diff --git a/.github/workflows/check-transmission-releases.yml b/.github/workflows/check-transmission-releases.yml deleted file mode 100644 index 35053f46f..000000000 --- a/.github/workflows/check-transmission-releases.yml +++ /dev/null @@ -1,34 +0,0 @@ -name: Transmission Version Check - -on: - schedule: - - cron: 0 * * * * - workflow_dispatch: {} - -jobs: - get-transmission-version: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - with: - token: ${{ secrets.PAT }} - ref: dev - - - name: Check for new version of Transmission - run: | - LATEST_SHA=$(curl -L https://api.github.com/repos/transmission/transmission/tags | tac | tac | awk '/sha/ {print $2; exit}' | sed -e 's/[",]//g') - LATEST_VERSION=$(curl -L https://api.github.com/repos/transmission/transmission/releases/latest | awk '/tag_name/ {print $2}' | sed -e 's/[",]//g') - CURRENT_SHA=$(cat upstream/transmission-sha.txt) - if [ "$LATEST_SHA" != "$CURRENT_SHA" -a -n "$LATEST_SHA" -a -n "$LATEST_VERSION" ]; then - echo "$LATEST_SHA" > upstream/transmission-sha.txt - echo "$LATEST_VERSION" > upstream/transmission-version.txt - git config --global user.email "workflow@github.com" - git config --global user.name "workflow runner" - git add upstream/transmission-sha.txt - git add upstream/transmission-version.txt - git config user.email "transmission-bot@users.noreply.github.com" - git config user.name "Transmission-Bot" - git commit -m "update transmission build version to ${LATEST_VERSION}" - git push origin dev - fi diff --git a/.github/workflows/docker-image-builds.yml b/.github/workflows/docker-image-builds.yml index a231edce8..23a6becb0 100644 --- a/.github/workflows/docker-image-builds.yml +++ b/.github/workflows/docker-image-builds.yml @@ -4,6 +4,14 @@ on: branches: - master - dev + paths-ignore: + - README.md + - docker-compose.yml + - mkdocs.yml + - .github/** # Ignore all GitHub related files + - '!.github/workflows/*' # But not the workflow files + - docs/* + - images/* tags: - 'v[0-9]+.[0-9]+.[0-9]+' diff --git a/.github/workflows/docker-transmission-builds.yml b/.github/workflows/docker-transmission-builds.yml deleted file mode 100644 index c8f67fa87..000000000 --- a/.github/workflows/docker-transmission-builds.yml +++ /dev/null @@ -1,60 +0,0 @@ -name: Transmission Builds - -on: - workflow_dispatch: {} - push: - branches: - - dev - paths: - - upstream/transmission-version.txt - -jobs: - build-transmission: - runs-on: ubuntu-latest - steps: - - name: Checkout code - uses: actions/checkout@v4 - - # Get latest version of Transmission - - name: Get Transmission version - run: | - LATEST_VERSION=$(cat upstream/transmission-version.txt) - echo "TBT_VERSION=$LATEST_VERSION" >> $GITHUB_ENV - - # QEMU emulator to build for other platforms - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - # Buildx automates creating the multi-arch manifest build - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - # Authenticate so that we can push to Docker Hub - - name: Log in to Docker Hub - uses: docker/login-action@v3 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - # Generate image tag and labels - - name: Generate Docker metadata - id: meta - uses: docker/metadata-action@v5 - with: - images: haugene/transmission-builder - tags: type=match,pattern=(\d+.