From 8b7b1b5f1285099c547b2af7604e6afc60cff89b Mon Sep 17 00:00:00 2001 From: gyurix Date: Sun, 3 Apr 2022 20:12:29 +0000 Subject: [PATCH] Inserting letsencrypt service name variable, and correcting proxy variables and public (actually smarthost) proxy service file. --- Dockerfile | 1 - proxy-scheduler.json | 2 +- proxy.json | 1 + scripts/check_certificates.sh | 34 +++++++++++++++++++++++++++++++--- scripts/check_proxy_state.sh | 25 +++++++++++++------------ 5 files changed, 46 insertions(+), 17 deletions(-) diff --git a/Dockerfile b/Dockerfile index c9fc12b..dd46ea0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,4 @@ FROM proxy-scheduler:latest - COPY scripts /scripts ENTRYPOINT ["/scripts/scheduler.sh"] diff --git a/proxy-scheduler.json b/proxy-scheduler.json index bbc8429..7ede996 100644 --- a/proxy-scheduler.json +++ b/proxy-scheduler.json @@ -57,7 +57,7 @@ ], "ENV_FILES": [ "/etc/system/config/proxy.json" ], "EXTRA": "null", - "DEPEND": "null", + "DEPEND": { "public-proxy.networks.loadbalancer", "public-proxy.containers.loadbalancer-27dhuwdh" ], "START_ON_BOOT": "true", "CMD": "null", "PRE_START": "null", diff --git a/proxy.json b/proxy.json index 286123e..4261dd8 100644 --- a/proxy.json +++ b/proxy.json @@ -23,6 +23,7 @@ "DOCKER_REGISTRY_URL": "registry.format.hu", "PROXY_TYPE": "", "LETSENCRYPT_URL": "letsencrypt.org", + "LETSENCRYPT_SERVICE_NAME": "letsencrypt.json", "CERT_DIR": "/keys", "DOMAIN_DIR": "/domains", "PROXY_SERVICE_FILE": "public-proxy.json", diff --git a/scripts/check_certificates.sh b/scripts/check_certificates.sh index 86acd8f..1437b1d 100755 --- a/scripts/check_certificates.sh +++ b/scripts/check_certificates.sh @@ -4,10 +4,13 @@ DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL LETSENCRYPT_URL=$LETSENCRYPT_URL + LETSENCRYPT_SERVICE_NAME=$LETSENCRYPT_SERVICE_NAME CERT_DIR=$CERT_DIR DOMAIN_DIR=$DOMAIN_DIR DOMAIN=$1 DOMAIN_CERT_DIR=$CERT_DIR/$DOMAIN + TIMEOUT=$TIMEOUT + RESTART=$RESTART # Setup docker registry url path @@ -21,10 +24,10 @@ fi service_exec="docker run --rm \ -w /services/ \ -v /etc/user/config/services/:/services/:ro \ - -v /etc/user/config/user.json:/etc/user/config/user.json:ro \ -v /etc/user/config/services/tmp/:/services/tmp/:rw \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v /usr/bin/docker:/usr/bin/docker:ro $DOCKER_REGISTRY_URL$SETUP " + -v /usr/bin/docker:/usr/bin/docker:ro \ + --env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL $DOCKER_REGISTRY_URL$SETUP" letsencrypt_certificates() { @@ -43,8 +46,29 @@ letsencrypt_certificates() { echo "No running proxies found, create self signed cetificate"; create_self_signed_certificate; fi; + + LETS_ENCRYPT_VALUE="$(docker ps | grep letsencrypt | grep Up | wc -l)"; + + for retries in $(seq 0 $((RESTART + 1))); do + if [[ $retries -le $RESTART ]] ; then + + if [[ $LETS_ENCRYPT_VALUE -eq 0 ]] ; then + echo "Starting letsencrypt process"; + $service_exec $LETSENCRYPT_SERVICE_NAME start ; + break; + else + echo "Waiting "$TIMEOUT" second for previous letsencrypt process ending"; + sleep $TIMEOUT; + + echo "Not reached number of restart limit: "$RESTART" sleep "$TIMEOUT" and try again to start lets encrypt process." + fi + else + echo "Reached retrying limit: "$RESTART" ,giving up to start lets encrypt process, try self sign the certificate"; + create_self_signed_certificate; + fi + + done - $service_exec /services/letsencrypt.json start } create_self_signed_certificate() { @@ -76,6 +100,10 @@ else echo "{ \"DOMAIN\": \"$DOMAIN\" }" } >> "$file" letsencrypt_certificates; + + if [[ ! -f /acme.sh/$DOMAIN/key.pem && ! -f /acme.sh/$DOMAIN/fullchain.pem && ! -f /acme.sh/$DOMAIN/cert.pem ]] ; then + create_self_signed_certificate; + fi fi diff --git a/scripts/check_proxy_state.sh b/scripts/check_proxy_state.sh index d3d73ad..5315450 100755 --- a/scripts/check_proxy_state.sh +++ b/scripts/check_proxy_state.sh @@ -26,9 +26,10 @@ service_exec="docker run --rm \ -w /services/ \ -v /etc/user/config/services/:/services/:ro \ -v /etc/user/config/services/tmp/:/services/tmp/:rw \ - -v /etc/user/config/user.json:/etc/user/config/user.json:ro \ -v /var/run/docker.sock:/var/run/docker.sock \ - -v /usr/bin/docker:/usr/bin/docker:ro $DOCKER_REGISTRY_URL$SETUP " + -v /usr/bin/docker:/usr/bin/docker:ro \ + --env DOCKER_REGISTRY_URL=$DOCKER_REGISTRY_URL \ + $DOCKER_REGISTRY_URL$SETUP" do_proxy_restart() { @@ -65,14 +66,6 @@ do_proxy_restart() { fi done - # in case of new proxy configuration generated needed to copy the domain name to the configs file.then remove new_config flag. - if [[ -f $PROXY_CONFIG_DIR/new_config ]] ; then - if [[ ! -f $PROXY_CONFIG_DIR/config || "$(grep $DOMAIN $PROXY_CONFIG_DIR/config 2>/dev/null)" == "" ]] ; then - cat $PROXY_CONFIG_DIR/new_config >> $PROXY_CONFIG_DIR/config; - fi - - rm $PROXY_CONFIG_DIR/new_config; - fi } check_domain() { @@ -122,8 +115,7 @@ if [[ "$RUNNING_CONTAINERS" == "$CONTAINERS_BY_ROLE" || "$RUNNING_CONTAINERS" -g elif [[ "$RUNNING_CONTAINERS" -eq 0 ]] ; then echo "No running proxies found, starting all"; - $service_exec /services/$SERVICE_NAME.json stop; - $service_exec /services/$SERVICE_NAME.json start; + do_proxy_restart "$CONTAINERS"; for proxies in $CONTAINERS ; do @@ -176,6 +168,15 @@ fi # call method check_proxy_state +# in case of new proxy configuration generated needed to copy the domain name to the configs file.then remove new_config flag. +if [[ -f $PROXY_CONFIG_DIR/new_config ]] ; then + if [[ ! -f $PROXY_CONFIG_DIR/config || "$(grep $DOMAIN $PROXY_CONFIG_DIR/config 2>/dev/null)" == "" ]] ; then + cat $PROXY_CONFIG_DIR/new_config >> $PROXY_CONFIG_DIR/config; + fi + + rm $PROXY_CONFIG_DIR/new_config; +fi + # At last check the previously settings of domain. check_domain