Last active
August 20, 2021 22:25
-
-
Save 0x1b-xyz/1ca47a613d654cc933f508067153fe1a to your computer and use it in GitHub Desktop.
A script that manages the lifecycle of the eap_proxy-udmpro container on a UDM PRO between reboots or firmware updates. See https://github.com/pbrah/eap_proxy-udmpro for the upstream image.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| SCRIPT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" | |
| TARGET_HOST="${TARGET_HOST:?"You must define TARGET_HOST"}" | |
| PASSWORD_FILE="${PASSWORD_FILE:?"You must define PASSWORD_FILE"}" | |
| EAP_PROXY_IMAGE="${EAP_PROXY_IMAGE:-"pbrah/eap_proxy-udmpro:v1.1"}" | |
| HC_CONTAINER_NAME="eap_proxy-healthcheck" | |
| UDM_CONTAINER_NAME="eap_proxy-udmpro" | |
| if ! docker image inspect ${HC_CONTAINER_NAME} &>/dev/null; then | |
| docker build -t ${HC_CONTAINER_NAME} - <<EOF | |
| FROM alpine | |
| RUN apk add --update expect \ | |
| && apk add --update openssh \ | |
| && apk add --update sshpass | |
| RUN { \ | |
| echo "#!/usr/bin/expect -f"; \ | |
| echo "set timeout 120"; \ | |
| echo "spawn sshpass -f /password ssh -o StrictHostKeyChecking=no root@${TARGET_HOST}"; \ | |
| echo "expect \"# \""; \ | |
| echo "send -- \"podman container inspect ${UDM_CONTAINER_NAME} &>/dev/null && echo 0 || echo 1\r\""; \ | |
| echo "sleep 1"; \ | |
| echo "expect {"; \ | |
| echo " \"0\r\" { send \"podman start ${UDM_CONTAINER_NAME}\r\" }"; \ | |
| echo " \"1\r\" { send \"podman run --privileged --network=host --name=${UDM_CONTAINER_NAME} --log-driver=k8s-file --restart always -d -ti ${EAP_PROXY_IMAGE} --update-mongodb --ping-gateway --ignore-when-wan-up --ignore-start --ignore-logoff --set-mac eth8 eth9 &>/dev/null && echo 0 || echo 1\r\" }"; \ | |
| echo "}"; \ | |
| echo "sleep 1"; \ | |
| echo "expect -re \".*\r\""; \ | |
| echo "send -- \"exit\r\""; \ | |
| echo "expect eof"; \ | |
| } > /check.exp \ | |
| && chmod 700 /check.exp | |
| CMD /check.exp | |
| EOF | |
| fi | |
| docker run --rm -v ${PASSWORD_FILE}:/password ${HC_CONTAINER_NAME} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This script is meant to be run from a secure host where you don't mind having your UDM root ssh password stored as cleartext. The script will build an image (lazily) on this secure host that contains an
expectscript that logs in to your UDM Pro and start (as needed) thepbrah/eap_proxy-udmpro:v1.1image.I've got this running as a scheduled task on my Synology NAS: