diff --git a/docker-compose.nginx.yaml b/docker-compose.nginx.yaml new file mode 100644 index 0000000..99ade7e --- /dev/null +++ b/docker-compose.nginx.yaml @@ -0,0 +1,23 @@ +version: '3.5' + + +services: + + # nginx container + nginx: + container_name: nginx + hostname: ${HOSTNAME} + image: nginx:latest + volumes: + - ./nginx-docker/configs/:/etc/nginx/ + - ./certificates/certs/:/etc/ssl/certs/ + - ./certificates/private/:/etc/ssl/private/ + - ./certificates/dhparam.pem:/etc/nginx/dhparam.pem + ports: + - "80:80" + - "443:443" + - "853:853" + networks: + dns_network0: + ipv4_address: 172.16.1.2 + restart: always \ No newline at end of file diff --git a/docker-compose.traefik.yaml b/docker-compose.traefik.yaml new file mode 100644 index 0000000..d88fe05 --- /dev/null +++ b/docker-compose.traefik.yaml @@ -0,0 +1,104 @@ +version: '3.5' + + +services: + + # DoH server container + doh_server: + networks: + traefik_proxy: + ipv4_address: 172.16.0.3 + + # pihole container + pihole: + networks: + traefik_proxy: + ipv4_address: 172.16.0.4 + + # nginx container + nginx: + container_name: nginx + hostname: ${HOSTNAME} + image: nginx:latest + volumes: + - ./nginx-docker/configs/:/etc/nginx/ + - ./certificates/certs/:/etc/ssl/certs/ + - ./certificates/private/:/etc/ssl/private/ + - ./certificates/dhparam.pem:/etc/nginx/dhparam.pem + expose: + - 853 + networks: + dns_network0: + ipv4_address: 172.16.1.2 + traefik_proxy: + ipv4_address: 172.16.0.2 + restart: always + labels: + - traefik.enable=true + - traefik.docker.network=traefik_proxy + ##### tcp + ### services + # backend port + - traefik.tcp.services.svc-nginx_dot.loadbalancer.server.port=853 + ### routers + # DoT forward + - traefik.tcp.routers.rou_encr-nginx_dot.entrypoints=dot + - traefik.tcp.routers.rou_encr-nginx_dot.rule=HostSNI(`*`) + - traefik.tcp.routers.rou_encr-nginx_dot.tls.passthrough=true + - traefik.tcp.routers.rou_encr-nginx_dot.service=svc-nginx_dot + + # træfik container + traefik: + container_name: traefik + hostname: ${HOSTNAME} + image: traefik:v2.0 + environment: + - TZ=${TZ:-Europe/London} + volumes: + - /etc/localtime:/etc/localtime:ro + - /var/run/docker.sock:/var/run/docker.sock + - ./traefik-docker/configs/:/etc/traefik/ + - ./traefik-docker/shared/:/shared/:ro + - ./certificates/certs:/etc/ssl/certs/ + - ./certificates/private/:/etc/ssl/private/ + ports: + - "80:80" + - "443:443" + - "853:853" + - "8080:8080" + networks: + traefik_proxy: + ipv4_address: 172.16.0.250 + restart: always + labels: + - traefik.enable=true + - traefik.docker.network=traefik_proxy + ##### http + ### services + # backend port + - traefik.http.services.svc-traefik.loadbalancer.server.port=8080 + ### routers + # redirect http to https + - traefik.http.routers.rou-traefik.entrypoints=http + - traefik.http.routers.rou-traefik.rule=Host(`traefik.${DOMAIN}`) + - traefik.http.routers.rou-traefik.middlewares=https_redirect@file + # traefik dashboard + - traefik.http.routers.rou_encr-traefik.entrypoints=https + - traefik.http.routers.rou_encr-traefik.rule=Host(`traefik.${DOMAIN}`) + - traefik.http.routers.rou_encr-traefik.tls=true + - traefik.http.routers.rou_encr-traefik.tls.options=default + - traefik.http.routers.rou_encr-traefik.middlewares=secure_headers@file + - traefik.http.routers.rou_encr-traefik.service=svc-traefik + + +networks: + # Bridge network for træfik's communication + traefik_proxy: + name: traefik_proxy + driver: bridge + driver_opts: + encrypted: "true" + ipam: + config: + - subnet: 172.16.0.0/24 + attachable: false \ No newline at end of file diff --git a/docker-compose.yaml b/docker-compose.yaml index 2151358..0441a47 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -3,25 +3,6 @@ version: '3.5' services: -# # ngix container -# nginx: -# container_name: nginx -# hostname: ${HOSTNAME} -# image: nginx:latest -# volumes: -# - ./nginx-docker/configs/:/etc/nginx/ -# - ./certificates/certs/:/etc/ssl/certs/ -# - ./certificates/private/:/etc/ssl/private/ -# - ./certificates/dhparam.pem:/etc/nginx/dhparam.pem -# ports: -# - "80:80" -# - "443:443" -# - "853:853" -# networks: -# dns_network0: -# ipv4_address: 172.16.1.2 -# restart: always - # DoH server container doh_server: container_name: doh_server @@ -34,12 +15,10 @@ services: networks: dns_network0: ipv4_address: 172.16.1.3 - traefik_proxy: - ipv4_address: 172.16.0.3 restart: always labels: - traefik.enable=true - - traefik.docker.network=traefik_proxy + - traefik.docker.network=${TRAEFIK_NETWORK:-traefik_proxy} ##### http ### services # backend port @@ -77,14 +56,12 @@ services: networks: dns_network0: ipv4_address: 172.16.1.4 - traefik_proxy: - ipv4_address: 172.16.0.4 dns: - 127.0.0.1 restart: always labels: - traefik.enable=true - - traefik.docker.network=traefik_proxy + - traefik.docker.network=${TRAEFIK_NETWORK:-traefik_proxy} ##### http ### services # backend port @@ -130,7 +107,8 @@ services: # ### routers # # DoT forward # - traefik.tcp.routers.rou_encr-pihole_dns.entrypoints=dot -# - traefik.tcp.routers.rou_encr-pihole_dns.rule=HostSNI(`dot.${DOMAIN}`) +## - traefik.tcp.routers.rou_encr-pihole_dns.rule=HostSNI(`dot.