#!/bin/sh toUpperCase() { echo "$*" | tr '[:lower:]' '[:upper:]'; } GIT_REPO=$GIT_REPO if [ "$GIT_REPO" == "" ]; then GIT_REPO=git.format.hu fi ORGANIZATION=$ORGANIZATION if [ "$ORGANIZATION" == "" ]; then ORGANIZATION=format fi PUBLIC_PROXY=$(toUpperCase $PUBLIC_PROXY) SMARTHOST_PROXY=$(toUpperCase $SMARTHOST_PROXY) LOCAL_PROXY=$(toUpperCase $LOCAL_PROXY) VPN_PROXY=$(toUpperCase $VPN_PROXY) CRON=$(toUpperCase $CRON) WIREGUARD=$(toUpperCase $WIREGUARD) OPENVPN=$(toUpperCase $OPENVPN) LETSENCRYPT_MAIL=$LETSENCRYPT_MAIL USER_CONFIG_PATH=$USER_CONFIG_PATH if [ "$USER_CONFIG_PATH" = "" ]; then USER_CONFIG_PATH=/etc/user/config/user.json fi DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL if [ "$DOCKER_REGISTRY_URL" = "" ]; then DOCKER_REGISTRY_URL=registry.format.hu fi if [[ "$PUBLIC_PROXY" == "YES" || "$PUBLIC_PROXY" == "TRUE" ]]; then PROXY_TYPE=public-proxy; fi if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then PROXY_TYPE=$PROXY_TYPE" "smarthost-proxy; fi # INSTALL CORE DNS # SETUP CORE DNS SERVICE # COPY CORE DNS FILES if [ "$CORE_DNS" == "" ]; then CORE_DNS=core-dns fi if [ "$LOCAL_PROXY_REPO" == "" ]; then LOCAL_PROXY_REPO="local-proxy"; fi if [ "$VPN_PROXY_REPO" == "" ]; then VPN_PROXY_REPO="wireguard-proxy-client"; fi if [ "$CRON_REPO" == "" ]; then CRON_REPO="cron"; fi install_core_dns() { cp -rv /tmp/$CORE_DNS/*.json $SERVICE_DIR/ ; DNS_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/$CORE_DNS.json |grep -v '\.') for VOLUME in $(echo $DNS_VOLUMES); do mkdir -p $VOLUME; done DNS_VOLUMES=$(jq -r --arg DEST "/etc/dnsmasq" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/$CORE_DNS.json) DNS_DIR=$(echo $DNS_VOLUMES | jq -r .SOURCE) mkdir -p $DNS_DIR; cp -rv /tmp/$CORE_DNS/dns.conf $DNS_DIR/ ; if [[ "$PUBLIC_PROXY" == "YES" || "$PUBLIC_PROXY" == "TRUE" ]]; then EXISTS=$(grep -E ' publicloadbalancer| publicbackend-1| publicbackend-2' $DNS_DIR/hosts.local); if [ -z "$EXISTS" ]; then echo '172.18.100.2 publicloadbalancer 172.18.101.2 publicbackend-1 172.18.102.2 publicbackend-2' >> $DNS_DIR/hosts.local fi; fi; if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then EXISTS=$(grep -E ' letsencrypt| smarthostloadbalancer| smarthostbackend-1| smarthostbackend-2' $DNS_DIR/hosts.local); if [ -z "$EXISTS" ]; then echo '172.18.254.254 letsencrypt 172.18.103.2 smarthostloadbalancer 172.18.104.2 smarthostbackend-1 172.18.105.2 smarthostbackend-2' >> $DNS_DIR/hosts.local fi; fi } install_additionals() { install_core_dns if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then cp -av /tmp/$LOCAL_PROXY_REPO/*.json $SERVICE_DIR/ fi if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then cp -av /tmp/$VPN_PROXY_REPO/*.json $SERVICE_DIR/ VPN_VOLUMES=$(jq -r .containers[0].VOLUMES[0].SOURCE $SERVICE_DIR/vpn-proxy.json) VOLUME=$(dirname $VPN_VOLUMES); mkdir -p $VOLUME; fi if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then cp -av /tmp/$CRON_REPO/*.json $SERVICE_DIR/ CRON_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/cron.json |grep -v '\.') for VOLUME in $(echo $CRON_VOLUMES); do mkdir -p $VOLUME; done CRON_VOLUMES=$(jq -r --arg DEST "/opt/cron" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/cron.json) CRON_DIR=$(echo $CRON_VOLUMES | jq -r .SOURCE) mkdir -p $CRON_DIR; cp -rv /tmp/$CRON_REPO/crontab_letsencrypt.txt $CRON_DIR/crontab.txt ; fi } git clone ssh://$GIT_REPO/$ORGANIZATION/$CORE_DNS.git /tmp/$CORE_DNS if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then git clone ssh://$GIT_REPO/$ORGANIZATION/$LOCAL_PROXY_REPO.git /tmp/$LOCAL_PROXY_REPO fi if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then git clone ssh://$GIT_REPO/$ORGANIZATION/$VPN_PROXY_REPO.git /tmp/$VPN_PROXY_REPO fi if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then git clone ssh://$GIT_REPO/$ORGANIZATION/$CRON_REPO.git /tmp/$CRON_REPO fi # INSTALL PROXY SERVICES for i in $(echo $PROXY_TYPE); do # Clone source files from git repository git clone ssh://$GIT_REPO/$ORGANIZATION/$i.git /tmp/$i #if [ "$i" == "public-proxy" ] ; then # Check VPN accessible #if [[ "$WIREGUARD" == "YES" || "$WIREGUARD" == "TRUE" ]]; then # COPY SERVICE FILES INTO SRVICE DIR # DEFINE SERVICE DIR FROM PROXY-SCHEDULER AND PROXY SERVICE FILE JSONS if [ "$i" == "public-proxy" ] ; then PROXY_SCHEDULER_FILE=proxy-scheduler.json else PROXY_SCHEDULER_FILE=smarthost-proxy-scheduler.json fi PROXY_SCHEDULER_NAME=$(jq -r .containers[0].NAME /tmp/$i/$PROXY_SCHEDULER_FILE | cut -d "-" -f1) PROXY_SERVICE_FILE=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_SERVICE_FILE /tmp/$i/proxy_config) SERVICE_DIR=$(jq -r .containers[0].VOLUMES[].SOURCE /tmp/$i/$PROXY_SCHEDULER_FILE |grep $PROXY_SERVICE_FILE | sed s/$PROXY_SERVICE_FILE//g) PROXY_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR /tmp/$i/proxy_config) if [ "$PROXY_CONFIG_DIR" == "null" ]; then echo "$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR doesn't exists in /tmp/$i/proxy_config"; fi; PROXY_VOLUME=$(jq -r --arg DEST "$PROXY_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE) PROXY_DIR=$(echo $PROXY_VOLUME | jq -r .SOURCE) PROXY_DIR=$(dirname $PROXY_DIR | sed s/$i//g) DOMAIN_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.DOMAIN_DIR /tmp/$i/proxy_config) DOMAIN_VOLUME=$(jq -r --arg DEST "$DOMAIN_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE) DOMAIN_DIR=$(echo $DOMAIN_VOLUME | jq -r .SOURCE) mkdir -p $SERVICE_DIR; cp -av /tmp/$i/*.json $SERVICE_DIR/ install_additionals # CREATE FILESYSTEM ACCESS FOR SERVICES mkdir -p $PROXY_DIR mkdir -p $DOMAIN_DIR SPEC_PROXY_DIR=$PROXY_DIR/$i # CREATE ALL SOURCE FOLDER FOR RUNNING PROXIES PROXY_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE /tmp/$i/$i.json |grep -v '\.') for VOLUME in $(echo $PROXY_VOLUMES); do mkdir -p $VOLUME; done # CREATE PROXY SCHEDULER SERVICE # CHECK proxy config file exists SOURCE=$(cat /tmp/$i/proxy_config| tail -n+2 |head -n-2); TARGET=$(cat $PROXY_DIR/proxy.json | tail -n+2); TMP_FILE=$(mktemp -p /tmp/) { echo "{" echo $SOURCE } > "$TMP_FILE"; if [[ -f $PROXY_DIR/proxy.json ]]; then { echo "}," echo $TARGET } >> "$TMP_FILE"; else { echo "}" echo "}" } >> "$TMP_FILE"; fi # formats json content and removes duplications jq -r . $TMP_FILE > $PROXY_DIR/proxy.json rm $TMP_FILE # COPY LOADBALANCER STATIC CONFIG mkdir -p $SPEC_PROXY_DIR/loadbalancer; cp -av /tmp/$i/haproxy.cfg $SPEC_PROXY_DIR/loadbalancer/ ; if [ "$i" == "smarthost-proxy" ]; then # SETUP LETSENCRYPT USER SPECIFIED CONFIGURATION if [ "$LETSENCRYPT_MAIL" = "" ]; then echo "No email address given, Let's Encrypt will not work properly." else TMP_FILE=$(mktemp -p /tmp/) LETS_CONTENT=$(echo '"letsencrypt": {"EMAIL": "'$LETSENCRYPT_MAIL'","DOCKER_REGISTRY_URL": "'$DOCKER_REGISTRY_URL'"'}); if [[ -f $USER_CONFIG_PATH ]]; then TARGET=$(cat $USER_CONFIG_PATH | head -n-2); { echo $TARGET echo "}," echo $LETS_CONTENT echo "}" } >> "$TMP_FILE"; else { echo "{" echo $LETS_CONTENT echo "}" } >> "$TMP_FILE"; fi # formats json content and removes duplications jq -r . $TMP_FILE > $USER_CONFIG_PATH rm $TMP_FILE fi fi done