From fa00ad19b9a9015acf4292f2bbcbf966b1d87074 Mon Sep 17 00:00:00 2001 From: casjay Date: Sun, 23 Nov 2025 08:15:36 -0500 Subject: [PATCH] =?UTF-8?q?=F0=9F=94=A7=20Update=20configuration=20files?= =?UTF-8?q?=20=F0=9F=94=A7?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Dockerfile .env.scripts rootfs/root/docker/setup/03-files.sh rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh rootfs/usr/local/etc/docker/init.d/02-tor-relay.sh rootfs/usr/local/etc/docker/init.d/03-tor-server.sh --- .env.scripts | 4 +- Dockerfile | 4 +- rootfs/root/docker/setup/03-files.sh | 2 +- .../local/etc/docker/init.d/01-tor-bridge.sh | 781 ---------------- .../local/etc/docker/init.d/02-tor-relay.sh | 784 ---------------- .../local/etc/docker/init.d/03-tor-server.sh | 847 ------------------ 6 files changed, 5 insertions(+), 2417 deletions(-) delete mode 100755 rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh delete mode 100755 rootfs/usr/local/etc/docker/init.d/02-tor-relay.sh delete mode 100755 rootfs/usr/local/etc/docker/init.d/03-tor-server.sh diff --git a/.env.scripts b/.env.scripts index 39724f2..ddc7e45 100644 --- a/.env.scripts +++ b/.env.scripts @@ -59,7 +59,7 @@ ENV_DISTRO_TAG="${IMAGE_VERSION}" # - - - - - - - - - - - - - - - - - - - - - - - - - # Env SERVICE_PORT="80" -EXPOSE_PORTS="8118 9050 9053 9080 9053/udp" +EXPOSE_PORTS="8118 9050 9053 9080 9053/udp 57000-57007" # - - - - - - - - - - - - - - - - - - - - - - - - - # Versions PHP_VERSION="84" @@ -73,7 +73,7 @@ DEFAULT_DATA_DIR="/usr/local/share/template-files/data" DEFAULT_CONF_DIR="/usr/local/share/template-files/config" DEFAULT_TEMPLATE_DIR="/usr/local/share/template-files/defaults" # - - - - - - - - - - - - - - - - - - - - - - - - - -ENV_PACKAGES='tor torsocks lyrebird privoxy unbound nginx php$PHP_VERSION' +ENV_PACKAGES='bc tor torsocks lyrebird privoxy unbound nginx php$PHP_VERSION' # - - - - - - - - - - - - - - - - - - - - - - - - - # ex: ts=2 sw=2 et filetype=sh # - - - - - - - - - - - - - - - - - - - - - - - - - diff --git a/Dockerfile b/Dockerfile index 3477371..ef7d336 100644 --- a/Dockerfile +++ b/Dockerfile @@ -15,7 +15,7 @@ ARG USER="root" ARG SHELL_OPTS="set -e -o pipefail" ARG SERVICE_PORT="80" -ARG EXPOSE_PORTS="8118 9050 9053 9080 9053/udp" +ARG EXPOSE_PORTS="8118 9050 9053 9080 9053/udp 57000-57007" ARG PHP_VERSION="84" ARG NODE_VERSION="system" ARG NODE_MANAGER="system" @@ -54,7 +54,7 @@ ARG PHP_SERVER ARG SHELL_OPTS ARG PATH -ARG PACK_LIST="tor torsocks lyrebird privoxy unbound nginx php$PHP_VERSION " +ARG PACK_LIST="bc tor torsocks lyrebird privoxy unbound nginx php$PHP_VERSION " ENV ENV=~/.profile ENV SHELL="/bin/sh" diff --git a/rootfs/root/docker/setup/03-files.sh b/rootfs/root/docker/setup/03-files.sh index af725e7..d605378 100755 --- a/rootfs/root/docker/setup/03-files.sh +++ b/rootfs/root/docker/setup/03-files.sh @@ -82,7 +82,7 @@ fi unset data # - - - - - - - - - - - - - - - - - - - - - - - - - # Main script -for tor_bin in relay bridge server; do +for tor_bin in server relay bridge exit; do if [ ! -f "/usr/local/bin/tor-$tor_bin" ]; then cp -Rf "$(type -P tor 2>/dev/null)" "/usr/local/bin/tor-$tor_bin" chmod +x "/usr/local/bin/tor-$tor_bin" diff --git a/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh b/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh deleted file mode 100755 index f086bb5..0000000 --- a/rootfs/usr/local/etc/docker/init.d/01-tor-bridge.sh +++ /dev/null @@ -1,781 +0,0 @@ -#!/usr/bin/env bash -# shellcheck shell=bash -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202501060902-git -# @@Author : Jason Hempstead -# @@Contact : jason@casjaysdev.pro -# @@License : LICENSE.md -# @@ReadME : tor.sh --help -# @@Copyright : Copyright: (c) 2025 Jason Hempstead, Casjays Developments -# @@Created : Monday, Jan 06, 2025 09:02 EST -# @@File : tor.sh -# @@Description : -# @@Changelog : New script -# @@TODO : Better documentation -# @@Other : -# @@Resource : -# @@Terminal App : no -# @@sudo/root : no -# @@Template : other/start-service -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2120,SC2155,SC2199,SC2317,SC2329 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run trap command on exit -trap 'retVal=$?; echo "❌ Fatal error occurred: Exit code $retVal at line $LINENO in command: $BASH_COMMAND"; kill -TERM 1' ERR -trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGINT SIGTERM SIGPWR -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SCRIPT_FILE="$0" -SERVICE_NAME="tor-bridge" -SCRIPT_NAME="$(basename -- "$SCRIPT_FILE" 2>/dev/null)" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Function to exit appropriately based on context -__script_exit() { - local exit_code="${1:-0}" - if [ "${BASH_SOURCE[0]}" != "${0}" ]; then - # Script is being sourced - use return - return "$exit_code" - else - # Script is being executed - use exit - exit "$exit_code" - fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Exit if service is disabled -[ -z "$TOR_BRIDGE_ENABLED" ] || if [ "$TOR_BRIDGE_ENABLED" != "yes" ]; then export SERVICE_DISABLED="$SERVICE_NAME" && __script_exit 0; fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html -[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" -{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail -# - - - - - - - - - - - - - - - - - - - - - - - - - -export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import the functions file -if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then - . "/usr/local/etc/docker/functions/entrypoint.sh" -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import variables -for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - -# exit if __start_init_scripts function hasn't been Initialized -if [ ! -f "/run/__start_init_scripts.pid" ]; then - echo "__start_init_scripts function hasn't been Initialized" >&2 - SERVICE_IS_RUNNING="no" - __script_exit 1 -fi -# Clean up any stale PID file for this service on startup -if [ -n "$SERVICE_NAME" ] && [ -f "/run/init.d/$SERVICE_NAME.pid" ]; then - old_pid=$(cat "/run/init.d/$SERVICE_NAME.pid" 2>/dev/null) - if [ -n "$old_pid" ] && ! kill -0 "$old_pid" 2>/dev/null; then - echo "🧹 Removing stale PID file for $SERVICE_NAME" - rm -f "/run/init.d/$SERVICE_NAME.pid" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom functions - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Script to execute -START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Reset environment before executing service -RESET_ENV="yes" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set webroot -WWW_ROOT_DIR="/usr/local/share/httpd/default" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Default predefined variables -DATA_DIR="/data/tor/bridge" # set data directory -CONF_DIR="/config/tor/bridge" # set config directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the containers etc directory -ETC_DIR="/etc/tor/bridge" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the var dir -VAR_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -TMP_DIR="/tmp/tor/bridge" # set the temp dir -RUN_DIR="/run/tor/bridge" # set scripts pid dir -LOG_DIR="/data/logs/tor" # set log directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the working dir -WORK_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# port which service is listening on -SERVICE_PORT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User to use to launch service - IE: postgres -RUNAS_USER="root" # normally root -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User and group in which the service switches to - IE: nginx,apache,mysql,postgres -SERVICE_USER="root" # execute command as another user -SERVICE_GROUP="root" # Set the service group -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set password length -RANDOM_PASS_USER="" -RANDOM_PASS_ROOT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set user and group ID -SERVICE_UID="0" # set the user id -SERVICE_GID="0" # set the group id -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# execute command variables - keep single quotes variables will be expanded later -EXEC_CMD_BIN='tor-bridge' # command to execute -EXEC_CMD_ARGS='-f $CONF_DIR/bridge.conf' # command arguments -EXEC_PRE_SCRIPT='' # execute script before -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a web server -IS_WEB_SERVER="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a database server -IS_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Does this service use a database server -USES_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set defualt type - [custom,sqlite,redis,postgres,mariadb,mysql,couchdb,mongodb,supabase] -DATABASE_SERVICE_TYPE="sqlite" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Show message before execute -PRE_EXEC_MESSAGE="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the wait time to execute __post_execute function - minutes -POST_EXECUTE_WAIT_TIME="1" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Update path var -PATH="$PATH:." -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Lets get containers ip address -IP4_ADDRESS="$(__get_ip4)" -IP6_ADDRESS="$(__get_ip6)" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Where to save passwords to -ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user -USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info password/random] -root_user_name="${TOR_ROOT_USER_NAME:-}" # root user name -root_user_pass="${TOR_ROOT_PASS_WORD:-}" # root user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Normal user info [password/random] -user_name="${TOR_USER_NAME:-}" # normal user name -user_pass="${TOR_USER_PASS_WORD:-}" # normal user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Load variables from config -[ -f "/config/env/tor.script.sh" ] && . "/config/env/tor.script.sh" # Generated by my dockermgr script -[ -f "/config/env/tor.sh" ] && . "/config/env/tor.sh" # Overwrite the variabes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional predefined variables - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional variables - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Specifiy custom directories to be created -ADD_APPLICATION_FILES="" -ADD_APPLICATION_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -APPLICATION_FILES="" -APPLICATION_DIRS="$ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR $RUN_DIR $VAR_DIR $DATA_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional config dirs - will be Copied to /etc/$name -ADDITIONAL_CONFIG_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" -CMD_ENV="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Overwrite based on file/directory - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Per Application Variables or imports -TOR_DNS_ENABLED="${TOR_DNS_ENABLED:-yes}" -TOR_RELAY_ENABLED="${TOR_RELAY_ENABLED:-yes}" -TOR_BRIDGE_ENABLED="${TOR_BRIDGE_ENABLED:-yes}" -TOR_HIDDEN_ENABLED="${TOR_HIDDEN_ENABLED:-yes}" -RANDOM_NICK="$(head -n50 '/dev/random' | tr -dc 'a-zA-Z' | tr -d '[:space:]\042\047\134' | fold -w "18" | sed 's| ||g' | head -n 1)" -HAS_IPV6="$([ -n "$(type -P ifconfig 