treyzania
/
sscraggles-docker-deluge-openvpn
Seguir 2
Destacar 0
Fork 0
Código Incidencias 0 Peticiones pull 0 Lanzamientos 0 Wiki Actividad
No puede seleccionar más de 25 temas Los temas deben comenzar con una letra o número, pueden incluir guiones ('-') y pueden tener hasta 35 caracteres de largo.
522 Commits
1 Rama
Rama: master
Ramas Etiquetas
${ item.name }
Crear rama ${ searchTerm }
desde 'master'
${ noResults }
sscraggles-docker-deluge-op.../openvpn/start.sh

start.sh 5.3KB
Original Enlace permanente Blame Histórico

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147 
  1. #!/bin/bash

  2. VPN_PROVIDER="${OPENVPN_PROVIDER,,}"

  3. VPN_PROVIDER_CONFIGS="/etc/openvpn/${VPN_PROVIDER}"

  4. OPENVPN_CREDS=/config/openvpn-credentials.txt

  5. 

  6. if [[ "${OPENVPN_PROVIDER}" == "**None**" ]] || [[ -z "${OPENVPN_PROVIDER-}" ]]; then

  7.   echo "OpenVPN provider not set. Exiting."

  8.   exit 1

  9. elif [[ ! -d "${VPN_PROVIDER_CONFIGS}" ]]; then

  10.   echo "Could not find OpenVPN provider: ${OPENVPN_PROVIDER}"

  11.   echo "Please check your settings."

  12.   exit 1

  13. fi

  14. 

  15. echo "Using OpenVPN provider: ${OPENVPN_PROVIDER}"

  16. 

  17. if [[ -n "${OPENVPN_CONFIG-}" ]]; then

  18.   readarray -t OPENVPN_CONFIG_ARRAY <<< "${OPENVPN_CONFIG//,/$'\n'}"

  19.   ## Trim leading and trailing spaces from all entries. Inefficient as all heck, but works like a champ.

  20.   for i in "${!OPENVPN_CONFIG_ARRAY[@]}"; do

  21.     OPENVPN_CONFIG_ARRAY[${i}]="${OPENVPN_CONFIG_ARRAY[${i}]#"${OPENVPN_CONFIG_ARRAY[${i}]%%[![:space:]]*}"}"

  22.     OPENVPN_CONFIG_ARRAY[${i}]="${OPENVPN_CONFIG_ARRAY[${i}]%"${OPENVPN_CONFIG_ARRAY[${i}]##*[![:space:]]}"}"

  23.   done

  24.   if (( ${#OPENVPN_CONFIG_ARRAY[@]} > 1 )); then

  25.     OPENVPN_CONFIG_RANDOM=$((RANDOM%${#OPENVPN_CONFIG_ARRAY[@]}))

  26.     echo "${#OPENVPN_CONFIG_ARRAY[@]} servers found in OPENVPN_CONFIG, ${OPENVPN_CONFIG_ARRAY[${OPENVPN_CONFIG_RANDOM}]} chosen randomly"

  27.     OPENVPN_CONFIG="${OPENVPN_CONFIG_ARRAY[${OPENVPN_CONFIG_RANDOM}]}"

  28.   fi

  29. 

  30.   if [[ -f "${VPN_PROVIDER_CONFIGS}/${OPENVPN_CONFIG}.ovpn" ]]; then

  31.     echo "Starting OpenVPN using config ${OPENVPN_CONFIG}.ovpn"

  32.     OPENVPN_CONFIG="${VPN_PROVIDER_CONFIGS}/${OPENVPN_CONFIG}.ovpn"

  33.   else

  34.     echo "Supplied config ${OPENVPN_CONFIG}.ovpn could not be found."

  35.     echo "Using default OpenVPN gateway for provider ${VPN_PROVIDER}"

  36.     OPENVPN_CONFIG="${VPN_PROVIDER_CONFIGS}/default.ovpn"

  37.   fi

  38. else

  39.   echo "No VPN configuration provided. Using default."

  40.   OPENVPN_CONFIG="${VPN_PROVIDER_CONFIGS}/default.ovpn"

  41. fi

  42. 

  43. # add OpenVPN user/pass

  44. if [[ "${OPENVPN_USERNAME}" == "**None**" ]] || [[ "${OPENVPN_PASSWORD}" == "**None**" ]] ; then

  45.   if [[ ! -f "${OPENVPN_CREDS}" ]] ; then

  46.     echo "OpenVPN credentials not set. Exiting."

  47.     exit 1

  48.   fi

  49.   echo "Found existing OPENVPN credentials..."

  50. else

  51.   echo "Setting OPENVPN credentials..."

  52.   mkdir -p /data

  53.   touch "${OPENVPN_CREDS}"

  54.   chmod 600 "${OPENVPN_CREDS}"

  55.   echo "${OPENVPN_USERNAME}" >> "${OPENVPN_CREDS}"

  56.   echo "${OPENVPN_PASSWORD}" >> "${OPENVPN_CREDS}"

  57. fi

  58. 

