core-agent-linux/vm-init.d/qubes-updates-proxy
Marek Marczykowski-Górecki aad6fa6d19
Hint shellcheck where to look for sourced files, if in repository
This will ease running shellcheck from the repository.
2017-09-30 05:05:34 +02:00

129 lines
2.7 KiB
Bash
Executable File

#!/bin/bash
#
# tinyproxy Startup script for the tinyproxy server as Qubes updates proxy
#
# chkconfig: 345 85 15
# description: small, efficient HTTP/SSL proxy daemon
#
# processname: tinyproxy
# config: /etc/tinyproxy/tinyproxy-updates.conf
# config: /etc/sysconfig/tinyproxy-updates
# pidfile: /var/run/tinyproxy/tinyproxy-updates.pid
#
# Note: pidfile is created by tinyproxy in its config
# see PidFile in the configuration file.
# Source function library.
# shellcheck disable=SC1091
. /etc/rc.d/init.d/functions
# Source Qubes library.
# shellcheck source=init/functions
. /usr/lib/qubes/init/functions
# Source networking configuration.
# shellcheck disable=SC1091
. /etc/sysconfig/network
# Check that networking is up.
[ "$NETWORKING" = "no" ] && exit 0
exec="/usr/sbin/tinyproxy"
prog=$(basename $exec)
config="/etc/tinyproxy/tinyproxy-updates.conf"
pidfile="/var/run/tinyproxy-updates/tinyproxy.pid"
# shellcheck disable=SC1091
[ -e /etc/sysconfig/tinyproxy-updates ] && . /etc/sysconfig/tinyproxy-updates
lockfile=/var/lock/subsys/tinyproxy-updates
start() {
have_qubesdb || return
if qsvc qubes-updates-proxy ; then
# Yum proxy disabled
exit 0
fi
[ -x $exec ] || exit 5
[ -f $config ] || exit 6
# setup network redirection
/sbin/iptables -I INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
/sbin/iptables -t nat -A PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
echo -n $"Starting $prog (as Qubes updates proxy): "
daemon $exec -c $config
retval=$?
echo
[ $retval -eq 0 ] && touch $lockfile
return $retval
}
stop() {
echo -n $"Stopping $prog: "
killproc -p $pidfile "$prog"
retval=$?
echo
/sbin/iptables -t nat -D PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
/sbin/iptables -D INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
[ $retval -eq 0 ] && rm -f "$lockfile"
return $retval
}
restart() {
stop
start
}
reload() {
echo -n $"Reloading $prog: "
killproc -p $pidfile "$prog" -HUP
echo
}
force_reload() {
restart
}
rh_status() {
status "$prog"
}
rh_status_q() {
rh_status >/dev/null 2>&1
}
case "$1" in
start)
rh_status_q && exit 0
$1
;;
stop)
rh_status_q || exit 0
$1
;;
restart)
$1
;;
reload)
rh_status_q || exit 7
$1
;;
force-reload)
force_reload
;;
status)
rh_status
;;
condrestart|try-restart)
rh_status_q || exit 0
restart
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|reload|force-reload}"
exit 2
esac
exit $?