#!/bin/bash # # jelinit Start/Stop the jelinit daemon. # # chkconfig: 2345 99 60 # description: jelinit # ### BEGIN INIT INFO # Provides: jelinit # Required-Start: $local_fs $time $network $named $remote_fs $all # Required-Stop: $local_fs # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: Start/stop # # Description: The init script will start/stop # Then log (FATAL,ERROR,WARN,INFO and Notic) ### END INIT INFO FIREWALL_RULES_DIR="/etc/jelastic/iptables" DOCKER_RUN_LOG="/var/log/run.log" RUN_CMD="/.jelstart" ENTRYPOINT_CMD="/.jelentry" WORKINDIR_CMD="/.jelworkdir" RUNSCRIPT=$( sed -e ':a;N;$!ba;s/\n/ /g' -e 's|\s*/bin/sh\s*-c||' -e 's/^[[:space:]]*//' -e 's/[[:space:]]*$//' <<< cat $ENTRYPOINT_CMD $RUN_CMD 2>/dev/null ) dir=$(cat $WORKINDIR_CMD 2>/dev/null ) && cd ${dir:-/} 2>/dev/null; SSHINIT="/etc/init.d/ssh" JELINIT_LOCK="/var/run/lock/jelinit.lock" JELINIT_FIRSTRUN="/run/lock/jelinit.firstrun" [ -f /.jeluser ] && { DOCKER_USER=$( cat /.jeluser ) DOCKER_USER_NAME=$(getent passwd $DOCKER_USER | sed -r 's/^([^:]+):.*/\1/') [ -z "$DOCKER_USER_NAME" ] || DOCKER_USER=$DOCKER_USER_NAME } [ ! -d /var/run/lock/ ] && mkdir -p /var/run/lock/ >/dev/null 2>/dev/null log_end_msg(){ echo "$1" } log_daemon_msg(){ echo -n "$1" } function findUserShell() { getent passwd $1 | cut -d: -f7 } function detectShell() { local shells=("/bin/bash" "/bin/sh" "/bin/dash" ) for s in $shells ; do [ -x "$s" ] && { echo $s ; return 0; } done return 1 } SYSTEMCTL_SKIP_REDIRECT="true" _SYSTEMCTL_SKIP_REDIRECT="true" [ -f "/lib/lsb/init-functions" ] && . /lib/lsb/init-functions if [ -f "/.jelenv" ] then OLD_IFS=$IFS; IFS="$(printf '\n ')" && IFS="${IFS% }" vars="$(sed -r 's/([^=]+).*/\$\1/g' /.jelenv)" for env in $(cat /.jelenv); do env=$(echo "$env" | envsubst "$vars" ) export "$env" done for env in $(cat /.jelenv); do env=$(echo "$env" | envsubst "$vars" ) export "$env" done IFS=$OLD_IFS fi PATH="$PATH:/bin:/usr/bin:/sbin:/usr/sbin:/usr/local/sbin:/usr/local/bin" runfile=$(awk '{print $1}' <<< $RUNSCRIPT ); [ ! -z "$runfile" -a -f "${runfile}" ] && { chmod a+x "${runfile}"; } || { runfile=$(which $runfile 2>/dev/null ); [ ! -z "$runfile" -a -f "${runfile}" ] && { chmod a+x "${runfile}"; } } function mounta(){ systemctl status network-online.target >>/var/log/jem.log 2>&1 ; mount -a >>/var/log/jem.log 2>&1; if grep -qE '^[^#]*\snfs\s' /etc/fstab ; then count=$( grep -c '^[^#]*\snfs\s' /etc/fstab ) mcount=0; iter=0; iterlimit=120; while [[ $mcount -lt $count ]]; do sleep 1; mount -a >>/var/log/jem.log 2>&1; mcount=$(mount | grep -c nfs); let "iter += 1"; [ "$iter" -ge "$iterlimit" ] && break done fi } function patchenv(){ temp_dirs="/run/apache2 /run/lock/apache2 /run/mysqld/" ; for temp_dir in $temp_dirs do mkdir -p $temp_dir; chmod 777 $temp_dir; done [ -f /etc/jelastic/metainf.conf ] && mounta & } ports="^(21|22|23|25|53|80|110|111|143|139|389|443|445|465|587|993|995|1433|1434|1521|1528|2424|2483|2484|3306|4447|5432|6262|8743|8009|27017|11211)$" function rpss(){ val=$(ss -tnlp 2>/dev/null | grep -v '127.0.0.'