-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathinit_supervisor_profiles.sh
More file actions
184 lines (143 loc) · 5.05 KB
/
init_supervisor_profiles.sh
File metadata and controls
184 lines (143 loc) · 5.05 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
#!/bin/bash
# Initialize and configure supervisor for all warpns proxies
set -e
# Source common utilities
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
source "$SCRIPT_DIR/common_utils.sh"
# Install supervisor if not present
if ! command -v supervisorctl >/dev/null 2>&1; then
print_status "info" "Installing supervisor..."
apt install -y supervisor
fi
# Enable and start supervisor service
systemctl enable supervisor
systemctl start supervisor
# Initialize common variables and load configuration
init_common_vars
load_config_with_base_port 1080
if [ ! -d "$WARP_DIR" ]; then
print_status "error" "warp-profiles directory not found: $WARP_DIR"
exit 1
fi
COUNT=$(count_warp_profiles)
for i in $(seq 1 $COUNT); do
NS=$(get_namespace_name $i)
PORT=$(get_proxy_port $i)
DANTED_CONF="$DANTED_CONFIG_DIR/$NS.conf"
SUP_CONF="$SUPERVISOR_DIR/$NS.conf"
# Create wrapper scripts for the services in the same install directory
SCRIPTS_DIR="$INSTALL_DIR/scripts"
mkdir -p "$SCRIPTS_DIR"
# Create danted wrapper script
DANTED_SCRIPT="$SCRIPTS_DIR/${NS}-danted.sh"
tee "$DANTED_SCRIPT" > /dev/null <<EOSCRIPT
#!/bin/bash
# Kill existing danted process in the namespace if any
ip netns pids $NS | xargs -r -I{} sudo nsenter -t {} -n pkill danted || true
# Start danted in the namespace
ip netns exec $NS danted -f $DANTED_CONF
EOSCRIPT
chmod +x "$DANTED_SCRIPT"
# Create supervisor config file (only for danted, rinetd runs as system service)
tee "$SUP_CONF" > /dev/null <<EOF
[program:$NS-danted]
command=/bin/bash $DANTED_SCRIPT
user=root
autostart=true
autorestart=false
startsecs=3
stderr_logfile=/var/log/$NS-danted.err.log
stdout_logfile=/var/log/$NS-danted.out.log
EOF
done
print_status "success" "Supervisor profiles created for $COUNT proxies in $SUPERVISOR_DIR."
# Generate rinetd configuration for port forwarding
print_status "info" "Generating rinetd configuration..."
# Install required packages for port management and log rotation
if ! command -v lsof &> /dev/null; then
echo -e "\033[1;33mInstalling lsof for port management...\033[0m"
apt-get update -qq && apt-get install -y lsof
fi
if ! command -v logrotate &> /dev/null; then
echo -e "\033[1;33mInstalling logrotate for log management...\033[0m"
apt-get update -qq && apt-get install -y logrotate
fi
RINETD_CONF="/etc/rinetd.conf"
# Create the configuration header
tee "$RINETD_CONF" > /dev/null <<EOF
# rinetd configuration file
# Generated by WarpNest
# Format: bindaddress bindport connectaddress connectport
#
# Forward all SOCKS proxy ports to their respective namespaces
EOF
# Add forwarding rules for each proxy
for i in $(seq 1 $COUNT); do
PORT=$(get_proxy_port $i)
TARGET_IP=$(get_namespace_ip $i)
# Add forwarding rule to rinetd.conf
echo "0.0.0.0 $PORT $TARGET_IP $PORT" | tee -a "$RINETD_CONF" > /dev/null
# Kill any existing process using this port
echo -e "\033[1;33mKilling any existing processes on port $PORT...\033[0m"
lsof -ti:$PORT | xargs -r kill -9 2>/dev/null || true
done
echo -e "\033[1;33mrinetd configuration created. Configuring rinetd service with restart policy...\033[0m"
# Stop and disable any existing rinetd service
if systemctl is-active --quiet rinetd; then
echo -e "\033[1;33mStopping existing rinetd service...\033[0m"
systemctl stop rinetd
fi
if systemctl is-enabled --quiet rinetd 2>/dev/null; then
echo -e "\033[1;33mDisabling existing rinetd service...\033[0m"
systemctl disable rinetd
fi
# Kill any existing rinetd processes
echo -e "\033[1;33mKilling any existing rinetd processes...\033[0m"
pkill -f rinetd 2>/dev/null || true
# Create systemd override directory for rinetd
mkdir -p /etc/systemd/system/rinetd.service.d
# Create systemd override configuration for rinetd with restart policy and file logging
tee /etc/systemd/system/rinetd.service.d/override.conf > /dev/null <<EOF
[Unit]
Description=Rinetd Port Forwarder
After=network.target
[Service]
Type=simple
Restart=on-failure
RestartSec=5
StartLimitInterval=300
StartLimitBurst=10
# File-based logging with 5MB limit (rinetd only)
StandardOutput=file:/var/log/rinetd.log
StandardError=file:/var/log/rinetd.log
# Override the default ExecStart to run in foreground
ExecStart=
ExecStart=/usr/sbin/rinetd -f -c /etc/rinetd.conf
# Process management
PIDFile=/run/rinetd.pid
KillMode=process
TimeoutStartSec=30
TimeoutStopSec=30
EOF
# Create logrotate configuration for rinetd logs (5MB limit, override behavior)
tee /etc/logrotate.d/rinetd > /dev/null <<EOF
/var/log/rinetd.log {
size 5M
rotate 0
copytruncate
missingok
notifempty
create 0644 root root
}
EOF
# Reload systemd daemon to apply the override
reload_systemd_safe
# Enable and start rinetd service
systemctl enable rinetd
systemctl restart rinetd
print_status "info" "Reloading supervisor configs..."
supervisorctl reread
supervisorctl update
supervisorctl restart all
echo -e "\033[1;33mDone. Use 'sudo supervisorctl status' to check status.\033[0m"
echo -e "\033[1;33mrinetd is handling port forwarding. Use 'sudo systemctl status rinetd' to check rinetd status.\033[0m"