\d+.\d+),group=1,value=${{ env.TBT_VERSION }} - - # Finally, build and push the image - - name: Build image - uses: docker/build-push-action@v6 - with: - context: upstream - platforms: linux/amd64,linux/arm,linux/arm64 - build-args: | - REVISION=${{ github.sha }} - TBT_VERSION=${{ env.TBT_VERSION }} - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha, scope=${{ github.workflow }} - cache-to: type=gha, scope=${{ github.workflow}} diff --git a/Dockerfile b/Dockerfile index ab3adb098..42387f681 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,70 +12,24 @@ RUN apk --no-cache add curl jq \ && echo "Install kettu" \ && wget -qO- https://github.com/endor/kettu/archive/master.tar.gz | tar xz -C /opt/transmission-ui \ && mv /opt/transmission-ui/kettu-master /opt/transmission-ui/kettu \ - && echo "Install Transmission-Web-Control" \ - && mkdir /opt/transmission-ui/transmission-web-control \ - && curl -sL $(curl -s https://api.github.com/repos/ronggang/transmission-web-control/releases/latest | jq --raw-output '.tarball_url') | tar -C /opt/transmission-ui/transmission-web-control/ --strip-components=2 -xz \ && echo "Install Transmissionic" \ && wget -qO- https://github.com/6c65726f79/Transmissionic/releases/download/v1.8.0/Transmissionic-webui-v1.8.0.zip | unzip -q - \ && mv web /opt/transmission-ui/transmissionic - -FROM ubuntu:22.04 AS base - -RUN set -ex; \ - apt-get update; \ - apt-get dist-upgrade -y; \ - apt-get install -y --no-install-recommends \ - tzdata \ - iproute2 \ - net-tools \ - nano \ - ca-certificates \ - curl \ - libcurl4-openssl-dev \ - libdeflate-dev \ - libevent-dev \ - libfmt-dev \ - libminiupnpc-dev \ - libnatpmp-dev \ - libpsl-dev \ - libssl-dev \ - natpmpc - -FROM haugene/transmission-builder:4.0.5 as TransmissionBuilder - -FROM base +# Build the image +FROM ubuntu:24.04 VOLUME /data VOLUME /config COPY --from=TransmissionUIs /opt/transmission-ui /opt/transmission-ui -COPY --from=TransmissionBuilder /var/tmp/*.deb /var/tmp/ -ARG TBT_VERSION=4.0.5 ARG DEBIAN_FRONTEND=noninteractive - -SHELL ["/bin/bash", "-o", "pipefail", "-c"] -RUN echo "installing Transmission" && set -x \ - && if [[ ${TBT_VERSION} =~ ^4 ]]; then \ - ls -alh /var/tmp/*.deb ;\ - debfile=$(compgen -G /var/tmp/transmission_*_$(dpkg --print-architecture).deb); \ - if [[ -n ${debfile} ]]; then \ - echo "Installing transmission ${TBT_VERSION}" && dpkg -i ${debfile} ;\ - else echo "No /var/tmp/transmission_*_$(dpkg --print-architecture).deb found. Exiting" \ - ; exit ; fi ; \ - else echo "Installing transmission from repository" \ - && export TBT_VERSION=3.00 \ - && apt-get install -y --no-install-recommends transmission-daemon transmission-cli; fi - RUN apt-get update && apt-get install -y \ - dumb-init openvpn privoxy \ - tzdata dnsutils iputils-ping ufw openssh-client git jq curl wget unrar unzip bc \ - && ln -s /usr/local/share/transmission/public_html/images /opt/transmission-ui/transmission-web-control \ - && ln -s /usr/local/share/transmission/public_html/transmission-app.js /opt/transmission-ui/transmission-web-control/transmission-app.js \ - && ln -s /usr/local/share/transmission/public_html/index.html /opt/transmission-ui/transmission-web-control/index.original.html \ + dumb-init