colin
/
ntfy
1
0
Fork 0
Code Pull Requests Packages Activity

Update docker/headscale/start.sh

This commit is contained in:
colin 2024-01-22 18:35:06 +00:00
parent 90ed955101
commit 608e988d4d
1 changed files with 93 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

186
docker/headscale/start.sh
View File

@ -1,113 +1,113 @@
#!/bin/bash #!/bin/bash
sleep 10 sleep 10
echo loading start.sh echo loading start.sh
replace_config_values() { # replace_config_values() {
echo replacing configuration values # echo replacing configuration values
local config_template="/etc/headscale-example/config-example.yaml" # local config_template="/etc/headscale-example/config-example.yaml"
local config_output="/etc/headscale/config.yaml" # local config_output="/etc/headscale/config.yaml"
# Default values # # Default values
local DEFAULT_SERVER_URL="http://127.0.0.1:8080" # local DEFAULT_SERVER_URL="http://127.0.0.1:8080"
local DEFAULT_LISTEN_ADDR="127.0.0.1:8080" # local DEFAULT_LISTEN_ADDR="127.0.0.1:8080"
local DEFAULT_METRICS_LISTEN_ADDR="127.0.0.1:9090" # local DEFAULT_METRICS_LISTEN_ADDR="127.0.0.1:9090"
local DEFAULT_GRPC_LISTEN_ADDR="127.0.0.1:50443" # local DEFAULT_GRPC_LISTEN_ADDR="127.0.0.1:50443"
local DEFAULT_GRPC_ALLOW_INSECURE="false" # local DEFAULT_GRPC_ALLOW_INSECURE="false"
local DEFAULT_DB_TYPE="sqlite3" # local DEFAULT_DB_TYPE="sqlite3"
local DEFAULT_DB_PATH="/var/lib/headscale/db.sqlite" # local DEFAULT_DB_PATH="/var/lib/headscale/db.sqlite"
local DEFAULT_UNIX_SOCKET="/var/run/headscale/headscale.sock" # local DEFAULT_UNIX_SOCKET="/var/run/headscale/headscale.sock"
local DEFAULT_UNIX_SOCKET_PERMISSION="0770" # local DEFAULT_UNIX_SOCKET_PERMISSION="0770"
# Check if the output config file already exists # # Check if the output config file already exists
if [[ -f "$config_output" ]]; then # if [[ -f "$config_output" ]]; then
echo "$config_output already exists." # echo "$config_output already exists."
return 0 # return 0
fi # fi
# Ensure the template file exists # # Ensure the template file exists
if [[ ! -f "$config_template" ]]; then # if [[ ! -f "$config_template" ]]; then
echo "Template file $config_template not found." # echo "Template file $config_template not found."
return 1 # return 1
fi # fi
# Function to replace or use default value # # Function to replace or use default value
replace_or_default() { # replace_or_default() {
local var_name=$1 # local var_name=$1
local default_value=$2 # local default_value=$2
local line=$3 # local line=$3
local var_value # local var_value
eval var_value=\$$var_name # eval var_value=\$$var_name
if [ -z "$var_value" ]; then # if [ -z "$var_value" ]; then
var_value=$default_value # var_value=$default_value
fi # fi
echo "${line/\$\{$var_name\}/$var_value}" # echo "${line/\$\{$var_name\}/$var_value}"
} # }
# Read the template and replace variables with defaults if not set # # Read the template and replace variables with defaults if not set
while IFS='' read -r line || [[ -n "$line" ]]; do # while IFS='' read -r line || [[ -n "$line" ]]; do
line=$(replace_or_default "SERVER_URL" "$DEFAULT_SERVER_URL" "$line") # line=$(replace_or_default "SERVER_URL" "$DEFAULT_SERVER_URL" "$line")
line=$(replace_or_default "LISTEN_ADDR" "$DEFAULT_LISTEN_ADDR" "$line") # line=$(replace_or_default "LISTEN_ADDR" "$DEFAULT_LISTEN_ADDR" "$line")
line=$(replace_or_default "METRICS_LISTEN_ADDR" "$DEFAULT_METRICS_LISTEN_ADDR" "$line") # line=$(replace_or_default "METRICS_LISTEN_ADDR" "$DEFAULT_METRICS_LISTEN_ADDR" "$line")
line=$(replace_or_default "GRPC_LISTEN_ADDR" "$DEFAULT_GRPC_LISTEN_ADDR" "$line") # line=$(replace_or_default "GRPC_LISTEN_ADDR" "$DEFAULT_GRPC_LISTEN_ADDR" "$line")
line=$(replace_or_default "GRPC_ALLOW_INSECURE" "$DEFAULT_GRPC_ALLOW_INSECURE" "$line") # line=$(replace_or_default "GRPC_ALLOW_INSECURE" "$DEFAULT_GRPC_ALLOW_INSECURE" "$line")
