Compare commits

...

5 Commits
test ... master

Author SHA1 Message Date
Jeffrey Paul 14b302755a fix TLS support, attempt 1
continuous-integration/drone/push Build is passing Details
* add libssl1.0-dev package for tls support to be built in
* fix bug in cert generation script
* make cert generation script noninteractive
2020-03-22 07:07:03 -07:00
Jeffrey Paul 67833a1b2d run as normal user, not root
continuous-integration/drone/push Build is passing Details
2020-03-22 06:02:15 -07:00
Jeffrey Paul d5e258ff01 create admin user automatically
continuous-integration/drone/push Build is passing Details
2020-03-22 05:51:17 -07:00
Jeffrey Paul fb2bf698ca enables TLS by default
continuous-integration/drone/push Build is passing Details
* update to config file to use TLS
* generates self-signed certs if none exist and saves them in config dir
2020-03-22 05:43:16 -07:00
Jeffrey Paul d8eed67ef7 update readme
continuous-integration/drone/push Build is passing Details
2020-03-22 05:34:13 -07:00
5 changed files with 74 additions and 13 deletions

View File

@ -3,8 +3,14 @@ FROM ubuntu:bionic
ENV DEBIAN_FRONTEND noninteractive ENV DEBIAN_FRONTEND noninteractive
ENV DEFAULT_ADMIN_PASSWORD hunter2
ARG UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu ARG UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu
ARG UID_TO_ADD=10000
ARG GID_TO_ADD=10000
ARG USERNAME_TO_ADD=user
RUN echo "deb $UBUNTU_MIRROR bionic main universe restricted multiverse" > /etc/apt/sources.list.new && \ RUN echo "deb $UBUNTU_MIRROR bionic main universe restricted multiverse" > /etc/apt/sources.list.new && \
echo "deb $UBUNTU_MIRROR bionic-updates main universe restricted multiverse" >> /etc/apt/sources.list.new && \ echo "deb $UBUNTU_MIRROR bionic-updates main universe restricted multiverse" >> /etc/apt/sources.list.new && \
echo "deb $UBUNTU_MIRROR bionic-security main universe restricted multiverse" >> /etc/apt/sources.list.new && \ echo "deb $UBUNTU_MIRROR bionic-security main universe restricted multiverse" >> /etc/apt/sources.list.new && \
@ -25,6 +31,7 @@ RUN \
libreadline-dev \ libreadline-dev \
locales \ locales \
mercurial \ mercurial \
libssl1.0-dev \
python \ python \
rsync \ rsync \
ruby \ ruby \
@ -38,6 +45,9 @@ RUN \
rsync -avP /tmp/rootoverlay/ / && \ rsync -avP /tmp/rootoverlay/ / && \
rm -rf /tmp/rootoverlay && \ rm -rf /tmp/rootoverlay && \
rm -r /root/go && \ rm -r /root/go && \
groupadd -g $GID_TO_ADD $USERNAME_TO_ADD && \
useradd -u $UID_TO_ADD -g $GID_TO_ADD -s /bin/bash $USERNAME_TO_ADD && \
usermod -p '*' $USERNAME_TO_ADD && \
chmod a+rx /etc/service/*/run chmod a+rx /etc/service/*/run
CMD ["/usr/local/sbin/runsvinit"] CMD ["/usr/local/sbin/runsvinit"]

View File

@ -1,10 +1,37 @@
# adchpp-docker # adchpp-docker
* https://git.eeqj.de/sneak/adchpp-docker * adch++ main url: https://adchpp.sourceforge.io/
* dockerized repository: https://git.eeqj.de/sneak/adchpp-docker
* docker image: https://hub.docker.com/r/sneak/adchpp
# Usage
```
docker run \
-p 2780:2780 \
-v /etc/adchpp:/config \
--name adchpp \
--restart unless-stopped \
sneak/adchpp@sha256:07a8fe2e1e719a712b075590a4c94d1d3c1a49dcb3da91b0a5c971c2c17bbbf7
```
# Repo Info
`src` contains `adch++` v2.12.1 extracted from tarball from sourceforge, `src` contains `adch++` v2.12.1 extracted from tarball from sourceforge,
modified only to make build on modern hardware. I tried getting it running modified only to make it build on modern hardware. I tried getting it running
on 20.04 but it doesn't work with modern `scons`, sadly. on 20.04 but its build file doesn't work with modern `scons`, sadly.
# Docker Image Information
* env:
* `DEFAULT_ADMIN_PASSWORD`: set to the admin password you want for the
`admin` user. default: `hunter2`. Note that passwords are stored
unhashed in plaintext on disk (take it up with the duck, I just
packaged it)
* no-op if `/config/users.txt` already exists, which it will after
first run.
* state/config volume: `/config`
* logs to stdout like a good docker
# License # License
@ -12,5 +39,5 @@ GPL
# Authors # Authors
* `adch++` &copy 2006-2016 Jacek Sieka iarnetheduck@gmail.com * `adch++` © 2006-2016 Jacek Sieka iarnetheduck@gmail.com
* packaging/dockerizing sneak sneak@sneak.berlin * packaging/dockerizing sneak sneak@sneak.berlin