${DOMAIN}`) +# - traefik.tcp.routers.rou_encr-pihole_dns.rule=HostSNI(`*`) # - traefik.tcp.routers.rou_encr-pihole_dns.tls=true # - traefik.tcp.routers.rou_encr-pihole_dns.tls.options=default # - traefik.tcp.routers.rou_encr-pihole_dns.service=svc-pihole_dns @@ -155,49 +133,6 @@ services: labels: - traefik.enable=false - # træfik container - traefik: - container_name: traefik - hostname: ${HOSTNAME} - image: traefik:v2.0 - environment: - - TZ=${TZ:-Europe/London} - volumes: - - /etc/localtime:/etc/localtime:ro - - /var/run/docker.sock:/var/run/docker.sock - - ./traefik-docker/configs/:/etc/traefik/ - - ./traefik-docker/shared/:/shared/:ro - - ./certificates/certs:/etc/ssl/certs/ - - ./certificates/private/:/etc/ssl/private/ - ports: - - "80:80" - - "443:443" - - "853:853" - - "8080:8080" - networks: - traefik_proxy: - ipv4_address: 172.16.0.250 - restart: always - labels: - - traefik.enable=true - - traefik.docker.network=traefik_proxy - ##### http - ### services - # backend port - - traefik.http.services.svc-traefik.loadbalancer.server.port=8080 - ### routers - # redirect http to https - - traefik.http.routers.rou-traefik.entrypoints=http - - traefik.http.routers.rou-traefik.rule=Host(`traefik.${DOMAIN}`) - - traefik.http.routers.rou-traefik.middlewares=https_redirect@file - # traefik dashboard - - traefik.http.routers.rou_encr-traefik.entrypoints=https - - traefik.http.routers.rou_encr-traefik.rule=Host(`traefik.${DOMAIN}`) - - traefik.http.routers.rou_encr-traefik.tls=true - - traefik.http.routers.rou_encr-traefik.tls.options=default - - traefik.http.routers.rou_encr-traefik.middlewares=secure_headers@file - - traefik.http.routers.rou_encr-traefik.service=svc-traefik - networks: # Bridge network for internal communication @@ -209,15 +144,4 @@ networks: ipam: config: - subnet: 172.16.1.0/24 - attachable: false - - # Bridge network for træfik's communication - traefik_proxy: - name: traefik_proxy - driver: bridge - driver_opts: - encrypted: "true" - ipam: - config: - - subnet: 172.16.0.0/24 attachable: false \ No newline at end of file diff --git a/run.sh b/run.sh index fe75435..b18e059 100755 --- a/run.sh +++ b/run.sh @@ -9,9 +9,14 @@ CYAN='\033[0;36m' # For INFO messages BLANK='\033[0m' # For resetting colors +# Default value for variables +NO_PROXY='n' +PROXY='traefik' + + # Func for showing usage string usage_string() { - echo -e "Usage: $0 [-R] [-U] [-h]" 1>&2; + echo -e "Usage: $0 [-R] [-U] [-h] [-p ] [-P]" 1>&2; } # Func for showing usage @@ -49,7 +54,7 @@ exit_err() { # Catching flags -while getopts ":RUh" flag; do +while getopts ":RUhpP" flag; do case $flag in R) # Restart conatiners. Accutally a recreation of the containers taking in changed configs. RECREATE_ALL='y' @@ -60,6 +65,16 @@ while getopts ":RUh" flag; do h) # Shows this help page. help ;; + p) # Set reverse proxy to use. 'ngnix' or 'traefik' (case insensitive). Default: traefik + if ! echo "${OPTARG}" | grep -iq 'nginx' && ! echo "${OPTARG}" | grep -iq 'traefik'; then + echo "No valid argument for '-p'." + exit_flag_err + fi + PROXY=$(echo "${OPTARG}" | awk '{print tolower($0)}') + ;; + P) # Start without a reverse proxy. Overwrites '-p'. + NO_PROXY='y' + ;; \?) echo "Invalid option: -${OPTARG}" >&2 exit_flag_err @@ -72,29 +87,45 @@ while getopts ":RUh" flag; do done -# docker-compose commands -if echo "${UPDATE_ALL}" | grep -q 'y'; then - echo "" - docker-compose down || exit_dc_err - docker-compose pull || exit_dc_err - docker-compose up -d --force-recreate || exit_dc_err -elif echo "${RECREATE_ALL}" | grep -q 'y'; then - echo "" - docker-compose down || exit_dc_err - docker-compose up -d --force-recreate || exit_dc_err +# Different start compositions +if echo "${NO_PROXY}" | grep -q 'y'; then + if echo "${UPDATE_ALL}" | grep -q 'y'; then + echo -e "\n${CYAN}INFO${BLANK}: Updating docker-pihole-unbound-encrypted without reverse proxy.\n" + docker-compose down || exit_dc_err + docker-compose pull || exit_dc_err + docker-compose up -d --force-recreate || exit_dc_err + elif echo "${RECREATE_ALL}" | grep -q 'y'; then + echo -e "\n${CYAN}INFO${BLANK}: Recreating docker-pihole-unbound-encrypted without reverse proxy.\n" + docker-compose down || exit_dc_err + docker-compose up -d --force-recreate || exit_dc_err + else + echo -e "\n${CYAN}INFO${BLANK}: Creating docker-pihole-unbound-encrypted without reverse proxy.\n" + docker-compose up -d --quiet-pull || exit_dc_err + fi else - echo "" - docker-compose up -d --quiet-pull || exit_dc_err + if echo "${UPDATE_ALL}" | grep -q 'y'; then + echo -e "\n${CYAN}INFO${BLANK}: Updating docker-pihole-unbound-encrypted with ${PROXY} reverse proxy.\n" + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml down || exit_dc_err + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml pull || exit_dc_err + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml up -d --force-recreate || exit_dc_err + elif echo "${RECREATE_ALL}" | grep -q 'y'; then + echo -e "\n${CYAN}INFO${BLANK}: Rereating docker-pihole-unbound-encrypted with ${PROXY} reverse proxy.\n" + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml down || exit_dc_err + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml up -d --force-recreate || exit_dc_err + else + echo -e "\n${CYAN}INFO${BLANK}: Creating docker-pihole-unbound-encrypted with ${PROXY} reverse proxy.\n" + docker-compose -f docker-compose.yaml -f docker-compose."${PROXY}".yaml up -d --quiet-pull || exit_dc_err + fi fi echo -e "\n####################\n" -echo -e "${CYAN}INFO${BLANK}! Starting docker-pihole-unbound-encrypted.\n" +echo -e "${CYAN}INFO${BLANK}: Starting docker-pihole-unbound-encrypted.