| sed -r -e '1d' -e 's/LISTEN[^:]+[:0-9a-z\.\*]{0,}:+//g' | cut -d' ' -f1 ); echo "$val"; } function rpnetstat(){ val=$(netstat -tnlp 2>/dev/null| grep -v '127.0.0.'| sed -r -e '1,2d' -e 's/tcp[^:]+[:0-9a-z]{1,}:+//g' | cut -d' ' -f1 ) echo "$val"; } function addIptablesRedirect(){ local rPort=$1; for ipt_cmd in iptables ip6tables; do [ ! -z "$rPort" ] && $ipt_cmd -t nat -L 2>/dev/null | grep -qE "REDIRECT.*$rPort" || $ipt_cmd -t nat -I PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports $rPort -m comment --comment "Jelastic HTTP Autoredirect" 2>/dev/null; done } function setFirewallRules() { [ -d "$FIREWALL_RULES_DIR" ] && { for t in "$FIREWALL_RULES_DIR/*.save" ; do /sbin/iptables-restore --noflush < $t done } } function setRedirect(){ tryresetcount=60 priorityPorts="8080" local port count=100 while [ $count -ge 0 ]; do iptab=`which iptables` ; [ -z "$iptab" ] && sleep 1 || break count=$((count-1)) done if [ ! -z "$JELASTIC_EXPOSE" ] ; then if [ ! -z "${JELASTIC_EXPOSE##*[!0-9]*}" ]; then if [ $JELASTIC_EXPOSE -ge 1 -a $JELASTIC_EXPOSE -le 65535 ]; then echo "add redirect to $JELASTIC_EXPOSE" >> ${ACTION_LOG} ; addIptablesRedirect "$JELASTIC_EXPOSE" ; return 0; fi fi fi [ ! -z $JELASTIC_PRIORITY_PORTS ] && priorityPorts="${priorityPorts}|${JELASTIC_PRIORITY_PORTS//\,/|}"; [ ! -z "$J_TRYCOUNT" ] && tryresetcount=$J_TRYCOUNT eval "command -v netstat >/dev/null 2>&1 && get_ports=rpnetstat || get_ports=rpss"; CURL_RUN="-sI -X GET -H 'HTTP/1.1' http://127.0.0.1:" ACTION_LOG="/var/log/jem.log" echo "JELASTIC_PRIORITY_PORTS=${priorityPorts%\|}" >> $ACTION_LOG while [ $tryresetcount -gt 0 ] do eval "command -v curl >/dev/null 2>>${ACTION_LOG} && CURL=$(command -v curl ) || CURL=''"; S_REDIRECT_PORT=$( $get_ports ); if grep -q -E "^80$" <<< "$S_REDIRECT_PORT"; then echo "port 80 detected" >>${ACTION_LOG} exit 0 fi port=$( grep -E "^(${priorityPorts%\|})$" <<< "$S_REDIRECT_PORT" | sort -un | head -n1 ) if [ ! -z "$port" ] ; then addIptablesRedirect "$port" ; exit 0; fi sleep 2; tryresetcount=$((tryresetcount-1)) done tryresetcount=200 while [ $tryresetcount -gt 0 ] do S_REDIRECT_PORT=$( $get_ports ); for port in $( grep -v -E $ports <<< "$S_REDIRECT_PORT" | sort -un ) do if [[ $CURL ]] ; then $CURL ${CURL_RUN}${port} >> ${ACTION_LOG} 2>&1 result=$? if [ $result -eq 0 ] ; then addIptablesRedirect "$port" ; echo "port detected ${port} " >>${ACTION_LOG} exit 0; fi else addIptablesRedirect "$port" ; echo "port detected ${port} " >>${ACTION_LOG} exit 0; fi done sleep 2 tryresetcount=$((tryresetcount-1)) done } start () { ACTION_LOG="/var/log/jem.log" [ -f "$JELINIT_FIRSTRUN" ] && { [ -f "$JELINIT_LOCK" ] && { rm -f $JELINIT_FIRSTRUN; exit 