transmission-daemon openvpn privoxy \ + tzdata dnsutils iputils-ping ufw iproute2 \ + openssh-client git jq curl wget unrar unzip bc \ && rm -rf /tmp/* /var/tmp/* /var/lib/apt/lists/* \ - && groupmod -g 1000 users \ && useradd -u 911 -U -d /config -s /bin/false abc \ && usermod -G users abc @@ -114,6 +68,7 @@ ENV OPENVPN_USERNAME=**None** \ DROP_DEFAULT_ROUTE= \ WEBPROXY_ENABLED=false \ WEBPROXY_PORT=8118 \ + WEBPROXY_BIND_ADDRESS= \ WEBPROXY_USERNAME= \ WEBPROXY_PASSWORD= \ LOG_TO_STDOUT=false \ diff --git a/docs/faq.md b/docs/faq.md index 7b923bb09..a13a59100 100755 --- a/docs/faq.md +++ b/docs/faq.md @@ -53,7 +53,7 @@ Example command: `docker exec curl --silent "http://ipinfo.io/i Or you could use a test torrent service to download a torrent file and then you can get the IP from that tracker. -* http://ipmagnet.services.cbcdn.com/ +* https://github.com/cbdevnet/ipmagnet/ * https://torguard.net/checkmytorrentipaddress.php ## RTNETLINK answers: File exists diff --git a/docs/web-proxy.md b/docs/web-proxy.md index b8762c3f1..e3b49c70f 100644 --- a/docs/web-proxy.md +++ b/docs/web-proxy.md @@ -7,11 +7,12 @@ The default listening port is 8118. Note that only ports above 1024 can be speci and would otherwise require root permissions to run. Remember to add a port binding for your selected (or default) port when starting the container. -| Variable | Function | Example | -| ------------------ | ----------------------- | ----------------------- | -| `WEBPROXY_ENABLED` | Enables the web proxy | `WEBPROXY_ENABLED=true` | -| `WEBPROXY_PORT` | Sets the listening port | `WEBPROXY_PORT=8118` | +| Variable | Function | Example | +| ----------------------- | ----------------------- | ------------------------------- | +| `WEBPROXY_ENABLED` | Enables the web proxy | `WEBPROXY_ENABLED=true` | +| `WEBPROXY_PORT` | Sets the listening port | `WEBPROXY_PORT=8118` | +| `WEBPROXY_BIND_ADDRESS` | Sets the listen address | `WEBPROXY_BIND_ADDRESS=0.0.0.0` | -The listening address is the one found bound to the eth0 interface. +The listening address is the one found bound to the eth0 interface unless `WEBPROXY_BIND_ADDRESS` is set. `adr=$(ip -4 a show eth0| grep -oP "(?<=inet )([^/]+)")` diff --git a/openvpn/nordvpn/configure-openvpn.sh b/openvpn/nordvpn/configure-openvpn.sh index 8e547d8e7..f0b24941f 100755 --- a/openvpn/nordvpn/configure-openvpn.sh +++ b/openvpn/nordvpn/configure-openvpn.sh @@ -306,10 +306,8 @@ res="$(download_hostname ${selected})" log "OVPN: NORDVPN: selected: ${selected}, VPN_PROVIDER_HOME: ${VPN_PROVIDER_HOME}" # fix deprecated ciphers if [[ -f ${VPN_PROVIDER_HOME}/${selected}.ovpn ]]; then - #add data ciphers: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). - if [[ 0 -le $(grep -c "cipher AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn) ]] && [[ 0 -eq $(grep -c "data-ciphers AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn) ]]; then - sed -i "/cipher AES-256-CBC/a data-ciphers AES-256-CBC" ${VPN_PROVIDER_HOME}/${selected}.ovpn - fi + # replace with a supported cipher. fixes: DEPRECATED OPTION: --cipher set to 'AES-256-CBC' but missing in --data-ciphers (AES-256-GCM:AES-128-GCM). + sed -i -e "s/cipher AES-256-CBC/cipher AES-256-GCM\ndata-ciphers AES-256-GCM/g" ${VPN_PROVIDER_HOME}/${selected}.ovpn