\n" # Testing unbound-docker # Check if container started and works; timeout after 1 min -echo -e -n "${CYAN}INFO${BLANK}! Starting up unbound container " +echo -e -n "${CYAN}INFO${BLANK}: Starting up unbound container " for i in $(seq 1 20); do if [ "$(docker inspect -f "{{.State.Health.Status}}" unbound)" == "healthy" ]; then echo -e -n " ${GREEN}OK${BLANK}" @@ -106,12 +137,12 @@ for i in $(seq 1 20); do if [ "$i" -eq 20 ]; then echo -e -n " ${RED}FAILED${BLANK}" - echo -e "\n${RED}ERROR${BLANK}! Timed out waiting for unbound to start, check your container logs for more info (\`docker logs unbound\`)." - echo -e -n "${CYAN}INFO${BLANK}! Container health status of 'unbound': " && docker inspect -f {{.State.Health.Status}} unbound + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for unbound to start, check your container logs for more info (\`docker logs unbound\`)." + echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'unbound': " && docker inspect -f {{.State.Health.Status}} unbound exit_err fi done; -echo -e -n "\n${CYAN}INFO${BLANK}! Container health status of 'unbound': " && docker inspect -f {{.State.Health.Status}} unbound +echo -e -n "\n${CYAN}INFO${BLANK}: Container health status of 'unbound': " && docker inspect -f {{.State.Health.Status}} unbound # Test DNSSEC - The first command should give a status report of SERVFAIL and no IP address. The second should give NOERROR plus an IP address. TEST=$(docker exec unbound drill sigfail.verteiltesysteme.net @127.0.0.1 -p 53) @@ -120,27 +151,27 @@ then TEST=$(docker exec unbound drill sigok.verteiltesysteme.net @127.0.0.1 -p 53) if [ "$(echo "$TEST" | sed '/SERVER:/d' | grep -cE '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}')" = 1 ] && [ "$(echo "$TEST" | grep -c 'rcode: NOERROR')" = 1 ] then - echo -e "${GREEN}SUCCESS${BLANK}! DNSSEC works." + echo -e "${GREEN}SUCCESS${BLANK}: DNSSEC works." else - echo -e "${ORANGE}WARNING${BLANK}! DNSSEC fail with second check (positiv check)." + echo -e "${ORANGE}WARNING${BLANK}: DNSSEC fail with second check (positiv check)." fi else - echo -e "${ORANGE}WARNING${BLANK}! DNSSEC fail with first check (negativ check)." + echo -e "${ORANGE}WARNING${BLANK}: DNSSEC fail with first check (negativ check)." fi # Testing pihole-docker # Check if container started and works; timeout after 1 min -echo -e -n "\n${CYAN}INFO${BLANK}! Starting up pihole container " +echo -e -n "\n${CYAN}INFO${BLANK}: Starting up pihole container " for i in $(seq 1 20); do if [ "$(docker inspect -f "{{.State.Health.Status}}" pihole)" == "healthy" ]; then echo -e -n " ${GREEN}OK${BLANK}" HOST_IP=$(grep 'ServerIP' pihole-docker/configs/server.conf | sed 's/ServerIP=//') if [ "$(docker logs pihole 2> /dev/null | grep -c 'password:')" -gt 0 ]; then - echo -e "\n${CYAN}INFO${BLANK}! $(docker logs pihole 2> /dev/null | grep 'password:') for your pi-hole: https://${HOST_IP}/admin/." + echo -e "\n${CYAN}INFO${BLANK}: $(docker logs pihole 2> /dev/null | grep 'password:') for your pi-hole: https://${HOST_IP}/admin/." RAN_PW='y' else - echo -e "\n${CYAN}INFO${BLANK}! Set given WEBPASSWORD for your pi-hole: https://${HOST_IP}/admin/." + echo -e "\n${CYAN}INFO${BLANK}: Set given WEBPASSWORD for your pi-hole: https://${HOST_IP}/admin/." RAN_PW='n' fi break @@ -151,19 +182,19 @@ for i in $(seq 1 20); do if [ "$i" -eq 20 ]; then echo -e -n " ${RED}FAILED${BLANK}" - echo -e "\n${RED}ERROR${BLANK}! Timed out waiting for Pi-hole to start, check your container logs for more info (\`docker logs pihole\`)." - echo -e -n "${CYAN}INFO${BLANK}! Container health status of 'pihole': " && docker inspect -f {{.State.Health.Status}} pihole + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for Pi-hole to start, check your container logs for more info (\`docker logs pihole\`)." + echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'pihole': " && docker inspect -f {{.State.Health.Status}} pihole exit_err fi done; -echo -e -n "${CYAN}INFO${BLANK}! Container health status of 'pihole': " && docker inspect -f {{.State.Health.Status}} pihole +echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'pihole': " && docker inspect -f {{.State.Health.Status}} pihole # Check if blocklist setup is finished and when then restore custom conf; timeout after 10 min -echo -e -n "${CYAN}INFO${BLANK}! Waiting for blocklist setup to finish " +echo -e -n "${CYAN}INFO${BLANK}: Waiting for blocklist setup to finish " for i in $(seq 1 60); do if [ "$(docker logs pihole | grep -c "\[services.d\] done.")" -gt 0 ]; then echo -e -n " ${GREEN}OK${BLANK}" - echo -e "\n ${CYAN}INFO${BLANK}! Blocklists setup finished." + echo -e "\n ${CYAN}INFO${BLANK}: Blocklists setup finished." break else sleep 10 @@ -172,7 +203,7 @@ for i in $(seq 1 60); do if [ "$i" -eq 60 ]; then echo -e -n " ${RED}FAILED${BLANK}" - echo -e "\n${RED}ERROR${BLANK}! Timed out waiting for blocklists to set up, check your container logs for more info (\`docker logs pihole\`)." + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for blocklists to set up, check your container logs for more info (\`docker logs pihole\`)." exit_err fi done; @@ -180,7 +211,7 @@ done; # Testing doh_server-docker # Check if container started and is running; timeout after 1 min -echo -e -n "\n${CYAN}INFO${BLANK}! Starting up doh_server container " +echo -e -n "\n${CYAN}INFO${BLANK}: Starting up doh_server container " for i in $(seq 1 20); do if [ "$(docker inspect -f "{{.State.Status}}" doh_server)" == "running" ]; then if [ "$(docker inspect -f "{{.State.Status}}" doh_server)" == "running" ]; then @@ -195,68 +226,72 @@ for i in $(seq 1 20); do if [ "$i" -eq 20 ]; then echo -e -n " ${RED}FAILED${BLANK}" - echo -e "\n${RED}ERROR${BLANK}! Timed out waiting for doh_server to start, check your container logs for more info (\`docker logs