Move port forwarding scripts into provider folders, unify call and fix export syntax of environment variables

transmission/start.sh

@@ -1,8 +1,5 @@
 #!/bin/bash
 
-# Fail script on errors
-set -e
-
 # Source our persisted env variables from container startup
 . /etc/transmission/environment-variables.sh
 
@@ -72,20 +69,11 @@ fi
 echo "STARTING TRANSMISSION"
 exec su --preserve-environment ${RUN_AS} -s /bin/bash -c "/usr/bin/transmission-daemon -g ${TRANSMISSION_HOME} --logfile $LOGFILE" &
 
-if [[ "${OPENVPN_PROVIDER^^}" = "PIA" ]]
-then
-    echo "CONFIGURING PORT FORWARDING"
-    exec /etc/transmission/updatePort.sh &
-elif [[ "${OPENVPN_PROVIDER^^}" = "PERFECTPRIVACY" ]]
-then
-    echo "CONFIGURING PORT FORWARDING"
-    exec /etc/transmission/updatePPPort.sh ${TRANSMISSION_BIND_ADDRESS_IPV4} &
-elif [[ "${OPENVPN_PROVIDER^^}" = "PRIVATEVPN" ]]
-then
-    echo "CONFIGURING PORT FORWARDING"
-    exec /etc/transmission/updatePrivateVPNPort.sh &
-else
-    echo "NO PORT UPDATER FOR THIS PROVIDER"
+# Configure port forwarding if applicable
+if [[ -x /etc/openvpn/${OPENVPN_PROVIDER,,}/update-port.sh && -z $DISABLE_PORT_UPDATER ]]; then
+    echo "Provider ${OPENVPN_PROVIDER^^} has a script for automatic port forwarding. Will run it now."
+    echo "If you want to disable this, set environment variable DISABLE_PORT_UPDATER=yes"
+    exec /etc/openvpn/${OPENVPN_PROVIDER,,}/update-port.sh &
 fi
 
 # If transmission-post-start.sh exists, run it

transmission/updatePPPort.sh

@@ -1,69 +0,0 @@
-#! /bin/bash
-
-# Source our persisted env variables from container startup
-. /etc/transmission/environment-variables.sh
-
-# Settings
-TRANSMISSION_PASSWD_FILE=/config/transmission-credentials.txt
-
-transmission_username=$(head -1 $TRANSMISSION_PASSWD_FILE)
-transmission_passwd=$(tail -1 $TRANSMISSION_PASSWD_FILE)
-transmission_settings_file=${TRANSMISSION_HOME}/settings.json
-
-# Calculate the port
-
-IPADDRESS=$1
-echo "ipAddress to calculate port from $IPADDRESS"
-oct3=$(echo ${IPADDRESS} | tr "." " " | awk '{ print $3 }')
-oct4=$(echo ${IPADDRESS} | tr "." " " | awk '{ print $4 }')
-oct3binary=$(bc <<<"obase=2;$oct3" | awk '{ len = (8 - length % 8) % 8; printf "%.*s%s\n", len, "00000000", $0}')
-oct4binary=$(bc <<<"obase=2;$oct4" | awk '{ len = (8 - length % 8) % 8; printf "%.*s%s\n", len, "00000000", $0}')
-
-sum=${oct3binary}${oct4binary}
-portPartBinary=${sum:4}
-portPartDecimal=$((2#$portPartBinary))
-if [ ${#portPartDecimal} -ge 4 ]
-	then
-	new_port="1"${portPartDecimal}
-else
-	new_port="10"${portPartDecimal}
-fi
-echo "calculated port $new_port"
-
-#
-# Now, set port in Transmission
-#
-
-# Check if transmission remote is set up with authentication
-auth_enabled=$(grep 'rpc-authentication-required\"' $transmission_settings_file | grep -oE 'true|false')
-if [ "true" = "$auth_enabled" ]
-  then
-  echo "transmission auth required"
-  myauth="--auth $transmission_username:$transmission_passwd"
-else
-    echo "transmission auth not required"
-    myauth=""
-fi
-
-# get current listening port
-sleep 3
-transmission_peer_port=$(transmission-remote $myauth -si | grep Listenport | grep -oE '[0-9]+')
-if [ "$new_port" != "$transmission_peer_port" ]; then
-  if [ "true" = "$ENABLE_UFW" ]; then
-    echo "Update UFW rules before changing port in Transmission"
-
-    echo "denying access to $transmission_peer_port"
-    ufw deny ${transmission_peer_port}
-
-    echo "allowing $new_port through the firewall"
-    ufw allow ${new_port}
-  fi
-
-  transmission-remote ${myauth} -p "$new_port"
-
-  echo "Checking port..."
-  sleep 10
-  transmission-remote ${myauth} -pt
-else
-    echo "No action needed, port hasn't changed"
-fi

