290 lines
8.7 KiB
Bash
Executable File
290 lines
8.7 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
toUpperCase() {
|
|
echo "$*" | tr '[:lower:]' '[:upper:]';
|
|
}
|
|
GIT_REPO=$GIT_REPO
|
|
if [ "$GIT_REPO" == "" ]; then
|
|
GIT_REPO=git.format.hu
|
|
fi
|
|
|
|
ORGANIZATION=${ORGANIZATION:-safebox}
|
|
|
|
SMARTHOST_PROXY=$(toUpperCase $SMARTHOST_PROXY)
|
|
LOCAL_PROXY=$(toUpperCase $LOCAL_PROXY)
|
|
LOCAL_BACKEND=$(toUpperCase $LOCAL_BACKEND)
|
|
VPN_PROXY=$(toUpperCase $VPN_PROXY)
|
|
CRON=$(toUpperCase $CRON)
|
|
WIREGUARD=$(toUpperCase $WIREGUARD)
|
|
OPENVPN=$(toUpperCase $OPENVPN)
|
|
LETSENCRYPT_MAIL=$LETSENCRYPT_MAIL
|
|
USER_CONFIG_PATH=$USER_CONFIG_PATH
|
|
DOMAIN=$DOMAIN;
|
|
DISCOVERY=$(toUpperCase $DISCOVERY)
|
|
DISCOVERY_DIR=$DISCOVERY_DIR;
|
|
DISCOVERY_CONFIG_FILE=$DISCOVERY_CONFIG_FILE;
|
|
|
|
if [ "$USER_CONFIG_PATH" = "" ]; then
|
|
USER_CONFIG_PATH=/etc/user/config/user.json
|
|
fi
|
|
|
|
DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL
|
|
|
|
if [ "$DOCKER_REGISTRY_URL" = "" ]; then
|
|
#DOCKER_REGISTRY_URL=registry.format.hu
|
|
DOCKER_REGISTRY_URL=safebox
|
|
fi
|
|
|
|
if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then
|
|
PROXY_TYPE=$PROXY_TYPE" "smarthost-proxy;
|
|
fi
|
|
|
|
# INSTALL CORE DNS
|
|
|
|
# SETUP CORE DNS SERVICE
|
|
# COPY CORE DNS FILES
|
|
if [ "$CORE_DNS" == "" ]; then
|
|
CORE_DNS=core-dns
|
|
fi
|
|
if [ "$LOCAL_PROXY_REPO" == "" ]; then
|
|
LOCAL_PROXY_REPO="local-proxy";
|
|
fi
|
|
if [ "$VPN_PROXY_REPO" == "" ]; then
|
|
VPN_PROXY_REPO="wireguard-proxy-client";
|
|
fi
|
|
if [ "$CRON_REPO" == "" ]; then
|
|
CRON_REPO="cron";
|
|
fi
|
|
if [ "$LOCAL_BACKEND_REPO" == "" ]; then
|
|
LOCAL_BACKEND_REPO="local-backend";
|
|
fi
|
|
if [ "$SERVICE_EXEC_REPO" == "" ]; then
|
|
SERVICE_EXEC_REPO="service-exec-new";
|
|
fi
|
|
|
|
install_local_backend() {
|
|
|
|
sed -i s/DOMAIN_NAME/$DOMAIN/g /tmp/$LOCAL_BACKEND_REPO/*.json
|
|
|
|
cp -rv /tmp/$LOCAL_BACKEND_REPO/*.json $SERVICE_DIR/ ;
|
|
}
|
|
|
|
install_core_dns() {
|
|
|
|
cp -rv /tmp/$CORE_DNS/*.json $SERVICE_DIR/ ;
|
|
|
|
DNS_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/$CORE_DNS.json |grep -v '\.')
|
|
for VOLUME in $(echo $DNS_VOLUMES); do
|
|
mkdir -p $VOLUME;
|
|
done
|
|
|
|
DNS_VOLUMES=$(jq -r --arg DEST "/etc/dnsmasq" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/$CORE_DNS.json)
|
|
DNS_DIR=$(echo $DNS_VOLUMES | jq -r .SOURCE)
|
|
|
|
mkdir -p $DNS_DIR;
|
|
cp -rv /tmp/$CORE_DNS/dns.conf $DNS_DIR/ ;
|
|
|
|
if [[ "$SMARTHOST_PROXY" == "YES" || "$SMARTHOST_PROXY" == "TRUE" ]]; then
|
|
EXISTS=$(grep -E ' letsencrypt| smarthostloadbalancer| smarthostbackend-1| smarthostbackend-2' $DNS_DIR/hosts.local);
|
|
if [ -z "$EXISTS" ]; then
|
|
echo '172.18.254.254 letsencrypt
|
|
172.18.103.2 smarthostloadbalancer
|
|
172.18.104.2 smarthostbackend-1
|
|
172.18.105.2 smarthostbackend-2' >> $DNS_DIR/hosts.local
|
|
fi;
|
|
fi
|
|
|
|
}
|
|
|
|
install_additionals() {
|
|
|
|
install_core_dns
|
|
|
|
if [[ "$SMARTHOST_PROXY" == "YES" || "$SMART_HOST_PROXY" == "TRUE" ]]; then
|
|
if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]] && [[ "$LOCAL_BACKEND" == "YES" || "$LOCAL_BACKEND" == "TRUE" ]] ; then
|
|
install_local_backend
|
|
fi
|
|
fi
|
|
|
|
if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then
|
|
cp -av /tmp/$LOCAL_PROXY_REPO/*.json $SERVICE_DIR/
|
|
fi
|
|
|
|
if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then
|
|
cp -av /tmp/$VPN_PROXY_REPO/*.json $SERVICE_DIR/
|
|
|
|
VPN_VOLUMES=$(jq -r .containers[0].VOLUMES[0].SOURCE $SERVICE_DIR/vpn-proxy.json)
|
|
VOLUME=$(dirname $VPN_VOLUMES);
|
|
mkdir -p $VOLUME;
|
|
fi
|
|
|
|
if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then
|
|
cp -av /tmp/$CRON_REPO/*.json $SERVICE_DIR/
|
|
|
|
CRON_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE $SERVICE_DIR/cron.json |grep -v '\.')