doh_server\`)." - echo -e -n "${CYAN}INFO${BLANK}! Container health status of 'doh_server': " && docker inspect -f {{.State.Status}} doh_server + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for doh_server to start, check your container logs for more info (\`docker logs doh_server\`)." + echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'doh_server': " && docker inspect -f {{.State.Status}} doh_server exit_err fi done; -echo -e -n "\n${CYAN}INFO${BLANK}! Container health status of 'doh_server': " && docker inspect -f {{.State.Status}} doh_server - - -## Testing nginx-docker -## Check if container started and is running; timeout after 1 min -#printf '\nINFO! Starting up nginx container ' -#for i in $(seq 1 20); do -# if [ "$(docker inspect -f "{{.State.Status}}" nginx)" == "running" ]; then -# sleep 5 -# if [ "$(docker inspect -f "{{.State.Status}}" nginx)" == "running" ]; then -# printf 'OK' -# break -# fi -# else -# sleep 3 -# printf '.' -# fi -# -# if [ "$i" -eq 20 ]; then -# printf ' FAILED' -# echo -e "\nERROR! Timed out waiting for nginx to start, check your container logs for more info (\`docker logs nginx\`)" -# printf "INFO! Container health status of 'nginx': " && docker inspect -f {{.State.Status}} nginx -# exit_err -# fi -#done; -#printf "\nINFO! Container health status of 'nginx': " && docker inspect -f {{.State.Status}} nginx +echo -e -n "\n${CYAN}INFO${BLANK}: Container health status of 'doh_server': " && docker inspect -f {{.State.Status}} doh_server + + +# Testing nginx-docker +if echo "${PROXY}" | grep -q 'traefik' || echo "${PROXY}" | grep -q 'nginx'; then + # Check if container started and is running; timeout after 1 min + echo -e -n "\n${CYAN}INFO${BLANK}: Starting up nginx container " + for i in $(seq 1 20); do + if [ "$(docker inspect -f "{{.State.Status}}" nginx)" == "running" ]; then + sleep 5 + if [ "$(docker inspect -f "{{.State.Status}}" nginx)" == "running" ]; then + echo -e -n " ${GREEN}OK${BLANK}" + break + fi + else + sleep 3 + echo -e -n "." + fi + + if [ "$i" -eq 20 ]; then + echo -e -n " ${RED}FAILED${BLANK}" + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for nginx to start, check your container logs for more info (\`docker logs nginx\`)" + echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'nginx': " && docker inspect -f {{.State.Status}} nginx + exit_err + fi + done; + echo -e -n "\n${CYAN}INFO${BLANK}: Container health status of 'nginx': " && docker inspect -f {{.State.Status}} nginx +fi # Testing traefik-docker -# Check if container started and is running; timeout after 1 min -echo -e -n "\n${CYAN}INFO${BLANK}! Starting up traefik container " -for i in $(seq 1 20); do - if [ "$(docker inspect -f "{{.State.Status}}" traefik)" == "running" ]; then - if [ "$(docker inspect -f "{{.State.Status}}" traefik)" == "running" ]; then - sleep 5 - echo -e -n " ${GREEN}OK${BLANK}" - fi - break - else - sleep 3 - echo -e -n "." - fi - - if [ "$i" -eq 20 ]; then - echo -e -n " ${RED}FAILED${BLANK}" - echo -e "\n${RED}ERROR${BLANK}! Timed out waiting for traefik to start, check your container logs for more info (\`docker logs traefik\`)." - echo -e -n "${CYAN}INFO${BLANK}! Container health status of 'traefik': " && docker inspect -f {{.State.Status}} traefik - exit_err - fi -done; -echo -e -n "\n${CYAN}INFO${BLANK}! Container health status of 'traefik': " && docker inspect -f {{.State.Status}} traefik +if echo "${PROXY}" | grep -q 'traefik'; then + # Check if container started and is running; timeout after 1 min + echo -e -n "\n${CYAN}INFO${BLANK}: Starting up traefik container " + for i in $(seq 1 20); do + if [ "$(docker inspect -f "{{.State.Status}}" traefik)" == "running" ]; then + if [ "$(docker inspect -f "{{.State.Status}}" traefik)" == "running" ]; then + sleep 5 + echo -e -n " ${GREEN}OK${BLANK}" + fi + break + else + sleep 3 + echo -e -n "." + fi + + if [ "$i" -eq 20 ]; then + echo -e -n " ${RED}FAILED${BLANK}" + echo -e "\n${RED}ERROR${BLANK}: Timed out waiting for traefik to start, check your container logs for more info (\`docker logs traefik\`)." + echo -e -n "${CYAN}INFO${BLANK}: Container health status of 'traefik': " && docker inspect -f {{.State.Status}} traefik + exit_err + fi + done; + echo -e -n "\n${CYAN}INFO${BLANK}: Container health status of 'traefik': " && docker inspect -f {{.State.Status}} traefik +fi -echo -e "\n${GREEN}SUCCESS${BLANK}! docker-pihole-unbound-encrypted is up and running." +echo -e "\n${GREEN}SUCCESS${BLANK}: docker-pihole-unbound-encrypted is up and running." echo -e "\n####################" if echo "${RAN_PW}" | grep -q 'y'; then - echo -e "\n${ORANGE}ATTENTION${BLANK}!\nPlease don't forget to set a secure password for your pihole dashboard.\nRun 'sudo docker exec pihole pihole -a -p ' to change it." + echo -e "\n${ORANGE}ATTENTION${BLANK}:\nPlease don't forget to set a secure password for your pihole dashboard.\nRun 'sudo docker exec pihole pihole -a -p ' to change it." fi \ No newline at end of file diff --git a/setup.sh b/setup.sh index 32f0de8..fc753a0 100755 --- a/setup.sh +++ b/setup.sh @@ -104,71 +104,71 @@ done echo -e "\n####################\n" -echo -e "${CYAN}INFO${BLANK}! Starting setup for docker-pihole-unbound-encrypted.\n" -if echo "${_CONF_FILE}" | grep -q 'y'; then echo -e "${CYAN}INFO${BLANK}! setup.conf loaded.";fi +echo -e "${CYAN}INFO${BLANK}: Starting setup for docker-pihole-unbound-encrypted.