private/apostol-dm
1
1
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6c60fb88f3cc9c61848de68aa81714006a9e5d0e
apostol-dm/docker/entrypoint.sh
status404 6c60fb88f3 Docker fix
2023-08-23 12:36:05 +03:00

244 lines
8.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
##
## BitDeals Module configuration helper script for Docker Container.
## It writes an Environment variables to the daemon config files.
## And can generate a Bitcoin and PGP key filies at first start.
##
## Web app requires the dmHost address should be accessable from your browser
DM_FORWEB=${DM_FORWEB:-https://127.0.0.1}
DM_WEBAUTH=${DM_WEBAUTH:-0}
DM_TESTNET=${DM_TESTNET:-0}
## Daemon config files
CONF_FILES=$(find /etc/dm/ -type f -name "*.conf" -not -name "default.conf")
BITDEALS_PGP_FILE="/etc/dm/bitdeals.asc"
BITDEALS_TESTNET_PGP_FILE="/etc/dm/bitdeals-testnet.asc"
PGP_SEC_FILE="$UHOME/pgp-key.sec"
BX_CONF_FILE="/usr/local/etc/libbitcoin/bx.cfg"
WEB_CONF_FILE="/var/www/web/config.js"
WEB_CONF_SITES="/etc/dm/sites/default.json"
WEB_CONF_OAUTH="/etc/dm/oauth2/default.json"
WEB_CERT="$UHOME/ssl-fullchain.pem"
WEB_KEY="$UHOME/ssl-privkey.pem"
WEB_DH="/etc/ssl/dhparam.pem"
BITCOIN_KEYS_BACKUP="$UHOME/bitcoin.backup_and_remove"
## Variable for tput color output
export TERM=xterm
set_locale()
{
## Setup locale
if [ "$DM_LC_ALL" ]; then
export LC_ALL="$DM_LC_ALL"
update-locale
fi
## Setup Timezone
if [ "$DM_TZ" ]; then
echo $DM_TZ > /etc/timezone
ln -snf /usr/share/zoneinfo/$TZ /etc/localtime
dpkg-reconfigure -f noninteractive tzdata
fi
}
init_config()
{
## Write a default variables to dm config
sed -i -e "/\[main\]/,/\[/ s/^#*user=.*/user=$UNAME/" \
-e "/\[main\]/,/\[/ s/^#*group=.*/group=$UNAME/" \
-e "/\[main\]/,/\[/ s/^#*workers=.*/workers=$(nproc)/" \
-e "/\[module\/WebSocket\]/,/\[/ s/^#*enable=.*/enable=true/" \
-e "/\[daemon\]/,/\[/ s/^#*daemon=.*/daemon=false/" \
-e "/\[server\]/,/\[/ s/^#*listen=.*/listen=0.0.0.0/" \
-e "/\[server\]/,/\[/ s/^#*port=.*/port=4999/" $CONF_FILES
## Change dm Website config
sed -i "s|dmHost:.*|dmHost: \"$DM_FORWEB\",|" $WEB_CONF_FILE
if [ "$DM_WEBAUTH" = 1 -o "$DM_WEBAUTH" = true ]; then
sed -i 's/confAuthorize:.*/confAuthorize: true,/' $WEB_CONF_FILE
else
sed -i 's/confAuthorize:.*/confAuthorize: false,/' $WEB_CONF_FILE
fi
if [ "$DM_LC_ALL" = "ru_RU.UTF-8" ]; then
sed -i 's/defaultLanguage:.*/defaultLanguage: "ru",/' $WEB_CONF_FILE
else
sed -i 's/defaultLanguage:.*/defaultLanguage: "en",/' $WEB_CONF_FILE
fi
## Add DM_FORWEB to dm oauth config
cat $WEB_CONF_OAUTH | \
jq --arg host "$(basename $DM_FORWEB)" '.web.redirect_uris=[
"http://"+$host+"/oauth2/code","http://"+$host+"/oauth2/callback",
"https://"+$host+"/oauth2/code","https://"+$host+"/oauth2/callback"]' | \
sponge $WEB_CONF_OAUTH
cat $WEB_CONF_SITES | \
jq --arg host "$(basename $DM_FORWEB)" '.hosts = [$host]' | \
sponge $WEB_CONF_SITES
## Write the PGP keys locations to dm config
sed -i "/\[pgp\]/,/\[/ s%^#*private=.*%private=$PGP_SEC_FILE%" $CONF_FILES
if [ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ]; then
sed -i "/\[pgp\]/,/\[/ s%^#*public=.*%public=$BITDEALS_TESTNET_PGP_FILE%" $CONF_FILES
