Add shareport wrapper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
This commit is contained in:
parent
7ae4452d3b
commit
4ae3ec5ec4
GPG key ID:
DC2729FDD34BE99E
2 changed files with 90 additions and 0 deletions
59
.config/shareport.remote.sh
Normal file
59
.config/shareport.remote.sh
Normal file
|
|
@ -0,0 +1,59 @@
|
|||
function gen_prefix() {
|
||||
cat /dev/urandom | tr -dc 'a-z0-9' | head -c 8 || true
|
||||
}
|
||||
|
||||
# Generate an unique ID and set config path for it
|
||||
share_id=${FQDN_PREFIX:-}
|
||||
while :; do
|
||||
config_file="/home/shareport/nginx/shareport_${share_id}.conf"
|
||||
|
||||
if [[ -z $share_id ]] || [[ -e $config_file ]]; then
|
||||
share_id=$(gen_prefix)
|
||||
continue
|
||||
fi
|
||||
|
||||
break
|
||||
done
|
||||
|
||||
# Ensure configuration directory is there
|
||||
mkdir -p $(dirname ${config_file})
|
||||
|
||||
# Create nginx configuration for new share
|
||||
cat -s <<EOF >${config_file}
|
||||
server {
|
||||
listen 443 ssl http2;
|
||||
server_name ${share_id}.knut.dev;
|
||||
|
||||
ssl_certificate /data/ssl/nginxle/knut.dev.pem;
|
||||
ssl_certificate_key /data/ssl/nginxle/knut.dev.key;
|
||||
|
||||
location / {
|
||||
proxy_pass http://${LISTEN};
|
||||
proxy_set_header Upgrade \$http_upgrade;
|
||||
proxy_set_header Connection "Upgrade";
|
||||
proxy_set_header Host \$host;
|
||||
proxy_set_header X-Real-IP \$remote_addr;
|
||||
proxy_set_header X-Forwarded-For \$proxy_add_x_forwarded_for;
|
||||
proxy_set_header X-Forwarded-Proto \$scheme;
|
||||
}
|
||||
}
|
||||
EOF
|
||||
|
||||
# Register cleanup for script exit
|
||||
function cleanup() {
|
||||
rm -f \
|
||||
${config_file}
|
||||
sudo /bin/systemctl reload nginx.service
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
# Reload nginx to apply new config
|
||||
sudo /bin/systemctl reload nginx.service
|
||||
|
||||
# Let user know where to look
|
||||
echo
|
||||
echo "Listening on https://${share_id}.knut.dev/"
|
||||
echo
|
||||
|
||||
# Keep active until program exits
|
||||
while :; do sleep 5m; done
|
||||
31
bin/shareport
Executable file
31
bin/shareport
Executable file
|
|
@ -0,0 +1,31 @@
|
|||
#!/bin/bash
|
||||
set -euo pipefail
|
||||
|
||||
source "${HOME}/bin/script_framework.sh"
|
||||
|
||||
port="${1:-}"
|
||||
[[ -n $port ]] || fatal "Missing local port as first argument"
|
||||
|
||||
# Get real shareport command
|
||||
shareport=$(which -a shareport | grep -v $0 | head -n1)
|
||||
|
||||
step "Fetching secrets..."
|
||||
export IDENTITY_FILE=$(mktemp)
|
||||
export IDENTITY_FILE_PASSWORD=$(vault read -field=passphrase secret/ssh-key/shareport)
|
||||
|
||||
vault read -field=private secret/ssh-key/shareport >${IDENTITY_FILE}
|
||||
|
||||
# Configure remote
|
||||
export REMOTE_HOST=knut.dev:22
|
||||
export REMOTE_SCRIPT="${HOME}/.config/shareport.remote.sh"
|
||||
export REMOTE_USER=shareport
|
||||
|
||||
# Setup removal of SSH key after exit
|
||||
function cleanup() {
|
||||
step "Cleaning up..."
|
||||
rm -f ${IDENTITY_FILE}
|
||||
}
|
||||
trap cleanup EXIT
|
||||
|
||||
step "Starting shareport..."
|
||||
$shareport --local-addr "localhost:$1"
|
||||
Loading…
Reference in a new issue