1
1
mirror of https://github.com/dnscrypt/dnscrypt-server-docker synced 2024-11-22 03:02:00 +01:00

Format shell scripts with shfmt and test it on CI

This commit is contained in:
Peter Dave Hello 2019-08-05 22:13:56 +08:00
parent 0b439b661d
commit fa7fed55de
6 changed files with 41 additions and 25 deletions

@ -7,8 +7,18 @@ language: minimal
git:
depth: 5
script:
- docker build -t dnscrypt-server-docker-ci-test .
jobs:
include:
- stage: Test
name: Docker build
script:
- docker build -t dnscrypt-server-docker-ci-test .
- stage: Test
name: Check shell script format
script:
- docker run -it --rm -v "$(pwd)":/sh -w /sh peterdavehello/shfmt:2.6.4 shfmt -sr -i 4 -l -w -ci .
- git diff --color
- git diff --stat=220 --color --exit-code
services:
- docker

@ -21,13 +21,13 @@ new_key() {
ts=$(date '+%s')
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-crypt-keypair \
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" &&
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
--xchacha20 \
--provider-publickey-file="${KEYS_DIR}/public.key" \
--provider-secretkey-file="${KEYS_DIR}/secret.key" \
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
--provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
--cert-file-expire-days=1
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper --gen-cert-file \
--xchacha20 \
--provider-publickey-file="${KEYS_DIR}/public.key" \
--provider-secretkey-file="${KEYS_DIR}/secret.key" \
--crypt-secretkey-file="${STKEYS_DIR}/${ts}.key" \
--provider-cert-file="${STKEYS_DIR}/${ts}.cert" \
--cert-file-expire-days=1
[ $? -ne 0 ] && rm -f "${STKEYS_DIR}/${ts}.key" "${STKEYS_DIR}/${ts}.cert"
}

@ -15,7 +15,7 @@ init() {
fi
while getopts "h?N:E:" opt; do
case "$opt" in
h|\?) usage ;;
h | \?) usage ;;
N) provider_name=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
E) ext_address=$(echo "$OPTARG" | sed -e 's/^[ \t]*//' | tr A-Z a-z) ;;
esac
@ -24,20 +24,23 @@ init() {
case "$provider_name" in
.*) usage ;;
2.dnscrypt-cert.*) ;;
*) provider_name="2.dnscrypt-cert.${provider_name}"
*) provider_name="2.dnscrypt-cert.${provider_name}" ;;
esac
[ -z "$ext_address" ] && usage
case "$ext_address" in
.*) usage ;;
0.*) echo "Do not use 0.0.0.0, use an actual external IP address" >&2 ; exit 1 ;;
0.*)
echo "Do not use 0.0.0.0, use an actual external IP address" >&2
exit 1
;;
esac
echo "Provider name: [$provider_name]"
cd "$KEYS_DIR"
/opt/dnscrypt-wrapper/sbin/dnscrypt-wrapper \
--gen-provider-keypair --nolog --dnssec --nofilter \
--provider-name="$provider_name" --ext-address="$ext_address" | \
--provider-name="$provider_name" --ext-address="$ext_address" |
tee "${KEYS_DIR}/provider-info.txt"
chmod 640 "${KEYS_DIR}/secret.key"
chmod 644 "${KEYS_DIR}/public.key"
@ -108,7 +111,10 @@ EOT
case "$action" in
start) start ;;
init) shift ; init $* ;;
init)
shift
init $*
;;
provider-info) provider_info ;;
*) usage ;;
esac

@ -1,4 +1,4 @@
#! /usr/bin/env bash
drill -DQ -p 553 NS . @127.0.0.1 && \
drill -tDQ -p 553 NS . @127.0.0.1
drill -DQ -p 553 NS . @127.0.0.1 &&
drill -tDQ -p 553 NS . @127.0.0.1

@ -4,7 +4,7 @@ KEYS_DIR="/opt/dnscrypt-wrapper/etc/keys"
ZONES_DIR="/opt/unbound/etc/unbound/zones"
reserved=134217728
availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g' ) ))
availableMemory=$((1024 * $( (grep -F MemAvailable /proc/meminfo || grep -F MemTotal /proc/meminfo) | sed 's/[^0-9]//g')))
if [ $availableMemory -le $((reserved * 2)) ]; then
echo "Not enough memory" >&2
exit 1
@ -86,15 +86,15 @@ remote-control:
control-interface: 127.0.0.1
EOT
mkdir -p /opt/unbound/etc/unbound/dev && \
cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/
mkdir -p /opt/unbound/etc/unbound/dev &&
cp -a /dev/random /dev/urandom /opt/unbound/etc/unbound/dev/
mkdir -p -m 700 /opt/unbound/etc/unbound/var && \
chown _unbound:_unbound /opt/unbound/etc/unbound/var && \
/opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key
mkdir -p -m 700 /opt/unbound/etc/unbound/var &&
chown _unbound:_unbound /opt/unbound/etc/unbound/var &&
/opt/unbound/sbin/unbound-anchor -a /opt/unbound/etc/unbound/var/root.key
if [ ! -f /opt/unbound/etc/unbound/unbound_control.pem ]; then
/opt/unbound/sbin/unbound-control-setup
/opt/unbound/sbin/unbound-control-setup
fi
mkdir -p /opt/unbound/etc/unbound/zones

@ -12,5 +12,5 @@ GRACE_PERIOD=60
provider_key=$(cat "${KEYS_DIR}/public.key.txt")
provider_name=$(cat "${KEYS_DIR}/provider_name")
drill -p 443 -Q TXT "$provider_name" @127.0.0.1 || \
sv force-restart dnscrypt-wrapper
drill -p 443 -Q TXT "$provider_name" @127.0.0.1 ||
sv force-restart dnscrypt-wrapper