From 54fcafe131c411a49e4277cd0d14c6ea20044203 Mon Sep 17 00:00:00 2001 From: irregulator Date: Tue, 20 May 2014 23:20:58 +0300 Subject: Initial commit for obfsproxy server feature in platform --- puppet/modules/obfsproxy/files/obfsproxy_daemon | 99 +++++++++++++++++++++++++ 1 file changed, 99 insertions(+) create mode 100755 puppet/modules/obfsproxy/files/obfsproxy_daemon (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_daemon b/puppet/modules/obfsproxy/files/obfsproxy_daemon new file mode 100755 index 00000000..f5914980 --- /dev/null +++ b/puppet/modules/obfsproxy/files/obfsproxy_daemon @@ -0,0 +1,99 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: obfsproxy daemon +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: obfsproxy daemon +# Description: obfsproxy daemon +### END INIT INFO + +. /lib/lsb/init-functions + +DAEMON=/usr/bin/obfsproxy +NAME=obfsproxy +DESC="obfsproxy daemon" +USER=obfsproxy +PIDFILE=/var/run/obfsproxy.pid +CONF=/etc/obfsproxy.conf + +# If the daemon is not there, then exit. +test -x $DAEMON || exit 0 + +if [ -f $CONF ] ; then + . $CONF +else + echo "Obfsproxy configuration file is missing, aborting..." + exit +fi + +DAEMONARGS=" --log-min-severity=$LOG $TRANSPORT $PARAM \ + --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" + +start_obfsproxy() { + start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ + -b -c $USER --startas $DAEMON --$DAEMONARGS +} + +stop_obfsproxy() { + start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE +} + +status_obfsproxy() { + status_of_proc -p $PIDFILE $DAEMON $NAME && status="0" || status="$?" +} + +case $1 in + start) + if [ -e $PIDFILE ]; then + status_obfsproxy + if [ $status = "0" ]; then + exit + fi + fi + log_begin_msg "Starting $DESC" + start_obfsproxy + log_end_msg $? + ;; + stop) + if [ -e $PIDFILE ]; then + status_obfsproxy + if [ $status = "0" ]; then + log_begin_msg "Stopping $DESC" + stop_obfsproxy + rm -f $PIDFILE + log_end_msg $? + fi + else + log_daemon_msg "$NAME is not running" + log_end_msg $? + fi + ;; + restart) + $0 stop && sleep 2 && $0 start + ;; + status) +# if [ -e $PIDFILE ]; then +# #status_of_proc -p $PIDFILE $DAEMON "$NAME " && exit 0 || exit $? +# status_obfsproxy +# else +# log_daemon_msg "$NAME is not running" +# log_end_msg 0 +# fi + status_obfsproxy + ;; + reload) + if [ -e $PIDFILE ]; then + start-stop-daemon --stop --signal USR1 --quiet --pidfile $PIDFILE --name $NAME + log_success_msg "$DESC reloaded successfully" + else + log_failure_msg "$PIDFILE does not exists" + fi + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|status}" + exit 2 + ;; +esac -- cgit v1.2.3 From 94e0791cff9a3ce47e66c56a921e41b83b52b3d9 Mon Sep 17 00:00:00 2001 From: irregulator Date: Wed, 21 May 2014 21:52:14 +0300 Subject: Add data directory to save scramblesuit's state. Also clean up a little the obfsproxy puppet class, create appropriate directories, restrict permissions. --- puppet/modules/obfsproxy/files/obfsproxy_daemon | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_daemon b/puppet/modules/obfsproxy/files/obfsproxy_daemon index f5914980..4c9bcedc 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_daemon +++ b/puppet/modules/obfsproxy/files/obfsproxy_daemon @@ -16,8 +16,9 @@ DAEMON=/usr/bin/obfsproxy NAME=obfsproxy