Caddy-Reverse_Proxy
/
freenas-iocage-caddy
mirror of https://github.com/danb35/freenas-iocage-caddy
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
freenas-iocage-caddy/caddy-jail.sh

160 lines
4.1 KiB
Bash
Executable File
Raw Blame History

#!/bin/sh
# Build an iocage jail under FreeNAS 11.3-12.0 using the current release of Caddy
# git clone https://github.com/danb35/freenas-iocage-caddy
# Check for root privileges
if ! [ $(id -u) = 0 ]; then
echo "This script must be run with root privileges"
exit 1
fi
#####
#
# General configuration
#
#####
# Initialize defaults
JAIL_IP=""
JAIL_INTERFACES=""
DEFAULT_GW_IP=""
INTERFACE="vnet0"
VNET="on"
POOL_PATH=""
JAIL_NAME="caddy"
DNS_PLUGIN=""
CONFIG_NAME="caddy-config"
# Check for caddy-config and set configuration
SCRIPT=$(readlink -f "$0")
SCRIPTPATH=$(dirname "${SCRIPT}")
if ! [ -e "${SCRIPTPATH}"/"${CONFIG_NAME}" ]; then
echo "${SCRIPTPATH}/${CONFIG_NAME} must exist."
exit 1
fi
. "${SCRIPTPATH}"/"${CONFIG_NAME}"
INCLUDES_PATH="${SCRIPTPATH}"/includes
JAILS_MOUNT=$(zfs get -H -o value mountpoint $(iocage get -p)/iocage)
RELEASE=$(freebsd-version | sed "s/STABLE/RELEASE/g" | sed "s/-p[0-9]*//")
# Check that necessary variables were set by nextcloud-config
if [ -z "${JAIL_IP}" ]; then
echo 'Configuration error: JAIL_IP must be set'
exit 1
fi
if [ -z "${JAIL_INTERFACES}" ]; then
echo 'JAIL_INTERFACES not set, defaulting to: vnet0:bridge0'
JAIL_INTERFACES="vnet0:bridge0"
fi
if [ -z "${DEFAULT_GW_IP}" ]; then
echo 'Configuration error: DEFAULT_GW_IP must be set'
exit 1
fi
if [ -z "${POOL_PATH}" ]; then
echo 'Configuration error: POOL_PATH must be set'
exit 1
fi
if [ -z "${HOST_NAME}" ]; then
echo 'Configuration error: HOST_NAME must be set'
exit 1
fi
# If CONFIG_PATH wasn't set in nextcloud-config, set it
if [ -z "${CONFIG_PATH}" ]; then
CONFIG_PATH="${POOL_PATH}"/apps/caddy
fi
# Extract IP and netmask, sanity check netmask
IP=$(echo ${JAIL_IP} | cut -f1 -d/)
NETMASK=$(echo ${JAIL_IP} | cut -f2 -d/)
if [ "${NETMASK}" = "${IP}" ]
then
NETMASK="24"
fi
if [ "${NETMASK}" -lt 8 ] || [ "${NETMASK}" -gt 30 ]
then
NETMASK="24"
fi
#####
#
# Jail Creation
#
#####
# List packages to be auto-installed after jail creation
cat <<__EOF__ >/tmp/pkg.json
{
"pkgs":[
"nano","bash","go","git"
]
}
__EOF__
# Create the jail and install previously listed packages
if ! iocage create --name "${JAIL_NAME}" -p /tmp/pkg.json -r "${RELEASE}" interfaces="${JAIL_INTERFACES}" ip4_addr="${INTERFACE}|${IP}/${NETMASK}" defaultrouter="${DEFAULT_GW_IP}" boot="on" host_hostname="${JAIL_NAME}" vnet="${VNET}"
then
echo "Failed to create jail"
exit 1
fi
rm /tmp/pkg.json
#####
#
# Directory Creation and Mounting
#
#####
mkdir -p "${CONFIG_PATH}"
iocage exec "${JAIL_NAME}" mkdir -p /mnt/includes
iocage exec "${JAIL_NAME}" mkdir -p /usr/local/www
iocage fstab -a "${JAIL_NAME}" "${CONFIG_PATH}" /usr/local/www nullfs rw 0 0
iocage fstab -a "${JAIL_NAME}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
#####
#
# Additional Dependency installation
#
#####
# Build xcaddy, use it to build Caddy
if ! iocage exec "${JAIL_NAME}" "go get -u github.com/caddyserver/xcaddy/cmd/xcaddy"
then
echo "Failed to get xcaddy, terminating."
exit 1
fi
if ! iocage exec "${JAIL_NAME}" go build -o /usr/local/bin/xcaddy github.com/caddyserver/xcaddy/cmd/xcaddy
then
echo "Failed to build xcaddy, terminating."
exit 1
fi
if [ -n "${DNS_PLUGIN}" ]; then
if ! iocage exec "${JAIL_NAME}" xcaddy build --output /usr/local/bin/caddy --with github.com/caddy-dns/"${DNS_PLUGIN}"
then
echo "Failed to build Caddy with ${DNS_PLUGIN} plugin, terminating."
exit 1
fi
else
if ! iocage exec "${JAIL_NAME}" xcaddy build --output /usr/local/bin/caddy
then
echo "Failed to build Caddy without plugin, terminating."
exit 1
fi
fi
# Copy pre-written config files
iocage exec "${JAIL_NAME}" cp /mnt/includes/caddy /usr/local/etc/rc.d/
iocage exec "${JAIL_NAME}" cp /mnt/includes/Caddyfile.example /usr/local/www/
iocage exec "${JAIL_NAME}" cp -n /mnt/includes/Caddyfile /usr/local/www/ 2>/dev/null
iocage exec "${JAIL_NAME}" sysrc caddy_enable="YES"
iocage exec "${JAIL_NAME}" sysrc caddy_config="/usr/local/www/Caddyfile"
iocage restart "${JAIL_NAME}"
# Don't need /mnt/includes any more, so unmount it
iocage fstab -r "${JAIL_NAME}" "${INCLUDES_PATH}" /mnt/includes nullfs rw 0 0
Reference in New Issue View Git Blame Copy Permalink