotes variables will be expanded later
EXEC_CMD_BIN='unbound' # command to execute
EXEC_CMD_ARGS='-d -c $CONF_DIR/unbound.conf ' # command arguments
EXEC_PRE_SCRIPT='unbound-checkconfig -f $CONF_DIR/unbound.conf' # execute script before
# command to execute
EXEC_CMD_BIN='unbound'
# command arguments
EXEC_CMD_ARGS='-d -c $CONF_DIR/unbound.conf '
# execute script before
EXEC_PRE_SCRIPT='unbound-checkconfig -f $CONF_DIR/unbound.conf'
# Set to 'no' for configuration services (no daemon process), leave blank for actual services
SERVICE_USES_PID=''
# - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -190,16 +202,22 @@ POST_EXECUTE_WAIT_TIME="1"
PATH="$PATH:."
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# directory to save username/password for root user
ROOT_FILE_PREFIX="/config/secure/auth/root"
# directory to save username/password for normal user
USER_FILE_PREFIX="/config/secure/auth/user"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${UNBOUND_ROOT_USER_NAME:-}" # root user name
root_user_pass="${UNBOUND_ROOT_PASS_WORD:-}" # root user password
# root user name
root_user_name="${UNBOUND_ROOT_USER_NAME:-}"
# root user password
root_user_pass="${UNBOUND_ROOT_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${UNBOUND_USER_NAME:-}" # normal user name
user_pass="${UNBOUND_USER_PASS_WORD:-}" # normal user password
# normal user name
user_name="${UNBOUND_USER_NAME:-}"
# normal user password
user_pass="${UNBOUND_USER_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Load variables from config
# Generated by my dockermgr script
rootfs/usr/local/etc/docker/init.d/98-privoxy.sh
+36 -18
View File
@@ -126,8 +126,10 @@ RESET_ENV="yes"
WWW_ROOT_DIR="/usr/local/share/httpd/default"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data/privoxy" # set data directory
CONF_DIR="/config/privoxy" # set config directory
# set data directory
DATA_DIR="/data/privoxy"
# set config directory
CONF_DIR="/config/privoxy"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/privoxy"
@@ -135,9 +137,12 @@ ETC_DIR="/etc/privoxy"
# set the var dir
VAR_DIR=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
TMP_DIR="/tmp/privoxy" # set the temp dir
RUN_DIR="/run/privoxy" # set scripts pid dir
LOG_DIR="/data/logs/privoxy" # set log directory
# set the temp dir
TMP_DIR="/tmp/privoxy"
# set scripts pid dir
RUN_DIR="/run/privoxy"
# set log directory
LOG_DIR="/data/logs/privoxy"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR=""
@@ -150,21 +155,28 @@ SERVICE_PORT="8118"
RUNAS_USER="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# User and group in which the service switches to - IE: nginx,apache,mysql,postgres
SERVICE_USER="root" # execute command as another user
SERVICE_GROUP="root" # Set the service group
# execute command as another user
SERVICE_USER="root"
# Set the service group
SERVICE_GROUP="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set password length
RANDOM_PASS_USER=""
RANDOM_PASS_ROOT=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set user and group ID
SERVICE_UID="0" # set the user id
SERVICE_GID="0" # set the group id
# set the user id
SERVICE_UID="0"
# set the group id
SERVICE_GID="0"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables - keep single quotes variables will be expanded later
EXEC_CMD_BIN='privoxy' # command to execute
EXEC_CMD_ARGS='--no-daemon $ETC_DIR/config' # command arguments
EXEC_PRE_SCRIPT='' # execute script before
# command to execute
EXEC_CMD_BIN='privoxy'
# command arguments
EXEC_CMD_ARGS='--no-daemon $ETC_DIR/config'
# execute script before
EXEC_PRE_SCRIPT=''
# Set to 'no' for configuration services (no daemon process), leave blank for actual services
SERVICE_USES_PID=''
# - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -190,16 +202,22 @@ POST_EXECUTE_WAIT_TIME="1"
PATH="$PATH:."