DESC="obfsproxy daemon" USER=obfsproxy +DATDIR=/etc/obfsproxy PIDFILE=/var/run/obfsproxy.pid -CONF=/etc/obfsproxy.conf +CONF=$DATDIR/obfsproxy.conf # If the daemon is not there, then exit. test -x $DAEMON || exit 0 @@ -29,8 +30,8 @@ else exit fi -DAEMONARGS=" --log-min-severity=$LOG $TRANSPORT $PARAM \ - --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" +DAEMONARGS=" --log-min-severity=$LOG --data-dir=$DATDIR $TRANSPORT \ + $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" start_obfsproxy() { start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ -- cgit v1.2.3 From 7c9dd9ee9653c854badaf4f1d21d7dd833e3e620 Mon Sep 17 00:00:00 2001 From: irregulator Date: Thu, 22 May 2014 20:44:51 +0300 Subject: Move obfsproxy_daemon to obfsproxy_init --- puppet/modules/obfsproxy/files/obfsproxy_daemon | 100 ------------------------ puppet/modules/obfsproxy/files/obfsproxy_init | 100 ++++++++++++++++++++++++ 2 files changed, 100 insertions(+), 100 deletions(-) delete mode 100755 puppet/modules/obfsproxy/files/obfsproxy_daemon create mode 100755 puppet/modules/obfsproxy/files/obfsproxy_init (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_daemon b/puppet/modules/obfsproxy/files/obfsproxy_daemon deleted file mode 100755 index 4c9bcedc..00000000 --- a/puppet/modules/obfsproxy/files/obfsproxy_daemon +++ /dev/null @@ -1,100 +0,0 @@ -#!/bin/sh - -### BEGIN INIT INFO -# Provides: obfsproxy daemon -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: obfsproxy daemon -# Description: obfsproxy daemon -### END INIT INFO - -. /lib/lsb/init-functions - -DAEMON=/usr/bin/obfsproxy -NAME=obfsproxy -DESC="obfsproxy daemon" -USER=obfsproxy -DATDIR=/etc/obfsproxy -PIDFILE=/var/run/obfsproxy.pid -CONF=$DATDIR/obfsproxy.conf - -# If the daemon is not there, then exit. -test -x $DAEMON || exit 0 - -if [ -f $CONF ] ; then - . $CONF -else - echo "Obfsproxy configuration file is missing, aborting..." - exit -fi - -DAEMONARGS=" --log-min-severity=$LOG --data-dir=$DATDIR $TRANSPORT \ - $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" - -start_obfsproxy() { - start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ - -b -c $USER --startas $DAEMON --$DAEMONARGS -} - -stop_obfsproxy() { - start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE -} - -status_obfsproxy() { - status_of_proc -p $PIDFILE $DAEMON $NAME && status="0" || status="$?" -} - -case $1 in - start) - if [ -e $PIDFILE ]; then - status_obfsproxy - if [ $status = "0" ]; then - exit - fi - fi - log_begin_msg "Starting $DESC" - start_obfsproxy - log_end_msg $? - ;; - stop) - if [ -e $PIDFILE ]; then - status_obfsproxy - if [ $status = "0" ]; then - log_begin_msg "Stopping $DESC" - stop_obfsproxy - rm -f $PIDFILE - log_end_msg $? - fi - else - log_daemon_msg "$NAME is not running" - log_end_msg $? - fi - ;; - restart) - $0 stop && sleep 2 && $0 start - ;; - status) -# if [ -e $PIDFILE ]; then -# #status_of_proc -p $PIDFILE $DAEMON "$NAME " && exit 0 || exit $? -# status_obfsproxy -# else -# log_daemon_msg "$NAME is not running" -# log_end_msg 0 -# fi - status_obfsproxy - ;; - reload) - if [ -e $PIDFILE ]; then - start-stop-daemon --stop --signal USR1 --quiet --pidfile $PIDFILE --name $NAME - log_success_msg "$DESC reloaded successfully" - else - log_failure_msg "$PIDFILE does not exists" - fi - ;; - *) - echo "Usage: $0 {start|stop|restart|reload|status}" - exit 2 - ;; -esac diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init new file mode 100755 index 00000000..4c9bcedc --- /dev/null +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -0,0 +1,100 @@ +#!