lixonet-ee/install.sh

#!/bin/ash

# See: Dockerfile
UID=431
GID=431

# Grab origin
ORIGIN=`git remote get-url origin`

echo "Setting access to /var/run/docker.sock."
chown -v $UID:$GID /var/run/docker.sock

echo "Setting read access to /etc/lixonet/."
chown -R $UID:$GID /etc/lixonet/
chmod -R 440 /etc/lixonet/
chmod -R a+X /etc/lixonet/

echo "Setting write access to service directories."
mkdir /etc/bind
chown -R $UID:$GID /etc/bind/
chmod -R 660 /etc/bind/
chmod -R a+X /etc/bind/

mkdir /etc/bird
chown -R $UID:$GID /etc/bird/
chmod -R 660 /etc/bird/
chmod -R a+X /etc/bird/

mkdir /etc/tinc
chown -R $UID:$GID /etc/tinc/
chmod -R 660 /etc/tinc/
chmod -R a+X /etc/tinc/

mkdir /etc/wireguard
chown -R $UID:$GID /etc/wireguard/
chmod -R 660 /etc/wireguard/
chmod -R a+X /etc/wireguard/

echo "Setting exclusive read access to SSH keys."
chmod -v 400 /etc/lixonet/id_rsa
chmod -v 400 /etc/lixonet/*/id_rsa
chmod -v 400 /etc/lixonet/known_hosts
stat /etc/lixonet/id_rsa
stat /etc/lixonet/*/id_rsa
stat /etc/lixonet/known_hosts

echo "Enabling write access to /etc/lixonet/version."
touch /etc/lixonet/version
chmod 660 /etc/lixonet/version
stat /etc/lixonet/version

docker build -t lixonet-ee . && docker run --restart always -d -e DOCKER_HOST=unix:///var/run/docker.sock -e GIT_URL=$ORIGIN -v /var/run/docker.sock:/var/run/docker.sock -v /etc/bird:/etc/bird/ -v /etc/tinc:/etc/tinc -v /etc/bind:/etc/bind -v /etc/lixonet:/etc/lixonet -v /etc/lixonet/known_hosts:/home/lixonet/.ssh/known_hosts -v /etc/lixonet/id_rsa:/home/lixonet/.ssh/id_rsa lixonet-ee
Add daemon support 2021-05-18 17:38:32 -06:00			`#!/bin/ash`

Make daemon work! Signed-off-by: Manevolent <manevolent@team.lixo> 2021-09-21 12:37:42 -06:00			`# See: Dockerfile`
			`UID=431`
			`GID=431`

			`# Grab origin`
			ORIGIN=`git remote get-url origin`

			`echo "Setting access to /var/run/docker.sock."`
			`chown -v $UID:$GID /var/run/docker.sock`

			`echo "Setting read access to /etc/lixonet/."`
			`chown -R $UID:$GID /etc/lixonet/`
			`chmod -R 440 /etc/lixonet/`
			`chmod -R a+X /etc/lixonet/`

			`echo "Setting write access to service directories."`
			`mkdir /etc/bind`
			`chown -R $UID:$GID /etc/bind/`
			`chmod -R 660 /etc/bind/`
			`chmod -R a+X /etc/bind/`

			`mkdir /etc/bird`
			`chown -R $UID:$GID /etc/bird/`
			`chmod -R 660 /etc/bird/`
			`chmod -R a+X /etc/bird/`

			`mkdir /etc/tinc`
			`chown -R $UID:$GID /etc/tinc/`
			`chmod -R 660 /etc/tinc/`
			`chmod -R a+X /etc/tinc/`

Add initial support for WG 2021-09-21 14:01:51 -06:00			`mkdir /etc/wireguard`
			`chown -R $UID:$GID /etc/wireguard/`
			`chmod -R 660 /etc/wireguard/`
			`chmod -R a+X /etc/wireguard/`

Make daemon work! Signed-off-by: Manevolent <manevolent@team.lixo> 2021-09-21 12:37:42 -06:00			`echo "Setting exclusive read access to SSH keys."`
			`chmod -v 400 /etc/lixonet/id_rsa`
			`chmod -v 400 /etc/lixonet/*/id_rsa`
Update install.sh 2021-09-21 13:31:07 -06:00			`chmod -v 400 /etc/lixonet/known_hosts`
Make daemon work! Signed-off-by: Manevolent <manevolent@team.lixo> 2021-09-21 12:37:42 -06:00			`stat /etc/lixonet/id_rsa`
			`stat /etc/lixonet/*/id_rsa`
Update install.sh 2021-09-21 13:31:07 -06:00			`stat /etc/lixonet/known_hosts`
Make daemon work! Signed-off-by: Manevolent <manevolent@team.lixo> 2021-09-21 12:37:42 -06:00
			`echo "Enabling write access to /etc/lixonet/version."`
			`touch /etc/lixonet/version`
			`chmod 660 /etc/lixonet/version`
			`stat /etc/lixonet/version`

Update install.sh 2021-09-21 13:31:07 -06:00			`docker build -t lixonet-ee . && docker run --restart always -d -e DOCKER_HOST=unix:///var/run/docker.sock -e GIT_URL=$ORIGIN -v /var/run/docker.sock:/var/run/docker.sock -v /etc/bird:/etc/bird/ -v /etc/tinc:/etc/tinc -v /etc/bind:/etc/bind -v /etc/lixonet:/etc/lixonet -v /etc/lixonet/known_hosts:/home/lixonet/.ssh/known_hosts -v /etc/lixonet/id_rsa:/home/lixonet/.ssh/id_rsa lixonet-ee`