0; } } [ -f "$JELINIT_LOCK" ] && { echo "jelinit exists" >> ${ACTION_LOG} pid=$(cat "$JELINIT_LOCK") if [ ! -z "$pid" ] && [ -f /proc/$pid/cmdline ] && grep -q jelinit "/proc/$pid/cmdline" ; then return ; else rm -f "$JELINIT_LOCK" ; fi } echo "$$" > "$JELINIT_LOCK"; patchenv [ -f "/sbin/ifconfig" -a ! -e "/bin/systemctl" ] && /sbin/ifconfig lo up; [ ! -f "${DOCKER_RUN_LOG}" ] && touch ${DOCKER_RUN_LOG} 2>/dev/null chmod a+w "${DOCKER_RUN_LOG}" 2>/dev/null ii=5 while [ $ii -ge 0 ]; do ip r get 1 &>/dev/null && break let "ii -= 1" sleep 1 done [ -f "$SSHINIT" -o -L "$SSHINIT" ] && $SSHINIT start & [ ! -z "$RUNSCRIPT" ] && { ulimit -n 65536 homedir=$( getent passwd "${DOCKER_USER:-root}" | cut -d: -f6 ) if [ -z "$DOCKER_USER" ] ; then export PATH="$PATH" && ( /bin/sh -c "cd ${dir:-/}; ${RUNSCRIPT}" >>${DOCKER_RUN_LOG} 2>>${DOCKER_RUN_LOG} & ) else shell=$(findUserShell "${DOCKER_USER}" "/etc/passwd") if [ "x$shell" == "x" ] ; then shell='/bin/sh'; fi if grep -q '/nologin$' <<< "$shell" || grep -q '/false$' <<< "$shell" ; then nshell=$(detectShell) [ -z "$nshell" ] && nshell="$shell" echo "No valid login shell found for user ${DOCKER_USER}" >> "${DOCKER_RUN_LOG}" else nshell=$shell fi export PATH="$PATH" && ( su - ${DOCKER_USER} -s $nshell -c /bin/sh -c "cd ${dir:-/}; source /etc/profile; export HOME=${homedir}; ${RUNSCRIPT}" >>${DOCKER_RUN_LOG} 2>>${DOCKER_RUN_LOG} & ) fi if [ "$JELASTIC_EXPOSE" == "0" -o "x${JELASTIC_EXPOSE^^}" == "xDISABLED" -o "x${JELASTIC_EXPOSE^^}" == "xFALSE" ]; then echo "Port autoredirect disabled : $JELASTIC_EXPOSE " >> ${ACTION_LOG} for ipt_cmd in iptables ip6tables; do if [ -n "$($ipt_cmd -L -n -t nat | grep 'Jelastic HTTP Autoredirect')" ]; then local TARGET_REDIRECT_PORT=$($ipt_cmd -L -t nat | grep 'Jelastic HTTP Autoredirect'| awk '{print $NF}'); /sbin/$ipt_cmd -t nat -D PREROUTING -p tcp -m tcp --dport 80 -j REDIRECT --to-ports ${TARGET_REDIRECT_PORT} -m comment --comment "Jelastic HTTP Autoredirect" fi done return 0 ; else setRedirect >>$DOCKER_RUN_LOG 2>&1 & fi } setFirewallRules return $? } stop () { [ ! -z "$JRUN_CMD" ] && echo $JRUN_CMD | grep -qw 'start' && eval $(sed -r 's/[[:blank:]]+start([[:blank:]]+|$)/ stop /' <<< $JRUN_CMD) rm -f $JELINIT_FIRSTRUN; [ ! -f "$JELINIT_LOCK" ] && return || rm "$JELINIT_LOCK"; } case "$1" in start) log_daemon_msg "Starting jelinit" if start ; then log_end_msg $? else log_end_msg $? fi ;; stop) log_daemon_msg "Stopping jelinit" if stop ; then log_end_msg $? else log_end_msg $? fi ;; restart) log_daemon_msg "Restarting jelinit" stop if start ; then log_end_msg $? else log_end_msg $? fi ;; reload|force-reload) log_daemon_msg "Reloading jelinit" stop if start ; then log_end_msg $? else log_end_msg $? fi ;; status) exit 0 ;; *) echo "Usage: /etc/init.d/$NAME {start|stop|restart|reload|force-reload|status}" exit 3 ;; esac exit 0