#!/bin/sh set -Ceu # Usage: confonion # # Configuration tool for publicfile under ucspi-onion with # daemontools. # # is the user under which httpd will run. # is the user under which multilog will run. # is a user whose sockets the tor daemon can connect to. # is where we install things. # is a path to the tor control socket. # is a path to the tor control authorization cookie file. # # Prints the onion hostname. Files will be served from # /file/0. onionserver must be in $PATH. # # Create a symlink from /service/ to /onion to # run it under svscan. # # Set PUBLICFILE in confonion's environment if publicfile is # installed elsewhere than /usr/local/publicfile: either to the # path where it is installed, or to empty if httpd will be in # $PATH. : ${PUBLICFILE=/usr/local/publicfile} progname=`basename "$0"` if [ $# -lt 6 ]; then printf >&2 \ 'Usage: %s \n' \ "$progname" exit 1 fi acct=$1 logacct=$2 toracct=$3 rootdir=$4 ctrl=$5 cookie=$6 loguid=`id -u "$logacct"` loggid=`id -g "$logacct"` case $rootdir in /*);; *) echo >&2 "$progname: rootdir must be absolute" exit 1 ;; esac quotify () { if expr "$1" : '.*[^[:alnum:]+,-./:=_]' >>/dev/null 2>&1; then printf "'%s'" "$(printf '%s' "$1" | sed -e "s,','\\\\'',g")" else printf '%s' "$1" fi } do_clean=false clean () { test "$do_clean" = true || return rm -rf "$rootdir" } trap clean EXIT HUP INT TERM umask 022 test -d "$rootdir" && { echo >&2 "$progname: exists: $rootdir"; exit 1; } do_clean=true mkdir "$rootdir" cd "$rootdir" mkdir -m 03700 onion oniongen1 onion/secret onion/hostname hostname=`cat onion/hostname` test -n "$hostname" || { echo >&2 "$progname: oniongen1 lost"; exit 1; } mkdir -m 02755 onion/log mkdir -m 02755 onion/log/main chown $loguid:$loggid onion/log/main touch onion/log/status chmod 0644 onion/log/status chown $loguid:$loggid onion/log/status cat <onion/run #!/bin/sh exec 2>&1 set -Ceu toruid=\$(id -u $(quotify "$toracct")) torgid=\$(id -g $(quotify "$toracct")) exec \\ envuidgid $(quotify "$acct") \\ softlimit -o20 -d50000 \\ onionserver -v -b50 -c100 -O "\$toruid" -G "\$torgid" \\ $(quotify "$ctrl") $(quotify "$cookie") \\ secret 80 \\ $(quotify "$rootdir")/socket \\ ${PUBLICFILE:+$(quotify "${PUBLICFILE}")/bin/}httpd $(quotify "$rootdir")/file EOF chmod 0755 onion/run cat <onion/log/run #!/bin/sh exec 2>&1 set -Ceu exec \\ setuidgid $(quotify "$logacct") \\ multilog t ./main '-*' '+* * status: *' =status EOF chmod 0755 onion/log/run mkdir -m 02755 file mkdir -m 02755 file/0 ln -s 0 file/$hostname do_clean=false echo $hostname