|
|
for VOLUME in $(echo $CRON_VOLUMES); do
|
|
mkdir -p $VOLUME;
|
|
done
|
|
CRON_VOLUMES=$(jq -r --arg DEST "/opt/cron" '.containers[0].VOLUMES[] | select(.DEST | startswith($DEST))' $SERVICE_DIR/cron.json)
|
|
CRON_DIR=$(echo $CRON_VOLUMES | jq -r .SOURCE)
|
|
mkdir -p $CRON_DIR;
|
|
cp -rv /tmp/$CRON_REPO/crontab_letsencrypt.txt $CRON_DIR/crontab.txt ;
|
|
|
|
fi
|
|
|
|
if [[ "$DISCOVERY" == "YES" ]]; then
|
|
cp -av /tmp/$SERVICE_EXEC_REPO/scripts/service-discovery.sh $DISCOVERY_DIR
|
|
cp -av /tmp/$SERVICE_EXEC_REPO/scripts/service-files.sh $DISCOVERY_DIR
|
|
if [ ! -f $DISCOVERY_CONFIG_FILE ]; then
|
|
cp -av /tmp/$SERVICE_EXEC_REPO/scripts/discovery.conf $DISCOVERY_CONFIG_FILE
|
|
fi;
|
|
fi
|
|
|
|
}
|
|
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$CORE_DNS.git /tmp/$CORE_DNS
|
|
#git clone https://$GIT_REPO/$ORGANIZATION/$SERVICE_EXEC_REPO.git /tmp/$SERVICE_EXEC_REPO
|
|
|
|
if [[ "$LOCAL_PROXY" == "YES" || "$LOCAL_PROXY" == "TRUE" ]]; then
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$LOCAL_PROXY_REPO.git /tmp/$LOCAL_PROXY_REPO
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$LOCAL_BACKEND_REPO.git /tmp/$LOCAL_BACKEND_REPO
|
|
fi
|
|
|
|
if [[ "$VPN_PROXY" == "YES" || "$VPN_PROXY" == "TRUE" ]]; then
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$VPN_PROXY_REPO.git /tmp/$VPN_PROXY_REPO
|
|
fi
|
|
|
|
if [[ "$CRON" == "YES" || "$CRON" == "TRUE" ]]; then
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$CRON_REPO.git /tmp/$CRON_REPO
|
|
fi
|
|
|
|
# INSTALL PROXY SERVICES
|
|
|
|
for i in $(echo $PROXY_TYPE); do
|
|
|
|
# Clone source files from git repository
|
|
git clone https://$GIT_REPO/$ORGANIZATION/$i.git /tmp/$i
|
|
|
|
#if [ "$i" == "public-proxy" ] ; then
|
|
|
|
# Check VPN accessible
|
|
#if [[ "$WIREGUARD" == "YES" || "$WIREGUARD" == "TRUE" ]]; then
|
|
|
|
# COPY SERVICE FILES INTO SRVICE DIR
|
|
|
|
# DEFINE SERVICE DIR FROM PROXY-SCHEDULER AND PROXY SERVICE FILE JSONS
|
|
|
|
if [ "$i" == "public-proxy" ] ; then
|
|
PROXY_SCHEDULER_FILE=proxy-scheduler.json
|
|
else
|
|
PROXY_SCHEDULER_FILE=smarthost-proxy-scheduler.json
|
|
fi
|
|
|
|
PROXY_SCHEDULER_NAME=$(jq -r .containers[0].NAME /tmp/$i/$PROXY_SCHEDULER_FILE | cut -d "-" -f1)
|
|
PROXY_SERVICE_FILE=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_SERVICE_FILE /tmp/$i/proxy_config)
|
|
SERVICE_DIR=$(jq -r .containers[0].VOLUMES[].SOURCE /tmp/$i/$PROXY_SCHEDULER_FILE |grep $PROXY_SERVICE_FILE | sed s/$PROXY_SERVICE_FILE//g)
|
|
|
|
PROXY_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR /tmp/$i/proxy_config)
|
|
if [ "$PROXY_CONFIG_DIR" == "null" ]; then
|
|
