Add shareport wrapper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
7ae4452d3b
commit
4ae3ec5ec4
GPG key ID:
DC2729FDD34BE99E
2 changed files with 90 additions and 0 deletions
59
.config/shareport.remote.sh
Normal file
59
.config/shareport.remote.sh
Normal file
|
|
@ -0,0 +1,59 @@
|
||||||
|
function gen_prefix() {
|
||||||
|
cat /dev/urandom | tr -dc 'a-z0-9' | head -c 8 || true
|
||||||
|
}
|
||||||
|
|
||||||
|
# Generate an unique ID and set config path for it
|
||||||
|
share_id=${FQDN_PREFIX:-}
|
||||||
|
while :; do
|
||||||
|
config_file="/home/shareport/nginx/shareport_${share_id}.conf"
|
||||||
|
|
||||||
|
if [[ -z $share_id ]] || [[ -e $config_file ]]; then
|
||||||
|
share_id=$(gen_prefix)
|
||||||
|
continue
|
||||||
|
fi
|
||||||
|
|
||||||
|
break
|
||||||
|
done
|
||||||
|
|
||||||
|
# Ensure configuration directory is there
|
||||||
|
mkdir -p $(dirname ${config_file})
|
||||||
|
|
||||||
|
# Create nginx configuration for new share
|
||||||
|
cat -s <<EOF >${config_file}
|
||||||
|
server {
|
||||||
|
listen 443 ssl http2;
|
||||||
|
server_name ${share_id}.knut.dev;
|
||||||
|
|
||||||
|
ssl_certificate /data/ssl/nginxle/knut.dev.pem;
|
||||||
|
ssl_certificate_key /data/ssl/nginxle/knut.dev.key;
|
||||||
|
|
||||||
|
location / {
|
||||||
|
proxy_pass http://${LISTEN};
|
||||||
|
proxy_set_header Upgrade \$http_upgrade;
|
||||||
|
proxy_set_header Connection "Upgrade";
|
||||||
|
proxy_set_header Host \$host;
|
||||||
|
proxy_set_header X-Real-IP \$remote_addr;
|
||||||
|
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||||
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Register cleanup for script exit
|
||||||
|
function cleanup() {
|
||||||
|
rm -f \
|
||||||
|
${config_file}
|
||||||
|
sudo /bin/systemctl reload nginx.service
|
||||||
|
}
|
||||||
|
trap cleanup EXIT
|
||||||
|
|
||||||
|
# Reload nginx to apply new config
|
||||||
|
sudo /bin/systemctl reload nginx.service
|
||||||
|
|
||||||
|
# Let user know where to look
|
||||||
|
echo
|
||||||
|
echo "Listening on https://${share_id}.knut.dev/"
|
||||||
|
echo
|
||||||
|
|
||||||
|
# Keep active until program exits
|
||||||
|
while :; do sleep 5m; done
|
||||||
31
bin/shareport
Executable file
31
bin/shareport
Executable file
|
|
@ -0,0 +1,31 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -euo pipefail
|
||||||
|
|
||||||
|
source "${HOME}/bin/script_framework.sh"
|
||||||
|
|
||||||
|
port="${1:-}"
|
||||||
|
[[ -n $port ]] || fatal "Missing local port as first argument"
|
||||||
|
|
||||||
|
# Get real shareport command
|
||||||
|
shareport=$(which -a shareport | grep -v $0 | head -n1)
|
||||||
|
|
||||||
|
step "Fetching secrets..."
|
||||||
|
export IDENTITY_FILE=$(mktemp)
|
||||||
|
export IDENTITY_FILE_PASSWORD=$(vault read -field=passphrase secret/ssh-key/shareport)
|
||||||
|
|
||||||
|
vault read -field=private secret/ssh-key/shareport >${IDENTITY_FILE}
|
||||||
|
|
||||||
|
# Configure remote
|
||||||
|
export REMOTE_HOST=knut.dev:22
|
||||||
|
export REMOTE_SCRIPT="${HOME}/.config/shareport.remote.sh"
|
||||||
|
export REMOTE_USER=shareport
|
||||||
|
|
||||||
|
# Setup removal of SSH key after exit
|
||||||
|
function cleanup() {
|
||||||
|
step "Cleaning up..."
|
||||||
|
rm -f ${IDENTITY_FILE}
|
||||||
|
}
|
||||||
|
trap cleanup EXIT
|
||||||
|
|
||||||
|
step "Starting shareport..."
|
||||||
|
$shareport --local-addr "localhost:$1"
|
||||||
Loading…
Reference in a new issue