mirror of
https://github.com/dnscrypt/dnscrypt-server-docker
synced 2024-11-22 15:32:01 +01:00
Merge pull request #64 from PeterDaveHello/shfmt
Format shell scripts with shfmt and test it on CI
This commit is contained in:
commit
a5895ba862
14
.travis.yml
14
.travis.yml
@ -7,8 +7,18 @@ language: minimal
|
|||||||
git:
|
git:
|
||||||
depth: 5
|
depth: 5
|
||||||
|
|
||||||
script:
|
jobs:
|
||||||
- docker build -t dnscrypt-server-docker-ci-test .
|
include:
|
||||||
|
- stage: Test
|
||||||
|
name: Docker build
|
||||||
|
script:
|
||||||
|
- docker build -t dnscrypt-server-docker-ci-test .
|
||||||
|
- stage: Test
|
||||||
|
name: Check shell script format
|
||||||
|
script:
|
||||||
|
- docker run -it --rm -v "$(pwd)":/sh -w /sh peterdavehello/shfmt:2.6.4 shfmt -sr -i 4 -l -w -ci .
|
||||||
|
- git diff --color
|
||||||
|
- git diff --stat=220 --color --exit-code
|
||||||
|
|
||||||
services:
|
services:
|
||||||
- docker
|
- docker
|
||||||
|
@ -21,13 +21,13 @@ new_key() {
|
|||||||
ts=$(date '+%s')
|
ts=$(date '+%s')
|
||||||
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \
|
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \
|
||||||
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" &&
|
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" &&
|
||||||
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
|
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
|
||||||
--xchacha20 \
|
--xchacha20 \
|
||||||
--provider-publickey-file="${KEYS_DIR}/public.key" \
|
--provider-publickey-file="${KEYS_DIR}/public.key" \
|
||||||
--provider-secretkey-file="${KEYS_DIR}/secret.key" \
|
--provider-secretkey-file="${KEYS_DIR}/secret.key" \
|
||||||
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
|
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
|
||||||
--provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
|
--provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
|
||||||
--cert-file-expire-days=1
|
--cert-file-expire-days=1
|
||||||
[ $? -ne 0 ] && rm -f "${STKEYS_DIR}/${ts}.key" "${STKEYS_DIR}/${ts}.cert"
|
[ $? -ne 0 ] && rm -f "${STKEYS_DIR}/${ts}.key" "${STKEYS_DIR}/${ts}.cert"
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -15,7 +15,7 @@ init() {
|
|||||||
fi
|
fi
|
||||||
while getopts "h?N:E:" opt; do
|
while getopts "h?N:E:" opt; do
|
||||||
case "$opt" in
|
case "$opt" in
|
||||||
h|\?) usage ;;
|
h | \?) usage ;;
|
||||||
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
|
||||||
esac
|
esac
|
||||||
@ -24,20 +24,23 @@ init() {
|
|||||||
case "$provider_name" in
|
case "$provider_name" in
|
||||||
.*) usage ;;
|
.*) usage ;;
|
||||||
2.dnscrypt-cert.*) ;;
|
2.dnscrypt-cert.*) ;;
|
||||||
*) provider_name="2.dnscrypt-cert.${provider_name}"
|
*) provider_name="2.dnscrypt-cert.${provider_name}" ;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
[ -z "$ext_address" ] && usage
|
[ -z "$ext_address" ] && usage
|
||||||
case "$ext_address" in
|
case "$ext_address" in
|
||||||
.*) usage ;;
|
.*) usage ;;
|
||||||
0.*) echo "Do not use 0.0.0.0, use an actual external IP address" >&2 ; exit 1 ;;
|
0.*)
|
||||||
|
echo "Do not use 0.0.0.0, use an actual external IP address" >&2
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
esac
|
esac
|
||||||
|
|
||||||
echo "Provider name: [$provider_name]"
|
echo "Provider name: [$provider_name]"
|
||||||
cd "$KEYS_DIR"
|
cd "$KEYS_DIR"
|
||||||
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
