treyzania
/
sscraggles-docker-deluge-openvpn
ウォッチ 2
スター 0
フォーク 0
コード 課題 0 プルリクエスト 0 リリース 0 Wiki アクティビティ
選択できるのは25トピックまでです。 トピックは、先頭が英数字で、英数字とダッシュ('-')を使用した35文字以内のものにしてください。
481 コミット
1 ブランチ
ツリー: aa2dc9e1b0
ブランチ タグ
${ item.name }
ブランチ ${ searchTerm } を作成
'aa2dc9e1b0' から
${ noResults }
sscraggles-docker-deluge-op.../openvpn/start.sh

start.sh 3.9KB
Raw Blame 履歴

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110 
  1. #!/bin/bash

  2. vpn_provider="$(echo $OPENVPN_PROVIDER | tr '[A-Z]' '[a-z]')"

  3. vpn_provider_configs="/etc/openvpn/$vpn_provider"

  4. if [ ! -d "$vpn_provider_configs" ]; then

  5. 	echo "Could not find OpenVPN provider: $OPENVPN_PROVIDER"

  6. 	echo "Please check your settings."

  7. 	exit 1

  8. fi

  9. 

  10. echo "Using OpenVPN provider: $OPENVPN_PROVIDER"

  11. 

  12. if [ ! -z "$OPENVPN_CONFIG" ]

  13. then

  14. 	n=$(echo "$OPENVPN_CONFIG" | wc -w)

  15. 	if [ $n -gt 1 ]

  16. 	then

  17.         	rnd=$((RANDOM%n+1))

  18.         	srv=$(echo "$OPENVPN_CONFIG" | awk -vrnd=$rnd '{print $rnd}')

  19.         	echo "$n servers found in OPENVPN_CONFIG, $srv chosen randomly"

  20.         	OPENVPN_CONFIG=$srv

  21. 	fi

  22. 

  23. 	if [ -f $vpn_provider_configs/"${OPENVPN_CONFIG}".ovpn ]

  24.   	then

  25. 		echo "Starting OpenVPN using config ${OPENVPN_CONFIG}.ovpn"

  26. 		OPENVPN_CONFIG=$vpn_provider_configs/${OPENVPN_CONFIG}.ovpn

  27. 	else

  28. 		echo "Supplied config ${OPENVPN_CONFIG}.ovpn could not be found."

  29. 		echo "Using default OpenVPN gateway for provider ${vpn_provider}"

  30. 		OPENVPN_CONFIG=$vpn_provider_configs/default.ovpn

  31. 	fi

  32. else

  33. 	echo "No VPN configuration provided. Using default."

  34. 	OPENVPN_CONFIG=$vpn_provider_configs/default.ovpn

  35. fi

  36. 

  37. # add OpenVPN user/pass

  38. if [ "${OPENVPN_USERNAME}" = "**None**" ] || [ "${OPENVPN_PASSWORD}" = "**None**" ] ; then

  39.   if [ ! -f /config/openvpn-credentials.txt ] ; then

  40.     echo "OpenVPN credentials not set. Exiting."

  41.     exit 1

  42.   fi

  43.   echo "Found existing OPENVPN credentials..."

  44. else

  45.   echo "Setting OPENVPN credentials..."

  46.   mkdir -p /config

  47.   echo $OPENVPN_USERNAME > /config/openvpn-credentials.txt

  48.   echo $OPENVPN_PASSWORD >> /config/openvpn-credentials.txt

  49.   chmod 600 /config/openvpn-credentials.txt

  50. fi

  51. 

  52. # add transmission credentials from env vars

  53. echo $TRANSMISSION_RPC_USERNAME > /config/transmission-credentials.txt

  54. echo $TRANSMISSION_RPC_PASSWORD >> /config/transmission-credentials.txt

  55. 

  56. # Persist transmission settings for use by transmission-daemon

  57. dockerize -template /etc/transmission/environment-variables.tmpl:/etc/transmission/environment-variables.sh

  58. 

  59. TRANSMISSION_CONTROL_OPTS="--script-security 2 --up-delay --up /etc/openvpn/tunnelUp.sh --down /etc/openvpn/tunnelDown.sh"

  60. 

  61. if [ "true" = "$ENABLE_UFW" ]; then

  62.   # Enable firewall

  63.   echo "enabling firewall"

  64.   sed -i -e s/IPV6=yes/IPV6=no/ /etc/default/ufw

  65.   ufw enable

  66. 

  67.   if [ "true" = "$TRANSMISSION_PEER_PORT_RANDOM_ON_START" ]; then

  68.     PEER_PORT="$TRANSMISSION_PEER_PORT_RANDOM_LOW:$TRANSMISSION_PEER_PORT_RANDOM_HIGH/tcp"

  69.   else

  70.     PEER_PORT=$TRANSMISSION_PEER_PORT

  71.   fi

  72. 

  73.   echo "allowing $PEER_PORT through the firewall"

  74.   ufw allow $PEER_PORT

  75. 

  76.   if [ "true" = "$WEBPROXY_ENABLED" ]; then

  77.     echo "allowing $WEBPROXY_PORT through the firewall"

  78.     ufw allow $WEBPROXY_PORT

  79.   fi

  80. 

  81.   eval $(/sbin/ip r l m 0.0.0.0 | awk '{if($5!="tun0"){print "GW="$3"\nINT="$5; exit}}')

  82.   echo "allowing access to $TRANSMISSION_RPC_PORT from $GW"

  83.   ufw allow proto tcp from $GW to any port $TRANSMISSION_RPC_PORT

  84.   if [ ! -z "${UFW_EXTRA_PORTS}"  ]; then

  85.     for port in ${UFW_EXTRA_PORTS//,/ }; do

  86.       echo "allowing access to ${port} from $GW"

  87.       ufw allow proto tcp from $GW to any port ${port}

  88.     done

  89.   fi

  90. fi

  91. 

  92. if [ -n "${LOCAL_NETWORK-}" ]; then

  93.   eval $(/sbin/ip r l m 0.0.0.0 | awk '{if($5!="tun0"){print "GW="$3"\nINT="$5; exit}}')

  94.   if [ -n "${GW-}" -a -n "${INT-}" ]; then

  95.     echo "adding route to local network $LOCAL_NETWORK via $GW dev $INT"

  96.     /sbin/ip r a "$LOCAL_NETWORK" via "$GW" dev "$INT"

  97.     if [ "true" = "$ENABLE_UFW" ]; then

  98.       echo "allowing access to $TRANSMISSION_RPC_PORT from $LOCAL_NETWORK"

  99.       ufw allow proto tcp from $LOCAL_NETWORK to any port $TRANSMISSION_RPC_PORT

  100.       if [ ! -z "${UFW_EXTRA_PORTS}" ]; then

  101.         for port in ${UFW_EXTRA_PORTS//,/ }; do

  102.           echo "allowing access to ${port} from $LOCAL_NETWORK"

  103.           ufw allow proto tcp from $LOCAL_NETWORK to any port ${port}

  104.         done

  105.       fi

  106.     fi

  107.   fi

  108. fi

  109. 

  110. exec openvpn $TRANSMISSION_CONTROL_OPTS $OPENVPN_OPTS --config "$OPENVPN_CONFIG"