  59. ## add deluge credentials from env vars

  60. #echo "${DELUGE_RPC_USERNAME}" > /config/deluge-credentials.txt

  61. #echo "${DELUGE_RPC_PASSWORD}" >> /config/deluge-credentials.txt

  62. 

  63. # Persist deluge settings for use by deluge-daemon

  64. dockerize -template /etc/deluge/environment-variables.tmpl:/etc/deluge/environment-variables.sh

  65. 

  66. DELUGE_CONTROL_OPTS="--script-security 2 --up-delay --up /etc/openvpn/tunnelUp.sh --down /etc/openvpn/tunnelDown.sh"

  67. 

  68. ## If we use UFW or the LOCAL_NETWORK we need to grab network config info

  69. if [[ "${ENABLE_UFW,,}" == "true" ]] || [[ -n "${LOCAL_NETWORK-}" ]]; then

  70.   eval $(/sbin/ip r l m 0.0.0.0 | awk '{if($5!="tun0"){print "GW="$3"\nINT="$5; exit}}')

  71.   ## IF we use UFW_ALLOW_GW_NET along with ENABLE_UFW we need to know what our netmask CIDR is

  72.   if [[ "${ENABLE_UFW,,}" == "true" ]] && [[ "${UFW_ALLOW_GW_NET,,}" == "true" ]]; then

  73.     eval $(ip r l dev ${INT} | awk '{if($5=="link"){print "GW_CIDR="$1; exit}}')

  74.   fi

  75. fi

  76. 

  77. ## Open port to any address

  78. function ufwAllowPort {

  79.   typeset -n portNum=${1}

  80.   if [[ "${ENABLE_UFW,,}" == "true" ]] && [[ -n "${portNum-}" ]]; then

  81.     echo "allowing ${portNum} through the firewall"

  82.     ufw allow ${portNum}

  83.   fi

  84. }

  85. 

  86. ## Open port to specific address.

  87. function ufwAllowPortLong {

  88.   typeset -n portNum=${1} sourceAddress=${2}

  89. 

  90.   if [[ "${ENABLE_UFW,,}" == "true" ]] && [[ -n "${portNum-}" ]] && [[ -n "${sourceAddress-}" ]]; then

  91.     echo "allowing ${sourceAddress} through the firewall to port ${portNum}"

  92.     ufw allow from ${sourceAddress} to any port ${portNum}

  93.   fi

  94. }

  95. 

  96. if [[ "${ENABLE_UFW,,}" == "true" ]]; then

  97.   # Enable firewall

  98.   echo "enabling firewall"

  99.   sed -i -e s/IPV6=yes/IPV6=no/ /etc/default/ufw

  100.   ufw enable

  101. 

  102.   if [[ "${DELUGE_PEER_PORT_RANDOM_ON_START,,}" == "true" ]]; then

  103.     PEER_PORT="${DELUGE_PEER_PORT_RANDOM_LOW}:${DELUGE_PEER_PORT_RANDOM_HIGH}"

  104.   else

  105.     PEER_PORT="${DELUGE_PEER_PORT}"

  106.   fi

  107. 

  108.   ufwAllowPort PEER_PORT

  109. 

  110.   if [[ "${WEBPROXY_ENABLED,,}" == "true" ]]; then

  111.     ufwAllowPort WEBPROXY_PORT

  112.   fi

  113.   if [[ "${UFW_ALLOW_GW_NET,,}" == "true" ]]; then

  114.     ufwAllowPortLong DELUGE_RPC_PORT GW_CIDR

  115.   else

  116.     ufwAllowPortLong DELUGE_RPC_PORT GW

  117.   fi

  118. 

  119.   if [[ -n "${UFW_EXTRA_PORTS-}"  ]]; then

  120.     for port in ${UFW_EXTRA_PORTS//,/ }; do

  121.       if [[ "${UFW_ALLOW_GW_NET,,}" == "true" ]]; then

  122.         ufwAllowPortLong port GW_CIDR

  123.       else

  124.         ufwAllowPortLong port GW

  125.       fi

  126.     done

  127.   fi

  128. fi

  129. 

  130. if [[ -n "${LOCAL_NETWORK-}" ]]; then

  131.   if [[ -n "${GW-}" ]] && [[ -n "${INT-}" ]]; then

  132.     for localNet in ${LOCAL_NETWORK//,/ }; do

  133.       echo "adding route to local network ${localNet} via ${GW} dev ${INT}"

  134.       /sbin/ip r a "${localNet}" via "${GW}" dev "${INT}"

  135.       if [[ "${ENABLE_UFW,,}" == "true" ]]; then

  136.         ufwAllowPortLong DELUGE_RPC_PORT localNet

  137.         if [[ -n "${UFW_EXTRA_PORTS-}" ]]; then

  138.           for port in ${UFW_EXTRA_PORTS//,/ }; do

  139.             ufwAllowPortLong port localNet

  140.           done

  141.         fi

  142.       fi

  143.     done

  144.   fi

  145. fi

  146. 

  147. exec openvpn ${DELUGE_CONTROL_OPTS} ${OPENVPN_OPTS} --config "${OPENVPN_CONFIG}"