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# directory to save username/password for root user
ROOT_FILE_PREFIX="/config/secure/auth/root"
# directory to save username/password for normal user
USER_FILE_PREFIX="/config/secure/auth/user"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${PRIVOXY_ROOT_USER_NAME:-}" # root user name
root_user_pass="${PRIVOXY_ROOT_PASS_WORD:-}" # root user password
# root user name
root_user_name="${PRIVOXY_ROOT_USER_NAME:-}"
# root user password
root_user_pass="${PRIVOXY_ROOT_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${PRIVOXY_USER_NAME:-}" # normal user name
user_pass="${PRIVOXY_USER_PASS_WORD:-}" # normal user password
# normal user name
user_name="${PRIVOXY_USER_NAME:-}"
# normal user password
user_pass="${PRIVOXY_USER_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Load variables from config
# Generated by my dockermgr script
rootfs/usr/local/etc/docker/init.d/zz-nginx.sh
+45 -23
View File
@@ -126,8 +126,10 @@ RESET_ENV="no"
WWW_ROOT_DIR="/data/htdocs/www"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Default predefined variables
DATA_DIR="/data/nginx" # set data directory
CONF_DIR="/config/nginx" # set config directory
# set data directory
DATA_DIR="/data/nginx"
# set config directory
CONF_DIR="/config/nginx"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# set the containers etc directory
ETC_DIR="/etc/nginx"
@@ -135,9 +137,12 @@ ETC_DIR="/etc/nginx"
# set the var dir
VAR_DIR=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
TMP_DIR="/tmp/nginx" # set the temp dir
RUN_DIR="/run/nginx" # set scripts pid dir
LOG_DIR="/data/logs/nginx" # set log directory
# set the temp dir
TMP_DIR="/tmp/nginx"
# set scripts pid dir
RUN_DIR="/run/nginx"
# set log directory
LOG_DIR="/data/logs/nginx"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set the working dir
WORK_DIR=""
@@ -150,21 +155,28 @@ SERVICE_PORT="80"
RUNAS_USER="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# User and group in which the service switches to - IE: nginx,apache,mysql,postgres
SERVICE_USER="root" # execute command as another user
SERVICE_GROUP="root" # Set the service group
# execute command as another user
SERVICE_USER="root"
# Set the service group
SERVICE_GROUP="root"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set password length
RANDOM_PASS_USER=""
RANDOM_PASS_ROOT=""
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Set user and group ID
SERVICE_UID="0" # set the user id
SERVICE_GID="0" # set the group id
# set the user id
SERVICE_UID="0"
# set the group id
SERVICE_GID="0"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# execute command variables - keep single quotes variables will be expanded later
EXEC_CMD_BIN='nginx' # command to execute
EXEC_CMD_ARGS='-c $ETC_DIR/nginx.conf' # command arguments
EXEC_PRE_SCRIPT='' # execute script before
# command to execute
EXEC_CMD_BIN='nginx'
# command arguments
EXEC_CMD_ARGS='-c $ETC_DIR/nginx.conf'
# execute script before
EXEC_PRE_SCRIPT=''
# Set to 'no' for configuration services (no daemon process), leave blank for actual services
SERVICE_USES_PID=''
# - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -190,16 +202,22 @@ POST_EXECUTE_WAIT_TIME="1"
PATH="$PATH:."
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Where to save passwords to
ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user
USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user
# directory to save username/password for root user
ROOT_FILE_PREFIX="/config/secure/auth/root"
# directory to save username/password for normal user
USER_FILE_PREFIX="/config/secure/auth/user"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# root/admin user info password/random]
root_user_name="${NGINX_ROOT_USER_NAME:-}" # root user name
root_user_pass="${NGINX_ROOT_PASS_WORD:-}" # root user password
# root user name
root_user_name="${NGINX_ROOT_USER_NAME:-}"
# root user password
root_user_pass="${NGINX_ROOT_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Normal user info [password/random]
user_name="${NGINX_USER_NAME:-}" # normal user name
user_pass="${NGINX_USER_PASS_WORD:-}" # normal user password
# normal user name
user_name="${NGINX_USER_NAME:-}"
# normal user password
user_pass="${NGINX_USER_PASS_WORD:-}"
# - - - - - - - - - - - - - - - - - - - - - - - - -
# Load variables from config
# Generated by my dockermgr script
@@ -307,8 +325,10 @@ __run_pre_execute_checks() {
# - - - - - - - - - - - - - - - - - - - - - - - - -
# use this function to update config files - IE: change port
__update_conf_files() {
local exitCode=0 # default exit code
local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname
# default exit code
local exitCode=0
# set hostname
local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}"
local default_host="$DEFAULT_ONION_SITE"
local NEW_SITE="no"
# - - - - - - - - - - - - - - - - - - - - - - - - -
@@ -337,7 +357,7 @@ __update_conf_files() {
echo "No onion sites found in /run/tor/sites" >&2
else
for site in "/run/tor/sites"/*; do
onion_site="$(basename -- $site)"
onion_site="${site##*/}"
__onion_site_dir_is_empty "$onion_site" && NEW_SITE="yes" || NEW_SITE="no"
[ -d "/data/htdocs/onions/$onion_site" ] || mkdir -p "/data/htdocs/onions/$onion_site"
if [ "$default_host" = "$onion_site" ]; then
@@ -386,8 +406,10 @@ __update_conf_files() {
# - - - - - - - - - - - - - - - - - - - - - - - - -
# function to run before executing
__pre_execute() {
local exitCode=0 # default exit code
local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname
# default exit code
local exitCode=0
# set hostname
local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}"
# execute if directories is empty
# __is_dir_empty "$CONF_DIR" && true
# - - - - - - - - - - - - - - - - - - - - - - - - -