line=$(replace_or_default "DB_TYPE" "$DEFAULT_DB_TYPE" "$line") # line=$(replace_or_default "DB_TYPE" "$DEFAULT_DB_TYPE" "$line")
line=$(replace_or_default "DB_PATH" "$DEFAULT_DB_PATH" "$line") # line=$(replace_or_default "DB_PATH" "$DEFAULT_DB_PATH" "$line")
line=$(replace_or_default "UNIX_SOCKET" "$DEFAULT_UNIX_SOCKET" "$line") # line=$(replace_or_default "UNIX_SOCKET" "$DEFAULT_UNIX_SOCKET" "$line")
line=$(replace_or_default "UNIX_SOCKET_PERMISSION" "$DEFAULT_UNIX_SOCKET_PERMISSION" "$line") # line=$(replace_or_default "UNIX_SOCKET_PERMISSION" "$DEFAULT_UNIX_SOCKET_PERMISSION" "$line")
echo "$line" # echo "$line"
done < "$config_template" > "$config_output" # done < "$config_template" > "$config_output"
echo "Config file generated at $config_output" # echo "Config file generated at $config_output"
} # }
ensure_private_key_exists() { # ensure_private_key_exists() {
local key_path="/var/lib/headscale/derp_server_private.key" # local key_path="/var/lib/headscale/derp_server_private.key"
# Check if the file exists and is a valid private key # # Check if the file exists and is a valid private key
if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then # if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then
echo "Valid private key already exists at $key_path." # echo "Valid private key already exists at $key_path."
else # else
# Generate a new 2048-bit RSA private key # # Generate a new 2048-bit RSA private key
mkdir -p /var/lib/headscale # mkdir -p /var/lib/headscale
openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048 # openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048
if [[ $? -eq 0 ]]; then # if [[ $? -eq 0 ]]; then
echo "New private key generated at $key_path." # echo "New private key generated at $key_path."
else # else
echo "Failed to generate private key." # echo "Failed to generate private key."
return 1 # return 1
fi # fi
fi # fi
} # }
echo testgen derp private key # echo testgen derp private key
ensure_private_key_exists # ensure_private_key_exists
ensure_noise_private_key_exists() { # ensure_noise_private_key_exists() {
local key_path="/var/lib/headscale/noise_private.key" # local key_path="/var/lib/headscale/noise_private.key"
# Check if the file exists and is a valid private key # # Check if the file exists and is a valid private key
if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then # if [[ -f "$key_path" ]] && openssl rsa -check -noout -in "$key_path" > /dev/null 2>&1; then
echo "Valid Noise private key already exists at $key_path." # echo "Valid Noise private key already exists at $key_path."
else # else
# Generate a new 2048-bit RSA private key # # Generate a new 2048-bit RSA private key
mkdir -p /var/lib/headscale # mkdir -p /var/lib/headscale
openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048 # openssl genpkey -algorithm RSA -out "$key_path" -pkeyopt rsa_keygen_bits:2048
if [[ $? -eq 0 ]]; then # if [[ $? -eq 0 ]]; then
echo "New Noise private key generated at $key_path." # echo "New Noise private key generated at $key_path."
else # else
echo "Failed to generate Noise private key." # echo "Failed to generate Noise private key."
return 1 # return 1
fi # fi
fi # fi
} # }
echo testgen noise private key # echo testgen noise private key
ensure_noise_private_key_exists # ensure_noise_private_key_exists
# Run the function to replace variables and start headscale # # Run the function to replace variables and start headscale
replace_config_values # replace_config_values
echo configuration implementation system finished. # echo configuration implementation system finished.
cat /etc/headscale/config.yaml # cat /etc/headscale/config.yaml
# echo running headscales configtest # echo running headscales configtest
# headscale configtest # headscale configtest
echo launching headscale. echo launching headscale.