\n" +if echo "${_CONF_FILE}" | grep -q 'y'; then echo -e "${CYAN}INFO${BLANK}: setup.conf loaded.";fi # Get architecture if not set [ -z "${ARCHITECTURE}" ] && ARCHITECTURE=$(lscpu | grep Architecture: | awk '{print $2}') if [ -z "${ARCHITECTURE}" ]; then - echo -e "${RED}ERROR${BLANK}! No ARCHITECTURE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No ARCHITECTURE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No ARCHITECTURE set found and using ${ARCHITECTURE}." + echo -e "${CYAN}INFO${BLANK}: No ARCHITECTURE set found and using ${ARCHITECTURE}." fi # Get default interface if not set [ -z "${INTERFACE}" ] && INTERFACE=$(route | grep '^default' | grep -o '[^ ]*$') if [ -z "${INTERFACE}" ]; then - echo -e "${RED}ERROR${BLANK}! No INTERFACE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No INTERFACE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No INTERFACE set found and using ${INTERFACE}." + echo -e "${CYAN}INFO${BLANK}: No INTERFACE set found and using ${INTERFACE}." fi # Get IP for given INTERFACE if not set [ -z "${HOST_IP}" ] && HOST_IP=$(ifconfig "${INTERFACE}" | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p') if [ -z "${HOST_IP}" ]; then - echo -e "${RED}ERROR${BLANK}! No HOST_IP set and none could be determined. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No HOST_IP set and none could be determined. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No HOST_IP set found and using ${HOST_IP}." + echo -e "${CYAN}INFO${BLANK}: No HOST_IP set found and using ${HOST_IP}." fi ## Get IP + bit length of subnet for given INTERFACE if not set #[ -z "${HOST_IP_W_SUBNET}" ] && HOST_IP_W_SUBNET=$(ip -o -4 addr show | grep "${INTERFACE}" | awk '/scope global/ {print $4}') #if [ -z "${HOST_IP_W_SUBNET}" ]; then -# echo -e "${RED}ERROR${BLANK}! No HOST_IP_W_SUBNET set and none could be determined. Please set the variable in 'setup.conf' and restart the script." +# echo -e "${RED}ERROR${BLANK}: No HOST_IP_W_SUBNET set and none could be determined. Please set the variable in 'setup.conf' and restart the script." # exit_err #else -# echo -e "${CYAN}INFO${BLANK}! No HOST_IP_W_SUBNET set found and using ${HOST_IP_W_SUBNET}." +# echo -e "${CYAN}INFO${BLANK}: No HOST_IP_W_SUBNET set found and using ${HOST_IP_W_SUBNET}." #fi # Get hostname if not set [ -z "${HOST_NAME}" ] && HOST_NAME=$(hostname) if [ -z "${HOST_NAME}" ]; then - echo -e "${RED}ERROR${BLANK}! No HOST_NAME set and none could be determined. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No HOST_NAME set and none could be determined. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No HOST_NAME set found and using ${HOST_NAME}." + echo -e "${CYAN}INFO${BLANK}: No HOST_NAME set found and using ${HOST_NAME}." fi # Get timezone if not set [ -z "${TIMEZONE}" ] && TIMEZONE=$(timedatectl | grep 'Time zone' | awk '{print $3}') if [ -z "${TIMEZONE}" ]; then - echo -e "${RED}ERROR${BLANK}! No TIMEZONE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No TIMEZONE set and none could be determined. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No TIMEZONE set found and using ${TIMEZONE}." + echo -e "${CYAN}INFO${BLANK}: No TIMEZONE set found and using ${TIMEZONE}." fi # Create domain if not set [ -z "${DOMAIN}" ] && DOMAIN="${HOST_NAME}.dns" if [ -z "${DOMAIN}" ]; then - echo -e "${RED}ERROR${BLANK}! No DOMAIN set and none could be created. Please set the variable in 'setup.conf' and restart the script." + echo -e "${RED}ERROR${BLANK}: No DOMAIN set and none could be created. Please set the variable in 'setup.conf' and restart the script." exit_err else - echo -e "${CYAN}INFO${BLANK}! No DOMAIN set found and using ${DOMAIN}." + echo -e "${CYAN}INFO${BLANK}: No DOMAIN set found and using ${DOMAIN}." fi @@ -178,71 +178,71 @@ if echo "${ARCHITECTURE}" | grep -iq arm; then elif echo "${ARCHITECTURE}" | grep -iq x86; then sed -i 's,mvance/unbound-rpi:latest,mvance/unbound:latest,' docker-compose.yaml else - echo -e "${RED}ERROR${BLANK}! Invalid architecture. Only 'ARM' and 'x86' are allowed." + echo -e "${RED}ERROR${BLANK}: Invalid architecture. Only 'ARM' and 'x86' are allowed." exit_err fi # Checking for 'server.conf' file and if necessary settings (ServerIP and TZ) are set -echo -e "${CYAN}INFO${BLANK}! Checking for 'server.conf' file." +echo -e "${CYAN}INFO${BLANK}: Checking for 'server.conf' file." if ! [ -f pihole-docker/configs/server.conf ] || echo "${FRESH}" | grep -q 'y'; then if echo -e "ServerIP=${HOST_IP}\nTZ=${TIMEZONE}" | tee pihole-docker/configs/server.conf > /dev/null; then - echo -e "${GREEN}SUCCESS${BLANK}! Created 'server.conf' file." + echo -e "${GREEN}SUCCESS${BLANK}: Created 'server.conf' file." else if [ -f pihole-docker/configs/server.conf ]; then - echo -e "${RED}ERROR${BLANK}! Error while creating 'server.conf' file. Data could not be gathered and empty file was created." \ + echo -e "${RED}ERROR${BLANK}: Error while creating 'server.conf' file. Data could not be gathered and empty file was created." \ "Please add necessary settings (ServerIP and TZ) manually." exit_err else - echo -e "${RED}ERROR${BLANK}! Error while creating 'server.conf' file. The file was not created." + echo -e "${RED}ERROR${BLANK}: Error while creating 'server.conf' file. The file was not created." exit_err fi fi else - echo -e "${GREEN}SUCCESS${BLANK}! Found 'server.conf' file." + echo -e "${GREEN}SUCCESS${BLANK}: Found 'server.conf' file." if ! [ "$(. pihole-docker/configs/server.conf && [[ -n "${ServerIP}" ]] && [[ -n "${TZ}" ]] && echo "OK")" = "OK" ]; then - echo -e "${RED}ERROR${BLANK}! Please fill necessary settings (ServerIP and TZ) in 'server.conf' file and