From 60c1f6b59e876e362db9c39d4f2cad8e56ca84f3 Mon Sep 17 00:00:00 2001 From: TheSpad Date: Mon, 5 Sep 2022 17:38:59 +0100 Subject: [PATCH] Rework legacy custom file handling --- root/docker-mods | 384 +++++++++++++++---------- root/etc/cont-init.d/02-tamper-check | 18 -- root/etc/cont-init.d/90-custom-folders | 5 - root/etc/cont-init.d/99-custom-files | 77 +++++ root/etc/cont-init.d/99-custom-scripts | 63 ---- 5 files changed, 313 insertions(+), 234 deletions(-) delete mode 100755 root/etc/cont-init.d/02-tamper-check delete mode 100755 root/etc/cont-init.d/90-custom-folders create mode 100755 root/etc/cont-init.d/99-custom-files delete mode 100755 root/etc/cont-init.d/99-custom-scripts diff --git a/root/docker-mods b/root/docker-mods index 7c4743d..cfa3484 100755 --- a/root/docker-mods +++ b/root/docker-mods @@ -1,31 +1,76 @@ #!/usr/bin/with-contenv bash +# shellcheck shell=bash # Set executable bit on cont-init and services built into the image set_legacy_executable_bits() { - mkdir -p /etc/{cont-init.d,services.d} - chmod +x \ - /etc/cont-init.d/* \ - /etc/services.d/*/* 2> /dev/null || true + mkdir -p /etc/{cont-init.d,services.d} + chmod +x \ + /etc/cont-init.d/* \ + /etc/services.d/*/* 2>/dev/null || true } -set_legacy_executable_bits -SERVICES_DIR_OLD="/config/custom-services.d" -SERVICES_DIR="/custom-services.d" +tamper_check() { + #Tamper check custom service locations + if [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* ! -user root)" ]]; then + echo "[custom-init] **** Some of the contents of the folder '${SERVICES_DIR}' are not owned by root, which is a security risk. ****" + echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****" + elif [[ -d "${SERVICES_DIR}" ]] && [[ -n "$(find ${SERVICES_DIR}/* -perm -o+w)" ]]; then + echo "[custom-init] **** Some of the contents of the folder '${SERVICES_DIR}' have write permissions for others, which is a security risk. ****" + echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****" + fi + #Tamper check custom script locations + if [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* ! -user root)" ]]; then + echo "[custom-init] **** Some of the contents of the folder '${SCRIPTS_DIR}' are not owned by root, which is a security risk. ****" + echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****" + elif [[ -d "${SCRIPTS_DIR}" ]] && [[ -n "$(find ${SCRIPTS_DIR}/* -perm -o+w)" ]]; then + echo "[custom-init] **** Some of the contents of the folder '${SCRIPTS_DIR}' have write permissions for others, which is a security risk. ****" + echo "[custom-init] **** Please review the permissions of this folder and its contents to make sure they are owned by root, and can only be modified by root. ****" + fi +} -# Remove all existing custom services before continuing to ensure -# we aren't running anything the user may have removed -if [[ -n "$(/bin/ls -A /etc/s6-overlay/s6-rc.d/custom-svc-* 2>/dev/null)" ]]; then - echo "[custom-init] removing existing custom services..." - rm -rf /etc/s6-overlay/s6-rc.d/custom-svc-* -fi +tamper_check_legacy() { + # Tamper check custom script locations + if [[ -d "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(find ${SCRIPTS_DIR_OLD} ! -user root)" ]]; then + echo "**** Potential tampering with custom scripts detected ****" + randstr=$( + tr /dev/null)" ]]; then + echo "[custom-init] removing existing custom services..." + rm -rf /etc/s6-overlay/s6-rc.d/custom-svc-* + fi -if [[ -z "$(/bin/ls -A ${SERVICES_DIR} 2>/dev/null)" ]] && - [[ -z "$(/bin/ls -A ${SERVICES_DIR_OLD} 2>/dev/null)" ]]; then - echo "[custom-init] no custom services found, skipping..." -else # Make sure custom service directory exists and has files in it if [[ -e "${SERVICES_DIR}" ]] && [[ -n "$(/bin/ls -A ${SERVICES_DIR} 2>/dev/null)" ]]; then - echo "[custom-init] service files found in ${SERVICES_DIR}" + echo "[custom-init] Service files found in ${SERVICES_DIR}" for SERVICE in "${SERVICES_DIR}"/*; do NAME="$(basename "${SERVICE}")" if [[ -f "${SERVICE}" ]]; then @@ -41,10 +86,29 @@ else echo "[custom-init] ${NAME}: is not a file" fi done + else + echo "[custom-init] No custom services found, skipping..." fi + # Remove legacy folder if it's empty + if [[ -e "${SERVICES_DIR_OLD}" ]] && [[ -z "$(/bin/ls -A ${SERVICES_DIR_OLD} 2>/dev/null)" ]]; then + echo "[custom-init] Legacy service folder ${SERVICES_DIR_OLD} is empty, deleting..." + rm -rf "${SERVICES_DIR_OLD}" + fi +} + +process_custom_services_legacy() { + + # Remove all existing custom services before continuing to ensure + # we aren't running anything the user may have removed + if [[ -n "$(/bin/ls -A /etc/s6-overlay/s6-rc.d/custom-svc-* 2>/dev/null)" ]]; then + echo "[custom-init] removing existing custom services..." + rm -rf /etc/s6-overlay/s6-rc.d/custom-svc-* + fi + + # Make sure custom service directory exists and has files in it if [[ -e "${SERVICES_DIR_OLD}" ]] && [[ -n "$(/bin/ls -A ${SERVICES_DIR_OLD} 2>/dev/null)" ]]; then - echo "[custom-init] service files found in ${SERVICES_DIR_OLD}" + echo "[custom-init] Service files found in ${SERVICES_DIR_OLD}" for SERVICE in "${SERVICES_DIR_OLD}"/*; do NAME="$(basename "${SERVICE}")" if [[ -f "${SERVICE}" ]]; then @@ -60,142 +124,166 @@ else echo "[custom-init] ${NAME}: is not a file" fi done - fi -fi + else + echo "[custom-init] No custom services found, skipping..." + fi -# Exit if mods is not set -if [ -z ${DOCKER_MODS+x} ]; then - exit 0 -fi + # Remove legacy folder if it's empty + if [[ -e "${SERVICES_DIR_OLD}" ]] && [[ -z "$(/bin/ls -A ${SERVICES_DIR_OLD} 2>/dev/null)" ]]; then + echo "[custom-init] Legacy service folder ${SERVICES_DIR_OLD} is empty, deleting..." + rm -rf "${SERVICES_DIR_OLD}" + fi +} # Check for curl -if [ ! -f /usr/bin/curl ] || [ ! -f /usr/bin/jq ]; then - echo "[mod-init] Curl/JQ was not found on this system for Docker mods installing" - if [ -f /usr/bin/apt ]; then - # Ubuntu - apt-get update - apt-get install --no-install-recommends -y \ - curl \ - jq - elif [ -f /sbin/apk ]; then - # Alpine - apk add --no-cache \ - curl \ - jq - fi -fi - -## Functions +curl_check() { + if [[ ! -f /usr/bin/curl ]] || [[ ! -f /usr/bin/jq ]]; then + echo "[mod-init] Curl/JQ was not found on this system for