else
sed -i "/\[pgp\]/,/\[/ s%^#*public=.*%public=$BITDEALS_PGP_FILE%" $CONF_FILES
fi
## Write a user variables to the daemon config files.
if [ "$DM_BITCOIN" ]; then
sed -i "/\[module\]/,/\[/ s/^#*address=.*/address=$DM_BITCOIN/" $CONF_FILES
fi
if [ "$DM_FEE" ]; then
sed -i "/\[module\]/,/\[/ s/^#*fee=.*/fee=$DM_FEE/" $CONF_FILES
fi
if [ "$DM_PGP_PASSWORD" ] ; then
## Escaping the '/' in password line for use it in `sed`
DM_PGP_PASSWORD="$(echo $DM_PGP_PASSWORD | sed 's/\//\\\//g')"
sed -i "/\[pgp\]/,/\[/ s/^#*passphrase=.*/passphrase=$DM_PGP_PASSWORD/" $CONF_FILES
fi
if [ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ]; then
sed -i "/\[main\]/,/\[/ s/^#*testnet=.*/testnet=true/" $CONF_FILES
else
sed -i "/\[main\]/,/\[/ s/^#*testnet=.*/testnet=false/" $CONF_FILES
fi
## Write PGP key variables to files
if [ "$DM_BITDEALS_PGP" ]; then
echo "$BITDEALS_PGP" > "$BITDEALS_PGP_FILE"
fi
if [ "$DM_BITDEALS_TESTNET_PGP" ]; then
echo "$BITDEALS_TESTNET_PGP" > "$BITDEALS_TESTNET_PGP_FILE"
fi
if [ "$DM_PGP_SEC" ]; then
echo "$DM_PGP_SEC" > "$PGP_SEC_FILE"
fi
## Setup testnet settings in libbitcoin-explorer config for new user bitcoin address generation
[ "$DM_TESTNET" = 1 -o "$DM_TESTNET" = true ] && \
sed -i -e "/\[wallet\]/,/\[/ s/wif_version? =.*/wif_version = 239/" \
-e "/\[wallet\]/,/\[/ s/hd_public_version =.*/hd_public_version = 70617039/" \
-e "/\[wallet\]/,/\[/ s/hd_secret_version =.*/hd_secret_version = 70615956/" \
-e "/\[wallet\]/,/\[/ s/pay_to_public_key_hash_version =.*/pay_to_public_key_hash_version = 111/" \
-e "/\[wallet\]/,/\[/ s/pay_to_script_hash_version =.*/pay_to_script_hash_version = 196/" \
-e "/\[network\]/,/\[/ s/identifier =.*/identifier = 118034699/" \
-e "/seed = mainnet[0-9].libbitcoin.net:8333/ s/^#*/#/" \
-e "/url = tcp:\/\/mainnet.libbitcoin.net:9091/ s/^#*/#/" \
-e "/block_url = tcp:\/\/mainnet.libbitcoin.net:9093/ s/^#*/#/" \
-e "/transaction_url = tcp:\/\/mainnet.libbitcoin.net:9094/ s/^#*/#/" \
-e "/#seed = testnet[0-9].libbitcoin.net:18333/ s/^#*#//" \
-e "/#url = tcp:\/\/testnet.libbitcoin.net:19091/ s/^#*#//" \
-e "/#block_url = tcp:\/\/testnet.libbitcoin.net:19093/ s/^#*#//" \
-e "/#transaction_url = tcp:\/\/testnet.libbitcoin.net:19094/ s/^#*#//" "$BX_CONF_FILE"
}
generate_pgp_key()
{
## Create user PGP key if the file is empty
if [ ! -f "$PGP_SEC_FILE" ]
then
[ "$DM_ACCOUNT_URL" ] || \
{ echo -en "\nGenerating new PGP key...\nPlease enter your site URL like https://example.com : " ; \