restart this script." + echo -e "${RED}ERROR${BLANK}: Please fill necessary settings (ServerIP and TZ) in 'server.conf' file and restart this script." exit_err fi fi # Checking for '.env' file for compose and if necessary settings (HOSTNAME and TZ) are set -echo -e "${CYAN}INFO${BLANK}! Checking for '.env' file." +echo -e "${CYAN}INFO${BLANK}: Checking for '.env' file." if ! [ -f .env ] || echo "${FRESH}" | grep -q 'y'; then if echo -e "HOSTNAME=${HOST_NAME}\nDOMAIN=${DOMAIN}\nTZ=${TIMEZONE}" | tee .env > /dev/null; then - echo -e "${GREEN}SUCCESS${BLANK}! Created '.env' file." + echo -e "${GREEN}SUCCESS${BLANK}: Created '.env' file." else if [ -f .env ]; then - echo -e "${RED}ERROR${BLANK}! Error while creating '.env' file. Data could not be gathered and empty file was created." \ + echo -e "${RED}ERROR${BLANK}: Error while creating '.env' file. Data could not be gathered and empty file was created." \ "Please add necessary settings (ServerIP, DOMAIN and TZ) manually." exit_err else - echo -e "${RED}ERROR${BLANK}! Error while creating '.env' file. The file was not created." + echo -e "${RED}ERROR${BLANK}: Error while creating '.env' file. The file was not created." exit_err fi fi else - echo -e "${GREEN}SUCCESS${BLANK}! Found '.env' file." + echo -e "${GREEN}SUCCESS${BLANK}: Found '.env' file." if ! [ "$(. .env && [[ -n "${HOSTNAME}" ]] && [[ -n "${DOMAIN}" ]] && [[ -n "${TZ}" ]] && echo "OK")" = "OK" ]; then - echo -e "${RED}ERROR${BLANK}! Please fill necessary settings (ServerIP, DOMAIN and TZ) in '.env' file and restart this script." + echo -e "${RED}ERROR${BLANK}: Please fill necessary settings (ServerIP, DOMAIN and TZ) in '.env' file and restart this script." exit_err fi fi # Auto create lan.list file or complement it -echo -e "${CYAN}INFO${BLANK}! Checking for 'lan.list' file." +echo -e "${CYAN}INFO${BLANK}: Checking for 'lan.list' file." if ! [ -f pihole-docker/configs/pihole/lan.list ] || echo "${FRESH}" | grep -q 'y'; then if echo "${HOST_IP} ${HOST_NAME}.dns ${HOST_NAME}" | tee pihole-docker/configs/pihole/lan.list > /dev/null; then - echo -e "${GREEN}SUCCESS${BLANK}! Created 'lan.list' file." + echo -e "${GREEN}SUCCESS${BLANK}: Created 'lan.list' file." else if [ -f pihole-docker/configs/pihole/lan.list ]; then - echo -e "${RED}ERROR${BLANK}! Error while creating 'lan.list' file. Data could not be gathered and empty file was created." \ + echo -e "${RED}ERROR${BLANK}: Error while creating 'lan.list' file. Data could not be gathered and empty file was created." \ "Please add necessary host data manually." exit_err else - echo -e "${RED}ERROR${BLANK}! Error while creating 'lan.list' file. The file was not created." + echo -e "${RED}ERROR${BLANK}: Error while creating 'lan.list' file. The file was not created." exit_err fi fi @@ -250,167 +250,167 @@ else if ! grep -qw -e "${HOST_IP}" 'pihole-docker/configs/pihole/lan.list'; then echo -e "\n${HOST_IP} ${HOST_NAME}.dns ${HOST_NAME}" | tee -a pihole-docker/configs/pihole/lan.list > /dev/null if grep -qw -e "${HOST_IP}" 'pihole-docker/configs/pihole/lan.list'; then - echo -e "${GREEN}SUCCESS${BLANK}! Added host to 'lan.list' file." + echo -e "${GREEN}SUCCESS${BLANK}: Added host to 'lan.list' file." else - echo -e "${RED}ERROR${BLANK}! Host could not be added to 'lan.list' file." + echo -e "${RED}ERROR${BLANK}: Host could not be added to 'lan.list' file." exit_err fi else - echo -e "${GREEN}SUCCESS${BLANK}! Found 'lan.list' file." + echo -e "${GREEN}SUCCESS${BLANK}: Found 'lan.list' file." fi fi # Check for host IP address mapping in dnsmasq.conf -echo -e "${CYAN}INFO${BLANK}! Checking for domain mapping in 'dnsmasq.conf' file." +echo -e "${CYAN}INFO${BLANK}: Checking for domain mapping in 'dnsmasq.conf' file." if ! grep -qw -e "address=/${DOMAIN}/${HOST_IP}" 'pihole-docker/configs/dnsmasq.d/dnsmasq.conf'; then echo -e "address=/${DOMAIN}/${HOST_IP}" | tee -a pihole-docker/configs/dnsmasq.d/dnsmasq.conf > /dev/null if grep -qw -e "address=/${DOMAIN}/${HOST_IP}" 'pihole-docker/configs/dnsmasq.d/dnsmasq.conf'; then - echo -e "${GREEN}SUCCESS${BLANK}! Added domain mapping to 'dnsmasq.conf' file." + echo -e "${GREEN}SUCCESS${BLANK}: Added domain mapping to 'dnsmasq.conf' file." else - echo -e "${RED}ERROR${BLANK}! Domain mapping could not be added to 'dnsmasq.conf' file." + echo -e "${RED}ERROR${BLANK}: Domain mapping could not be added to 'dnsmasq.conf' file." exit_err fi else - echo -e "${GREEN}SUCCESS${BLANK}! Found domain mapping in 'dnsmasq.conf' file." + echo -e "${GREEN}SUCCESS${BLANK}: Found domain mapping in 'dnsmasq.conf' file." fi -## Auto create nginx conf files -#echo -e "${CYAN}INFO${BLANK}! Checking for nginx configuration files." -##Conf files based on DOMAIN -#if ! [ -f nginx-docker/configs/sites-enabled/"${DOMAIN}".conf ] || echo "${FRESH}" | grep -q 'y'; then -# if ! cp nginx-docker/templates/DOMAIN.conf.template nginx-docker/configs/sites-enabled/"${DOMAIN}".conf; then -# echo -e "${RED}ERROR${BLANK}! 'DOMAIN.conf.template' could not be copied." -# exit_err -# fi -# if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/sites-enabled/"${DOMAIN}".conf; then -# echo -e "${RED}ERROR${BLANK}! '${DOMAIN}.conf' copy could not be modified." -# exit_err -# fi -# echo -e "${GREEN}SUCCESS${BLANK}! Created '${DOMAIN}.conf' file." -#else -# echo -e "${GREEN}SUCCESS${BLANK}! Found '${DOMAIN}.conf' file." -#fi -#if ! [ -f nginx-docker/configs/snippets/cert_"${DOMAIN}".conf ] || echo "${FRESH}" | grep -q 'y'; then -# if ! cp nginx-docker/templates/cert_DOMAIN.conf.template nginx-docker/configs/snippets/cert_"${DOMAIN}".conf; then -# echo -e "${RED}ERROR${BLANK}! 