2>/dev/null)" ] && ifconfig "eth0" | grep 'inet6' | grep 'global')" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom commands to run before copying to /config -__run_precopy() { - # Define environment - local hostname=${HOSTNAME} - local tor_bin="$(type -P "tor" 2>/dev/null)" - local server_bin="$(type -P "tor-bridge" 2>/dev/null)" - # Define actions/commands - [ -d "$DATA_DIR" ] || mkdir -p "$DATA_DIR" - [ -n "$tor_bin" ] && [ -z "$server_bin" ] && cp -Rf "$tor_bin" "/usr/local/bin/tor-bridge" - chmod +x "/usr/local/bin/tor-bridge" - # allow custom functions - if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom prerun functions - IE setup WWW_ROOT_DIR -__execute_prerun() { - # Define environment - local hostname=${HOSTNAME} - # Define actions/commands - - # allow custom functions - if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Run any pre-execution checks -__run_pre_execute_checks() { - # Set variables - local exitStatus=0 - local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start - local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion - __banner "$pre_execute_checks_MessageST" - # Put command to execute in parentheses - { - true - } - exitStatus=$? - __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" - - # show exit message - if [ $exitStatus -ne 0 ]; then - echo "The pre-execution check has failed" >&2 - [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" - exit 1 - fi - # allow custom functions - if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi - # exit function - return $exitStatus -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__update_conf_files() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # delete files - __rm "$CONF_DIR/bridge.conf" - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # custom commands - chmod 600 $RUN_DIR - chown -Rf ${SERVICE_USER:-$RUNAS_USER}:${SERVICE_GROUP:-$RUNAS_USER} $RUN_DIR - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # replace variables - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions - mkdir -p "$CONF_DIR/conf.d" - cat <>"$CONF_DIR/bridge.conf" -##### Bridge -RunAsDaemon 0 -HardwareAccel 1 -AddressDisableIPv6 0 - -#### control settings -ControlSocketsGroupWritable 1 -CookieAuthentication 1 -CookieAuthFileGroupReadable 1 -HashedControlPassword 16:C30604D1D90F341360A14D9A1048C1DF4A3CA2411444E52EE5B954C01F - -##### directiories and files -DataDirectory $DATA_DIR -ControlSocket $RUN_DIR/bridge.sock -CookieAuthFile $RUN_DIR/bridge.authcookie - -##### socks option -SOCKSPort 0 -SafeSocks ${TOR_SOCKS_SAFE:-0} -SocksTimeout ${TOR_SOCKS_TIMEOUT:-10} - -##### logging -LogMessageDomains 1 -Log notice file $LOG_DIR/$SERVICE_NAME.log -#Log debug file $LOG_DIR/$SERVICE_NAME.debug - -##### Bridge Settings -BridgeRelay 1 -ServerTransportPlugin obfs4 exec /usr/bin/lyrebird -ServerTransportListenAddr obfs4 0.0.0.0:${TOR_BRIDGE_PT_PORT:-57003} - -ORPort ${TOR_BRIDGE_OR_PORT:-57004} -Nickname ${TOR_BRIDGE_NICK_NAME:-$RANDOM_NICK} -ContactInfo ${TOR_BRIDGE_ADMIN:-tor-admin@$HOSTNAME} -AccountingMax ${TOR_BRIDGE_ACCOUNT_MAX:-250 GBytes} -RelayBandwidthRate ${TOR_BRIDGE_BANDWIDTH_RATE:-96 KB} -RelayBandwidthBurst ${TOR_BRIDGE_BANDWIDTH_BURST:-192 KB} -AccountingStart month 1 00:00 -PublishServerDescriptor 1 - -# Block ports -ExitPolicy reject *:25 -ExitPolicy reject *:465 -ExitPolicy reject *:587 -ExitPolicy reject *:135-139 -ExitPolicy accept *:* - -%include $CONF_DIR/conf.d/*.conf - -EOF - [ -f "$CONF_DIR/conf.d/default.conf" ] || touch "$CONF_DIR/conf.d/default.conf" - if [ "$TOR_DEBUG" = "yes" ]; then - sed -i 's|#Log debug|Log debug|g' "$CONF_DIR/bridge.conf" - fi - if [ -z "$HAS_IPV6" ]; then - sed -i 's|AddressDisableIPv6 0|AddressDisableIPv6 1|g' "$CONF_DIR/bridge.conf" - fi - - # allow custom functions - if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run before executing -__pre_execute() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute if directories is empty - # __is_dir_empty "$CONF_DIR" && true - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions to run after copying to /config - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # unset unneeded variables - unset sysname - # Lets wait a few seconds before continuing - sleep 5 - # allow custom functions - if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run after executing -__post_execute() { - local pid="" # init pid var - local retVal=0 # set default exit code - local ctime=${POST_EXECUTE_WAIT_TIME:-1} # how long to wait before executing - local waitTime=$((ctime * 60)) # convert minutes to seconds - local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start - local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion - # wait - sleep $waitTime - # execute commands after waiting - ( - # show message - __banner "$postMessageST" - # commands to execute - sleep 5 - if [ -f "/data/tor/bridge/fingerprint" ]; then - cat "/data/tor/bridge/fingerprint" - fi - # show exit message - __banner "$postMessageEnd: Status $retVal" - ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & - pid=$! - ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 - # allow custom functions - if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi - # exit function - return $retVal -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__pre_message() { - local exitCode=0 - [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" - # execute commands - - # allow custom functions - if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to setup ssl support -__update_ssl_conf() { - local exitCode=0 - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute commands - - # allow custom functions - if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi - # set exitCode - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env() { - local exitCode=0 - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then - cat </dev/null -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info [password/random] -#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$TOR_ROOT_USER_NAME}" # root user name -#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$TOR_ROOT_PASS_WORD}" # root user password -#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # -#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -#Normal user info [password/random] -#ENV_USER_NAME="${ENV_USER_NAME:-$TOR_USER_NAME}" # -#ENV_USER_PASS="${ENV_USER_PASS:-$TOR_USER_PASS_WORD}" # -#user_name="${ENV_USER_NAME:-$user_name}" # normal user name -#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password - -EOF - fi - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" ]; then - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_precopy_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __execute_prerun_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_pre_execute_checks_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_conf_files_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __post_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_message_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_ssl_conf_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - fi - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# script to start server -__run_start_script() { - local runExitCode=0 - local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables - local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables - local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables - local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables - local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables - local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables - local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables - local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables - local path="$(eval echo "$PATH")" # expand variables - local message="$(eval echo "")" # expand variables - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" - # - if [ -z "$cmd" ]; then - __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" - retVal=$? - echo "Initializing $SCRIPT_NAME has completed" - exit $retVal - else - # ensure the command exists - if [ ! -x "$cmd" ]; then - echo "$name is not a valid executable" - return 2 - fi - # check and exit if already running - if __proc_check "$name" || __proc_check "$cmd"; then - echo "$name is already running" >&2 - return 0 - else - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # show message if env exists - if [ -n "$cmd" ]; then - [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" - [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" - fi - if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then - export cmd_exec="$pre $cmd $args" - message="Starting service: $name $args through $pre" - else - export cmd_exec="$cmd $args" - message="Starting service: $name $args" - fi - [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" - echo "$message" | tee -a -p "/data/logs/init.txt" - su_cmd touch "$SERVICE_PID_FILE" - if [ "$RESET_ENV" = "yes" ]; then - env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" - execute_command="$(__trim "$su_exec $env_command $cmd_exec")" - if [ ! -f "$START_SCRIPT" ]; then - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} with env -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 -exit \$retVal - -EOF - fi - else - if [ ! -f "$START_SCRIPT" ]; then - execute_command="$(__trim "$su_exec $cmd_exec")" - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 >&2 -exit \$retVal - -EOF - fi - fi - fi - [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" - [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" - runExitCode=$? - fi - return $runExitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# username and password actions -__run_secure_function() { - local filesperms - if [ -n "$user_name" ] || [ -n "$user_pass" ]; then - for filesperms in "${USER_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then - for filesperms in "${ROOT_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - unset filesperms -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow ENV_ variable - Import env file -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SERVICE_EXIT_CODE=0 # default exit code -# application specific -EXEC_CMD_NAME="$(basename -- "$EXEC_CMD_BIN")" # set the binary name -SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location -SERVICE_PID_NUMBER="$(__pgrep)" # check if running -EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path -EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Only run check -__check_service "$1" && SERVICE_IS_RUNNING=yes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# ensure needed directories exists -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create auth directories -[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } -[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ -n "$RUNAS_USER" ] || RUNAS_USER="root" -[ -n "$SERVICE_USER" ] || SERVICE_USER="$RUNAS_USER" -[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${SERVICE_USER:-$RUNAS_USER}" -[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" && __is_htdocs_mounted -[ "$IS_WEB_SERVER" = "yes" ] && [ -z "$SERVICE_PORT" ] && SERVICE_PORT="80" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Database env -if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then - RESET_ENV="no" - DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" - DATABASE_USER_NORMAL="${ENV_DATABASE_USER:-${DATABASE_USER_NORMAL:-$user_name}}" - DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" - DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" - DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" - if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then - echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" - fi - if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then - echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# [DATABASE_DIR_[SQLITE,REDIS,POSTGRES,MARIADB,COUCHDB,MONGODB,SUPABASE]] -if [ "$DATABASE_SERVICE_TYPE" = "custom" ]; then - DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" -elif [ "$SERVICE_NAME" = "redis" ] || [ "$DATABASE_SERVICE_TYPE" = "redis" ]; then - DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" -elif [ "$SERVICE_NAME" = "postgres" ] || [ "$DATABASE_SERVICE_TYPE" = "postgres" ]; then - DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" -elif [ "$SERVICE_NAME" = "mariadb" ] || [ "$DATABASE_SERVICE_TYPE" = "mariadb" ]; then - DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "mysql" ] || [ "$DATABASE_SERVICE_TYPE" = "mysql" ]; then - DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "couchdb" ] || [ "$DATABASE_SERVICE_TYPE" = "couchdb" ]; then - DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" -elif [ "$SERVICE_NAME" = "mongodb" ] || [ "$DATABASE_SERVICE_TYPE" = "mongodb" ]; then - DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" -elif [ "$SERVICE_NAME" = "supabase" ] || [ "$DATABASE_SERVICE_TYPE" = "supabase" ]; then - DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" -elif [ "$SERVICE_NAME" = "sqlite" ] || [ "$DATABASE_SERVICE_TYPE" = "sqlite" ]; then - DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" - [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" - chmod 777 "$DATABASE_DIR" -fi -[ -n "$DATABASE_ADMIN_WWW_ROOT" ] && { [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ] || mkdir -p "${DATABASE_ADMIN_WWW_ROOT}"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow variables via imports - Overwrite existing -[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set password to random if variable is random -[ "$user_pass" = "random" ] && user_pass="$(__random_password ${RANDOM_PASS_USER:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password ${RANDOM_PASS_ROOT:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow setting initial users and passwords via environment and save to file -[ -n "$user_name" ] && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$user_pass" ] && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" -[ -n "$root_user_name" ] && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$root_user_pass" ] && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create needed dirs -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow per init script usernames and passwords -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${USER_FILE_PREFIX}/db_pass_user" && DATABASE_PASS_NORMAL="$(<"${USER_FILE_PREFIX}/db_pass_user")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/db_pass_root" && DATABASE_PASS_ROOT="$(<"${ROOT_FILE_PREFIX}/db_pass_root")" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set hostname for script -sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Setup /config directories -__init_config_etc -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# pre-run function -__execute_prerun -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create user if needed -__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Modify user if needed -__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Create base directories -__setup_directories -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set switch user command -__switch_to_user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize the home/working dir -__init_working_dir -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# show init message -__pre_message -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_db_users -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize ssl -__update_ssl_conf -__update_ssl_certs -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions in ${USER_FILE_PREFIX} and ${ROOT_FILE_PREFIX} -__run_secure_function -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_precopy -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Copy /config to /etc -for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do - __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "/data/logs/init.txt" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Replace variables -__initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$ADDITIONAL_CONFIG_DIRS" "$WWW_ROOT_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_database -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Updating config files -__update_conf_files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run the pre execute commands -__pre_execute -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions -__fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "/data/logs/init.txt" || return 20 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" -errorCode=$? -if [ -n "$EXEC_CMD_BIN" ]; then - if [ "$errorCode" -eq 0 ]; then - SERVICE_EXIT_CODE=0 - SERVICE_IS_RUNNING="yes" - else - SERVICE_EXIT_CODE=$errorCode - SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" - [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" - fi - SERVICE_EXIT_CODE=0 -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# start the post execute function in background -__post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "/data/logs/init.txt" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__script_exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/02-tor-relay.sh b/rootfs/usr/local/etc/docker/init.d/02-tor-relay.sh deleted file mode 100755 index c190660..0000000 --- a/rootfs/usr/local/etc/docker/init.d/02-tor-relay.sh +++ /dev/null @@ -1,784 +0,0 @@ -#!/usr/bin/env bash -# shellcheck shell=bash -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202501060902-git -# @@Author : Jason Hempstead -# @@Contact : jason@casjaysdev.pro -# @@License : LICENSE.md -# @@ReadME : tor.sh --help -# @@Copyright : Copyright: (c) 2025 Jason Hempstead, Casjays Developments -# @@Created : Monday, Jan 06, 2025 09:02 EST -# @@File : tor.sh -# @@Description : -# @@Changelog : New script -# @@TODO : Better documentation -# @@Other : -# @@Resource : -# @@Terminal App : no -# @@sudo/root : no -# @@Template : other/start-service -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2120,SC2155,SC2199,SC2317,SC2329 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run trap command on exit -trap 'retVal=$?; echo "❌ Fatal error occurred: Exit code $retVal at line $LINENO in command: $BASH_COMMAND"; kill -TERM 1' ERR -trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGINT SIGTERM SIGPWR -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SCRIPT_FILE="$0" -SERVICE_NAME="tor-relay" -SCRIPT_NAME="$(basename -- "$SCRIPT_FILE" 2>/dev/null)" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Function to exit appropriately based on context -__script_exit() { - local exit_code="${1:-0}" - if [ "${BASH_SOURCE[0]}" != "${0}" ]; then - # Script is being sourced - use return - return "$exit_code" - else - # Script is being executed - use exit - exit "$exit_code" - fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Exit if service is disabled -[ -z "$TOR_RELAY_ENABLED" ] || if [ "$TOR_RELAY_ENABLED" != "yes" ]; then export SERVICE_DISABLED="$SERVICE_NAME" && __script_exit 0; fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html -[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" -{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail -# - - - - - - - - - - - - - - - - - - - - - - - - - -export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import the functions file -if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then - . "/usr/local/etc/docker/functions/entrypoint.sh" -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import variables -for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - -# exit if __start_init_scripts function hasn't been Initialized -if [ ! -f "/run/__start_init_scripts.pid" ]; then - echo "__start_init_scripts function hasn't been Initialized" >&2 - SERVICE_IS_RUNNING="no" - __script_exit 1 -fi -# Clean up any stale PID file for this service on startup -if [ -n "$SERVICE_NAME" ] && [ -f "/run/init.d/$SERVICE_NAME.pid" ]; then - old_pid=$(cat "/run/init.d/$SERVICE_NAME.pid" 2>/dev/null) - if [ -n "$old_pid" ] && ! kill -0 "$old_pid" 2>/dev/null; then - echo "🧹 Removing stale PID file for $SERVICE_NAME" - rm -f "/run/init.d/$SERVICE_NAME.pid" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom functions - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Script to execute -START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Reset environment before executing service -RESET_ENV="yes" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set webroot -WWW_ROOT_DIR="/usr/local/share/httpd/default" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Default predefined variables -DATA_DIR="/data/tor/relay" # set data directory -CONF_DIR="/config/tor/relay" # set config directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the containers etc directory -ETC_DIR="/etc/tor/relay" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the var dir -VAR_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -TMP_DIR="/tmp/tor" # set the temp dir -RUN_DIR="/run/tor/relay" # set scripts pid dir -LOG_DIR="/data/logs/tor" # set log directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the working dir -WORK_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# port which service is listening on -SERVICE_PORT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User to use to launch service - IE: postgres -RUNAS_USER="root" # normally root -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User and group in which the service switches to - IE: nginx,apache,mysql,postgres -SERVICE_USER="root" # execute command as another user -SERVICE_GROUP="root" # Set the service group -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set password length -RANDOM_PASS_USER="" -RANDOM_PASS_ROOT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set user and group ID -SERVICE_UID="0" # set the user id -SERVICE_GID="0" # set the group id -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# execute command variables - keep single quotes variables will be expanded later -EXEC_CMD_BIN='tor-relay' # command to execute -EXEC_CMD_ARGS='-f $CONF_DIR/relay.conf' # command