|
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
|
||||||
--gen-provider-keypair --nolog --dnssec --nofilter \
|
--gen-provider-keypair --nolog --dnssec --nofilter \
|
||||||
--provider-name="$provider_name" --ext-address="$ext_address" | \
|
--provider-name="$provider_name" --ext-address="$ext_address" |
|
||||||
tee "${KEYS_DIR}/provider-info.txt"
|
tee "${KEYS_DIR}/provider-info.txt"
|
||||||
chmod 640 "${KEYS_DIR}/secret.key"
|
chmod 640 "${KEYS_DIR}/secret.key"
|
||||||
chmod 644 "${KEYS_DIR}/public.key"
|
chmod 644 "${KEYS_DIR}/public.key"
|
||||||
@ -108,7 +111,10 @@ EOT
|
|||||||
|
|
||||||
case "$action" in
|
case "$action" in
|
||||||
start) start ;;
|
start) start ;;
|
||||||
init) shift ; init $* ;;
|
init)
|
||||||
|
shift
|
||||||
|
init $*
|
||||||
|
;;
|
||||||
provider-info) provider_info ;;
|
provider-info) provider_info ;;
|
||||||
*) usage ;;
|
*) usage ;;
|
||||||
esac
|
esac
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
#! /usr/bin/env bash
|
#! /usr/bin/env bash
|
||||||
|
|
||||||
drill -DQ -p 553 NS . @127.0.0.1 && \
|
drill -DQ -p 553 NS . @127.0.0.1 &&
|
||||||
drill -tDQ -p 553 NS . @127.0.0.1
|
drill -tDQ -p 553 NS . @127.0.0.1
|
||||||
|
14
unbound.sh
14
unbound.sh
@ -4,7 +4,7 @@ KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
|
|||||||
ZONES_DIR="/opt/unbound/etc/unbound/zones"
|
ZONES_DIR="/opt/unbound/etc/unbound/zones"
|
||||||
|
|
||||||
reserved=134217728
|
reserved=134217728
|
||||||
availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g' ) ))
|
availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g')))
|
||||||
if [ $availableMemory -le $((reserved * 2)) ]; then
|
if [ $availableMemory -le $((reserved * 2)) ]; then
|
||||||
echo "Not enough memory" >&2
|
echo "Not enough memory" >&2
|
||||||
exit 1
|
exit 1
|
||||||
@ -86,15 +86,15 @@ remote-control:
|
|||||||
control-interface: 127.0.0.1
|
control-interface: 127.0.0.1
|
||||||
EOT
|
EOT
|
||||||
|
|
||||||
mkdir -p /opt/unbound/etc/unbound/dev && \
|
mkdir -p /opt/unbound/etc/unbound/dev &&
|
||||||
cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/
|
cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/
|
||||||
|
|
||||||
mkdir -p -m 700 /opt/unbound/etc/unbound/var && \
|
mkdir -p -m 700 /opt/unbound/etc/unbound/var &&
|
||||||
chown _unbound:_unbound /opt/unbound/etc/unbound/var && \
|
chown _unbound:_unbound /opt/unbound/etc/unbound/var &&
|
||||||
/opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key
|
/opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key
|
||||||
|
|
||||||
if [ ! -f /opt/unbound/etc/unbound/unbound_control.pem ]; then
|
if [ ! -f /opt/unbound/etc/unbound/unbound_control.pem ]; then
|
||||||
/opt/unbound/sbin/unbound-control-setup
|
/opt/unbound/sbin/unbound-control-setup
|
||||||
fi
|
fi
|
||||||
|
|
||||||
mkdir -p /opt/unbound/etc/unbound/zones
|
mkdir -p /opt/unbound/etc/unbound/zones
|
||||||
|
@ -12,5 +12,5 @@ GRACE_PERIOD=60
|
|||||||
provider_key=$(cat "${KEYS_DIR}/public.key.txt")
|
provider_key=$(cat "${KEYS_DIR}/public.key.txt")
|
||||||
provider_name=$(cat "${KEYS_DIR}/provider_name")
|
provider_name=$(cat "${KEYS_DIR}/provider_name")
|
||||||
|
|
||||||
drill -p 443 -Q TXT "$provider_name" @127.0.0.1 || \
|
drill -p 443 -Q TXT "$provider_name" @127.0.0.1 ||
|
||||||
sv force-restart dnscrypt-wrapper
|
sv force-restart dnscrypt-wrapper
|
||||||
|
Loading…
Reference in New Issue
Block a user