'cert_DOMAIN.conf' could not be copied." -# exit_err -# fi -# if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/snippets/cert_"${DOMAIN}".conf; then -# echo -e "${RED}ERROR${BLANK}! 'cert_${DOMAIN}.conf' copy could not be modified." -# exit_err -# fi -# echo -e "${GREEN}SUCCESS${BLANK}! Created 'cert_${DOMAIN}.conf' file." -#else -# echo -e "${GREEN}SUCCESS${BLANK}! Found 'cert_${DOMAIN}.conf' file." -#fi -## Conf file for HTTP redirect -#if ! [ -f nginx-docker/configs/sites-enabled/http_redirect.conf ] || echo "${FRESH}" | grep -q 'y'; then -# if ! cp nginx-docker/templates/http_redirect.conf.template nginx-docker/configs//sites-enabled/http_redirect.conf; then -# echo -e "${RED}ERROR${BLANK}! 'http_redirect.conf.template' could not be copied." -# exit_err -# fi -# if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs//sites-enabled/http_redirect.conf; then -# echo -e "${RED}ERROR${BLANK}! 'http_redirect.conf' copy could not be modified." -# exit_err -# fi -# echo -e "${GREEN}SUCCESS${BLANK}! Created 'http_redirect.conf' file." -#else -# echo -e "${GREEN}SUCCESS${BLANK}! Found 'http_redirect.conf' file." -#fi -## Conf file for DoT -#if ! [ -f nginx-docker/configs/streams/dns-over-tls.conf ] || echo "${FRESH}" | grep -q 'y'; then -# if ! cp nginx-docker/templates/dns-over-tls.conf.template nginx-docker/configs/streams/dns-over-tls.conf; then -# echo -e "${RED}ERROR${BLANK}! 'dns-over-tls.conf.template' could not be copied." -# exit_err -# fi -# if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/streams/dns-over-tls.conf; then -# echo -e "${RED}ERROR${BLANK}! 'dns-over-tls.conf' copy could not be modified." -# exit_err -# fi -# echo -e "${GREEN}SUCCESS${BLANK}! Created 'dns-over-tls.conf' file." -#else -# echo -e "${GREEN}SUCCESS${BLANK}! Found 'dns-over-tls.conf' file." -#fi -#echo -e "${GREEN}SUCCESS${BLANK}! nginx configuration finished." +# Auto create nginx conf files +echo -e "${CYAN}INFO${BLANK}: Checking for nginx configuration files." +# Conf files based on DOMAIN +if ! [ -f nginx-docker/configs/sites-enabled/"${DOMAIN}".conf ] || echo "${FRESH}" | grep -q 'y'; then + if ! cp nginx-docker/templates/DOMAIN.conf.template nginx-docker/configs/sites-enabled/"${DOMAIN}".conf; then + echo -e "${RED}ERROR${BLANK}: 'DOMAIN.conf.template' could not be copied." + exit_err + fi + if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/sites-enabled/"${DOMAIN}".conf; then + echo -e "${RED}ERROR${BLANK}: '${DOMAIN}.conf' copy could not be modified." + exit_err + fi + echo -e "${GREEN}SUCCESS${BLANK}: Created '${DOMAIN}.conf' file." +else + echo -e "${GREEN}SUCCESS${BLANK}: Found '${DOMAIN}.conf' file." +fi +if ! [ -f nginx-docker/configs/snippets/cert_"${DOMAIN}".conf ] || echo "${FRESH}" | grep -q 'y'; then + if ! cp nginx-docker/templates/cert_DOMAIN.conf.template nginx-docker/configs/snippets/cert_"${DOMAIN}".conf; then + echo -e "${RED}ERROR${BLANK}: 'cert_DOMAIN.conf' could not be copied." + exit_err + fi + if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/snippets/cert_"${DOMAIN}".conf; then + echo -e "${RED}ERROR${BLANK}: 'cert_${DOMAIN}.conf' copy could not be modified." + exit_err + fi + echo -e "${GREEN}SUCCESS${BLANK}: Created 'cert_${DOMAIN}.conf' file." +else + echo -e "${GREEN}SUCCESS${BLANK}: Found 'cert_${DOMAIN}.conf' file." +fi +# Conf file for HTTP redirect +if ! [ -f nginx-docker/configs/sites-enabled/http_redirect.conf ] || echo "${FRESH}" | grep -q 'y'; then + if ! cp nginx-docker/templates/http_redirect.conf.template nginx-docker/configs//sites-enabled/http_redirect.conf; then + echo -e "${RED}ERROR${BLANK}: 'http_redirect.conf.template' could not be copied." + exit_err + fi + if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs//sites-enabled/http_redirect.conf; then + echo -e "${RED}ERROR${BLANK}: 'http_redirect.conf' copy could not be modified." + exit_err + fi + echo -e "${GREEN}SUCCESS${BLANK}: Created 'http_redirect.conf' file." +else + echo -e "${GREEN}SUCCESS${BLANK}: Found 'http_redirect.conf' file." +fi +# Conf file for DoT +if ! [ -f nginx-docker/configs/streams/dns-over-tls.conf ] || echo "${FRESH}" | grep -q 'y'; then + if ! cp nginx-docker/templates/dns-over-tls.conf.template nginx-docker/configs/streams/dns-over-tls.conf; then + echo -e "${RED}ERROR${BLANK}: 'dns-over-tls.conf.template' could not be copied." + exit_err + fi + if ! sed -i s/DOMAIN/"${DOMAIN}"/g nginx-docker/configs/streams/dns-over-tls.conf; then + echo -e "${RED}ERROR${BLANK}: 'dns-over-tls.conf' copy could not be modified." + exit_err + fi + echo -e "${GREEN}SUCCESS${BLANK}: Created 'dns-over-tls.conf' file." +else + echo -e "${GREEN}SUCCESS${BLANK}: Found 'dns-over-tls.conf' file." +fi +echo -e "${GREEN}SUCCESS${BLANK}: nginx configuration finished." # Check for certificates and keys -echo -e "${CYAN}INFO${BLANK}! Checking for SSL certificates and keys." +echo -e "${CYAN}INFO${BLANK}: Checking for SSL certificates and keys." CERT_COUNT=0 for cert in certificates/certs/*.crt do - if [ -e "$cert" ]; then - CERT_COUNT=$((CERT_COUNT + 1)) - fi + if [ -e "$cert" ]; then + CERT_COUNT=$((CERT_COUNT + 1)) + fi done KEY_COUNT=0 for key in certificates/private/*.key do - if [ -e "$key" ]; then - KEY_COUNT=$((KEY_COUNT + 1)) - fi + if [ -e "$key" ]; then + KEY_COUNT=$((KEY_COUNT + 1)) + fi done if (( CERT_COUNT < 1)) || (( KEY_COUNT < 1 )); then - echo -e "${RED}ERROR${BLANK}! Add at least one certificate to 