arguments -EXEC_PRE_SCRIPT='' # execute script before -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a web server -IS_WEB_SERVER="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a database server -IS_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Does this service use a database server -USES_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set defualt type - [custom,sqlite,redis,postgres,mariadb,mysql,couchdb,mongodb,supabase] -DATABASE_SERVICE_TYPE="sqlite" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Show message before execute -PRE_EXEC_MESSAGE="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the wait time to execute __post_execute function - minutes -POST_EXECUTE_WAIT_TIME="1" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Update path var -PATH="$PATH:." -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Lets get containers ip address -IP4_ADDRESS="$(__get_ip4)" -IP6_ADDRESS="$(__get_ip6)" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Where to save passwords to -ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user -USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info password/random] -root_user_name="${TOR_ROOT_USER_NAME:-}" # root user name -root_user_pass="${TOR_ROOT_PASS_WORD:-}" # root user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Normal user info [password/random] -user_name="${TOR_USER_NAME:-}" # normal user name -user_pass="${TOR_USER_PASS_WORD:-}" # normal user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Load variables from config -[ -f "/config/env/tor.script.sh" ] && . "/config/env/tor.script.sh" # Generated by my dockermgr script -[ -f "/config/env/tor.sh" ] && . "/config/env/tor.sh" # Overwrite the variabes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional predefined variables - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional variables - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Specifiy custom directories to be created -ADD_APPLICATION_FILES="" -ADD_APPLICATION_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -APPLICATION_FILES="" -APPLICATION_DIRS="$ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR $RUN_DIR $VAR_DIR $DATA_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional config dirs - will be Copied to /etc/$name -ADDITIONAL_CONFIG_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" -CMD_ENV="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Overwrite based on file/directory - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Per Application Variables or imports -TOR_DNS_ENABLED="${TOR_DNS_ENABLED:-yes}" -TOR_RELAY_ENABLED="${TOR_RELAY_ENABLED:-yes}" -TOR_BRIDGE_ENABLED="${TOR_BRIDGE_ENABLED:-yes}" -TOR_HIDDEN_ENABLED="${TOR_HIDDEN_ENABLED:-yes}" -RANDOM_NICK="$(head -n50 '/dev/random' | tr -dc 'a-zA-Z' | tr -d '[:space:]\042\047\134' | fold -w "18" | sed 's| ||g' | head -n 1)" -HAS_IPV6="$([ -n "$(type -P ifconfig 2>/dev/null)" ] && ifconfig "eth0" | grep 'inet6' | grep 'global')" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom commands to run before copying to /config -__run_precopy() { - # Define environment - local hostname=${HOSTNAME} - local tor_bin="$(type -P "tor" 2>/dev/null)" - local server_bin="$(type -P "tor-relay" 2>/dev/null)" - # Define actions/commands - [ -d "$DATA_DIR" ] || mkdir -p "$DATA_DIR" - [ -n "$tor_bin" ] && [ -z "$server_bin" ] && cp -Rf "$tor_bin" "/usr/local/bin/tor-relay" - chmod +x "/usr/local/bin/tor-relay" - - # allow custom functions - if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom prerun functions - IE setup WWW_ROOT_DIR -__execute_prerun() { - # Define environment - local hostname=${HOSTNAME} - # Define actions/commands - - # allow custom functions - if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Run any pre-execution checks -__run_pre_execute_checks() { - # Set variables - local exitStatus=0 - local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start - local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion - __banner "$pre_execute_checks_MessageST" - # Put command to execute in parentheses - { - true - } - exitStatus=$? - __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" - - # show exit message - if [ $exitStatus -ne 0 ]; then - echo "The pre-execution check has failed" >&2 - [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" - exit 1 - fi - # allow custom functions - if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi - # exit function - return $exitStatus -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__update_conf_files() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # delete files - #__rm "" - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # custom commands - chmod 600 $RUN_DIR - chown -Rf ${SERVICE_USER:-$RUNAS_USER}:${SERVICE_GROUP:-$RUNAS_USER} $RUN_DIR - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # replace variables - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions - mkdir -p "$CONF_DIR/conf.d" - cat <"$CONF_DIR/relay.conf" -##### Relay -RunAsDaemon 0 -HardwareAccel 1 -AddressDisableIPv6 0 - -#### control settings -ControlSocketsGroupWritable 1 -CookieAuthentication 1 -CookieAuthFileGroupReadable 1 -HashedControlPassword 16:C30604D1D90F341360A14D9A1048C1DF4A3CA2411444E52EE5B954C01F - -##### directiories and files -DataDirectory $DATA_DIR -ControlSocket $RUN_DIR/relay.sock -CookieAuthFile $RUN_DIR/relay.authcookie - -##### socks option -SOCKSPort 0 -SafeSocks ${TOR_SOCKS_SAFE:-0} -SocksTimeout ${TOR_SOCKS_TIMEOUT:-10} - -##### logging -LogMessageDomains 1 -Log notice file $LOG_DIR/$SERVICE_NAME.log -#Log debug file $LOG_DIR/$SERVICE_NAME.debug - -##### Relay Settings -ServerTransportPlugin obfs4 exec /usr/bin/lyrebird -ServerTransportListenAddr obfs4 0.0.0.0:${TOR_RELAY_PORT:-57000} -ORPort ${TOR_RELAY_OR_PORT:-57001} -DirPort ${TOR_RELAY_DIR_PORT:-57002} - -ExitRelay 1 -PublishServerDescriptor 1 -Nickname ${TOR_RELAY_NICK_NAME:-$RANDOM_NICK} -ContactInfo ${TOR_RELAY_ADMIN:-tor-admin@$HOSTNAME} -AccountingMax ${TOR_RELAY_ACCOUNT_MAX:-250 GBytes} -RelayBandwidthRate ${TOR_RELAY_BANDWIDTH_RATE:-96 KB} -RelayBandwidthBurst ${TOR_RELAY_BANDWIDTH_BURST:-192 KB} -AccountingStart month 1 00:00 -DirPortFrontPage /usr/share/tor/html/exit.html - -# Block ports -ExitPolicy reject *:25 -ExitPolicy reject *:465 -ExitPolicy reject *:587 -ExitPolicy reject *:135-139 -ExitPolicy accept *:* - -%include $CONF_DIR/conf.d/*.conf - -EOF - [ -f "$CONF_DIR/conf.d/default.conf" ] || touch "$CONF_DIR/conf.d/default.conf" - if [ "$TOR_DEBUG" = "yes" ]; then - sed -i 's|#Log debug|Log debug|g' "$CONF_DIR/relay.conf" - fi - if [ -z "$HAS_IPV6" ]; then - sed -i 's|AddressDisableIPv6 0|AddressDisableIPv6 1|g' "$CONF_DIR/relay.conf" - fi - - # allow custom functions - if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run before executing -__pre_execute() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute if directories is empty - # __is_dir_empty "$CONF_DIR" && true - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions to run after copying to /config - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # unset unneeded variables - unset sysname - # Lets wait a few seconds before continuing - sleep 5 - # allow custom functions - if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run after executing -__post_execute() { - local pid="" # init pid var - local retVal=0 # set default exit code - local ctime=${POST_EXECUTE_WAIT_TIME:-1} # how long to wait before executing - local waitTime=$((ctime * 60)) # convert minutes to seconds - local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start - local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion - # wait - sleep $waitTime - # execute commands after waiting - ( - # show message - __banner "$postMessageST" - # commands to execute - sleep 5 - if [ -f "/data/tor/relay/fingerprint" ]; then - cat "/data/tor/relay/fingerprint" - fi - # show exit message - __banner "$postMessageEnd: Status $retVal" - ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & - pid=$! - ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 - # allow custom functions - if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi - # exit function - return $retVal -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__pre_message() { - local exitCode=0 - [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" - # execute commands - - # allow custom functions - if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to setup ssl support -__update_ssl_conf() { - local exitCode=0 - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute commands - - # allow custom functions - if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi - # set exitCode - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env() { - local exitCode=0 - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then - cat </dev/null -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info [password/random] -#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$TOR_ROOT_USER_NAME}" # root user name -#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$TOR_ROOT_PASS_WORD}" # root user password -#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # -#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -#Normal user info [password/random] -#ENV_USER_NAME="${ENV_USER_NAME:-$TOR_USER_NAME}" # -#ENV_USER_PASS="${ENV_USER_PASS:-$TOR_USER_PASS_WORD}" # -#user_name="${ENV_USER_NAME:-$user_name}" # normal user name -#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password - -EOF - fi - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" ]; then - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_precopy_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __execute_prerun_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_pre_execute_checks_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_conf_files_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __post_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_message_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_ssl_conf_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - fi - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# script to start server -__run_start_script() { - local runExitCode=0 - local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables - local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables - local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables - local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables - local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables - local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables - local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables - local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables - local path="$(eval echo "$PATH")" # expand variables - local message="$(eval echo "")" # expand variables - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" - # - if [ -z "$cmd" ]; then - __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" - retVal=$? - echo "Initializing $SCRIPT_NAME has completed" - exit $retVal - else - # ensure the command exists - if [ ! -x "$cmd" ]; then - echo "$name is not a valid executable" - return 2 - fi - # check and exit if already running - if __proc_check "$name" || __proc_check "$cmd"; then - echo "$name is already running" >&2 - return 0 - else - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # show message if env exists - if [ -n "$cmd" ]; then - [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" - [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" - fi - if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then - export cmd_exec="$pre $cmd $args" - message="Starting service: $name $args through $pre" - else - export cmd_exec="$cmd $args" - message="Starting service: $name $args" - fi - [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" - echo "$message" | tee -a -p "/data/logs/init.txt" - su_cmd touch "$SERVICE_PID_FILE" - if [ "$RESET_ENV" = "yes" ]; then - env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" - execute_command="$(__trim "$su_exec $env_command $cmd_exec")" - if [ ! -f "$START_SCRIPT" ]; then - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} with env -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 -exit \$retVal - -EOF - fi - else - if [ ! -f "$START_SCRIPT" ]; then - execute_command="$(__trim "$su_exec $cmd_exec")" - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 >&2 -exit \$retVal - -EOF - fi - fi - fi - [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" - [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" - runExitCode=$? - fi - return $runExitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# username and password actions -__run_secure_function() { - local filesperms - if [ -n "$user_name" ] || [ -n "$user_pass" ]; then - for filesperms in "${USER_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then - for filesperms in "${ROOT_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - unset filesperms -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow ENV_ variable - Import env file -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SERVICE_EXIT_CODE=0 # default exit code -# application specific -EXEC_CMD_NAME="$(basename -- "$EXEC_CMD_BIN")" # set the binary name -SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location -SERVICE_PID_NUMBER="$(__pgrep)" # check if running -EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path -EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Only run check -__check_service "$1" && SERVICE_IS_RUNNING=yes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# ensure needed directories exists -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create auth directories -[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } -[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ -n "$RUNAS_USER" ] || RUNAS_USER="root" -[ -n "$SERVICE_USER" ] || SERVICE_USER="$RUNAS_USER" -[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${SERVICE_USER:-$RUNAS_USER}" -[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" && __is_htdocs_mounted -[ "$IS_WEB_SERVER" = "yes" ] && [ -z "$SERVICE_PORT" ] && SERVICE_PORT="80" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Database env -if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then - RESET_ENV="no" - DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" - DATABASE_USER_NORMAL="${ENV_DATABASE_USER:-${DATABASE_USER_NORMAL:-$user_name}}" - DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" - DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" - DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" - if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then - echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" - fi - if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then - echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# [DATABASE_DIR_[SQLITE,REDIS,POSTGRES,MARIADB,COUCHDB,MONGODB,SUPABASE]] -if [ "$DATABASE_SERVICE_TYPE" = "custom" ]; then - DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" -elif [ "$SERVICE_NAME" = "redis" ] || [ "$DATABASE_SERVICE_TYPE" = "redis" ]; then - DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" -elif [ "$SERVICE_NAME" = "postgres" ] || [ "$DATABASE_SERVICE_TYPE" = "postgres" ]; then - DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" -elif [ "$SERVICE_NAME" = "mariadb" ] || [ "$DATABASE_SERVICE_TYPE" = "mariadb" ]; then - DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "mysql" ] || [ "$DATABASE_SERVICE_TYPE" = "mysql" ]; then - DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "couchdb" ] || [ "$DATABASE_SERVICE_TYPE" = "couchdb" ]; then - DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" -elif [ "$SERVICE_NAME" = "mongodb" ] || [ "$DATABASE_SERVICE_TYPE" = "mongodb" ]; then - DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" -elif [ "$SERVICE_NAME" = "supabase" ] || [ "$DATABASE_SERVICE_TYPE" = "supabase" ]; then - DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" -elif [ "$SERVICE_NAME" = "sqlite" ] || [ "$DATABASE_SERVICE_TYPE" = "sqlite" ]; then - DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" - [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" - chmod 777 "$DATABASE_DIR" -fi -[ -n "$DATABASE_ADMIN_WWW_ROOT" ] && { [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ] || mkdir -p "${DATABASE_ADMIN_WWW_ROOT}"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow variables via imports - Overwrite existing -[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set password to random if variable is random -[ "$user_pass" = "random" ] && user_pass="$(__random_password ${RANDOM_PASS_USER:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password ${RANDOM_PASS_ROOT:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow setting initial users and passwords via environment and save to file -[ -n "$user_name" ] && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$user_pass" ] && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" -[ -n "$root_user_name" ] && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$root_user_pass" ] && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create needed dirs -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow per init script usernames and passwords -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${USER_FILE_PREFIX}/db_pass_user" && DATABASE_PASS_NORMAL="$(<"${USER_FILE_PREFIX}/db_pass_user")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/db_pass_root" && DATABASE_PASS_ROOT="$(<"${ROOT_FILE_PREFIX}/db_pass_root")" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set hostname for script -sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Setup /config directories -__init_config_etc -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# pre-run function -__execute_prerun -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create user if needed -__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Modify user if needed -__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Create base directories -__setup_directories -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set switch user command -__switch_to_user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize the home/working dir -__init_working_dir -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# show init message -__pre_message -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_db_users -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize ssl -__update_ssl_conf -__update_ssl_certs -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions in ${USER_FILE_PREFIX} and ${ROOT_FILE_PREFIX} -__run_secure_function -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_precopy -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Copy /config to /etc -for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do - __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "/data/logs/init.txt" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Replace variables -__initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$ADDITIONAL_CONFIG_DIRS" "$WWW_ROOT_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_database -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Updating config files -__update_conf_files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run the pre execute commands -__pre_execute -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions -__fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "/data/logs/init.txt" || return 20 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" -errorCode=$? -if [ -n "$EXEC_CMD_BIN" ]; then - if [ "$errorCode" -eq 0 ]; then - SERVICE_EXIT_CODE=0 - SERVICE_IS_RUNNING="yes" - else - SERVICE_EXIT_CODE=$errorCode - SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" - [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" - fi - SERVICE_EXIT_CODE=0 -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# start the post execute function in background -__post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "/data/logs/init.txt" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__script_exit $SERVICE_EXIT_CODE diff --git a/rootfs/usr/local/etc/docker/init.d/03-tor-server.sh b/rootfs/usr/local/etc/docker/init.d/03-tor-server.sh deleted file mode 100755 index 4df8749..0000000 --- a/rootfs/usr/local/etc/docker/init.d/03-tor-server.sh +++ /dev/null @@ -1,847 +0,0 @@ -#!/usr/bin/env bash -# shellcheck shell=bash -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -##@Version : 202501060902-git -# @@Author : Jason Hempstead -# @@Contact : jason@casjaysdev.pro -# @@License : LICENSE.md -# @@ReadME : tor.sh --help -# @@Copyright : Copyright: (c) 2025 Jason Hempstead, Casjays Developments -# @@Created : Monday, Jan 06, 2025 09:02 EST -# @@File : tor.sh -# @@Description : -# @@Changelog : New script -# @@TODO : Better documentation -# @@Other : -# @@Resource : -# @@Terminal App : no -# @@sudo/root : no -# @@Template : other/start-service -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# shellcheck disable=SC1001,SC1003,SC2001,SC2003,SC2016,SC2031,SC2120,SC2155,SC2199,SC2317,SC2329 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run trap command on exit -trap 'retVal=$?; echo "❌ Fatal error occurred: Exit code $retVal at line $LINENO in command: $BASH_COMMAND"; kill -TERM 1' ERR -trap 'retVal=$?;if [ "$SERVICE_IS_RUNNING" != "yes" ] && [ -f "$SERVICE_PID_FILE" ]; then rm -Rf "$SERVICE_PID_FILE"; fi;exit $retVal' SIGINT SIGTERM SIGPWR -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SCRIPT_FILE="$0" -SERVICE_NAME="tor-server" -SCRIPT_NAME="$(basename -- "$SCRIPT_FILE" 2>/dev/null)" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Function to exit appropriately based on context -__script_exit() { - local exit_code="${1:-0}" - if [ "${BASH_SOURCE[0]}" != "${0}" ]; then - # Script is being sourced - use return - return "$exit_code" - else - # Script is being executed - use exit - exit "$exit_code" - fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - -# Exit if service is disabled -[ -z "$TOR_SERVER_ENABLED" ] || if [ "$TOR_SERVER_ENABLED" != "yes" ]; then