1
1
mirror of https://github.com/dnscrypt/dnscrypt-server-docker synced 2024-11-22 15:32:01 +01:00

Merge pull request #64 from PeterDaveHello/shfmt

Format shell scripts with shfmt and test it on CI
This commit is contained in:
Frank Denis 2019-09-17 15:37:17 +02:00 committed by GitHub
commit a5895ba862
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 41 additions and 25 deletions

@ -7,8 +7,18 @@ language: minimal
git: git:
depth: 5 depth: 5
script: jobs:
- docker build -t dnscrypt-server-docker-ci-test . include:
- stage: Test
name: Docker build
script:
- docker build -t dnscrypt-server-docker-ci-test .
- stage: Test
name: Check shell script format
script:
- docker run -it --rm -v "$(pwd)":/sh -w /sh peterdavehello/shfmt:2.6.4 shfmt -sr -i 4 -l -w -ci .
- git diff --color
- git diff --stat=220 --color --exit-code
services: services:
- docker - docker

@ -21,13 +21,13 @@ new_key() {
ts=$(date '+%s') ts=$(date '+%s')
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \ /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" && --crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" &&
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \ /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
--xchacha20 \ --xchacha20 \
--provider-publickey-file="${KEYS_DIR}/public.key" \ --provider-publickey-file="${KEYS_DIR}/public.key" \
--provider-secretkey-file="${KEYS_DIR}/secret.key" \ --provider-secretkey-file="${KEYS_DIR}/secret.key" \
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \ --crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
--provider-cert-file="${STKEYS_DIR}/${ts}.cert" \ --provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
--cert-file-expire-days=1 --cert-file-expire-days=1
[ $? -ne 0 ] && rm -f "${STKEYS_DIR}/${ts}.key" "${STKEYS_DIR}/${ts}.cert" [ $? -ne 0 ] && rm -f "${STKEYS_DIR}/${ts}.key" "${STKEYS_DIR}/${ts}.cert"
} }

@ -15,7 +15,7 @@ init() {
fi fi
while getopts "h?N:E:" opt; do while getopts "h?N:E:" opt; do
case "$opt" in case "$opt" in
h|\?) usage ;; h | \?) usage ;;
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;; N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;; E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
esac esac
@ -24,20 +24,23 @@ init() {
case "$provider_name" in case "$provider_name" in
.*) usage ;; .*) usage ;;
2.dnscrypt-cert.*) ;; 2.dnscrypt-cert.*) ;;
*) provider_name="2.dnscrypt-cert.${provider_name}" *) provider_name="2.dnscrypt-cert.${provider_name}" ;;
esac esac
[ -z "$ext_address" ] && usage [ -z "$ext_address" ] && usage
case "$ext_address" in case "$ext_address" in
.*) usage ;; .*) usage ;;
0.*) echo "Do not use 0.0.0.0, use an actual external IP address" >&2 ; exit 1 ;; 0.*)
echo "Do not use 0.0.0.0, use an actual external IP address" >&2
exit 1
;;
esac esac
echo "Provider name: [$provider_name]" echo "Provider name: [$provider_name]"
cd "$KEYS_DIR" cd "$KEYS_DIR"
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \ /opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
--gen-provider-keypair --nolog --dnssec --nofilter \ --gen-provider-keypair --nolog --dnssec --nofilter \
--provider-name="$provider_name" --ext-address="$ext_address" | \ --provider-name="$provider_name" --ext-address="$ext_address" |
tee "${KEYS_DIR}/provider-info.txt" tee "${KEYS_DIR}/provider-info.txt"
chmod 640 "${KEYS_DIR}/secret.key" chmod 640 "${KEYS_DIR}/secret.key"
chmod 644 "${KEYS_DIR}/public.key" chmod 644 "${KEYS_DIR}/public.key"
@ -108,7 +111,10 @@ EOT
case "$action" in case "$action" in
start) start ;; start) start ;;
init) shift ; init $* ;; init)
shift
init $*
;;
provider-info) provider_info ;; provider-info) provider_info ;;
*) usage ;; *) usage ;;
esac esac

@ -1,4 +1,4 @@
#! /usr/bin/env bash #! /usr/bin/env bash
drill -DQ -p 553 NS . @127.0.0.1 && \ drill -DQ -p 553 NS . @127.0.0.1 &&
drill -tDQ -p 553 NS . @127.0.0.1 drill -tDQ -p 553 NS . @127.0.0.1

@ -4,7 +4,7 @@ KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
ZONES_DIR="/opt/unbound/etc/unbound/zones" ZONES_DIR="/opt/unbound/etc/unbound/zones"
reserved=134217728 reserved=134217728
availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g' ) )) availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g')))
if [ $availableMemory -le $((reserved * 2)) ]; then if [ $availableMemory -le $((reserved * 2)) ]; then
echo "Not enough memory" >&2 echo "Not enough memory" >&2
exit 1 exit 1
@ -86,15 +86,15 @@ remote-control:
control-interface: 127.0.0.1 control-interface: 127.0.0.1
EOT EOT
mkdir -p /opt/unbound/etc/unbound/dev && \ mkdir -p /opt/unbound/etc/unbound/dev &&
cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/ cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/
mkdir -p -m 700 /opt/unbound/etc/unbound/var && \ mkdir -p -m 700 /opt/unbound/etc/unbound/var &&
chown _unbound:_unbound /opt/unbound/etc/unbound/var && \ chown _unbound:_unbound /opt/unbound/etc/unbound/var &&
/opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key /opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key
if [ ! -f /opt/unbound/etc/unbound/unbound_control.pem ]; then if [ ! -f /opt/unbound/etc/unbound/unbound_control.pem ]; then
/opt/unbound/sbin/unbound-control-setup /opt/unbound/sbin/unbound-control-setup
fi fi
mkdir -p /opt/unbound/etc/unbound/zones mkdir -p /opt/unbound/etc/unbound/zones

@ -12,5 +12,5 @@ GRACE_PERIOD=60
provider_key=$(cat "${KEYS_DIR}/public.key.txt") provider_key=$(cat "${KEYS_DIR}/public.key.txt")
provider_name=$(cat "${KEYS_DIR}/provider_name") provider_name=$(cat "${KEYS_DIR}/provider_name")
drill -p 443 -Q TXT "$provider_name" @127.0.0.1 || \ drill -p 443 -Q TXT "$provider_name" @127.0.0.1 ||
sv force-restart dnscrypt-wrapper sv force-restart dnscrypt-wrapper