mirror of
https://github.com/TrustTunnel/TrustTunnel.git
synced 2026-03-24 17:57:11 +00:00
ebb1ff4d3b
Squashed commit of the following: commit 16a0c416f13fc32db3ae79ba7f0886ba3987f5aa Author: Radmir Sadikov <r.sadikov@adguard.com> Date: Thu Mar 5 12:01:45 2026 +0400 move healthcheck from Dockerfile to docker-compose.yml commit54aeb8d824Author: Radmir Sadikov <r.sadikov@adguard.com> Date: Wed Mar 4 15:50:26 2026 +0400 add port parameter for healthcheck commit0e375b9628Author: Radmir Sadikov <r.sadikov@adguard.com> Date: Tue Mar 3 17:47:27 2026 +0400 feat vpn-libs-endpoint: improve docker support for trusttunnel
88 lines
2.5 KiB
Bash
88 lines
2.5 KiB
Bash
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
check_file() {
|
|
local file="$1"
|
|
if [ ! -f "$file" ]; then
|
|
echo "Configuration file '$file' not found"
|
|
return 1
|
|
fi
|
|
return 0
|
|
}
|
|
|
|
verify_configs() {
|
|
local missing=0
|
|
|
|
check_file "credentials.toml" || missing=1
|
|
check_file "vpn.toml" || missing=1
|
|
check_file "hosts.toml" || missing=1
|
|
|
|
return $missing
|
|
}
|
|
|
|
run_setup_wizard_noninteractive() {
|
|
if [ -z "${TT_HOSTNAME:-}" ] || [ -z "${TT_CREDENTIALS:-}" ]; then
|
|
echo "Error: TT_HOSTNAME and TT_CREDENTIALS are required for non-interactive setup"
|
|
return 1
|
|
fi
|
|
|
|
local args=(
|
|
"-m" "non-interactive"
|
|
"-a" "${TT_LISTEN_ADDRESS:-0.0.0.0:8443}"
|
|
"-c" "$TT_CREDENTIALS"
|
|
"-n" "$TT_HOSTNAME"
|
|
"--lib-settings" "vpn.toml"
|
|
"--hosts-settings" "hosts.toml"
|
|
)
|
|
|
|
case "${TT_CERT_TYPE:-self-signed}" in
|
|
self-signed)
|
|
args+=("--cert-type" "self-signed")
|
|
;;
|
|
letsencrypt)
|
|
if [ -z "${TT_ACME_EMAIL:-}" ]; then
|
|
echo "Error: TT_ACME_EMAIL is required when TT_CERT_TYPE=letsencrypt"
|
|
return 1
|
|
fi
|
|
args+=("--cert-type" "letsencrypt" "--acme-email" "$TT_ACME_EMAIL")
|
|
if [ "${TT_ACME_STAGING:-false}" = "true" ]; then
|
|
args+=("--acme-staging")
|
|
fi
|
|
;;
|
|
provided)
|
|
if [ -z "${TT_CERT_PROVIDED_CHAIN_PATH:-}" ] || [ -z "${TT_CERT_PROVIDED_KEY_PATH:-}" ]; then
|
|
echo "Error: TT_CERT_PROVIDED_CHAIN_PATH and TT_CERT_PROVIDED_KEY_PATH are required when TT_CERT_TYPE=provided"
|
|
return 1
|
|
fi
|
|
args+=(
|
|
"--cert-type" "provided"
|
|
"--cert-chain-path" "$TT_CERT_PROVIDED_CHAIN_PATH"
|
|
"--cert-key-path" "$TT_CERT_PROVIDED_KEY_PATH"
|
|
)
|
|
;;
|
|
*)
|
|
echo "Error: Unsupported TT_CERT_TYPE='$TT_CERT_TYPE'. Supported: self-signed, letsencrypt, provided"
|
|
return 1
|
|
;;
|
|
esac
|
|
|
|
echo "Missing configuration file(s). Running setup_wizard in non-interactive mode"
|
|
setup_wizard "${args[@]}"
|
|
}
|
|
|
|
main() {
|
|
if ! verify_configs; then
|
|
if [ -t 0 ]; then
|
|
echo "Missing configuration file(s). Launching setup wizard in interactive mode"
|
|
setup_wizard
|
|
else
|
|
run_setup_wizard_noninteractive
|
|
fi
|
|
fi
|
|
|
|
echo "Starting trusttunnel_endpoint"
|
|
exec trusttunnel_endpoint vpn.toml hosts.toml
|
|
}
|
|
|
|
main |