export SERVICE_DISABLED="$SERVICE_NAME" && __script_exit 0; fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# setup debugging - https://www.gnu.org/software/bash/manual/html_node/The-Set-Builtin.html -[ -f "/config/.debug" ] && [ -z "$DEBUGGER_OPTIONS" ] && export DEBUGGER_OPTIONS="$(<"/config/.debug")" || DEBUGGER_OPTIONS="${DEBUGGER_OPTIONS:-}" -{ [ "$DEBUGGER" = "on" ] || [ -f "/config/.debug" ]; } && echo "Enabling debugging" && set -xo pipefail -x$DEBUGGER_OPTIONS && export DEBUGGER="on" || set -o pipefail -# - - - - - - - - - - - - - - - - - - - - - - - - - -export PATH="/usr/local/etc/docker/bin:/usr/local/bin:/usr/bin:/usr/sbin:/bin:/sbin" -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import the functions file -if [ -f "/usr/local/etc/docker/functions/entrypoint.sh" ]; then - . "/usr/local/etc/docker/functions/entrypoint.sh" -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - -# import variables -for set_env in "/root/env.sh" "/usr/local/etc/docker/env"/*.sh "/config/env"/*.sh; do - [ -f "$set_env" ] && . "$set_env" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - -# exit if __start_init_scripts function hasn't been Initialized -if [ ! -f "/run/__start_init_scripts.pid" ]; then - echo "__start_init_scripts function hasn't been Initialized" >&2 - SERVICE_IS_RUNNING="no" - __script_exit 1 -fi -# Clean up any stale PID file for this service on startup -if [ -n "$SERVICE_NAME" ] && [ -f "/run/init.d/$SERVICE_NAME.pid" ]; then - old_pid=$(cat "/run/init.d/$SERVICE_NAME.pid" 2>/dev/null) - if [ -n "$old_pid" ] && ! kill -0 "$old_pid" 2>/dev/null; then - echo "🧹 Removing stale PID file for $SERVICE_NAME" - rm -f "/run/init.d/$SERVICE_NAME.pid" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom functions - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Script to execute -START_SCRIPT="/usr/local/etc/docker/exec/$SERVICE_NAME" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Reset environment before executing service -RESET_ENV="yes" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set webroot -WWW_ROOT_DIR="/usr/local/share/httpd/default" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Default predefined variables -DATA_DIR="/data/tor/server" # set data directory -CONF_DIR="/config/tor/server" # set config directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the containers etc directory -ETC_DIR="/etc/tor/server" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set the var dir -VAR_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -TMP_DIR="/tmp/tor/server" # set the temp dir -RUN_DIR="/run/tor/server" # set scripts pid dir -LOG_DIR="/data/logs/tor" # set log directory -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the working dir -WORK_DIR="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# port which service is listening on -SERVICE_PORT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User to use to launch service - IE: postgres -RUNAS_USER="root" # normally root -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# User and group in which the service switches to - IE: nginx,apache,mysql,postgres -SERVICE_USER="root" # execute command as another user -SERVICE_GROUP="root" # Set the service group -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set password length -RANDOM_PASS_USER="" -RANDOM_PASS_ROOT="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set user and group ID -SERVICE_UID="0" # set the user id -SERVICE_GID="0" # set the group id -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# execute command variables - keep single quotes variables will be expanded later -EXEC_CMD_BIN='tor-server' # command to execute -EXEC_CMD_ARGS='-f $CONF_DIR/server.conf' # command arguments -EXEC_PRE_SCRIPT='' # execute script before -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a web server -IS_WEB_SERVER="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Is this service a database server -IS_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Does this service use a database server -USES_DATABASE_SERVICE="no" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set defualt type - [custom,sqlite,redis,postgres,mariadb,mysql,couchdb,mongodb,supabase] -DATABASE_SERVICE_TYPE="sqlite" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Show message before execute -PRE_EXEC_MESSAGE="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set the wait time to execute __post_execute function - minutes -POST_EXECUTE_WAIT_TIME="5" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Update path var -PATH="$PATH:." -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Lets get containers ip address -IP4_ADDRESS="$(__get_ip4)" -IP6_ADDRESS="$(__get_ip6)" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Where to save passwords to -ROOT_FILE_PREFIX="/config/secure/auth/root" # directory to save username/password for root user -USER_FILE_PREFIX="/config/secure/auth/user" # directory to save username/password for normal user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info password/random] -root_user_name="${TOR_ROOT_USER_NAME:-}" # root user name -root_user_pass="${TOR_ROOT_PASS_WORD:-}" # root user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Normal user info [password/random] -user_name="${TOR_USER_NAME:-}" # normal user name -user_pass="${TOR_USER_PASS_WORD:-}" # normal user password -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Load variables from config -[ -f "/config/env/tor.script.sh" ] && . "/config/env/tor.script.sh" # Generated by my dockermgr script -[ -f "/config/env/tor.sh" ] && . "/config/env/tor.sh" # Overwrite the variabes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional predefined variables -TOR_HIDDEN_SERVICE_DIR="${TOR_HIDDEN_SERVICE_DIR:-$DATA_DIR/hidden}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional variables -TOR_HIDDEN_SERVERS="${TOR_HIDDEN_SERVERS//,/ }" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Specifiy custom directories to be created -ADD_APPLICATION_FILES="" -ADD_APPLICATION_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -APPLICATION_FILES="" -APPLICATION_DIRS="$ETC_DIR $CONF_DIR $LOG_DIR $TMP_DIR $RUN_DIR $VAR_DIR $DATA_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Additional config dirs - will be Copied to /etc/$name -ADDITIONAL_CONFIG_DIRS="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# define variables that need to be loaded into the service - escape quotes - var=\"value\",other=\"test\" -CMD_ENV="" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Overwrite based on file/directory - -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Per Application Variables or imports -TOR_DNS_ENABLED="${TOR_DNS_ENABLED:-yes}" -TOR_HIDDEN_IP="${TOR_HIDDEN_IP:-127.0.0.1}" -TOR_RELAY_ENABLED="${TOR_RELAY_ENABLED:-yes}" -TOR_BRIDGE_ENABLED="${TOR_BRIDGE_ENABLED:-yes}" -TOR_HIDDEN_ENABLED="${TOR_HIDDEN_ENABLED:-yes}" -RANDOM_NICK="$(head -n50 '/dev/random' | tr -dc 'a-zA-Z' | tr -d '[:space:]\042\047\134' | fold -w "18" | sed 's| ||g' | head -n 1)" -HAS_IPV6="$([ -n "$(type -P ifconfig 2>/dev/null)" ] && ifconfig "eth0" | grep 'inet6' | grep 'global')" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom commands to run before copying to /config -__run_precopy() { - # Define environment - local hostname=${HOSTNAME} - local tor_bin="$(type -P "tor" 2>/dev/null)" - local server_bin="$(type -P "tor-server" 2>/dev/null)" - # Define actions/commands - [ -d "$DATA_DIR" ] || mkdir -p "$DATA_DIR" - [ -n "$tor_bin" ] && [ -z "$server_bin" ] && cp -Rf "$tor_bin" "/usr/local/bin/tor-server" - chmod +x "/usr/local/bin/tor-server" - - # allow custom functions - if builtin type -t __run_precopy_local | grep -q 'function'; then __run_precopy_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Custom prerun functions - IE setup WWW_ROOT_DIR -__execute_prerun() { - # Define environment - local hostname=${HOSTNAME} - # Define actions/commands - touch "/tmp/init_tor_services" - # allow custom functions - if builtin type -t __execute_prerun_local | grep -q 'function'; then __execute_prerun_local; fi -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Run any pre-execution checks -__run_pre_execute_checks() { - # Set variables - local exitStatus=0 - local pre_execute_checks_MessageST="Running preexecute check for $SERVICE_NAME" # message to show at start - local pre_execute_checks_MessageEnd="Finished preexecute check for $SERVICE_NAME" # message to show at completion - __banner "$pre_execute_checks_MessageST" - # Put command to execute in parentheses - { - true - } - exitStatus=$? - __banner "$pre_execute_checks_MessageEnd: Status $exitStatus" - - # show exit message - if [ $exitStatus -ne 0 ]; then - echo "The pre-execution check has failed" >&2 - [ -f "$SERVICE_PID_FILE" ] && rm -Rf "$SERVICE_PID_FILE" - exit 1 - fi - # allow custom functions - if builtin type -t __run_pre_execute_checks_local | grep -q 'function'; then __run_pre_execute_checks_local; fi - # exit function - return $exitStatus -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__update_conf_files() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # delete files - __rm "$CONF_DIR/server.conf" - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # custom commands - chmod 600 $RUN_DIR - mkdir -p "/run/tor/sites" && chmod 777 "/run/tor/sites" - chown -Rf ${SERVICE_USER:-$RUNAS_USER}:${SERVICE_GROUP:-$RUNAS_USER} $RUN_DIR - [ -d "$TOR_HIDDEN_SERVICE_DIR" ] || { mkdir -p "$TOR_HIDDEN_SERVICE_DIR" && chmod -f 700 "$TOR_HIDDEN_SERVICE_DIR" 2>/dev/null; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # replace variables - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - cat <>"$CONF_DIR/server.conf" -##### Server -RunAsDaemon 0 -HardwareAccel 1 -AddressDisableIPv6 0 -#VirtualAddrNetwork 10.0.0.0/12 - -#### control settings -ControlPort 127.0.0.1:9051 -ControlSocketsGroupWritable 1 -CookieAuthentication 1 -CookieAuthFileGroupReadable 1 -HashedControlPassword 16:C30604D1D90F341360A14D9A1048C1DF4A3CA2411444E52EE5B954C01F - -##### bandwidth and accounting (monitoring only) -Nickname ${TOR_SERVER_NICK_NAME:-$RANDOM_NICK} -ContactInfo ${TOR_SERVER_ADMIN:-tor-admin@$HOSTNAME} -AccountingMax ${TOR_SERVER_ACCOUNT_MAX:-500 GBytes} -AccountingStart month 1 00:00 - -##### directiories and files -DataDirectory $DATA_DIR -ControlSocket $RUN_DIR/server.sock -CookieAuthFile $RUN_DIR/server.authcookie - -##### socks option -SOCKSPort 0.0.0.0:9050 -SafeSocks ${TOR_SOCKS_SAFE:-0} -SocksTimeout ${TOR_SOCKS_TIMEOUT:-10} - -##### logging -LogMessageDomains 1 -Log notice file $LOG_DIR/$SERVICE_NAME.log -#Log debug file $LOG_DIR/$SERVICE_NAME.debug - -##### port mappings -TransPort 0.0.0.0:9040 -HTTPTunnelPort 0.0.0.0:9080 - -##### security -SafeLogging 1 -UseEntryGuards 1 -NumEntryGuards 3 -DisableAllSwap 1 - -##### exit relay -ExcludeNodes {ru},{cn},{ir},{kp},{sy} - -EOF - # define actions - if [ "$TOR_DNS_ENABLED" = "yes" ]; then - SHOW_HIDDEN_HOSTNAMES=yes - mkdir -p "$CONF_DIR/conf.d" - cat <>"$CONF_DIR/server.conf" -#### dns forwarder -Log notice file $LOG_DIR/tor-dns.log -DNSPort 0.0.0.0:8053 -DNSListenAddress 0.0.0.0,[::] -AutomapHostsOnResolve 1 -AutomapHostsSuffixes .exit,.onion - -EOF - fi - - if [ "$TOR_HIDDEN_ENABLED" = "yes" ]; then - mkdir -p "$CONF_DIR/hidden.d" - mkdir -p "$TOR_HIDDEN_SERVICE_DIR/default" - chmod -f 700 "$TOR_HIDDEN_SERVICE_DIR/default" - if ! grep -shq "" ""; then - cat <>"$CONF_DIR/server.conf" -%include $CONF_DIR/hidden.d/*.conf -EOF - fi - for HiddenService in $CONF_DIR/hidden.d/*.conf; do - HiddenServiceDir="$(grep -si '^HiddenServiceDir ' "$HiddenService" | awk '{print $2}' 2>/dev/null)" - if [ -n "$HiddenServiceDir" ]; then - mkdir -p "$HiddenServiceDir" 2>/dev/null - chmod 700 "$HiddenServiceDir" 2>/dev/null - fi - done - cat <"$CONF_DIR/hidden.d/default.conf" -#### hidden services -HiddenServiceDir $TOR_HIDDEN_SERVICE_DIR/default -HiddenServicePort ${TOR_HIDDEN_SERVICE_PORT:-80 $TOR_HIDDEN_IP:80} - -EOF - fi - - cat <>"$CONF_DIR/server.conf" -##### include configurations -%include $CONF_DIR/conf.d/*.conf - -EOF - if [ "$TOR_DEBUG" = "yes" ]; then - sed -i 's|#Log debug|Log debug|g' "$CONF_DIR/server.conf" - fi - if [ -z "$HAS_IPV6" ]; then - sed -i 's|AddressDisableIPv6 0|AddressDisableIPv6 1|g' "$CONF_DIR/server.conf" - fi - # allow custom functions - if builtin type -t __update_conf_files_local | grep -q 'function'; then __update_conf_files_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run before executing -__pre_execute() { - local exitCode=0 # default exit code - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute if directories is empty - # __is_dir_empty "$CONF_DIR" && true - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # define actions to run after copying to /config - - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # unset unneeded variables - unset sysname - # Lets wait a few seconds before continuing - sleep 5 - # allow custom functions - if builtin type -t __pre_execute_local | grep -q 'function'; then __pre_execute_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# function to run after executing -__post_execute() { - local pid="" # init pid var - local retVal=0 # set default exit code - local ctime=${POST_EXECUTE_WAIT_TIME:-1} # how long to wait before executing - local waitTime=$((ctime * 60)) # convert minutes to seconds - local postMessageST="Running post commands for $SERVICE_NAME" # message to show at start - local postMessageEnd="Finished post commands for $SERVICE_NAME" # message to show at completion - # wait - sleep $waitTime - # execute commands after waiting - ( - # commands to execute - while :; do - if __pgrep unbound >/dev/null 2>&1; then - get_hidden_service_hostnames=$(find "$TOR_HIDDEN_SERVICE_DIR" -iname 'hostname' 2>/dev/null | wc -l || echo "0") - break - else - sleep 10 - fi - done - # show message - __banner "$postMessageST" - if [ -d "/data/htdocs/www" ]; then - WWW_ROOT_DIR="/data/htdocs/www" - fi - if [ -d "$TOR_HIDDEN_SERVICE_DIR" ] && [ "$get_hidden_service_hostnames" -gt 0 ]; then - echo "Begin current hidden services" - [ -f "$WWW_ROOT_DIR/hostnames.html" ] && rm -f "$WWW_ROOT_DIR/hostnames.html" - for host in "$TOR_HIDDEN_SERVICE_DIR"/*/hostname; do - d="$(dirname -- $host)" - name="$(basename "$d")" - url="$(<"$host")" - site="$(echo "$url" | sed 's|\.onion$||g')" - echo "$name: $url" - touch "/run/tor/sites/$site" - echo ''$name'
' >>"$WWW_ROOT_DIR/hostnames.html" - if [ "$name" = "default" ]; then echo "$site" >"$WWW_ROOT_DIR/defaultOnion.txt"; fi - done - echo "End current hidden services" - fi - [ -f "/tmp/init_tor_services" ] && rm -Rf "/tmp/init_tor_services" - (while :; do sleep 10 && __pgrep $EXEC_CMD_BIN >/dev/null || eval $EXEC_CMD_BIN $EXEC_CMD_ARGS >/dev/null; done &) - # show exit message - __banner "$postMessageEnd: Status $retVal" - ) 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & - pid=$! - ps ax | awk '{print $1}' | grep -v grep | grep -q "$execPid$" && retVal=0 || retVal=10 - # allow custom functions - if builtin type -t __post_execute_local | grep -q 'function'; then __post_execute_local; fi - # exit function - return $retVal -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to update config files - IE: change port -__pre_message() { - local exitCode=0 - [ -n "$PRE_EXEC_MESSAGE" ] && eval echo "$PRE_EXEC_MESSAGE" - # execute commands - - # allow custom functions - if builtin type -t __pre_message_local | grep -q 'function'; then __pre_message_local; fi - # exit function - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# use this function to setup ssl support -__update_ssl_conf() { - local exitCode=0 - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - # execute commands - - # allow custom functions - if builtin type -t __update_ssl_conf_local | grep -q 'function'; then __update_ssl_conf_local; fi - # set exitCode - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env() { - local exitCode=0 - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ]; then - cat </dev/null -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# root/admin user info [password/random] -#ENV_ROOT_USER_NAME="${ENV_ROOT_USER_NAME:-$TOR_ROOT_USER_NAME}" # root user name -#ENV_ROOT_USER_PASS="${ENV_ROOT_USER_NAME:-$TOR_ROOT_PASS_WORD}" # root user password -#root_user_name="${ENV_ROOT_USER_NAME:-$root_user_name}" # -#root_user_pass="${ENV_ROOT_USER_PASS:-$root_user_pass}" # -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -#Normal user info [password/random] -#ENV_USER_NAME="${ENV_USER_NAME:-$TOR_USER_NAME}" # -#ENV_USER_PASS="${ENV_USER_PASS:-$TOR_USER_PASS_WORD}" # -#user_name="${ENV_USER_NAME:-$user_name}" # normal user name -#user_pass="${ENV_USER_PASS:-$user_pass}" # normal user password - -EOF - fi - if [ ! -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" ]; then - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_precopy_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __execute_prerun_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __run_pre_execute_checks_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_conf_files_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __post_execute_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __pre_message_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - __update_ssl_conf_local() { true; } - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - fi - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" || exitCode=$((exitCode + 1)) - __file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" || exitCode=$((exitCode + 1)) - return $exitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# script to start server -__run_start_script() { - local runExitCode=0 - local workdir="$(eval echo "${WORK_DIR:-}")" # expand variables - local cmd="$(eval echo "${EXEC_CMD_BIN:-}")" # expand variables - local args="$(eval echo "${EXEC_CMD_ARGS:-}")" # expand variables - local name="$(eval echo "${EXEC_CMD_NAME:-}")" # expand variables - local pre="$(eval echo "${EXEC_PRE_SCRIPT:-}")" # expand variables - local extra_env="$(eval echo "${CMD_ENV//,/ }")" # expand variables - local lc_type="$(eval echo "${LANG:-${LC_ALL:-$LC_CTYPE}}")" # expand variables - local home="$(eval echo "${workdir//\/root/\/tmp\/docker}")" # expand variables - local path="$(eval echo "$PATH")" # expand variables - local message="$(eval echo "")" # expand variables - local sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" # set hostname - [ -f "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" ] && . "$CONF_DIR/$SERVICE_NAME.exec_cmd.sh" - # - if [ -z "$cmd" ]; then - __post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" - retVal=$? - echo "Initializing $SCRIPT_NAME has completed" - exit $retVal - else - # ensure the command exists - if [ ! -x "$cmd" ]; then - echo "$name is not a valid executable" - return 2 - fi - # check and exit if already running - if __proc_check "$name" || __proc_check "$cmd"; then - echo "$name is already running" >&2 - return 0 - else - # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - # show message if env exists - if [ -n "$cmd" ]; then - [ -n "$SERVICE_USER" ] && echo "Setting up $cmd to run as $SERVICE_USER" || SERVICE_USER="root" - [ -n "$SERVICE_PORT" ] && echo "$name will be running on port $SERVICE_PORT" || SERVICE_PORT="" - fi - if [ -n "$pre" ] && [ -n "$(command -v "$pre" 2>/dev/null)" ]; then - export cmd_exec="$pre $cmd $args" - message="Starting service: $name $args through $pre" - else - export cmd_exec="$cmd $args" - message="Starting service: $name $args" - fi - [ -n "$su_exec" ] && echo "using $su_exec" | tee -a -p "/data/logs/init.txt" - echo "$message" | tee -a -p "/data/logs/init.txt" - su_cmd touch "$SERVICE_PID_FILE" - if [ "$RESET_ENV" = "yes" ]; then - env_command="$(echo "env -i HOME=\"$home\" LC_CTYPE=\"$lc_type\" PATH=\"$path\" HOSTNAME=\"$sysname\" USER=\"${SERVICE_USER:-$RUNAS_USER}\" $extra_env")" - execute_command="$(__trim "$su_exec $env_command $cmd_exec")" - if [ ! -f "$START_SCRIPT" ]; then - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} with env -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 -exit \$retVal - -EOF - fi - else - if [ ! -f "$START_SCRIPT" ]; then - execute_command="$(__trim "$su_exec $cmd_exec")" - cat <"$START_SCRIPT" -#!/usr/bin/env bash -trap 'exitCode=\$?;[ \$exitCode -ne 0 ] && [ -f "\$SERVICE_PID_FILE" ] && rm -Rf "\$SERVICE_PID_FILE";exit \$exitCode' EXIT -# -set -Eeo pipefail -# Setting up $cmd to run as ${SERVICE_USER:-root} -retVal=10 -cmd="$cmd" -SERVICE_NAME="$SERVICE_NAME" -SERVICE_PID_FILE="$SERVICE_PID_FILE" -$execute_command 2>>"/dev/stderr" >>"$LOG_DIR/$SERVICE_NAME.log" & -execPid=\$! -sleep 2 -checkPID="\$(ps ax | awk '{print \$1}' | grep -v grep | grep "\$execPid$" || false)" -[ -n "\$execPid" ] && [ -n "\$checkPID" ] && echo "\$execPid" >"\$SERVICE_PID_FILE" && retVal=0 || retVal=10 -[ "\$retVal" = 0 ] && echo "\$cmd has been started" || echo "Failed to start $execute_command" >&2 >&2 -exit \$retVal - -EOF - fi - fi - fi - [ -x "$START_SCRIPT" ] || chmod 755 -Rf "$START_SCRIPT" - [ "$CONTAINER_INIT" = "yes" ] || eval sh -c "$START_SCRIPT" - runExitCode=$? - fi - return $runExitCode -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# username and password actions -__run_secure_function() { - local filesperms - if [ -n "$user_name" ] || [ -n "$user_pass" ]; then - for filesperms in "${USER_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - if [ -n "$root_user_name" ] || [ -n "$root_user_pass" ]; then - for filesperms in "${ROOT_FILE_PREFIX}"/*; do - if [ -e "$filesperms" ]; then - chmod -Rf 600 "$filesperms" - chown -Rf $SERVICE_USER:$SERVICE_USER "$filesperms" 2>/dev/null - fi - done 2>/dev/null | tee -p -a "/data/logs/init.txt" - fi - unset filesperms -} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow ENV_ variable - Import env file -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -__file_exists_with_content "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.local.