echo "$PROXY_SCHEDULER_NAME.PROXY_CONFIG_DIR doesn't exists in /tmp/$i/proxy_config";
|
|
fi;
|
|
PROXY_VOLUME=$(jq -r --arg DEST "$PROXY_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE)
|
|
PROXY_DIR=$(echo $PROXY_VOLUME | jq -r .SOURCE)
|
|
PROXY_DIR=$(dirname $PROXY_DIR | sed s/$i//g)
|
|
|
|
DOMAIN_CONFIG_DIR=$(jq -r .$PROXY_SCHEDULER_NAME.DOMAIN_DIR /tmp/$i/proxy_config)
|
|
DOMAIN_VOLUME=$(jq -r --arg DEST "$DOMAIN_CONFIG_DIR" '.containers[0].VOLUMES[] | select(.DEST==$DEST)' /tmp/$i/$PROXY_SCHEDULER_FILE)
|
|
DOMAIN_DIR=$(echo $DOMAIN_VOLUME | jq -r .SOURCE)
|
|
|
|
mkdir -p $SERVICE_DIR;
|
|
cp -av /tmp/$i/*.json $SERVICE_DIR/
|
|
|
|
install_additionals
|
|
|
|
# CREATE FILESYSTEM ACCESS FOR SERVICES
|
|
|
|
mkdir -p $PROXY_DIR
|
|
mkdir -p $DOMAIN_DIR
|
|
|
|
SPEC_PROXY_DIR=$PROXY_DIR/$i
|
|
|
|
# CREATE ALL SOURCE FOLDER FOR RUNNING PROXIES
|
|
|
|
PROXY_VOLUMES=$(jq -r .containers[].VOLUMES[].SOURCE /tmp/$i/$i.json |grep -v '\.')
|
|
|
|
for VOLUME in $(echo $PROXY_VOLUMES); do
|
|
mkdir -p $VOLUME;
|
|
done
|
|
|
|
# CREATE PROXY SCHEDULER SERVICE
|
|
|
|
# CHECK proxy config file exists
|
|
SOURCE=$(cat /tmp/$i/proxy_config| tail -n+2 |head -n-2);
|
|
TARGET=$(cat $PROXY_DIR/proxy.json | tail -n+2);
|
|
TMP_FILE=$(mktemp -p /tmp/)
|
|
{
|
|
echo "{"
|
|
echo $SOURCE
|
|
} > "$TMP_FILE";
|
|
|
|
if [[ -f $PROXY_DIR/proxy.json ]]; then
|
|
{
|
|
echo "},"
|
|
echo $TARGET
|
|
} >> "$TMP_FILE";
|
|
else
|
|
{
|
|
echo "}"
|
|
echo "}"
|
|
} >> "$TMP_FILE";
|
|
fi
|
|
|
|
# formats json content and removes duplications
|
|
jq -r . $TMP_FILE > $PROXY_DIR/proxy.json
|
|
rm $TMP_FILE
|
|
|
|
# COPY LOADBALANCER STATIC CONFIG
|
|
mkdir -p $SPEC_PROXY_DIR/loadbalancer;
|
|
cp -av /tmp/$i/haproxy.cfg $SPEC_PROXY_DIR/loadbalancer/ ;
|
|
|
|
if [ "$i" == "smarthost-proxy" ]; then
|
|
|
|
# SETUP LETSENCRYPT USER SPECIFIED CONFIGURATION
|
|
|
|
if [ "$LETSENCRYPT_MAIL" = "" ]; then
|
|
echo "No email address given, Let's Encrypt will not work properly."
|
|
else
|
|
TMP_FILE=$(mktemp -p /tmp/)
|
|
LETS_CONTENT=$(echo '"letsencrypt": {"EMAIL": "'$LETSENCRYPT_MAIL'","SERVERNAME": "'$LETSENCRYPT_SERVERNAME'","DOCKER_REGISTRY_URL": "'$DOCKER_REGISTRY_URL'"'});
|
|
|
|
if [[ -f $USER_CONFIG_PATH ]]; then
|
|
TARGET=$(cat $USER_CONFIG_PATH | head -n-2);
|
|
{
|
|
if [ "$TARGET" != "" ]; then
|
|
echo $TARGET
|
|
echo "},"
|
|
else
|
|
echo "{";
|
|
fi;
|
|
echo $LETS_CONTENT
|
|
echo "}"
|
|
} >> "$TMP_FILE";
|
|
else
|
|
{
|
|
echo "{"
|
|
echo $LETS_CONTENT
|
|
echo "}"
|
|
} >> "$TMP_FILE";
|
|
fi
|
|
|
|
# formats json content and removes duplications
|
|
jq -r . $TMP_FILE > $USER_CONFIG_PATH
|
|
rm $TMP_FILE
|
|
|
|
fi
|
|
|
|
|
|
fi
|
|
done
|
|
|