98 lines
2.7 KiB
Bash
Executable File
98 lines
2.7 KiB
Bash
Executable File
#! /bin/sh
|
|
|
|
echo "Wait for tunnel to be fully initialized and PIA is ready to give us a port"
|
|
sleep 15
|
|
|
|
# Source our persisted env variables from container startup
|
|
. /etc/transmission/environment-variables.sh
|
|
|
|
# Settings
|
|
TRANSMISSION_PASSWD_FILE=/config/transmission-credentials.txt
|
|
|
|
transmission_username=$(head -1 $TRANSMISSION_PASSWD_FILE)
|
|
transmission_passwd=$(tail -1 $TRANSMISSION_PASSWD_FILE)
|
|
pia_client_id_file=/etc/transmission/pia_client_id
|
|
transmission_settings_file=${TRANSMISSION_HOME}/settings.json
|
|
|
|
#
|
|
# First get a port from PIA
|
|
#
|
|
|
|
new_client_id() {
|
|
head -n 100 /dev/urandom | sha256sum | tr -d " -" | tee $pia_client_id_file
|
|
}
|
|
|
|
pia_client_id="$(cat $pia_client_id_file 2>/dev/null)"
|
|
if [ -z "${pia_client_id}" ]; then
|
|
echo "Generating new client id for PIA"
|
|
pia_client_id=$(new_client_id)
|
|
fi
|
|
|
|
# Get the port
|
|
port_assignment_url="http://209.222.18.222:2000/?client_id=$pia_client_id"
|
|
pia_response=$(curl -s -f "$port_assignment_url")
|
|
pia_curl_exit_code=$?
|
|
|
|
if [ -z "$pia_response" ]; then
|
|
echo "Port forwarding is already activated on this connection, has expired, or you are not connected to a PIA region that supports port forwarding"
|
|
fi
|
|
|
|
# Check for curl error (curl will fail on HTTP errors with -f flag)
|
|
if [ $pia_curl_exit_code -ne 0 ]; then
|
|
echo "curl encountered an error looking up new port: $pia_curl_exit_code"
|
|
exit
|
|
fi
|
|
|
|
# Check for errors in PIA response
|
|
error=$(echo "$pia_response" | grep -oE "\"error\".*\"")
|
|
if [ ! -z "$error" ]; then
|
|
echo "PIA returned an error: $error"
|
|
exit
|
|
fi
|
|
|
|
# Get new port, check if empty
|
|
new_port=$(echo "$pia_response" | grep -oE "[0-9]+")
|
|
if [ -z "$new_port" ]; then
|
|
echo "Could not find new port from PIA"
|
|
exit
|
|
fi
|
|
echo "Got new port $new_port from PIA"
|
|
|
|
#
|
|
# Now, set port in Transmission
|
|
#
|
|
|
|
# Check if transmission remote is set up with authentication
|
|
auth_enabled=$(grep 'rpc-authentication-required\"' "$transmission_settings_file" \
|
|
| grep -oE 'true|false')
|
|
if [ "true" = "$auth_enabled" ]
|
|
then
|
|
echo "transmission auth required"
|
|
myauth="--auth $transmission_username:$transmission_passwd"
|
|
else
|
|
echo "transmission auth not required"
|
|
myauth=""
|
|
fi
|
|
|
|
# get current listening port
|
|
transmission_peer_port=$(transmission-remote $myauth -si | grep Listenport | grep -oE '[0-9]+')
|
|
if [ "$new_port" != "$transmission_peer_port" ]; then
|
|
if [ "true" = "$ENABLE_UFW" ]; then
|
|
echo "Update UFW rules before changing port in Transmission"
|
|
|
|
echo "denying access to $transmission_peer_port"
|
|
ufw deny "$transmission_peer_port"
|
|
|
|
echo "allowing $new_port through the firewall"
|
|
ufw allow "$new_port"
|
|
fi
|
|
|
|
transmission-remote $myauth -p "$new_port"
|
|
|
|
echo "Checking port..."
|
|
sleep 10
|
|
transmission-remote $myauth -pt
|
|
else
|
|
echo "No action needed, port hasn't changed"
|
|
fi
|