Alexander Zhirov
204512d6ad
All checks were successful
Build / Build project (push) Successful in 9m44s
241 lines
7.5 KiB
Bash
Executable file
241 lines
7.5 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
# Script to launch wstunnel client using parameters from the [client] section of a configuration file
|
|
|
|
# Configuration file paths
|
|
PRIMARY_CONFIG="/etc/wstunnel/wstunnel.conf"
|
|
FALLBACK_CONFIG="/usr/share/defaults/etc/wstunnel/wstunnel.conf"
|
|
|
|
# Determine which configuration file to use
|
|
CONFIG_FILE=""
|
|
if [ -f "$PRIMARY_CONFIG" ]; then
|
|
CONFIG_FILE="$PRIMARY_CONFIG"
|
|
elif [ -f "$FALLBACK_CONFIG" ]; then
|
|
CONFIG_FILE="$FALLBACK_CONFIG"
|
|
else
|
|
echo "Error: Configuration file not found at '$PRIMARY_CONFIG' or '$FALLBACK_CONFIG'."
|
|
exit 1
|
|
fi
|
|
|
|
# Check if a configuration file is provided as an argument (overrides default paths)
|
|
if [ $# -eq 1 ]; then
|
|
CONFIG_FILE="$1"
|
|
if [ ! -f "$CONFIG_FILE" ]; then
|
|
echo "Error:Specified configuration file '$CONFIG_FILE' not found."
|
|
exit 1
|
|
fi
|
|
fi
|
|
|
|
# Initialize variables for wstunnel client parameters
|
|
SERVER_ADDRESS=""
|
|
LOCAL_TO_REMOTE=()
|
|
REMOTE_TO_LOCAL=()
|
|
NO_COLOR=""
|
|
SOCKET_SO_MARK=""
|
|
CONNECTION_MIN_IDLE=""
|
|
NB_WORKER_THREADS=""
|
|
CONNECTION_RETRY_MAX_BACKOFF=""
|
|
LOG_LEVEL=""
|
|
TLS_SNI_OVERRIDE=""
|
|
TLS_SNI_DISABLE=""
|
|
TLS_VERIFY_CERTIFICATE=""
|
|
HTTP_PROXY=""
|
|
HTTP_PROXY_LOGIN=""
|
|
HTTP_PROXY_PASSWORD=""
|
|
HTTP_UPGRADE_PATH_PREFIX=""
|
|
HTTP_UPGRADE_CREDENTIALS=""
|
|
WEBSOCKET_PING_FREQUENCY=""
|
|
WEBSOCKET_MASK_FRAME=""
|
|
HTTP_HEADERS=()
|
|
HTTP_HEADERS_FILE=""
|
|
TLS_CERTIFICATE=""
|
|
TLS_PRIVATE_KEY=""
|
|
DNS_RESOLVER=()
|
|
DNS_RESOLVER_PREFER_IPV4=""
|
|
REVERSE_RECONNECT_MAX_DELAY=""
|
|
|
|
# Function to trim whitespace
|
|
trim() {
|
|
local var="$1"
|
|
var="${var#"${var%%[![:space:]]*}"}" # Remove leading whitespace
|
|
var="${var%"${var##*[![:space:]]}"}" # Remove trailing whitespace
|
|
echo -n "$var"
|
|
}
|
|
|
|
# Parse the [client] section of the INI file
|
|
current_section=""
|
|
while IFS='=' read -r key value; do
|
|
# Skip empty lines and comments
|
|
if [[ -z "$key" || "$key" =~ ^\s*# || "$key" =~ ^\s*\; ]]; then
|
|
continue
|
|
fi
|
|
|
|
# Check for section headers
|
|
if [[ "$key" =~ ^\s*\[.*\]\s*$ ]]; then
|
|
current_section=$(echo "$key" | sed 's/^\s*\[\(.*\)\]\s*$/\1/')
|
|
continue
|
|
fi
|
|
|
|
# Process only the [client] section
|
|
if [ "$current_section" != "client" ]; then
|
|
continue
|
|
fi
|
|
|
|