/bin/sh + +### BEGIN INIT INFO +# Provides: obfsproxy daemon +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: obfsproxy daemon +# Description: obfsproxy daemon +### END INIT INFO + +. /lib/lsb/init-functions + +DAEMON=/usr/bin/obfsproxy +NAME=obfsproxy +DESC="obfsproxy daemon" +USER=obfsproxy +DATDIR=/etc/obfsproxy +PIDFILE=/var/run/obfsproxy.pid +CONF=$DATDIR/obfsproxy.conf + +# If the daemon is not there, then exit. +test -x $DAEMON || exit 0 + +if [ -f $CONF ] ; then + . $CONF +else + echo "Obfsproxy configuration file is missing, aborting..." + exit +fi + +DAEMONARGS=" --log-min-severity=$LOG --data-dir=$DATDIR $TRANSPORT \ + $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" + +start_obfsproxy() { + start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ + -b -c $USER --startas $DAEMON --$DAEMONARGS +} + +stop_obfsproxy() { + start-stop-daemon --stop --quiet --oknodo --pidfile $PIDFILE +} + +status_obfsproxy() { + status_of_proc -p $PIDFILE $DAEMON $NAME && status="0" || status="$?" +} + +case $1 in + start) + if [ -e $PIDFILE ]; then + status_obfsproxy + if [ $status = "0" ]; then + exit + fi + fi + log_begin_msg "Starting $DESC" + start_obfsproxy + log_end_msg $? + ;; + stop) + if [ -e $PIDFILE ]; then + status_obfsproxy + if [ $status = "0" ]; then + log_begin_msg "Stopping $DESC" + stop_obfsproxy + rm -f $PIDFILE + log_end_msg $? + fi + else + log_daemon_msg "$NAME is not running" + log_end_msg $? + fi + ;; + restart) + $0 stop && sleep 2 && $0 start + ;; + status) +# if [ -e $PIDFILE ]; then +# #status_of_proc -p $PIDFILE $DAEMON "$NAME " && exit 0 || exit $? +# status_obfsproxy +# else +# log_daemon_msg "$NAME is not running" +# log_end_msg 0 +# fi + status_obfsproxy + ;; + reload) + if [ -e $PIDFILE ]; then + start-stop-daemon --stop --signal USR1 --quiet --pidfile $PIDFILE --name $NAME + log_success_msg "$DESC reloaded successfully" + else + log_failure_msg "$PIDFILE does not exists" + fi + ;; + *) + echo "Usage: $0 {start|stop|restart|reload|status}" + exit 2 + ;; +esac -- cgit v1.2.3 From f8694b037dfd22382dc2abd8afefd947d3531974 Mon Sep 17 00:00:00 2001 From: irregulator Date: Thu, 22 May 2014 20:46:06 +0300 Subject: Change exit status code if config file is missing --- puppet/modules/obfsproxy/files/obfsproxy_init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 4c9bcedc..2496bba7 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -27,7 +27,7 @@ if [ -f $CONF ] ; then . $CONF else echo "Obfsproxy configuration file is missing, aborting..." - exit + exit 2 fi DAEMONARGS=" --log-min-severity=$LOG --data-dir=$DATDIR $TRANSPORT \ -- cgit v1.2.3 From f4b56483c6e80774f746cd1fbf7d92573dd0f51d Mon Sep 17 00:00:00 2001 From: irregulator Date: Thu, 22 May 2014 20:47:23 +0300 Subject: Remove commented lines from init script status section --- puppet/modules/obfsproxy/files/obfsproxy_init | 7 ------- 1 file changed, 7 deletions(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 2496bba7..5223ec9d 