'certificates/certs/' and the matching key to " \ - "'certificates/' for your DOMAIN. Then restart the script." + echo -e "${RED}ERROR${BLANK}: Add at least one certificate to 'certificates/certs/' and the matching key to " \ + "'certificates/private/' for your DOMAIN. Then restart the script." exit_err elif ! (( CERT_COUNT = KEY_COUNT )); then - echo -e "${ORANGE}WARNING${BLANK}! There is an uneven amount of certificates and keys." + echo -e "${ORANGE}WARNING${BLANK}: There is an uneven amount of certificates and keys." else - echo -e "${GREEN}SUCCESS${BLANK}! Found SSL certificate and key." + echo -e "${GREEN}SUCCESS${BLANK}: Found SSL certificate and key." fi # Check for 'dhparam.pem' file -echo -e "${CYAN}INFO${BLANK}! Checking for dhparam.pem file." +echo -e "${CYAN}INFO${BLANK}: Checking for dhparam.pem file." if [ -f certificates/dhparam.pem ]; then - echo -e "${GREEN}SUCCESS${BLANK}! Found dhparam.pem file." + echo -e "${GREEN}SUCCESS${BLANK}: Found dhparam.pem file." else - echo -e "${RED}ERROR${BLANK}! No 'dhparam.pem' file found. Please add a 'dhparam.pem' file to certificates/. Then restart this script." + echo -e "${RED}ERROR${BLANK}: No 'dhparam.pem' file found. Please add a 'dhparam.pem' file to certificates/. Then restart this script." exit_err fi # Traefik conf file for certs -echo -e "${GREEN}SUCCESS${BLANK}! Checking for traefik configuration files." +echo -e "${GREEN}SUCCESS${BLANK}: Checking for traefik configuration files." if ! [ -f traefik-docker/configs/traefik.conf.d/certs.toml ] || echo "${FRESH}" | grep -q 'y'; then if ! cp traefik-docker/templates/certs.toml.template traefik-docker/configs/traefik.conf.d/certs.toml; then - echo -e "${RED}ERROR${BLANK}! 'certs.toml.template' could not be copied." + echo -e "${RED}ERROR${BLANK}: 'certs.toml.template' could not be copied." exit_err fi if ! sed -i s/DOMAIN/"${DOMAIN}"/g traefik-docker/configs/traefik.conf.d/certs.toml; then - echo -e "${RED}ERROR${BLANK}! 'certs.toml' copy could not be modified." + echo -e "${RED}ERROR${BLANK}: 'certs.toml' copy could not be modified." exit_err fi - echo -e "${GREEN}SUCCESS${BLANK}! Created 'certs.toml' file." + echo -e "${GREEN}SUCCESS${BLANK}: Created 'certs.toml' file." else - echo -e "${GREEN}SUCCESS${BLANK}! Found 'certs.toml' file." + echo -e "${GREEN}SUCCESS${BLANK}: Found 'certs.toml' file." fi -echo -e "${GREEN}SUCCESS${BLANK}! traefik configuration finished." +echo -e "${GREEN}SUCCESS${BLANK}: traefik configuration finished." # Compile doh server image if echo "${COMPILE}" | grep -q 'n'; then - echo -e "${CYAN}INFO${BLANK}! COMPILE set to 'n'. Not compiling 'goofball222/dns-over-https'." + echo -e "${CYAN}INFO${BLANK}: COMPILE set to 'n'. Not compiling 'goofball222/dns-over-https'." else if echo "${COMPILE}" | grep -q 'y' || echo "${ARCHITECTURE}" | grep -iq arm; then if VERSION="$(git ls-remote -t --refs https://github.com/m13253/dns-over-https.git | tail -n1 | awk '{print $2}' | sed 's,refs/tags/v,,')" && CUR_DIR="$(pwd)" && - echo -e "${CYAN}INFO${BLANK}! Compiling image for 'goofball222/dns-over-https' for version ${VERSION}." && + echo -e "${CYAN}INFO${BLANK}: Compiling image for 'goofball222/dns-over-https' for version ${VERSION}." && mkdir -p ~/dns-over-https_tmp && cd ~/dns-over-https_tmp && git clone https://github.com/goofball222/dns-over-https.git && cd dns-over-https && echo "$VERSION" | tee 'stable/VERSION' > /dev/null && sudo make && cd "$CUR_DIR" && rm -rf ~/dns-over-https_tmp then - echo -e "${GREEN}SUCCESS${BLANK}! Image compiled." + echo -e "${GREEN}SUCCESS${BLANK}: Image compiled." else - echo -e "${RED}ERROR${BLANK}! Compiling failed. Deleting '~/dns-over-https_tmp' directory." - rm -rf ~/dns-over-https_tmp || echo -e "${RED}ERROR${BLANK}! Failed to delete '~/dns-over-https_tmp' directory." + echo -e "${RED}ERROR${BLANK}: Compiling failed. Deleting '~/dns-over-https_tmp' directory." + rm -rf ~/dns-over-https_tmp || echo -e "${RED}ERROR${BLANK}: Failed to delete '~/dns-over-https_tmp' directory." exit_err fi fi @@ -418,27 +418,27 @@ fi # Download root.hints file -echo -e "${CYAN}INFO${BLANK}! Checking for 'root.hints' file." +echo -e "${CYAN}INFO${BLANK}: Checking for 'root.hints' file." if ! [ -f unbound-docker/var/root.hints ]; then if echo "" && wget -nv https://www.internic.net/domain/named.root -O unbound-docker/var/root.hints; then - echo -e "${GREEN}SUCCESS${BLANK}! 'root.hints' file downloaded." + echo -e "${GREEN}SUCCESS${BLANK}: 'root.hints' file downloaded." else - echo -e "${RED}ERROR${BLANK}! 'root.hints' file download failed." + echo -e "${RED}ERROR${BLANK}: 'root.hints' file download failed." exit_err fi else (( DIFF = ($(date +%s) - $(stat -c %Z unbound-docker/var/root.hints))/3600 )) if ((DIFF > 1)) || echo "${FRESH}" | grep -q 'y'; then if wget -nv https://www.internic.net/domain/named.root -O unbound-docker/var/root.hints; then - echo -e "${GREEN}SUCCESS${BLANK}! 'root.hints' file updated." + echo -e "${GREEN}SUCCESS${BLANK}: 'root.hints' file updated." else - echo -e "${ORANGE}WARNING${BLANK}! 'root.hints' file update failed." + echo -e "${ORANGE}WARNING${BLANK}: 'root.hints' file update failed." fi else - echo -e "${GREEN}SUCCESS${BLANK}! 'root.hints' file found." + echo -e "${GREEN}SUCCESS${BLANK}: 'root.hints' file found." fi fi -echo -e "\n${GREEN}SUCCESS${BLANK}! Setup for docker-pihole-unbound-encrypted finished." +echo -e "\n${GREEN}SUCCESS${BLANK}: Setup for docker-pihole-unbound-encrypted finished." echo -e "\n####################" \ No newline at end of file