transmission/updatePort.sh

@@ -1,105 +0,0 @@
-#! /bin/bash
-
-echo "Wait for tunnel to be fully initialized and PIA is ready to give us a port"
-sleep 15
-
-# Source our persisted env variables from container startup
-. /etc/transmission/environment-variables.sh
-
-# Settings
-TRANSMISSION_PASSWD_FILE=/config/transmission-credentials.txt
-
-transmission_username=$(head -1 ${TRANSMISSION_PASSWD_FILE})
-transmission_passwd=$(tail -1 ${TRANSMISSION_PASSWD_FILE})
-pia_client_id_file=/etc/transmission/pia_client_id
-transmission_settings_file=${TRANSMISSION_HOME}/settings.json
-
-#
-# First get a port from PIA
-#
-
-new_client_id() {
-    head -n 100 /dev/urandom | sha256sum | tr -d " -" | tee ${pia_client_id_file}
-}
-
-pia_client_id="$(cat ${pia_client_id_file} 2>/dev/null)"
-if [[ -z "${pia_client_id}" ]]; then
-   echo "Generating new client id for PIA"
-   pia_client_id=$(new_client_id)
-fi
-
-# Get the port
-port_assignment_url="http://209.222.18.222:2000/?client_id=$pia_client_id"
-pia_response=$(curl -s -f "$port_assignment_url")
-pia_curl_exit_code=$?
-
-if [[ -z "$pia_response" ]]; then
-    echo "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding"
-fi
-
-# Check for curl error (curl will fail on HTTP errors with -f flag)
-if [[ ${pia_curl_exit_code} -ne 0 ]]; then
-   echo "curl encountered an error looking up new port: $pia_curl_exit_code"
-   exit
-fi
-
-# Check for errors in PIA response
-error=$(echo "$pia_response" | grep -oE "\"error\".*\"")
-if [[ ! -z "$error" ]]; then
-   echo "PIA returned an error: $error"
-   exit
-fi
-
-# Get new port, check if empty
-new_port=$(echo "$pia_response" | grep -oE "[0-9]+")
-if [[ -z "$new_port" ]]; then
-    echo "Could not find new port from PIA"
-    exit
-fi
-echo "Got new port $new_port from PIA"
-
-#
-# Now, set port in Transmission
-#
-
-# Check if transmission remote is set up with authentication
-auth_enabled=$(grep 'rpc-authentication-required\"' "$transmission_settings_file" \
-                   | grep -oE 'true|false')
-if [[ "true" = "$auth_enabled" ]]
-  then
-  echo "transmission auth required"
-  myauth="--auth $transmission_username:$transmission_passwd"
-else
-    echo "transmission auth not required"
-    myauth=""
-fi
-
-# make sure transmission is running and accepting requests
-echo "waiting for transmission to become responsive"
-until torrent_list="$(transmission-remote $myauth -l)"; do sleep 10; done
-echo "transmission became responsive"
-output="$(echo "$torrent_list" | tail -n 2)"
-echo "$output"
-
-# get current listening port
-transmission_peer_port=$(transmission-remote $myauth -si | grep Listenport | grep -oE '[0-9]+')
-if [[ "$new_port" != "$transmission_peer_port" ]]; then
-  if [[ "true" = "$ENABLE_UFW" ]]; then
-    echo "Update UFW rules before changing port in Transmission"
-
-    echo "denying access to $transmission_peer_port"
-    ufw deny "$transmission_peer_port"
-
-    echo "allowing $new_port through the firewall"
-    ufw allow "$new_port"
-  fi
-
-  echo "setting transmission port to $new_port"
-  transmission-remote ${myauth} -p "$new_port"
-
-  echo "Checking port..."
-  sleep 10
-  transmission-remote ${myauth} -pt
-else
-    echo "No action needed, port hasn't changed"
-fi

