#!/bin/sh toUpperCase() { echo "$*" | tr '[:lower:]' '[:upper:]'; } GIT_REPO=$GIT_REPO if [ "$GIT_REPO" == "" ]; then GIT_REPO=git.format.hu fi ORGANIZATION=${ORGANIZATION:-safebox} SMARTHOST_PROXY=$(toUpperCase $SMARTHOST_PROXY) LOCAL_PROXY=$(toUpperCase $LOCAL_PROXY) LOCAL_BACKEND=$(toUpperCase $LOCAL_BACKEND) VPN_PROXY=$(toUpperCase $VPN_PROXY) CRON=$(toUpperCase $CRON) WIREGUARD=$(toUpperCase $WIREGUARD) OPENVPN=$(toUpperCase $OPENVPN) LETSENCRYPT_MAIL=$LETSENCRYPT_MAIL USER_CONFIG_PATH=$USER_CONFIG_PATH DOMAIN=$DOMAIN; DISCOVERY=$(toUpperCase $DISCOVERY) DISCOVERY_DIR=$DISCOVERY_DIR; DISCOVERY_CONFIG_FILE=$DISCOVERY_CONFIG_FILE; if [ "$USER_CONFIG_PATH" = "" ]; then USER_CONFIG_PATH=/etc/user/config/user.json fi DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL if [ "$DOCKER_REGISTRY_URL" = "" ]; then #DOCKER_REGISTRY_URL=registry.format.hu DOCKER_REGISTRY_URL=safebox fi if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then PROXY_TYPE=$PROXY_TYPE" "smarthost-proxy; fi # INSTALL CORE DNS # SETUP CORE DNS SERVICE # COPY CORE DNS FILES if [ "$CORE_DNS" == "" ]; then CORE_DNS=core-dns fi if [ "$LOCAL_PROXY_REPO" == "" ]; then LOCAL_PROXY_REPO="local-proxy"; fi if [ "$VPN_PROXY_REPO" == "" ]; then VPN_PROXY_REPO="wireguard-proxy-client"; fi if [ "$CRON_REPO" == "" ]; then CRON_REPO="cron"; fi if [ "$LOCAL_BACKEND_REPO" == "" ]; then LOCAL_BACKEND_REPO="local-backend"; fi if [ "$SERVICE_EXEC_REPO" == "" ]; then SERVICE_EXEC_REPO="service-exec-new"; fi install_local_backend() { sed -i s/DOMAIN_NAME/$DOMAIN/g /tmp/$LOCAL_BACKEND_REPO/*.json cp -rv /tmp/$LOCAL_BACKEND_REPO/*.json $SERVICE_DIR/ ; } install_core_dns() { cp -rv /tmp/$CORE_DNS/*.json $SERVICE_DIR/ ; DNS_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/$CORE_DNS.json |grep -v '\.') for VOLUME in $(echo $DNS_VOLUMES); do mkdir -p $VOLUME; done DNS_VOLUMES=$(jq -r --arg DEST "/etc/dnsmasq" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/$CORE_DNS.json) DNS_DIR=$(echo $DNS_VOLUMES | jq -r .SOURCE) mkdir -p $DNS_DIR; cp -rv /tmp/$CORE_DNS/dns.conf $DNS_DIR/ ; if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then EXISTS=$(grep -E ' letsencrypt| smarthostloadbalancer| smarthostbackend-1| smarthostbackend-2' $DNS_DIR/hosts.local); if [ -z "$EXISTS" ]; then echo '172.18.254.254 letsencrypt 172.18.103.2 smarthostloadbalancer 172.18.104.2 smarthostbackend-1 172.18.105.2 smarthostbackend-2' >> $DNS_DIR/hosts.local fi; fi } install_additionals() { install_core_dns if [[ "$SMARTHOST_PROXY" == "YES" || "$SMART_HOST_PROXY" == "TRUE" ]]; then if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]] && [[ "$LOCAL_BACKEND" == "YES" || "$LOCAL_BACKEND" == "TRUE" ]] ; then install_local_backend fi fi if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then cp -av /tmp/$LOCAL_PROXY_REPO/*.json $SERVICE_DIR/ fi if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then cp -av /tmp/$VPN_PROXY_REPO/*.json $SERVICE_DIR/ VPN_VOLUMES=$(jq -r .containers[0].VOLUMES[0].SOURCE $SERVICE_DIR/vpn-proxy.json) VOLUME=$(dirname $VPN_VOLUMES); mkdir -p $VOLUME; fi if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then cp -av /tmp/$CRON_REPO/*.json $SERVICE_DIR/ CRON_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/cron.json |grep -v '\.') for VOLUME in $(echo $CRON_VOLUMES); do mkdir -p $VOLUME; done CRON_VOLUMES=$(jq -r --arg DEST "/opt/cron" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/cron.json) CRON_DIR=$(echo $CRON_VOLUMES | jq -r .SOURCE) mkdir -p $CRON_DIR; cp -rv /tmp/$CRON_REPO/crontab_letsencrypt.txt $CRON_DIR/crontab.txt ; fi if [[ "$DISCOVERY" == "YES" ]]; then cp -av /tmp/$SERVICE_EXEC_REPO/scripts/service-discovery.sh $DISCOVERY_DIR cp -av /tmp/$SERVICE_EXEC_REPO/scripts/service-files.sh $DISCOVERY_DIR if [ ! -f $DISCOVERY_CONFIG_FILE ]; then cp -av /tmp/$SERVICE_EXEC_REPO/scripts/discovery.conf $DISCOVERY_CONFIG_FILE fi; fi } git clone https://$GIT_REPO/$ORGANIZATION/$CORE_DNS.git /tmp/$CORE_DNS #git clone https://$GIT_REPO/$ORGANIZATION/$SERVICE_EXEC_REPO.git /tmp/$SERVICE_EXEC_REPO if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then git clone https://$GIT_REPO/$ORGANIZATION/$LOCAL_PROXY_REPO.git /tmp/$LOCAL_PROXY_REPO git clone https://$GIT_REPO/$ORGANIZATION/$LOCAL_BACKEND_REPO.git /tmp/$LOCAL_BACKEND_REPO fi if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then git clone https://$GIT_REPO/$ORGANIZATION/$VPN_PROXY_REPO.git /tmp/$VPN_PROXY_REPO fi if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then git clone https://$GIT_REPO/$ORGANIZATION/$CRON_REPO.git /tmp/$CRON_REPO fi # INSTALL PROXY SERVICES for i in $(echo $PROXY_TYPE); do # Clone source files from git repository git clone https://$GIT_REPO/$ORGANIZATION/$i.git /tmp/$i #if [ "$i" == "public-proxy" ] ; then # Check VPN accessible #if [[ "$WIREGUARD" == "YES" || "$WIREGUARD" == "TRUE" ]]; then # COPY SERVICE FILES INTO SRVICE DIR # DEFINE SERVICE DIR FROM PROXY-SCHEDULER AND PROXY SERVICE FILE JSONS if [ "$i" == "public-proxy" ] ; then PROXY_SCHEDULER_FILE=proxy-scheduler.json else PROXY_SCHEDULER_FILE=smarthost-proxy-scheduler.json fi PROXY_SCHEDULER_NAME=$(jq -r .containers[0].NAME /tmp/$i/$PROXY_SCHEDULER_FILE | cut -d "-" -f1) PROXY_SERVICE_FILE=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_SERVICE_FILE /tmp/$i/proxy_config) SERVICE_DIR=$(jq -r .containers[0].VOLUMES[].SOURCE /tmp/$i/$PROXY_SCHEDULER_FILE |grep $PROXY_SERVICE_FILE | sed s/$PROXY_SERVICE_FILE//g) PROXY_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR /tmp/$i/proxy_config) if [ "$PROXY_CONFIG_DIR" == "null" ]; then echo "$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR doesn't exists in /tmp/$i/proxy_config"; fi; PROXY_VOLUME=$(jq -r --arg DEST "$PROXY_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE) PROXY_DIR=$(echo $PROXY_VOLUME | jq -r .SOURCE) PROXY_DIR=$(dirname $PROXY_DIR | sed s/$i//g) DOMAIN_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.DOMAIN_DIR /tmp/$i/proxy_config) DOMAIN_VOLUME=$(jq -r --arg DEST "$DOMAIN_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE) DOMAIN_DIR=$(echo $DOMAIN_VOLUME | jq -r .SOURCE) mkdir -p $SERVICE_DIR; cp -av /tmp/$i/*.json $SERVICE_DIR/ install_additionals # CREATE FILESYSTEM ACCESS FOR SERVICES mkdir -p $PROXY_DIR mkdir -p $DOMAIN_DIR SPEC_PROXY_DIR=$PROXY_DIR/$i # CREATE ALL SOURCE FOLDER FOR RUNNING PROXIES PROXY_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE /tmp/$i/$i.json |grep -v '\.') for VOLUME in $(echo $PROXY_VOLUMES); do mkdir -p $VOLUME; done # CREATE PROXY SCHEDULER SERVICE # CHECK proxy config file exists SOURCE=$(cat /tmp/$i/proxy_config| tail -n+2 |head -n-2); TARGET=$(cat $PROXY_DIR/proxy.json | tail -n+2); TMP_FILE=$(mktemp -p /tmp/) { echo "{" echo $SOURCE } > "$TMP_FILE"; if [[ -f $PROXY_DIR/proxy.json ]]; then { echo "}," echo $TARGET } >> "$TMP_FILE"; else { echo "}" echo "}" } >> "$TMP_FILE"; fi # formats json content and removes duplications jq -r . $TMP_FILE > $PROXY_DIR/proxy.json rm $TMP_FILE # COPY LOADBALANCER STATIC CONFIG mkdir -p $SPEC_PROXY_DIR/loadbalancer; cp -av /tmp/$i/haproxy.cfg $SPEC_PROXY_DIR/loadbalancer/ ; if [ "$i" == "smarthost-proxy" ]; then # SETUP LETSENCRYPT USER SPECIFIED CONFIGURATION if [ "$LETSENCRYPT_MAIL" = "" ]; then echo "No email address given, Let's Encrypt will not work properly." else TMP_FILE=$(mktemp -p /tmp/) LETS_CONTENT=$(echo '"letsencrypt": {"EMAIL": "'$LETSENCRYPT_MAIL'","SERVERNAME": "'$LETSENCRYPT_SERVERNAME'","DOCKER_REGISTRY_URL": "'$DOCKER_REGISTRY_URL'"'}); if [[ -f $USER_CONFIG_PATH ]]; then TARGET=$(cat $USER_CONFIG_PATH | head -n-2); { if [ "$TARGET" != "" ]; then echo $TARGET echo "}," else echo "{"; fi; echo $LETS_CONTENT echo "}" } >> "$TMP_FILE"; else { echo "{" echo $LETS_CONTENT echo "}" } >> "$TMP_FILE"; fi # formats json content and removes duplications jq -r . $TMP_FILE > $USER_CONFIG_PATH rm $TMP_FILE fi fi done