ZeroTierOne/pkg/synology/dsm7-docker/entrypoint.sh

#!/bin/bash

set -uo pipefail

trap 'trap " " SIGTERM; kill 0; wait' SIGTERM SIGQUIT SIGINT

echo "Starting Zerotier-One"
zerotier-one -d

echo "Wait for ZT service to come online before attempting queries..."
MAX_WAIT_SECS="${MAX_WAIT_SECS:-90}"
SLEEP_TIME="${SLEEP_TIME:-15}"
if [[ "$SLEEP_TIME" -le 0 ]]
then
  SLEEP_TIME=1
fi

iterations=$((MAX_WAIT_SECS/SLEEP_TIME))
online=false

for ((s=0; s<=iterations; s++))
do
    online="$(zerotier-cli -j info | jq '.online' 2>/dev/null)"
    if [[ "$online" == "true" ]]
    then
        break
    fi
    sleep "$SLEEP_TIME"
    echo " ."
done

if [[ "$online" != "true" ]]
then
    echo "Waited $MAX_WAIT_SECS for zerotier-one to start, exiting." >&2
    exit 1
fi
echo "done."

(
echo "Starting route helper"
while true
do
    if ! NETWORK_LIST="$(zerotier-cli -j listnetworks)"
    then
      echo "Route helper: $NETWORK_LIST" >&2
      exit 1
    fi
    NETWORK_COUNT="$(jq -r '. | length' <<< "$NETWORK_LIST")"
    if [[ "$NETWORK_COUNT" -gt 0 ]]
    then
        for ((j=0; j<=$((NETWORK_COUNT-1)); j++))
        do
            ALLOW_DEFAULT="$(jq -r '.['$j'].allowDefault' <<< "$NETWORK_LIST")"
            ROUTE_COUNT="$(jq -r '.['$j'].routes | length' <<< "$NETWORK_LIST")"
            for ((k=0; k<=$((ROUTE_COUNT-1)); k++))
            do
                ROUTE="$(jq -r '.['$j'].routes['$k'].target' <<< "$NETWORK_LIST")"
                VIA="$(jq -r '.['$j'].routes['$k'].via' <<< "$NETWORK_LIST")"
                if [[ -n "$ROUTE" ]]
                then
                    # check if route is default and allowDefault enabled for this network
                    if [[ "$ROUTE" == "0.0.0.0/0" && "$ALLOW_DEFAULT" == "false" ]]
                    then
                      continue
                    fi
                    EXIST="$(ip -o route show "$ROUTE")"
                    if [[ -z "${EXIST}" && "$VIA" == "null" ]]
                    then
                        IFNAME="$(jq -r '.['$j'] | .portDeviceName' <<< "$NETWORK_LIST")"
                        echo " Adding route $ROUTE to dev $IFNAME"
                        ip route add "$ROUTE" dev "$IFNAME"
                        # Routes will be deleted when ZT brings the interface down
                    fi
                fi
            done
        done
    fi
    sleep 15
done ) &

wait
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`#!/bin/bash`

Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`set -uo pipefail`

			`trap 'trap " " SIGTERM; kill 0; wait' SIGTERM SIGQUIT SIGINT`

			`echo "Starting Zerotier-One"`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`zerotier-one -d`

Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`echo "Wait for ZT service to come online before attempting queries..."`
			`MAX_WAIT_SECS="${MAX_WAIT_SECS:-90}"`
			`SLEEP_TIME="${SLEEP_TIME:-15}"`
			`if [[ "$SLEEP_TIME" -le 0 ]]`
			`then`
			`SLEEP_TIME=1`
			`fi`

			`iterations=$((MAX_WAIT_SECS/SLEEP_TIME))`
			`online=false`

			`for ((s=0; s<=iterations; s++))`
			`do`
			`online="$(zerotier-cli -j info \| jq '.online' 2>/dev/null)"`
			`if [[ "$online" == "true" ]]`
			`then`
			`break`
			`fi`
			`sleep "$SLEEP_TIME"`
			`echo " ."`
			`done`

			`if [[ "$online" != "true" ]]`
			`then`
			`echo "Waited $MAX_WAIT_SECS for zerotier-one to start, exiting." >&2`
			`exit 1`
			`fi`
			`echo "done."`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`(`
			`echo "Starting route helper"`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`while true`
			`do`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`if ! NETWORK_LIST="$(zerotier-cli -j listnetworks)"`
			`then`
			`echo "Route helper: $NETWORK_LIST" >&2`
			`exit 1`
			`fi`
			`NETWORK_COUNT="$(jq -r '. \| length' <<< "$NETWORK_LIST")"`
			`if [[ "$NETWORK_COUNT" -gt 0 ]]`
			`then`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`for ((j=0; j<=$((NETWORK_COUNT-1)); j++))`
			`do`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`ALLOW_DEFAULT="$(jq -r '.['$j'].allowDefault' <<< "$NETWORK_LIST")"`
			`ROUTE_COUNT="$(jq -r '.['$j'].routes \| length' <<< "$NETWORK_LIST")"`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`for ((k=0; k<=$((ROUTE_COUNT-1)); k++))`
			`do`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`ROUTE="$(jq -r '.['$j'].routes['$k'].target' <<< "$NETWORK_LIST")"`
exclude static route with via ip in route helper (#1791) When adding Routes to zerotier's Managed Routes, the helper will add a route rule to the device that does not have a via ip, so that the address of the Destination segment cannot be routed correctly within the container. Here, based on the contents of the routes key in `zerotier-cli -j listnetworks`, by determining whether the via key has an ip address, if it is not null, helper will no longer add route rules. 2023-01-20 19:57:13 +00:00			`VIA="$(jq -r '.['$j'].routes['$k'].via' <<< "$NETWORK_LIST")"`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`if [[ -n "$ROUTE" ]]`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`then`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`# check if route is default and allowDefault enabled for this network`
			`if [[ "$ROUTE" == "0.0.0.0/0" && "$ALLOW_DEFAULT" == "false" ]]`
			`then`
			`continue`
			`fi`
			`EXIST="$(ip -o route show "$ROUTE")"`
exclude static route with via ip in route helper (#1791) When adding Routes to zerotier's Managed Routes, the helper will add a route rule to the device that does not have a via ip, so that the address of the Destination segment cannot be routed correctly within the container. Here, based on the contents of the routes key in `zerotier-cli -j listnetworks`, by determining whether the via key has an ip address, if it is not null, helper will no longer add route rules. 2023-01-20 19:57:13 +00:00			`if [[ -z "${EXIST}" && "$VIA" == "null" ]]`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`then`
			`IFNAME="$(jq -r '.['$j'] \| .portDeviceName' <<< "$NETWORK_LIST")"`
			`echo " Adding route $ROUTE to dev $IFNAME"`
			`ip route add "$ROUTE" dev "$IFNAME"`
			`# Routes will be deleted when ZT brings the interface down`
			`fi`
Add Docker image and build script for DSM 7 2022-04-05 23:38:20 +00:00			`fi`
			`done`
			`done`
			`fi`
Synology Docker: update entrypoint.sh (#1704) * update entrypoint.sh - propagate TERM/QUIT/INT signals - add some basic logging - check for unbound variables - update "route helper" - run as subshell, exit if zerotier-one is unavailable so pod can be restarted - only call `zerotier-cli` once, avoids race conditions - only add default routes if allowDefault is enabled for that network - add some more error handling - sleep after all networks are processed * switch to polling ZT service at startup Co-authored-by: Daniel Quinlan <dq@chaosengine.net> 2022-07-15 16:03:20 +00:00			`sleep 15`
			`done ) &`

			`wait`