fi #handle tests results. if [[ -n ${NORDVPN_TESTS} ]]; then diff --git a/openvpn/ovpn/configure-openvpn.sh b/openvpn/ovpn/configure-openvpn.sh index 7231c7e50..ee03b6db0 100755 --- a/openvpn/ovpn/configure-openvpn.sh +++ b/openvpn/ovpn/configure-openvpn.sh @@ -37,7 +37,8 @@ cd /etc/openvpn/ovpn find /etc/openvpn/ovpn -type f ! -name "*.sh" -delete # Download and extract wanted bundle into temporary file - +echo "deleting temp folder" +rm -rf /tmp/ovpnxtract/ echo "creating temp folder" mkdir /tmp/ovpnxtract/ echo "entering temp folder" diff --git a/openvpn/start.sh b/openvpn/start.sh index 6de5b577b..c5f31074e 100755 --- a/openvpn/start.sh +++ b/openvpn/start.sh @@ -201,7 +201,7 @@ if [[ -f /run/secrets/openvpn_creds ]]; then #write creds if no file or contents are not the same. if [[ ! -f /config/openvpn-credentials.txt ]] || [[ "$(cat /run/secrets/openvpn_creds)" != "$(cat /config/openvpn-credentials.txt)" ]]; then echo "Setting OpenVPN credentials..." - cp /run/secrets/openvpn_creds /config/openvpn-credentials.txt + ln -fs /run/secrets/openvpn_creds /config/openvpn-credentials.txt fi else # add OpenVPN user/pass @@ -219,11 +219,13 @@ else fi if [[ -f /run/secrets/rpc_creds ]]; then + ln -fs /run/secrets/rpc_creds /config/transmission-credentials.txt export TRANSMISSION_RPC_USERNAME=$(head -1 /run/secrets/rpc_creds) export TRANSMISSION_RPC_PASSWORD=$(tail -1 /run/secrets/rpc_creds) +else + echo "${TRANSMISSION_RPC_USERNAME}" > /config/transmission-credentials.txt + echo "${TRANSMISSION_RPC_PASSWORD}" >> /config/transmission-credentials.txt fi -echo "${TRANSMISSION_RPC_USERNAME}" > /config/transmission-credentials.txt -echo "${TRANSMISSION_RPC_PASSWORD}" >> /config/transmission-credentials.txt # Persist transmission settings for use by transmission-daemon export CONFIG="${CHOSEN_OPENVPN_CONFIG}" diff --git a/plugins/rss/Dockerfile b/plugins/rss/Dockerfile index 991b3737f..18fb0605f 100644 --- a/plugins/rss/Dockerfile +++ b/plugins/rss/Dockerfile @@ -1,4 +1,4 @@ -FROM ruby:2-alpine +FROM ruby:3-alpine # Image caching, put "never changing" layers first CMD ["/etc/transmission-rss/start.sh"] diff --git a/plugins/rss/start.sh b/plugins/rss/start.sh index 5c6e534f7..c1b9c591c 100755 --- a/plugins/rss/start.sh +++ b/plugins/rss/start.sh @@ -6,8 +6,6 @@ # 1. Mount a custom config file to be used # 2. Use the built in template that supports one feed with regex filter # -. /etc/transmission/environment-variables.sh -source /etc/openvpn/utils.sh if [ -f /etc/transmission-rss.conf ] ; then echo "Found mounted /etc/transmission-rss.conf file" diff --git a/privoxy/scripts/start.sh b/privoxy/scripts/start.sh index 6ed884d99..581bc697a 100755 --- a/privoxy/scripts/start.sh +++ b/privoxy/scripts/start.sh @@ -25,12 +25,17 @@ set_port() echo "Privoxy: Setting port to $1"; # Remove the listen-address for IPv6 for now. IPv6 compatibility should come later - sed -i -E "s/^listen-address\s+\[\:\:1.*//" "$2" + sed -i -E "s/^listen-address\s+\[\:\:1.*//" "$3" # Set the port for the IPv4 interface - adr=$(ip -4 a show eth0| grep -oP "(?<=inet )([^/]+)") - adr=${adr:-"0.0.0.0"} - sed -i -E "s/^listen-address.*/listen-address ${adr}:$1/" "$2" + if [[ "$2" = "" ]]; then + adr=$(ip -4 a show eth0| grep -oP "(?