Docker mods installing" + if [[ -f /usr/bin/apt ]]; then + ## Ubuntu + export DEBIAN_FRONTEND="noninteractive" + apt-get update + apt-get install --no-install-recommends -y \ + curl \ + jq + elif [[ -f /sbin/apk ]]; then + # Alpine + apk add --no-cache \ + curl \ + jq + fi + fi +} # Use different filtering depending on URL -get_blob_sha () { - if [[ $1 == "ghcr" ]]; then - curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ - --silent \ - --location \ - --request GET \ - --header "Authorization: Bearer $2" \ - $3 | jq -r '.layers[0].digest' - else - curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ - --silent \ - --location \ - --request GET \ - --header "Authorization: Bearer $2" \ - $3 | jq -r '.fsLayers[0].blobSum' - fi +get_blob_sha() { + if [[ $1 == "ghcr" ]]; then + curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ + --silent \ + --location \ + --request GET \ + --header "Authorization: Bearer $2" \ + "$3" | jq -r '.layers[0].digest' + else + curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ + --silent \ + --location \ + --request GET \ + --header "Authorization: Bearer $2" \ + "$3" | jq -r '.fsLayers[0].blobSum' + fi } # Main run logic -echo "[mod-init] Attempting to run Docker Modification Logic" -IFS='|' -DOCKER_MODS=(${DOCKER_MODS}) -for DOCKER_MOD in "${DOCKER_MODS[@]}"; do - # Support alternative endpoints - if [[ ${DOCKER_MOD} == ghcr.io/* ]] || [[ ${DOCKER_MOD} == linuxserver/* ]]; then - DOCKER_MOD="${DOCKER_MOD#ghcr.io/*}" - ENDPOINT="${DOCKER_MOD%%:*}" - USERNAME="${DOCKER_MOD%%/*}" - REPO="${ENDPOINT#*/}" - TAG="${DOCKER_MOD#*:}" - if [[ ${TAG} == "${DOCKER_MOD}" ]]; then - TAG="latest" - fi - FILENAME="${USERNAME}.${REPO}.${TAG}" - AUTH_URL="https://ghcr.io/token?scope=repository%3A${USERNAME}%2F${REPO}%3Apull" - MANIFEST_URL="https://ghcr.io/v2/${ENDPOINT}/manifests/${TAG}" - BLOB_URL="https://ghcr.io/v2/${ENDPOINT}/blobs/" - MODE="ghcr" - else - ENDPOINT="${DOCKER_MOD%%:*}" - USERNAME="${DOCKER_MOD%%/*}" - REPO="${ENDPOINT#*/}" - TAG="${DOCKER_MOD#*:}" - if [[ ${TAG} == "${DOCKER_MOD}" ]]; then - TAG="latest" - fi - FILENAME="${USERNAME}.${REPO}.${TAG}" - AUTH_URL="https://auth.docker.io/token?service=registry.docker.io&scope=repository:${ENDPOINT}:pull" - MANIFEST_URL="https://registry-1.docker.io/v2/${ENDPOINT}/manifests/${TAG}" - BLOB_URL="https://registry-1.docker.io/v2/${ENDPOINT}/blobs/" - MODE="dockerhub" - fi - # Kill off modification logic if any of the usernames are banned - BLACKLIST=$(curl -s https://raw.githubusercontent.com/linuxserver/docker-mods/master/blacklist.txt) - IFS=$'\n' - BLACKLIST=(${BLACKLIST}) - for BANNED in "${BLACKLIST[@]}"; do - if [ "${BANNED}" == "${USERNAME,,}" ]; then - if [ -z ${RUN_BANNED_MODS+x} ]; then - echo "[mod-init] ${DOCKER_MOD} is banned from use due to reported abuse aborting mod logic" - exit 0 - else - echo "[mod-init] You have chosen to run banned mods ${DOCKER_MOD} will be applied" - fi - fi - done - echo "[mod-init] Applying ${DOCKER_MOD} files to container" - # Get Dockerhub token for api operations - TOKEN=\ -"$(curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ - --silent \ - --header 'GET' \ - "${AUTH_URL}" \ - | jq -r '.token' \ - )" - # Determine first and only layer of image - SHALAYER=$(get_blob_sha "${MODE}" "${TOKEN}" "${MANIFEST_URL}") - # Check if we have allready applied this layer - if [ -f "/${FILENAME}" ] && [ "${SHALAYER}" == "$(cat /${FILENAME})" ]; then - echo "[mod-init] ${DOCKER_MOD} at ${SHALAYER} has been previously applied skipping" - else - # Download and extract layer to / - curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ - --silent \ - --location \ - --request GET \ - --header "Authorization: Bearer ${TOKEN}" \ - "${BLOB_URL}${SHALAYER}" -o \ - /modtarball.tar.xz - mkdir -p /tmp/mod - tar xzf /modtarball.tar.xz -C /tmp/mod - if [ -d /tmp/mod/etc/s6-overlay ]; then - if [ -d /tmp/mod/etc/cont-init.d ]; then - rm -rf /tmp/mod/etc/cont-init.d - fi - if [ -d /tmp/mod/etc/services.d ]; then - rm -rf /tmp/mod/etc/services.d - fi - fi - shopt -s dotglob - cp -R /tmp/mod/* / - shopt -u dotglob - rm -rf /tmp/mod - rm -rf /modtarball.tar.xz - echo ${SHALAYER} > "/${FILENAME}" - echo "[mod-init] ${DOCKER_MOD} applied to container" - fi -done +run_mods() { + echo "[mod-init] Attempting to run Docker Modification Logic" + for DOCKER_MOD in $(echo "${DOCKER_MODS}" | tr '|' '\n'); do + # Support alternative endpoints + if [[ ${DOCKER_MOD} == ghcr.io/* ]] || [[ ${DOCKER_MOD} == linuxserver/* ]]; then + DOCKER_MOD="${DOCKER_MOD#ghcr.io/*}" + ENDPOINT="${DOCKER_MOD%%:*}" + USERNAME="${DOCKER_MOD%%/*}" + REPO="${ENDPOINT#*/}" + TAG="${DOCKER_MOD#*:}" + if [[ ${TAG} == "${DOCKER_MOD}" ]]; then + TAG="latest" + fi + FILENAME="${USERNAME}.${REPO}.${TAG}" + AUTH_URL="https://ghcr.io/token?scope=repository%3A${USERNAME}%2F${REPO}%3Apull" + MANIFEST_URL="https://ghcr.io/v2/${ENDPOINT}/manifests/${TAG}" + BLOB_URL="https://ghcr.io/v2/${ENDPOINT}/blobs/" + MODE="ghcr" + else + ENDPOINT="${DOCKER_MOD%%:*}" + USERNAME="${DOCKER_MOD%%/*}" + REPO="${ENDPOINT#*/}" + TAG="${DOCKER_MOD#*:}" + if [[ ${TAG} == "${DOCKER_MOD}" ]]; then + TAG="latest" + fi + FILENAME="${USERNAME}.${REPO}.${TAG}" + AUTH_URL="https://auth.docker.io/token?service=registry.docker.io&scope=repository:${ENDPOINT}:pull" + MANIFEST_URL="https://registry-1.docker.io/v2/${ENDPOINT}/manifests/${TAG}" + BLOB_URL="https://registry-1.docker.io/v2/${ENDPOINT}/blobs/" + MODE="dockerhub" + fi + # Kill off modification logic if any of the usernames are banned + for BANNED in $(curl -s https://raw.githubusercontent.com/linuxserver/docker-mods/master/blacklist.txt); do + if [[ "${BANNED,,}" == "${USERNAME,,}" ]]; then + if [[ -z ${RUN_BANNED_MODS+x} ]]; then + echo "[mod-init] ${DOCKER_MOD} is banned from use due to reported abuse aborting mod logic" + return + else + echo "[mod-init] You have chosen to run banned mods ${DOCKER_MOD} will be applied" + fi + fi + done + echo "[mod-init] Applying ${DOCKER_MOD} files to container" + # Get Dockerhub token for api operations + TOKEN="$( + curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ + --silent \ + --header 'GET' \ + "${AUTH_URL}" | + jq -r '.token' + )" + # Determine first and only layer of image + SHALAYER=$(get_blob_sha "${MODE}" "${TOKEN}" "${MANIFEST_URL}") + # Check if we have allready applied this layer + if [[ -f "/${FILENAME}" ]] && [[ "${SHALAYER}" == "$(cat /"${FILENAME}")" ]]; then + echo "[mod-init] ${DOCKER_MOD} at ${SHALAYER} has been previously applied skipping" + else + # Download and extract layer to / + curl -f --retry 10 --retry-max-time 60 --retry-connrefused \ + --silent \ + --location \ + --request GET \ + --header "Authorization: Bearer ${TOKEN}" \ + "${BLOB_URL}${SHALAYER}" -o \ + /modtarball.tar.xz + mkdir -p /tmp/mod + tar xzf /modtarball.tar.xz -C /tmp/mod + if [[ -d /tmp/mod/etc/s6-overlay ]]; then + if [[ -d /tmp/mod/etc/cont-init.d ]]; then + rm -rf /tmp/mod/etc/cont-init.d + fi + if [[ -d /tmp/mod/etc/services.d ]]; then + rm -rf /tmp/mod/etc/services.d + fi + fi + shopt -s dotglob + cp -R /tmp/mod/* / + shopt -u dotglob + rm -rf /tmp/mod + rm -rf /modtarball.tar.xz + echo "${SHALAYER}" >"/${FILENAME}" + echo "[mod-init] ${DOCKER_MOD} applied to container" + fi + done +} -# Set executable bit on cont-init and services that may have been unpacked by mods +# Main script loop + +SCRIPTS_DIR_OLD="/config/custom-cont-init.d" +SCRIPTS_DIR="/custom-cont-init.d" +SERVICES_DIR_OLD="/config/custom-services.d" +SERVICES_DIR="/custom-services.d" + +if [ ! -d "/custom-cont-init.d" ] && [ ! -d "/custom-services.d" ]; then + # Tamper check legacy custom folders + tamper_check_legacy + process_custom_services_legacy +else + # Tamper check new custom folders + tamper_check + process_custom_services +fi + +# Run mod logic +if [[ -n "${DOCKER_MODS+x}" ]]; then + curl_check + run_mods +fi + +# Set executable bit on legacy cont-init and services built into the image and anything legacy unpacked by mods set_legacy_executable_bits diff --git a/root/etc/cont-init.d/02-tamper-check b/root/etc/cont-init.d/02-tamper-check deleted file mode 100755 index 6699a27..0000000 --- a/root/etc/cont-init.d/02-tamper-check +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/with-contenv bash - -if ([ -d "/config/custom-cont-init.d" ] && [ -n "$(find /config/custom-cont-init.d ! -user root)" ]) || ([ -d "/config/custom-services.d" ] && [ -n "$(find /config/custom-services.d ! -user root)" ]); then - echo "**** Potential tampering with custom scripts/services detected ****" - randstr=$(< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c${1:-8};echo;) - for folder in "/config/custom-cont-init.d" "/config/custom-services.d"; do - if [ -d "${folder}" ]; then - mv "${folder}" "${folder}.${randstr}" - echo "**** Folder ${folder} is moved to ${folder}.${randstr} ****" - fi - done - echo "**** The folders '/config/custom-cont-init.d' and '/config/custom-services.d'; and their contents need to all be owned by root to prevent root escalation inside the container!!! ****" - mkdir -p /config/custom-cont-init.d /config/custom-services.d - chown 0:0 /config/custom-cont-init.d /config/custom-services.d -elif ([ -d "/config/custom-cont-init.d" ] && [ -n "$(find /config/custom-cont-init.d -perm -o+w)" ]) || ([ -d "/config/custom-services.d" ] && [ -n "$(find /config/custom-services.d -perm -o+w)" ]); then - echo "**** The folders '/config/custom-cont-init.d' or '/config/custom-services.d'; or some of their contents have write permissions for others, which is a security risk. ****" - echo "**** Please review the permissions of these two folders and their contents to make sure they are owned by root, and can only be modified by root. ****" -fi diff --git a/root/etc/cont-init.d/90-custom-folders b/root/etc/cont-init.d/90-custom-folders deleted file mode 100755 index 14b7914..0000000 --- a/root/etc/cont-init.d/90-custom-folders +++ /dev/null @@ -1,5 +0,0 @@ -#!/usr/bin/with-contenv bash - -# create custom folders and secure permissions -mkdir -p /config/{custom-cont-init.d,custom-services.d} -chown -R 0:0 /config/{custom-cont-init.d,custom-services.d} diff --git a/root/etc/cont-init.d/99-custom-files b/root/etc/cont-init.d/99-custom-files new file mode 100755 index 0000000..9c0e18d --- /dev/null +++ b/root/etc/cont-init.d/99-custom-files @@ -0,0 +1,77 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# Directories +SCRIPTS_DIR_OLD="/config/custom-cont-init.d" +SCRIPTS_DIR="/custom-cont-init.d" +SERVICES_DIR_OLD="/config/custom-services.d" +SERVICES_DIR="/custom-services.d" + +# chown legacy folders if they exist +if [[ -e "${SCRIPTS_DIR_OLD}" ]]; then + chown -R 0:0 "${SCRIPTS_DIR_OLD}" +fi + +# chown legacy folders if they exist +if [[ -e "${SERVICES_DIR_OLD}" ]]; then + chown -R 0:0 "${SERVICES_DIR_OLD}" +fi + +# Make sure custom init directory exists and has files in it +if [[ -e "${SCRIPTS_DIR}" ]] && [[ -n "$(/bin/ls -A ${SCRIPTS_DIR} 2>/dev/null)" ]]; then + echo "[custom-init] Files found, executing" + for SCRIPT in "${SCRIPTS_DIR}"/*; do + NAME="$(basename "${SCRIPT}")" + if [[ -f "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: executing..." + /bin/bash "${SCRIPT}" + echo "[custom-init] ${NAME}: exited $?" + elif [[ ! -f "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: is not a file" + fi + done + + # Remove legacy folder if it's empty + if [[ -e "${SCRIPTS_DIR}" ]] && [[ -z "$(/bin/ls -A ${SCRIPTS_DIR} 2>/dev/null)" ]]; then + echo "[custom-init] Legacy service folder ${SCRIPTS_DIR} is empty, deleting..." + rm -rf "${SCRIPTS_DIR}" + fi +elif [[ -e "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(/bin/ls -A ${SCRIPTS_DIR_OLD} 2>/dev/null)" ]]; then + echo "[custom-init] Files found, executing" + for SCRIPT in "${SCRIPTS_DIR_OLD}"/*; do + NAME="$(basename "${SCRIPT}")" + if [[ -f "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: executing..." + /bin/bash "${SCRIPT}" + echo "[custom-init] ${NAME}: exited $?" + elif [[ ! -f "${SCRIPT}" ]]; then + echo "[custom-init] ${NAME}: is not a file" + fi + done +elif [[ -e "${SCRIPTS_DIR_OLD}" ]] && [[ -z "$(/bin/ls -A ${SCRIPTS_DIR_OLD} 2>/dev/null)" ]]; then + echo "[custom-init] Legacy files folder ${SCRIPTS_DIR_OLD} is empty, deleting..." + rm -rf "${SCRIPTS_DIR_OLD}" +else + echo "[custom-init] No custom files found, skipping..." +fi + +if [[ -n "$(/bin/ls -A "${SCRIPTS_DIR_OLD}" 2>/dev/null)" ]] || + [[ -n "$(/bin/ls -A "${SERVICES_DIR_OLD}" 2>/dev/null)" ]]; then + cat << EOF | tee {${SCRIPTS_DIR_OLD}/README.txt,${SERVICES_DIR_OLD}/README.txt} 2>/dev/null +******************************************************** +******************************************************** +* * +* !!!! * +* Custom scripts or services found in legacy locations * +* !!!! * +* Please move your custom scripts and services * +* to ${SCRIPTS_DIR} and ${SERVICES_DIR} * +* respectively to ensure they continue working. * +* * +* Visit https://linuxserver.io/custom for more info. * +* * +******************************************************** +******************************************************** +EOF +fi +exit 0 diff --git a/root/etc/cont-init.d/99-custom-scripts b/root/etc/cont-init.d/99-custom-scripts deleted file mode 100755 index e800ea4..0000000 --- a/root/etc/cont-init.d/99-custom-scripts +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/with-contenv bash -# shellcheck shell=bash - -# Directories -SCRIPTS_DIR_OLD="/config/custom-cont-init.d" -SERVICES_DIR_OLD="/config/custom-services.d" -SCRIPTS_DIR="/custom-cont-init.d" -SERVICES_DIR="/custom-services.d" - -if [[ -z "$(/bin/ls -A ${SCRIPTS_DIR} 2>/dev/null)" ]] && - [[ -z "$(/bin/ls -A ${SCRIPTS_DIR_OLD} 2>/dev/null)" ]]; then - echo "[custom-init] no custom files found, skipping..." -else - # Make sure custom init directory exists and has files in it - if [[ -e "${SCRIPTS_DIR}" ]] && [[ -n "$(/bin/ls -A ${SCRIPTS_DIR} 2>/dev/null)" ]]; then - echo "[custom-init] files found, executing" - for SCRIPT in "${SCRIPTS_DIR}"/*; do - NAME="$(basename "${SCRIPT}")" - if [[ -f "${SCRIPT}" ]]; then - echo "[custom-init] ${NAME}: executing..." - /bin/bash "${SCRIPT}" - echo "[custom-init] ${NAME}: exited $?" - elif [[ ! -f "${SCRIPT}" ]]; then - echo "[custom-init] ${NAME}: is not a file" - fi - done - fi - - if [[ -e "${SCRIPTS_DIR_OLD}" ]] && [[ -n "$(/bin/ls -A ${SCRIPTS_DIR_OLD} 2>/dev/null)" ]]; then - echo "[custom-init] files found, executing" - for SCRIPT in "${SCRIPTS_DIR_OLD}"/*; do - NAME="$(basename "${SCRIPT}")" - if [[ -f "${SCRIPT}" ]]; then - echo "[custom-init] ${NAME}: executing..." - /bin/bash "${SCRIPT}" - echo "[custom-init] ${NAME}: exited $?" - elif [[ ! -f "${SCRIPT}" ]]; then - echo "[custom-init] ${NAME}: is not a file" - fi - done - fi -fi - -if [[ -n "$(/bin/ls -A "${SCRIPTS_DIR_OLD}" 2>/dev/null)" ]] || - [[ -n "$(/bin/ls -A "${SERVICES_DIR_OLD}" 2>/dev/null)" ]]; then - cat << EOF | tee {${SCRIPTS_DIR_OLD}/README.txt,${SERVICES_DIR_OLD}/README.txt} 2>/dev/null - ******************************************************** - ******************************************************** - * * - * !!!! * - * Custom scripts or services found in legacy locations * - * !!!! * - * Please move your custom scripts and services * - * to ${SCRIPTS_DIR} and ${SERVICES_DIR} * - * respectively to ensure they continue working. * - * * - * Visit https://linuxserver.io/custom for more info. * - * * - ******************************************************** - ******************************************************** -EOF -fi -exit 0