-
Notifications
You must be signed in to change notification settings - Fork 40
/
install_deps.sh
executable file
·193 lines (185 loc) · 5.63 KB
/
install_deps.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
#!/bin/sh
set -e
SCRIPTDIR="$(dirname "$(readlink -f "$0")")"
exists() {
if command -v "$1" > /dev/null 2>&1; then
return 0
fi
return 1
}
pip_install() {
python3 -m venv /.venv
# shellcheck disable=SC1091
. /.venv/bin/activate
pip install --no-cache-dir -r "${SCRIPTDIR}/../tests/requirements.txt"
}
if exists apk; then
apk add --no-cache \
bash \
grep \
privoxy \
sed \
wget
# prepare system in Github Pipeline
if [ -n "$CI" ]; then
apk add --no-cache --quiet \
build-base \
linux-headers \
py3-pip \
python3-dev
pip_install
# prepare configuration files
for f in /etc/privoxy/*.new; do
cp -p "$f" "${f%.*}"
done
adduser -h /home/ci_test_user -s /bin/bash -D ci_test_user
fi
if ! grep -q '^debug' /etc/privoxy/config; then
cat >> /etc/privoxy/config << EOF
# activate debugging of rules & access log
debug 8704
EOF
fi
exit 0
fi
if exists apt-get; then
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq -y
apt-get install --no-install-recommends -y \
bash \
grep \
privoxy \
sed \
wget
# prepare system in Github Pipeline
if [ -n "$CI" ]; then
apt-get install --no-install-recommends --yes \
apparmor \
curl \
build-essential \
python3-dev \
python3-pip \
python3-venv
pip_install
systemctl disable --now privoxy || true
useradd -s /bin/bash ci_test_user
fi
if [ -n "${HTTPS_SUPPORT:-}" ]; then
# prepare HTTPS inspection
mkdir -p /etc/privoxy/CA/certs /usr/local/share/ca-certificates/privoxy
openssl req -new -x509 -extensions v3_ca -keyout /etc/privoxy/CA/cakey.pem -out /etc/privoxy/CA/cacert.crt -days 3650 -noenc -batch
chown -R privoxy /etc/privoxy/CA
if ! grep -q '^{+https-inspection}' /etc/privoxy/user.action; then
cat >> /etc/privoxy/user.action << EOF
{+https-inspection}
.
EOF
fi
if ! grep -q '^ca-directory' /etc/privoxy/config; then
cat >> /etc/privoxy/config << EOF
ca-directory /etc/privoxy/CA
certificate-directory /var/lib/privoxy/certs
trusted-cas-file /etc/ssl/certs/ca-certificates.crt
ca-cert-file cacert.crt
ca-key-file cakey.pem
EOF
fi
if [ -e /usr/local/share/ca-certificates/privoxy/privoxy-cacert.crt ]; then
rm /usr/local/share/ca-certificates/privoxy/privoxy-cacert.crt /etc/ssl/certs/privoxy-cacert.pem
fi
ln -s /etc/privoxy/CA/cacert.crt /usr/local/share/ca-certificates/privoxy/privoxy-cacert.crt
update-ca-certificates
c_rehash
fi
if ! grep -q '^debug' /etc/privoxy/config; then
cat >> /etc/privoxy/config << EOF
# activate debugging of rules & access log
debug 8704
EOF
fi
exit 0
fi
if exists pacman; then
pacman -Sy \
bash \
grep \
privoxy \
sed \
wget
if ! grep -q '^debug' /etc/privoxy/config; then
cat >> /etc/privoxy/config << EOF
# activate debugging of rules & access log
debug 8704
EOF
fi
exit 0
fi
if exists opkg; then
if ! [ -e "/var/lock" ]; then
mkdir /var/lock/
fi
if ! [ -e "/var/run" ]; then
mkdir /var/run/
fi
opkg update
opkg install \
bash \
grep \
privoxy \
sed \
wget-ssl
# prepare system in Github Pipeline
if [ -n "$CI" ]; then
opkg install \
curl \
gcc \
make \
python3 \
python3-pip \
python3-dev \
python3-venv \
shadow-useradd
pip_install
/etc/rc.d/K10privoxy stop || true
echo " list listen_address '127.0.0.1:8118'" >> /etc/config/privoxy
echo " list permit_access '127.0.0.0/24'" >> /etc/config/privoxy
useradd -s /bin/bash ci_test_user
fi
# openwrt version not compiled with HTTPS support, thus just keeping for future reference
if [ -n "${HTTPS_SUPPORT:-}" ]; then
# prepare HTTPS inspection
opkg install openssl-util
privoxy_cert_dir="/etc/config/privoxy_certs"
cert_path="${privoxy_cert_dir}/privoxy_cacert.crt"
mkdir -p "${privoxy_cert_dir}"
openssl req -new -x509 -extensions v3_ca -keyout "${privoxy_cert_dir}/cakey.pem" -out "${cert_path}" -days 3650 -noenc -batch
cert_hash="$(openssl x509 -hash -noout -in "${cert_path}").0"
ln -s "${cert_path}" "/etc/ssl/certs/privoxy_cacert.crt"
ln -s "/etc/ssl/certs/privoxy_cacert.crt" "/etc/ssl/certs/${cert_hash}"
chown -R privoxy "${privoxy_cert_dir}"
if ! grep -q '^{+https-inspection}' /etc/config/privoxy_https.action; then
cat >> /etc/config/privoxy_https.action << EOF
{+https-inspection}
.
EOF
fi
if ! grep -q '^\s*option\s*ca-directory' /etc/config/privoxy; then
cat >> /etc/config/privoxy << EOF
option ca-directory '${privoxy_cert_dir}'
option certificate-directory '${privoxy_cert_dir}'
option trusted-cas-file '/etc/ssl/certs/ca-certificates.crt'
option ca-cert-file 'privoxy_cacert.crt'
option ca-key-file 'cakey.pem'
list actionsfile '/etc/config/privoxy_https.action'
EOF
fi
fi
if ! grep -q '^debug' /etc/config/privoxy; then
cat >> /etc/config/privoxy << EOF
option debug '8704'
EOF
fi
exit 0
fi
echo "no install command found"
exit 1