blob: 4712913d02b111bb72093300a81de8917385451e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
#!/bin/sh /etc/rc.common
#
# SPDX-License-Identifier: GPL-2.0-only
#
# shellcheck disable=SC3043 # ash supports local
# matches dnsmasq
START=19
# stops before networking stops
STOP=89
PROG=/usr/bin/AdGuardHome
USE_PROCD=1
boot() {
ADGUARDHOME_BOOT=1
start "$@"
}
start_service() {
if [ -n "$ADGUARDHOME_BOOT" ]; then
# Do not start yet, wait for triggers
return 0
fi
config_load 'adguardhome'
local config_name='config'
local config_file config group user verbose work_dir workdir
local gc maxprocs memlimit
uci_validate_section 'adguardhome' 'adguardhome' "$config_name" \
'gc:uinteger:0' \
'group:string:adguardhome' \
'config:string' \
'config_file:string:/etc/adguardhome/adguardhome.yaml' \
'jail_mount:list(string)' \
'jail_mount_rw:list(string)' \
'maxprocs:uinteger:0' \
'memlimit:uinteger:0' \
'user:string:adguardhome' \
'verbose:bool:0' \
'workdir:string' \
'work_dir:string:/var/lib/adguardhome'
# Compatibility with older configs
[ -n "$config" ] && config_file="$config"
[ -n "$workdir" ] && work_dir="$workdir"
local config_dir
config_dir=$(dirname "$config_file")
if [ "$config_dir" = '/etc' ]; then
echo 'AdGuard Home config must be stored in its own directory, and not in /etc' >&2
return 1
fi
mkdir -m 0700 -p "$config_dir"
chown -R "$user":"$group" "$config_dir"
mkdir -m 0700 -p "$work_dir"
chown -R "$user":"$group" "$work_dir"
procd_open_instance adguardhome
procd_set_param command "$PROG"
[ "$gc" -le 0 ] || procd_append_param env GOGC="$gc"
[ "$maxprocs" -le 0 ] || procd_append_param env GOMAXPROCS="$maxprocs"
[ "$memlimit" -le 0 ] || procd_append_param env GOMEMLIMIT="$memlimit"
procd_append_param command --config "$config_file"
procd_append_param command --logfile syslog
procd_append_param command --no-check-update
[ "$verbose" = 1 ] && procd_append_param command --verbose
procd_append_param command --work-dir "$work_dir"
procd_set_param stdout 1
procd_set_param stderr 1
procd_set_param user "$user"
procd_set_param group "$group"
procd_set_param capabilities '/etc/capabilities/adguardhome.json'
procd_set_param no_new_privs 1
procd_set_param respawn
# log is needed for logging to syslog instead of stdout
# procfs is needed to readlink /proc/self/exe
procd_add_jail adguardhome log procfs
# config directory must be writable to write new config files
procd_add_jail_mount_rw "$config_dir"
procd_add_jail_mount_rw "$work_dir"
procd_add_jail_mount '/etc/hosts'
procd_add_jail_mount '/etc/ssl/certs'
config_list_foreach "$config_name" jail_mount procd_add_jail_mount
config_list_foreach "$config_name" jail_mount_rw procd_add_jail_mount_rw
procd_close_instance
}
service_triggers() {
procd_add_reload_trigger adguardhome
if [ -n "$ADGUARDHOME_BOOT" ]; then
# Wait for interfaces to be up before starting AdGuard Home for real.
# Prevents issues like https://github.com/openwrt/packages/issues/21868.
procd_add_raw_trigger 'interface.*.up' 5000 /etc/init.d/adguardhome restart
fi
}
|