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -76,13 +76,6 @@ case $1 in $0 stop && sleep 2 && $0 start ;; status) -# if [ -e $PIDFILE ]; then -# #status_of_proc -p $PIDFILE $DAEMON "$NAME " && exit 0 || exit $? -# status_obfsproxy -# else -# log_daemon_msg "$NAME is not running" -# log_end_msg 0 -# fi status_obfsproxy ;; reload) -- cgit v1.2.3 From 7a54923591125894440b9ff7020e4b413a1c6fb5 Mon Sep 17 00:00:00 2001 From: irregulator Date: Fri, 23 May 2014 17:28:32 +0300 Subject: Address logging for obfsproxy daemon Create obfsproxy directory in /var/log, specify log file when obfsproxy is spawned by init script, create a logrotate configuration for obfsproxy's logs. --- puppet/modules/obfsproxy/files/obfsproxy_init | 5 +++-- puppet/modules/obfsproxy/files/obfsproxy_logrotate | 14 ++++++++++++++ 2 files changed, 17 insertions(+), 2 deletions(-) create mode 100644 puppet/modules/obfsproxy/files/obfsproxy_logrotate (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 5223ec9d..7a7e7609 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -19,6 +19,7 @@ USER=obfsproxy DATDIR=/etc/obfsproxy PIDFILE=/var/run/obfsproxy.pid CONF=$DATDIR/obfsproxy.conf +LOGFILE=/var/log/obfsproxy/log # If the daemon is not there, then exit. test -x $DAEMON || exit 0 @@ -30,8 +31,8 @@ else exit 2 fi -DAEMONARGS=" --log-min-severity=$LOG --data-dir=$DATDIR $TRANSPORT \ - $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" +DAEMONARGS=" --log-min-severity=$LOG --log-file=$LOGFILE --data-dir=$DATDIR \ + $TRANSPORT $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" start_obfsproxy() { start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ diff --git a/puppet/modules/obfsproxy/files/obfsproxy_logrotate b/puppet/modules/obfsproxy/files/obfsproxy_logrotate new file mode 100644 index 00000000..623bbab1 --- /dev/null +++ b/puppet/modules/obfsproxy/files/obfsproxy_logrotate @@ -0,0 +1,14 @@ +/var/log/obfsproxy/log { + weekly + missingok + rotate 10 + compress + delaycompress + notifempty + create 600 obfsproxy obfsproxy + postrotate + if [ -f /var/run/obfsproxy.pid ]; then + /etc/init.d/obfsproxy restart > /dev/null + fi + endscript +} -- cgit v1.2.3 From 49c4235477ab11118f8fc92a6f554b36121b36b2 Mon Sep 17 00:00:00 2001 From: irregulator Date: Sat, 24 May 2014 16:39:29 +0300 Subject: Change logrotate's frequency and number of log files to keep --- puppet/modules/obfsproxy/files/obfsproxy_logrotate | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_logrotate b/puppet/modules/obfsproxy/files/obfsproxy_logrotate index 623bbab1..e776fcd3 100644 --- a/puppet/modules/obfsproxy/files/obfsproxy_logrotate +++ b/puppet/modules/obfsproxy/files/obfsproxy_logrotate @@ -1,7 +1,7 @@ /var/log/obfsproxy/log { - weekly + daily missingok - rotate 10 + rotate 3 compress delaycompress notifempty -- cgit v1.2.3 From 4ad025d9d7b0c1999bf34e0acd3ca12c88358d05 Mon Sep 17 00:00:00 2001 From: irregulator Date: Sat, 24 May 2014 17:41:46 +0300 Subject: Simplify init script, let puppet service resource use init status --- puppet/modules/obfsproxy/files/obfsproxy_init | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 7a7e7609..b1297738 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -44,14 +44,14 @@ stop_obfsproxy() { } status_obfsproxy() { - status_of_proc -p $PIDFILE $DAEMON $NAME && status="0" || status="$?" + status_of_proc -p $PIDFILE $DAEMON $NAME } case $1 in start) if [ -e $PIDFILE ]; then status_obfsproxy - if [ $status = "0" ]; then + if [ $? = "0" ]; then exit fi fi @@ -62,15 +62,14 @@ case $1 in stop) if [ -e $PIDFILE ]; then status_obfsproxy - if [ $status = "0" ]; then + if [ $? = "0" ]; then log_begin_msg "Stopping $DESC" stop_obfsproxy rm -f $PIDFILE log_end_msg $? fi else - log_daemon_msg "$NAME is not running" - log_end_msg $? + status_obfsproxy fi ;; restart) -- cgit v1.2.3 From db9290a2b1b406e8231c0df569ae47c0a74ec12a Mon Sep 17 00:00:00 2001 From: irregulator Date: Sat, 24 May 2014 19:26:05 +0300 Subject: Move log files to var/log instead of var/log/obfsproxy --- puppet/modules/obfsproxy/files/obfsproxy_init | 2 +- puppet/modules/obfsproxy/files/obfsproxy_logrotate | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index b1297738..629fea9f 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -19,7 +19,7 @@ USER=obfsproxy DATDIR=/etc/obfsproxy PIDFILE=/var/run/obfsproxy.pid CONF=$DATDIR/obfsproxy.conf -LOGFILE=/var/log/obfsproxy/log +LOGFILE=/var/log/obfsproxy.log # If the daemon is not there, then exit. test -x $DAEMON || exit 0 diff --git a/puppet/modules/obfsproxy/files/obfsproxy_logrotate b/puppet/modules/obfsproxy/files/obfsproxy_logrotate index e776fcd3..e5679d0c 100644 --- a/puppet/modules/obfsproxy/files/obfsproxy_logrotate +++ b/puppet/modules/obfsproxy/files/obfsproxy_logrotate @@ -1,4 +1,4 @@ -/var/log/obfsproxy/log { +/var/log/obfsproxy.log { daily missingok rotate 3 -- cgit v1.2.3 From 791e22b136910ecfa204eb78be747baed2b02590 Mon Sep 17 00:00:00 2001 From: irregulator Date: Wed, 28 May 2014 17:35:12 +0300 Subject: Make obfsproxy daemon bind to specific address rather than 0.0.0.0 If obfsproxy is spawned alongside eip service, make it listen to the gateway_adress IP. If obfsproxy is running standalone listen to ip_address. --- puppet/modules/obfsproxy/files/obfsproxy_init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 629fea9f..69dbab41 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -32,7 +32,7 @@ else fi DAEMONARGS=" --log-min-severity=$LOG --log-file=$LOGFILE --data-dir=$DATDIR \ - $TRANSPORT $PARAM --dest=$DEST_IP:$DEST_PORT server 0.0.0.0:$PORT" + $TRANSPORT $PARAM --dest=$DEST_IP:$DEST_PORT server $BINDADDR:$PORT" start_obfsproxy() { start-stop-daemon --start --quiet --oknodo -m --pidfile $PIDFILE \ -- cgit v1.2.3 From 7e278f92f34e3809d380be724f0c306430791b10 Mon Sep 17 00:00:00 2001 From: irregulator Date: Tue, 1 Jul 2014 01:49:56 +0300 Subject: Use new macro pick_node to pick vpn gateway for obfsproxy.json --- puppet/modules/obfsproxy/files/obfsproxy_init | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/obfsproxy/files') diff --git a/puppet/modules/obfsproxy/files/obfsproxy_init b/puppet/modules/obfsproxy/files/obfsproxy_init index 69dbab41..01c8013a 100755 --- a/puppet/modules/obfsproxy/files/obfsproxy_init +++ b/puppet/modules/obfsproxy/files/obfsproxy_init @@ -83,7 +83,7 @@ case $1 in start-stop-daemon --stop --signal USR1 --quiet --pidfile $PIDFILE --name $NAME log_success_msg "$DESC reloaded successfully" else - log_failure_msg "$PIDFILE does not exists" + log_failure_msg "$PIDFILE does not exist" fi ;; *) -- cgit v1.2.3