108 lines
2.5 KiB
Bash
108 lines
2.5 KiB
Bash
#!/bin/sh -e
|
|
|
|
[ "$1" == "--stop" ] && { killall haproxy openvpn sshd rsyslogd; exit; }
|
|
|
|
if [ -d /srv/rsyslog ]
|
|
then
|
|
if [ -n "$( ls /srv/rsyslog/*.conf )" ]
|
|
then
|
|
echo -n "Install Rsyslog configuration... "
|
|
cp -p /srv/rsyslog/*.conf /etc/rsyslog.d/
|
|
echo done.
|
|
fi
|
|
|
|
echo "Start rsyslog service..."
|
|
/usr/sbin/rsyslogd
|
|
echo done.
|
|
else
|
|
echo "Rsyslog configuration directory not found (/srv/rsyslog)"
|
|
fi
|
|
|
|
if [ -d /srv/ssh ]
|
|
then
|
|
# Generate key if missing
|
|
if [ -z "$( ls /srv/ssh/*_key 2> /dev/null )" ]
|
|
then
|
|
echo "Generate SSH host keys..."
|
|
ssh-keygen -A
|
|
cp -p /etc/ssh/*_key* /srv/ssh/
|
|
echo done.
|
|
else
|
|
echo "Existing SSH host keys present, reuse it"
|
|
|
|
# Install host keys
|
|
echo -n "Install SSH host keys... "
|
|
cp -p /srv/ssh/*_key /srv/ssh/*_key.pub /etc/ssh/
|
|
chown root: /etc/ssh/*_key*
|
|
chmod 600 /etc/ssh/*_key
|
|
chmod 644 /etc/ssh/*_key.pub
|
|
echo done.
|
|
fi
|
|
|
|
# Install configuration
|
|
if [ -n "$( ls /srv/ssh/*.conf 2> /dev/null )" ]
|
|
then
|
|
echo -n "Install custom SSH configuration files... "
|
|
cp -p /srv/ssh/*.conf /etc/ssh/sshd_config.d/
|
|
echo done.
|
|
else
|
|
echo "No custom SSH configuration files found. Put it in /srv/ssh if need (with .conf extension)."
|
|
fi
|
|
|
|
# Install authorized_keys file
|
|
if [ -e /srv/ssh/authorized_keys ]
|
|
then
|
|
echo -n "Install SSH authorized keys (from /srv/ssh/authorized_keys file)... "
|
|
cat /srv/ssh/authorized_keys > /root/.ssh/authorized_keys
|
|
chmod 644 /root/.ssh/authorized_keys
|
|
echo done.
|
|
else
|
|
echo "No SSH authorized keys to install. Put it in /srv/ssh/authorized_keys file."
|
|
fi
|
|
|
|
# Start SSH
|
|
echo -n "Start SSH service... "
|
|
/usr/sbin/sshd -f /etc/ssh/sshd_config
|
|
echo done.
|
|
else
|
|
echo "SSH configuration directory not found (/srv/ssh)"
|
|
fi
|
|
|
|
if [ -d /srv/openvpn ]
|
|
then
|
|
# Generate secret on first start
|
|
if [ ! -e /srv/openvpn/secret.key ]
|
|
then
|
|
echo -n "Generate missing share secret key file... "
|
|
openvpn --genkey secret /srv/openvpn/secret.key
|
|
chmod 400 /srv/openvpn/secret.key
|
|
echo done.
|
|
fi
|
|
|
|
# Ensure /dev/net/tun is present
|
|
mkdir -p /dev/net
|
|
if [ ! -c /dev/net/tun ]; then
|
|
mknod /dev/net/tun c 10 200
|
|
fi
|
|
|
|
# Start OpenVPN
|
|
echo -n "Start OpenVPN ... "
|
|
/usr/sbin/openvpn --daemon --config /srv/openvpn/client.conf
|
|
echo done.
|
|
else
|
|
echo "OpenVPN configuration directory not found (/srv/openvpn)"
|
|
fi
|
|
|
|
if [ -d /srv/haproxy ]
|
|
then
|
|
# Start Haproxy
|
|
echo -n "Start Haproxy ... "
|
|
/usr/sbin/haproxy -f /srv/haproxy/haproxy.cfg
|
|
echo done.
|
|
else
|
|
echo "Haproxy configuration directory not mount (/srv/haproxy)"
|
|
fi
|
|
|
|
echo "Run interactive shell"
|
|
sh
|