# Trim whitespace from key and value
|
|
key=$(trim "$key")
|
|
value=$(trim "$value")
|
|
|
|
# Skip if value is empty
|
|
if [ -z "$value" ]; then
|
|
continue
|
|
fi
|
|
|
|
# Map INI keys to wstunnel client parameters
|
|
case "$key" in
|
|
server_address)
|
|
SERVER_ADDRESS="$value"
|
|
;;
|
|
local_to_remote)
|
|
# Split comma-separated values into array
|
|
IFS=',' read -ra ltr_array <<< "$value"
|
|
for ltr in "${ltr_array[@]}"; do
|
|
LOCAL_TO_REMOTE+=("$(trim "$ltr")")
|
|
done
|
|
;;
|
|
remote_to_local)
|
|
# Split comma-separated values into array
|
|
IFS=',' read -ra rtl_array <<< "$value"
|
|
for rtl in "${rtl_array[@]}"; do
|
|
REMOTE_TO_LOCAL+=("$(trim "$rtl")")
|
|
done
|
|
;;
|
|
no_color)
|
|
NO_COLOR="$value"
|
|
;;
|
|
socket_so_mark)
|
|
SOCKET_SO_MARK="$value"
|
|
;;
|
|
connection_min_idle)
|
|
CONNECTION_MIN_IDLE="$value"
|
|
;;
|
|
nb_worker_threads)
|
|
NB_WORKER_THREADS="$value"
|
|
;;
|
|
connection_retry_max_backoff)
|
|
CONNECTION_RETRY_MAX_BACKOFF="$value"
|
|
;;
|
|
log_level)
|
|
LOG_LEVEL="$value"
|
|
;;
|
|
tls_sni_override)
|
|
TLS_SNI_OVERRIDE="$value"
|
|
;;
|
|
tls_sni_disable)
|
|
TLS_SNI_DISABLE="$value"
|
|
;;
|
|
tls_verify_certificate)
|
|
TLS_VERIFY_CERTIFICATE="$value"
|
|
;;
|
|
http_proxy)
|
|
HTTP_PROXY="$value"
|
|
;;
|
|
http_proxy_login)
|
|
HTTP_PROXY_LOGIN="$value"
|
|
;;
|
|
http_proxy_password)
|
|
HTTP_PROXY_PASSWORD="$value"
|
|
;;
|
|
http_upgrade_path_prefix)
|
|
HTTP_UPGRADE_PATH_PREFIX="$value"
|
|
;;
|
|
http_upgrade_credentials)
|
|
HTTP_UPGRADE_CREDENTIALS="$value"
|
|
;;
|
|
websocket_ping_frequency)
|
|
WEBSOCKET_PING_FREQUENCY="$value"
|
|
;;
|
|
websocket_mask_frame)
|
|
WEBSOCKET_MASK_FRAME="$value"
|
|
;;
|
|
http_headers)
|
|
# Split comma-separated values into array
|
|
IFS=',' read -ra headers_array <<< "$value"
|
|
for header in "${headers_array[@]}"; do
|
|
HTTP_HEADERS+=("$(trim "$header")")
|
|
done
|
|
;;
|
|
http_headers_file)
|
|
HTTP_HEADERS_FILE="$value"
|
|
;;
|
|
tls_certificate)
|
|
TLS_CERTIFICATE="$value"
|
|
;;
|
|
tls_private_key)
|
|
TLS_PRIVATE_KEY="$value"
|
|
;;
|
|
dns_resolver)
|
|
DNS_RESOLVER+=("$value")
|
|
;;
|
|
dns_resolver_prefer_ipv4)
|
|
DNS_RESOLVER_PREFER_IPV4="$value"
|
|
;;
|
|
reverse_reconnect_max_delay)
|
|
REVERSE_RECONNECT_MAX_DELAY="$value"
|
|
;;
|
|
esac
|
|
done < "$CONFIG_FILE"
|
|
|
|
# Build the wstunnel client command
|
|
CMD=("wstunnel" "client")
|
|
|
|
# Add server address (required argument)
|
|
if [ -z "$SERVER_ADDRESS" ]; then
|
|
echo "Error: server_address is required in the [client] section of the configuration file."
|
|
exit 1
|
|
fi
|
|
CMD+=("$SERVER_ADDRESS")
|
|
|
|
# Add optional parameters
|
|
for ltr in "${LOCAL_TO_REMOTE[@]}"; do
|
|
CMD+=("-L" "$ltr")
|
|
done
|
|
for rtl in "${REMOTE_TO_LOCAL[@]}"; do
|
|
CMD+=("-R" "$rtl")
|
|
done
|
|
[ "$NO_COLOR" = "true" ] && CMD+=("--no-color" "true")
|
|
[ -n "$SOCKET_SO_MARK" ] && CMD+=("--socket-so-mark" "$SOCKET_SO_MARK")
|
|
[ -n "$CONNECTION_MIN_IDLE" ] && CMD+=("--connection-min-idle" "$CONNECTION_MIN_IDLE")
|
|
[ -n "$CONNECTION_RETRY_MAX_BACKOFF" ] && CMD+=("--connection-retry-max-backoff" "$CONNECTION_RETRY_MAX_BACKOFF")
|
|
[ -n "$LOG_LEVEL" ] && CMD+=("--log-lvl" "$LOG_LEVEL")
|
|
[ -n "$TLS_SNI_OVERRIDE" ] && CMD+=("--tls-sni-override" "$TLS_SNI_OVERRIDE")
|
|
[ "$TLS_SNI_DISABLE" = "true" ] && CMD+=("--tls-sni-disable")
|
|
[ "$TLS_VERIFY_CERTIFICATE" = "true" ] && CMD+=("--tls-verify-certificate")
|
|
[ -n "$HTTP_PROXY" ] && CMD+=("--http-proxy" "$HTTP_PROXY")
|
|
[ -n "$HTTP_PROXY_LOGIN" ] && CMD+=("--http-proxy-login" "$HTTP_PROXY_LOGIN")
|
|
[ -n "$HTTP_PROXY_PASSWORD" ] && CMD+=("--http-proxy-password" "$HTTP_PROXY_PASSWORD")
|
|
[ -n "$HTTP_UPGRADE_PATH_PREFIX" ] && CMD+=("--http-upgrade-path-prefix" "$HTTP_UPGRADE_PATH_PREFIX")
|
|
[ -n "$HTTP_UPGRADE_CREDENTIALS" ] && CMD+=("--http-upgrade-credentials" "$HTTP_UPGRADE_CREDENTIALS")
|
|
[ -n "$WEBSOCKET_PING_FREQUENCY" ] && CMD+=("--websocket-ping-frequency" "$WEBSOCKET_PING_FREQUENCY")
|
|
[ "$WEBSOCKET_MASK_FRAME" = "true" ] && CMD+=("--websocket-mask-frame")
|
|
for header in "${HTTP_HEADERS[@]}"; do
|
|
CMD+=("--http-headers" "$header")
|
|
done
|
|
[ -n "$HTTP_HEADERS_FILE" ] && CMD+=("--http-headers-file" "$HTTP_HEADERS_FILE")
|
|
[ -n "$TLS_CERTIFICATE" ] && CMD+=("--tls-certificate" "$TLS_CERTIFICATE")
|
|
[ -n "$TLS_PRIVATE_KEY" ] && CMD+=("--tls-private-key" "$TLS_PRIVATE_KEY")
|
|
[ -n "$REVERSE_RECONNECT_MAX_DELAY" ] && CMD+=("--reverse-reconnect-max-delay" "$REVERSE_RECONNECT_MAX_DELAY")
|
|
for resolver in "${DNS_RESOLVER[@]}"; do
|
|
CMD+=("--dns-resolver" "$resolver")
|
|
done
|
|
[ "$DNS_RESOLVER_PREFER_IPV4" = "true" ] && CMD+=("--dns-resolver-prefer-ipv4")
|
|
|
|
# Set environment variable for nb_worker_threads if specified
|
|
if [ -n "$NB_WORKER_THREADS" ]; then
|
|
export TOKIO_WORKER_THREADS="$NB_WORKER_THREADS"
|
|
fi
|
|
|
|
# Print the command for debugging
|
|
echo "Using configuration file: $CONFIG_FILE"
|
|
|
|
# Execute the wstunnel client command
|
|
exec "${CMD[@]}"
|