transmission/updatePrivateVPNPort.sh

@@ -1,84 +0,0 @@
-#! /bin/bash
-
-# Source our persisted env variables from container startup
-. /etc/transmission/environment-variables.sh
-
-# Settings
-TRANSMISSION_PASSWD_FILE=/config/transmission-credentials.txt
-
-transmission_username=$(head -1 $TRANSMISSION_PASSWD_FILE)
-transmission_passwd=$(tail -1 $TRANSMISSION_PASSWD_FILE)
-transmission_settings_file=${TRANSMISSION_HOME}/settings.json
-
-#
-# Fetch forwarded port from PrivateVPN API
-#
-
-# Get the port
-tun_ip=$(ip address show dev tun0 | grep 'inet\b' | awk '{print $2}' | cut -d/ -f1)
-pvpn_get_port_url="https://xu515.pvdatanet.com/v3/mac/port?ip%5B%5D=$tun_ip"
-pvpn_response=$(curl -s -f "$pvpn_get_port_url")
-pvpn_curl_exit_code=$?
-
-if [[ -z "$pvpn_response" ]]; then
-    echo "PrivateVPN port forward API returned a bad response"
-fi
-
-# Check for curl error (curl will fail on HTTP errors with -f flag)
-if [[ ${pvpn_curl_exit_code} -ne 0 ]]; then
-    echo "curl encountered an error looking up forwarded port: $pvpn_curl_exit_code"
-    exit
-fi
-
-# Check for errors in curl response
-error=$(echo "$pvpn_response" | grep -o "\"Not supported\"")
-if [[ ! -z "$error" ]]; then
-    echo "PrivateVPN API returned an error: $error - not all PrivateVPN servers support port forwarding. Try 'SE Stockholm'."
-    exit
-fi
-
-# Get new port, check if empty
-new_port=$(echo "$pvpn_response" | grep -oe 'Port [0-9]*' | awk '{print $2}' | cut -d/ -f1)
-if [[ -z "$new_port" ]]; then
-    echo "Could not find new port from PrivateVPN API"
-    exit
-fi
-echo "Got new port $new_port from PrivateVPN API"
-
-#
-# Now, set port in Transmission
-#
-
-# Check if transmission remote is set up with authentication
-auth_enabled=$(grep 'rpc-authentication-required\"' $transmission_settings_file | grep -oE 'true|false')
-if [ "true" = "$auth_enabled" ]
-  then
-  echo "transmission auth required"
-  myauth="--auth $transmission_username:$transmission_passwd"
-else
-    echo "transmission auth not required"
-    myauth=""
-fi
-
-# get current listening port
-sleep 3
-transmission_peer_port=$(transmission-remote $myauth -si | grep Listenport | grep -oE '[0-9]+')
-if [ "$new_port" != "$transmission_peer_port" ]; then
-  if [ "true" = "$ENABLE_UFW" ]; then
-    echo "Update UFW rules before changing port in Transmission"
-
-    echo "denying access to $transmission_peer_port"
-    ufw deny ${transmission_peer_port}
-
-    echo "allowing $new_port through the firewall"
-    ufw allow ${new_port}
-  fi
-
-  transmission-remote ${myauth} -p "$new_port"
-
-  echo "Checking port..."
-  sleep 10
-  transmission-remote ${myauth} -pt
-else
-    echo "No action needed, port hasn't changed"
-fi