read DM_ACCOUNT_URL ;}
#GNUPGHOME="$(mktemp -d)" ; ## Works for gpg2
gpg --faked-system-time $(TZ=UTC date --date=$(date +'%Y-%m-%d') +%s) \
--pinentry-mode loopback --passphrase "$DM_PGP_PASSWORD" \
--openpgp --batch --gen-key 2>/dev/null <<-EOF
Key-Type: RSA
Key-Usage: cert,sign
Key-Length: 1024
Subkey-Type: RSA
Subkey-Usage: encr
Subkey-Length: 1024
Name-Real: Account_URL
Name-Comment: ${DM_ACCOUNT_URL:-https://example-$RANDOM$RANDOM.com}
Expire-Date: 0
EOF
tput setaf 2
cat <<-EOF
$(gpg -k --keyid-format long 2>/dev/null | tail -n5)
$(gpg --armor --export-secret-keys --passphrase "$DM_PGP_PASSWORD" | tee "$PGP_SEC_FILE")
EOF
tput sgr0
gpgconf --kill all
else
echo -e "NOTE: Your PGP key location: $PGP_SEC_FILE"
fi
## Change PGP keyfile owner
if [ -f "$PGP_SEC_FILE" ]; then
chown $UNAME:$UNAME "$PGP_SEC_FILE"
chmod 600 "$PGP_SEC_FILE"
fi
}
generate_btc_key()
{
## Create new Bitcoin keys. If user address (_DM_BITCOIN var) is empty.
_DM_BITCOIN="$(sed -n '/^[ \t]*\[module\]/,/\[/s/^[ \t]*address[ \t]*=[ \t]*//p' $CONF_FILES)"
B=$(tput bold ; tput setaf 1)
N=$(tput sgr0)
if [ -z "$_DM_BITCOIN" ]
then
## Generate bitcoin keys
PRIVKEY="$(cat /dev/random | tr -cd "[:digit:]" | head -c 64)"
PUBKEY="$(bx ec-to-public $PRIVKEY)"
BITCOIN="$(bx ec-to-address $PUBKEY)"
PRIVKEYWIF="$(bx ec-to-wif $PRIVKEY)"
## Write the bitcoin address to the daemon config
sed -i "/\[module\]/,/\[/ s/^#*address=.*/address=$BITCOIN/" $CONF_FILES
## Show bitcoin key
tee -a $BITCOIN_KEYS_BACKUP <<-EOF
${B}Please backup this BITCOIN KEY:${N}
Private key (WIF form): $PRIVKEYWIF
Public key: $PUBKEY
Bitcoin address: $BITCOIN
EOF
chmod 600 $BITCOIN_KEYS_BACKUP
else
test -f $BITCOIN_KEYS_BACKUP \
&& echo -e "NOTE: Your Bitcoin key saved to $(dirname $BITCOIN_KEYS_BACKUP)/${B}$(basename $BITCOIN_KEYS_BACKUP)${N}"\
|| echo -e "NOTE: Your Bitcoin address: $_DM_BITCOIN"
fi
}
generate_ssl_key()
{
## Generate self-signed certificate
if ! [ -f $WEB_KEY -a -f $WEB_CERT ]; then
openssl req -x509 -nodes -days 365 -newkey rsa:2048 -batch \
-keyout $WEB_KEY \
-out $WEB_CERT
fi
if ! [ -f $WEB_DH ]; then
echo "Generating DH parameters, 1024 bit long safe prime"
openssl dhparam -out $WEB_DH 1024 2>/dev/null
fi
}
set_locale
init_config
generate_pgp_key
generate_btc_key
generate_ssl_key
## Run the daemon
/etc/init.d/nginx start
exec /usr/sbin/dm -p /etc/dm -c /etc/dm/dm.conf $@
Reference in New Issue View Git Blame Copy Permalink