[redsocks] Make it work more good and less bad

author: Simon Rettberg 2013-06-20 17:16:35 +0200
committer: Simon Rettberg 2013-06-20 17:16:35 +0200
commit: eb8fb86b50928d2f03d3d0932893f9099614233c (patch)
tree: 3a859efca338510f973073b9a124c726f3e45211 /remote/modules/redsocks
parent: [udhcpc] Properly renew and fork to background (diff)
download: tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.tar.gz
tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.tar.xz
tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.zip
4 files changed, 18 insertions, 7 deletions
diff --git a/remote/modules/redsocks/data/etc/redsocks.conf b/remote/modules/redsocks/data/etc/redsocks.conf
index c783258f..db3a7f2a 100644
--- a/remote/modules/redsocks/data/etc/redsocks.conf
+++ b/remote/modules/redsocks/data/etc/redsocks.conf
@@ -10,7 +10,7 @@ base {
 	 *   "file:/path/to/file"
 	 *   syslog:FACILITY  facility is any of "daemon", "local0"..."local7"
 	 */
-	log = "file:/root/redsocks.log";
+	log = "file:/run/redsocks/redsocks.log";
 
 	// detach from console
 	daemon = on;
@@ -20,8 +20,8 @@ base {
 	 * Note, your chroot may requre /etc/localtime if you write log to syslog.
 	 * Log is opened before chroot & uid changing.
 	 */
-	user = nobody;
-	group = nogroup;
+	// user = nobody;
+	// group = nogroup;
 	// chroot = "/var/chroot";
 
 	/* possible `redirector' values are:
diff --git a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
index 4b30d09e..ab10aa55 100644
--- a/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
+++ b/remote/modules/redsocks/data/etc/systemd/system/redsocks.service
@@ -1,9 +1,11 @@
 [Unit]
 Description=Transparent redirector of any TCP connection to proxy using your firewall
+DefaultDependencies=no
 
 [Service]
 Type=forking
-PIDFile=/run/redsocks.pid
-ExecStart=/sbin/redsocks -c /etc/redsocks.conf -p /run/redsocks.pid
-ExecStopPost=/bin/rm /run/redsocks.pid
+User=redsocks
+PIDFile=/run/redsocks/redsocks.pid
+ExecStart=/sbin/redsocks -c /etc/redsocks.conf -p /run/redsocks/redsocks.pid
+ExecStopPost=/bin/rm /run/redsocks/redsocks.pid
 Restart=on-abort
diff --git a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy b/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
index 5dc22a14..6c39c077 100755
--- a/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
+++ b/remote/modules/redsocks/data/opt/openslx/bin/setup_proxy
@@ -1,5 +1,12 @@
 #!/bin/bash
 
+for wait in 1 1 2 3 4 6 8 10 end; do
+	grep '^#_RCONFIG_TAG$' /opt/openslx/config > /dev/null && echo "Config found!" && break
+	[ "$wait" == "end" ] && echo "Giving up!" && exit 1
+	echo "No config yet..."
+	sleep $wait
+done
+
 . /opt/openslx/config || echo "Error sourcing config for setup_proxy"
 
 [ -z "$SLX_PROXY_MODE" -o "x$SLX_PROXY_MODE" == "xoff" ] && echo "proxy mode disabled." && exit 0
@@ -17,6 +24,8 @@ fi
 
 sed -i "s/%%PROXY_IP%%/$SLX_PROXY_IP/g;s/%%PROXY_PORT%%/$SLX_PROXY_PORT/g;s/%%PROXY_TYPE%%/$SLX_PROXY_TYPE/g" /etc/redsocks.conf
 
+mkdir -p /run/redsocks
+chown redsocks:redsocks /run/redsocks
 systemctl start redsocks
 
 iptables -t nat -N REDSOCKS
diff --git a/remote/modules/redsocks/redsocks.build b/remote/modules/redsocks/redsocks.build
index eb5c238d..f6a05350 100644
--- a/remote/modules/redsocks/redsocks.build
+++ b/remote/modules/redsocks/redsocks.build
@@ -19,6 +19,6 @@ build () {
 }
 
 post_copy() {
-	:
+	add_user redsocks
 }
author	Simon Rettberg	2013-06-20 17:16:35 +0200
committer	Simon Rettberg	2013-06-20 17:16:35 +0200
commit	eb8fb86b50928d2f03d3d0932893f9099614233c (patch)
tree	3a859efca338510f973073b9a124c726f3e45211 /remote/modules/redsocks
parent	[udhcpc] Properly renew and fork to background (diff)
download	tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.tar.gz tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.tar.xz tm-scripts-eb8fb86b50928d2f03d3d0932893f9099614233c.zip