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -SERVICE_EXIT_CODE=0 # default exit code -# application specific -EXEC_CMD_NAME="$(basename -- "$EXEC_CMD_BIN")" # set the binary name -SERVICE_PID_FILE="/run/init.d/$EXEC_CMD_NAME.pid" # set the pid file location -SERVICE_PID_NUMBER="$(__pgrep)" # check if running -EXEC_CMD_BIN="$(type -P "$EXEC_CMD_BIN" || echo "$EXEC_CMD_BIN")" # set full path -EXEC_PRE_SCRIPT="$(type -P "$EXEC_PRE_SCRIPT" || echo "$EXEC_PRE_SCRIPT")" # set full path -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Only run check -__check_service "$1" && SERVICE_IS_RUNNING=yes -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# ensure needed directories exists -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create auth directories -[ -n "$USER_FILE_PREFIX" ] && { [ -d "$USER_FILE_PREFIX" ] || mkdir -p "$USER_FILE_PREFIX"; } -[ -n "$ROOT_FILE_PREFIX" ] && { [ -d "$ROOT_FILE_PREFIX" ] || mkdir -p "$ROOT_FILE_PREFIX"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ -n "$RUNAS_USER" ] || RUNAS_USER="root" -[ -n "$SERVICE_USER" ] || SERVICE_USER="$RUNAS_USER" -[ -n "$SERVICE_GROUP" ] || SERVICE_GROUP="${SERVICE_USER:-$RUNAS_USER}" -[ "$IS_WEB_SERVER" = "yes" ] && RESET_ENV="yes" && __is_htdocs_mounted -[ "$IS_WEB_SERVER" = "yes" ] && [ -z "$SERVICE_PORT" ] && SERVICE_PORT="80" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Database env -if [ "$IS_DATABASE_SERVICE" = "yes" ] || [ "$USES_DATABASE_SERVICE" = "yes" ]; then - RESET_ENV="no" - DATABASE_CREATE="${ENV_DATABASE_CREATE:-$DATABASE_CREATE}" - DATABASE_USER_NORMAL="${ENV_DATABASE_USER:-${DATABASE_USER_NORMAL:-$user_name}}" - DATABASE_PASS_NORMAL="${ENV_DATABASE_PASSWORD:-${DATABASE_PASS_NORMAL:-$user_pass}}" - DATABASE_USER_ROOT="${ENV_DATABASE_ROOT_USER:-${DATABASE_USER_ROOT:-$root_user_name}}" - DATABASE_PASS_ROOT="${ENV_DATABASE_ROOT_PASSWORD:-${DATABASE_PASS_ROOT:-$root_user_pass}}" - if [ -n "$DATABASE_PASS_NORMAL" ] && [ ! -f "${USER_FILE_PREFIX}/db_pass_user" ]; then - echo "$DATABASE_PASS_NORMAL" >"${USER_FILE_PREFIX}/db_pass_user" - fi - if [ -n "$DATABASE_PASS_ROOT" ] && [ ! -f "${ROOT_FILE_PREFIX}/db_pass_root" ]; then - echo "$DATABASE_PASS_ROOT" >"${ROOT_FILE_PREFIX}/db_pass_root" - fi -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# [DATABASE_DIR_[SQLITE,REDIS,POSTGRES,MARIADB,COUCHDB,MONGODB,SUPABASE]] -if [ "$DATABASE_SERVICE_TYPE" = "custom" ]; then - DATABASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_BASE_DIR="${DATABASE_DIR_CUSTOM:-/data/db/custom}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_CUSTOM:-/usr/local/share/httpd/admin/databases}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_CUSTOM:-/admin/dbadmin}" -elif [ "$SERVICE_NAME" = "redis" ] || [ "$DATABASE_SERVICE_TYPE" = "redis" ]; then - DATABASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_BASE_DIR="${DATABASE_DIR_REDIS:-/data/db/redis}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_REDIS:-/usr/local/share/httpd/admin/redis}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_REDIS:-/admin/redis}" -elif [ "$SERVICE_NAME" = "postgres" ] || [ "$DATABASE_SERVICE_TYPE" = "postgres" ]; then - DATABASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_BASE_DIR="${DATABASE_DIR_POSTGRES:-/data/db/postgres}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_POSTGRES:-/usr/local/share/httpd/admin/postgres}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_POSTGRES:-/admin/postgres}" -elif [ "$SERVICE_NAME" = "mariadb" ] || [ "$DATABASE_SERVICE_TYPE" = "mariadb" ]; then - DATABASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MARIADB:-/data/db/mariadb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MARIADB:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MARIADB:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "mysql" ] || [ "$DATABASE_SERVICE_TYPE" = "mysql" ]; then - DATABASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_BASE_DIR="${DATABASE_DIR_MYSQL:-/data/db/mysql}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MYSQL:-/usr/local/share/httpd/admin/mysql}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MYSQL:-/admin/mysql}" -elif [ "$SERVICE_NAME" = "couchdb" ] || [ "$DATABASE_SERVICE_TYPE" = "couchdb" ]; then - DATABASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_BASE_DIR="${DATABASE_DIR_COUCHDB:-/data/db/couchdb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_COUCHDB:-/usr/local/share/httpd/admin/couchdb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_COUCHDB:-/admin/couchdb}" -elif [ "$SERVICE_NAME" = "mongodb" ] || [ "$DATABASE_SERVICE_TYPE" = "mongodb" ]; then - DATABASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_BASE_DIR="${DATABASE_DIR_MONGODB:-/data/db/mongodb}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_MONGODB:-/usr/local/share/httpd/admin/mongodb}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_MONGODB:-/admin/mongodb}" -elif [ "$SERVICE_NAME" = "supabase" ] || [ "$DATABASE_SERVICE_TYPE" = "supabase" ]; then - DATABASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_BASE_DIR="${DATABASE_DIR_SUPABASE:-/data/db/supabase}" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SUPABASE:-/usr/local/share/httpd/admin/supabase}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SUPBASE:-/admin/supabase}" -elif [ "$SERVICE_NAME" = "sqlite" ] || [ "$DATABASE_SERVICE_TYPE" = "sqlite" ]; then - DATABASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_BASE_DIR="${DATABASE_DIR_SQLITE:-/data/db/sqlite}/$SERVER_NAME" - DATABASE_ADMIN_WWW_ROOT="${DATABASE_ADMIN_WWW_ROOT_SQLITE:-/usr/local/share/httpd/admin/sqlite}" - [ -d "$DATABASE_ADMIN_WWW_ROOT" ] && SERVER_ADMIN_URL="${SERVER_ADMIN_URL_SQLITE:-/admin/sqlite}" - [ -d "$DATABASE_DIR" ] || mkdir -p "$DATABASE_DIR" - chmod 777 "$DATABASE_DIR" -fi -[ -n "$DATABASE_ADMIN_WWW_ROOT" ] && { [ ! -d "$DATABASE_ADMIN_WWW_ROOT" ] || mkdir -p "${DATABASE_ADMIN_WWW_ROOT}"; } -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow variables via imports - Overwrite existing -[ -f "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" ] && . "/config/env/${SERVICE_NAME:-$SCRIPT_NAME}.sh" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set password to random if variable is random -[ "$user_pass" = "random" ] && user_pass="$(__random_password ${RANDOM_PASS_USER:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -[ "$root_user_pass" = "random" ] && root_user_pass="$(__random_password ${RANDOM_PASS_ROOT:-16})" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow setting initial users and passwords via environment and save to file -[ -n "$user_name" ] && echo "$user_name" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$user_pass" ] && echo "$user_pass" >"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" -[ -n "$root_user_name" ] && echo "$root_user_name" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" -[ -n "$root_user_pass" ] && echo "$root_user_pass" >"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create needed dirs -[ -d "$LOG_DIR" ] || mkdir -p "$LOG_DIR" -[ -d "$RUN_DIR" ] || mkdir -p "$RUN_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Allow per init script usernames and passwords -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_name" && user_name="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${USER_FILE_PREFIX}/${SERVICE_NAME}_pass" && user_pass="$(<"${USER_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name" && root_user_name="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_name")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass" && root_user_pass="$(<"${ROOT_FILE_PREFIX}/${SERVICE_NAME}_pass")" -__file_exists_with_content "${USER_FILE_PREFIX}/db_pass_user" && DATABASE_PASS_NORMAL="$(<"${USER_FILE_PREFIX}/db_pass_user")" -__file_exists_with_content "${ROOT_FILE_PREFIX}/db_pass_root" && DATABASE_PASS_ROOT="$(<"${ROOT_FILE_PREFIX}/db_pass_root")" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set hostname for script -sysname="${SERVER_NAME:-${FULL_DOMAIN_NAME:-$HOSTNAME}}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__create_service_env -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Setup /config directories -__init_config_etc -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# pre-run function -__execute_prerun -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# create user if needed -__create_service_user "$SERVICE_USER" "$SERVICE_GROUP" "${WORK_DIR:-/home/$SERVICE_USER}" "${SERVICE_UID:-}" "${SERVICE_GID:-}" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Modify user if needed -__set_user_group_id $SERVICE_USER ${SERVICE_UID:-} ${SERVICE_GID:-} -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Create base directories -__setup_directories -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# set switch user command -__switch_to_user -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize the home/working dir -__init_working_dir -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# show init message -__pre_message -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_db_users -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Initialize ssl -__update_ssl_conf -__update_ssl_certs -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions in ${USER_FILE_PREFIX} and ${ROOT_FILE_PREFIX} -__run_secure_function -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_precopy -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Copy /config to /etc -for config_2_etc in $CONF_DIR $ADDITIONAL_CONFIG_DIRS; do - __initialize_system_etc "$config_2_etc" 2>/dev/stderr | tee -p -a "/data/logs/init.txt" -done -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Replace variables -__initialize_replace_variables "$ETC_DIR" "$CONF_DIR" "$ADDITIONAL_CONFIG_DIRS" "$WWW_ROOT_DIR" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__initialize_database -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Updating config files -__update_conf_files -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# run the pre execute commands -__pre_execute -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Set permissions -__fix_permissions "$SERVICE_USER" "$SERVICE_GROUP" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# -__run_pre_execute_checks 2>/dev/stderr | tee -a -p "/data/logs/entrypoint.log" "/data/logs/init.txt" || return 20 -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__run_start_script 2>>/dev/stderr | tee -p -a "/data/logs/entrypoint.log" -errorCode=$? -if [ -n "$EXEC_CMD_BIN" ]; then - if [ "$errorCode" -eq 0 ]; then - SERVICE_EXIT_CODE=0 - SERVICE_IS_RUNNING="yes" - else - SERVICE_EXIT_CODE=$errorCode - SERVICE_IS_RUNNING="${SERVICE_IS_RUNNING:-no}" - [ -s "$SERVICE_PID_FILE" ] || rm -Rf "$SERVICE_PID_FILE" - fi - SERVICE_EXIT_CODE=0 -fi -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# start the post execute function in background -__post_execute 2>"/dev/stderr" | tee -p -a "/data/logs/init.txt" & -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__banner "Initializing of $SERVICE_NAME has completed with statusCode: $SERVICE_EXIT_CODE" | tee -p -a "/data/logs/entrypoint.log" "/data/logs/init.txt" -# - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -__script_exit $SERVICE_EXIT_CODE