<=inet )([^/]+)") + adr=${adr:-"0.0.0.0"} + else + adr=$2 + fi + echo "Privoxy: Setting listen address to $adr"; + sed -i -E "s/^listen-address.*/listen-address ${adr}:$1/" "$3" } if [[ "${WEBPROXY_ENABLED}" = "true" ]]; then @@ -40,7 +45,7 @@ if [[ "${WEBPROXY_ENABLED}" = "true" ]]; then PROXY_CONF=/etc/privoxy/config echo "Privoxy: Using config file at $PROXY_CONF" - set_port "${WEBPROXY_PORT}" "${PROXY_CONF}" + set_port "${WEBPROXY_PORT}" "${WEBPROXY_BIND_ADDRESS}" "${PROXY_CONF}" /usr/sbin/privoxy --pidfile /opt/privoxy/pidfile ${PROXY_CONF} sleep 1 # Give it one sec to start up, or at least create the pidfile diff --git a/scripts/healthcheck.sh b/scripts/healthcheck.sh index e7c130ab1..9e361a941 100755 --- a/scripts/healthcheck.sh +++ b/scripts/healthcheck.sh @@ -22,12 +22,17 @@ then fi # Check DNS resolution works -nslookup $HOST > /dev/null +nslookup -q=a $HOST > /dev/null STATUS=$? if [[ ${STATUS} -ne 0 ]] then - echo "DNS resolution failed" - exit 1 + nslookup -q=aaaa $HOST > /dev/null + STATUS=$? + if [[ ${STATUS} -ne 0 ]] + then + echo "DNS resolution failed" + exit 1 + fi fi ping -c 2 -w 10 $HOST # Get at least 2 responses and timeout after 10 seconds diff --git a/transmission/start.sh b/transmission/start.sh index 94775afce..a8292a7f6 100755 --- a/transmission/start.sh +++ b/transmission/start.sh @@ -101,7 +101,7 @@ fi echo "STARTING TRANSMISSION" -exec su --preserve-environment ${RUN_AS} -s /bin/bash -c "/usr/local/bin/transmission-daemon ${TRANSMISSION_LOGGING} -g ${TRANSMISSION_HOME} --logfile $LOGFILE" & +exec su --preserve-environment ${RUN_AS} -s /bin/bash -c "/usr/bin/transmission-daemon ${TRANSMISSION_LOGGING} -g ${TRANSMISSION_HOME} --logfile $LOGFILE" & # Configure port forwarding if applicable diff --git a/upstream/Dockerfile b/upstream/Dockerfile deleted file mode 100644 index 50bdfbcfc..000000000 --- a/upstream/Dockerfile +++ /dev/null @@ -1,41 +0,0 @@ -FROM ubuntu:22.04 - -ARG DEBIAN_FRONTEND=noninteractive -ARG TBT_VERSION=4.0.4 - -RUN set -ex; \ - apt-get update; \ - apt-get dist-upgrade -y; \ - apt-get install -y --no-install-recommends \ - automake \ - autoconf \ - build-essential \ - ca-certificates \ - checkinstall \ - cmake \ - curl \ - intltool \ - iproute2 \ - libappindicator3-dev \ - libcurl4-openssl-dev \ - libdeflate-dev \ - libevent-dev \ - libfmt-dev \ - libglib2.0-dev \ - libgtk-3-dev \ - libminiupnpc-dev \ - libnatpmp-dev \ - libpsl-dev \ - libssl-dev \ - libtool \ - nano \ - net-tools \ - pkg-config \ - tzdata \ - xz-utils -#This will build the transmission image to re-use in our container -RUN mkdir -p /home/transmission4/ && cd /home/transmission4/ \ - && curl -L -o transmission4.tar.xz "https://github.com/transmission/transmission/releases/download/${TBT_VERSION}/transmission-${TBT_VERSION}.tar.xz" \ - && tar -xf transmission4.tar.xz && cd "transmission-${TBT_VERSION}" && mkdir build && cd build \ - && cmake -DCMAKE_BUILD_TYPE=RelWithDebInfo .. && make && make install \ - && checkinstall -y -D --pkgname transmission --pakdir /var/tmp --pkgversion=${TBT_VERSION} diff --git a/upstream/transmission-version.txt b/upstream/transmission-version.txt deleted file mode 100644 index 7636e7565..000000000 --- a/upstream/transmission-version.txt +++ /dev/null @@ -1 +0,0 @@ -4.0.5