View File

@ -9,5 +9,16 @@ if [[ ! -d /config/scripts ]]; then
cp /usr/local/src/adchpp/plugins/Script/examples/*.lua /config/scripts cp /usr/local/src/adchpp/plugins/Script/examples/*.lua /config/scripts
fi fi
cd /tmp if [[ ! -d /config/certs ]]; then
exec /usr/local/bin/adchppd -c /config mkdir -p /config/certs
cd /config/certs
bash /usr/local/src/adchpp/linux/generate_certs.sh
fi
if [[ ! -e /config/users.txt ]]; then
echo "[{\"password\":\"$DEFAULT_ADMIN_PASSWORD\",\"nick\":\"admin\",\"level\":10,\"regby\":\"admin\",\"regtime\":1322835912}]" > /config/users.txt
fi
chown -R user:user /config
cd /config
exec chpst -u user:user /usr/local/bin/adchppd -c /config

View File

@ -59,7 +59,6 @@
To create secure connections, set TLS="1" and define the following (preferably absolute) To create secure connections, set TLS="1" and define the following (preferably absolute)
paths: Certificate, PrivateKey, TrustedPath, DHParams. An example secure server setting: paths: Certificate, PrivateKey, TrustedPath, DHParams. An example secure server setting:
<Server Port="2780" TLS="1" Certificate="certs/cacert.pem" PrivateKey="certs/privkey.pem" TrustedPath="certs/trusted/" DHParams="certs/dhparam.pem"/>
Simple OpenSSL commands to generate files used for secure connections: Simple OpenSSL commands to generate files used for secure connections:
openssl genrsa -out privkey.pem 2048 openssl genrsa -out privkey.pem 2048
@ -69,8 +68,16 @@
Alternatively, you can use the cert generator contributed on Alternatively, you can use the cert generator contributed on
<http://launchpadlibrarian.net/31960965/Cert_Generator.7z>. <http://launchpadlibrarian.net/31960965/Cert_Generator.7z>.
-->
<Server Port="2780"/> <Server Port="2780"/>
-->
<Server
Port="2780"
TLS="1"
Certificate="/config/certs/cacert.pem"
PrivateKey="/config/certs/privkey.pem"
TrustedPath="/config/certs/trusted/"
DHParams="/config/certs/dhparam.pem"
/>
</Servers> </Servers>
<!-- Instead of scripts, ADCH++ uses plugins. Plugins can do the same work <!-- Instead of scripts, ADCH++ uses plugins. Plugins can do the same work

View File

@ -8,7 +8,13 @@ if [ "$(which openssl)" ];
openssl genrsa -out privkey.pem 2048 openssl genrsa -out privkey.pem 2048
clear clear
openssl dhparam -outform PEM -out dhparam.pem 1024 openssl dhparam -outform PEM -out dhparam.pem 1024
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095 openssl req \
-new -x509 \
-key privkey.pem \
-out cacert.pem \
-days 1095 \
-batch \
-subj '/CN=adchpp.example.com/O=ADCH++/C=AU'
clear clear
if [ -f certs/trusted ]; if [ -f certs/trusted ];
@ -18,7 +24,7 @@ if [ "$(which openssl)" ];
mkdir -p certs/trusted mkdir -p certs/trusted
fi fi
mv *.pem certs #mv *.pem certs
echo "All done!" echo "All done!"
else else