dnscrypt-server-docker/scripts/install-centos.sh

#!/usr/bin/env bash

set -x

yum -y update

SERVER="$(hostname)"
export SERVER
SERVER_IP="$(ip route get 1 | awk '{print $NF;exit}')"
export SERVER_IP
echo "$SERVER"
echo "$SERVER_IP"

(
    exec 2>/dev/null

	if ! [ -x "$(command -v docker)" ]; then
		yum install -y docker
	fi

    docker stop dnscrypt-server
    docker stop watchtower
    docker rm dnscrypt-server
    docker rm watchtower
    docker container prune -f
    docker volume prune -f
    docker image prune -f

    yum remove -y firewalld
    yum remove -y iptables-services
)

mkdir -p /etc/dnscrypt-server/lists
if [ -d /root/keys ]; then
    mv /root/keys /etc/dnscrypt-server
fi
mkdir -p /etc/dnscrypt-server/keys

if [ -f /etc/dnscrypt-server/keys/state/encrypted-dns.state ]; then
    docker run \
        --ulimit nofile=90000:90000 \
        -v /etc/dnscrypt-server/keys:/opt/encrypted-dns/etc/keys \
        -v /etc/dnscrypt-server/lists:/opt/encrypted-dns/etc/lists \
        --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \
        -d jedisct1/dnscrypt-server start
else
    docker run \
        --ulimit nofile=90000:90000 \
        -v /etc/dnscrypt-server/keys:/opt/encrypted-dns/etc/keys \
        -v /etc/dnscrypt-server/lists:/opt/encrypted-dns/etc/lists \
        --name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \
        jedisct1/dnscrypt-server init -N "$SERVER" -E "${SERVER_IP}:443"
    docker start dnscrypt-server
fi

cat /etc/dnscrypt-server/keys/provider-info.txt

docker update --restart=unless-stopped dnscrypt-server

docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower dnscrypt-server
docker update --restart=unless-stopped watchtower

ln -sf /etc/dnscrypt-server/keys /root

echo 3 >/proc/sys/vm/drop_caches

if [ ! -L /etc/motd ]; then
    rm -f /etc/motd
    ln -s /etc/dnscrypt-server/keys/provider-info.txt /etc/motd
    reboot
fi
add Vultr install script 2019-10-30 10:07:21 +00:00			`#!/usr/bin/env bash`

			`set -x`

			`yum -y update`

			`SERVER="$(hostname)"`
			`export SERVER`
			`SERVER_IP="$(ip route get 1 \| awk '{print $NF;exit}')"`
			`export SERVER_IP`
			`echo "$SERVER"`
			`echo "$SERVER_IP"`

			`(`
			`exec 2>/dev/null`

rename to install-centos.sh 2019-10-30 17:59:35 +00:00			`if ! [ -x "$(command -v docker)" ]; then`
			`yum install -y docker`
			`fi`

add Vultr install script 2019-10-30 10:07:21 +00:00			`docker stop dnscrypt-server`
			`docker stop watchtower`
			`docker rm dnscrypt-server`
			`docker rm watchtower`
			`docker container prune -f`
			`docker volume prune -f`
			`docker image prune -f`

			`yum remove -y firewalld`
			`yum remove -y iptables-services`
			`)`

install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`mkdir -p /etc/dnscrypt-server/lists`
add Vultr install script 2019-10-30 10:07:21 +00:00			`if [ -d /root/keys ]; then`
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`mv /root/keys /etc/dnscrypt-server`
add Vultr install script 2019-10-30 10:07:21 +00:00			`fi`
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`mkdir -p /etc/dnscrypt-server/keys`
add Vultr install script 2019-10-30 10:07:21 +00:00
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`if [ -f /etc/dnscrypt-server/keys/state/encrypted-dns.state ]; then`
add Vultr install script 2019-10-30 10:07:21 +00:00			`docker run \`
			`--ulimit nofile=90000:90000 \`
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`-v /etc/dnscrypt-server/keys:/opt/encrypted-dns/etc/keys \`
			`-v /etc/dnscrypt-server/lists:/opt/encrypted-dns/etc/lists \`
Removed --net=host as default for the docker container (#46) Removed --net=host as default for the docker container It does forward port 443 tcp/udp to the host, but it also had "--net=host" when starting. That defeats the purpose of the port forward. Removing "--net=host" as it is also in line with the rest of the documentation. 2020-04-27 21:08:31 +00:00			`--name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \`
add Vultr install script 2019-10-30 10:07:21 +00:00			`-d jedisct1/dnscrypt-server start`
			`else`
			`docker run \`
			`--ulimit nofile=90000:90000 \`
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`-v /etc/dnscrypt-server/keys:/opt/encrypted-dns/etc/keys \`
			`-v /etc/dnscrypt-server/lists:/opt/encrypted-dns/etc/lists \`
Removed --net=host as default for the docker container (#46) Removed --net=host as default for the docker container It does forward port 443 tcp/udp to the host, but it also had "--net=host" when starting. That defeats the purpose of the port forward. Removing "--net=host" as it is also in line with the rest of the documentation. 2020-04-27 21:08:31 +00:00			`--name=dnscrypt-server -p 443:443/udp -p 443:443/tcp \`
add Vultr install script 2019-10-30 10:07:21 +00:00			`jedisct1/dnscrypt-server init -N "$SERVER" -E "${SERVER_IP}:443"`
			`docker start dnscrypt-server`
			`fi`

install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`cat /etc/dnscrypt-server/keys/provider-info.txt`
add Vultr install script 2019-10-30 10:07:21 +00:00
			`docker update --restart=unless-stopped dnscrypt-server`

Update watchtower to more up to date version (#45) v2tec/watchtower is not maintained anymore (at least past 2 years). Switch to containrrr/watchtower, which is actively developed. 2020-04-26 21:34:31 +00:00			`docker run -d --name watchtower -v /var/run/docker.sock:/var/run/docker.sock containrrr/watchtower dnscrypt-server`
add Vultr install script 2019-10-30 10:07:21 +00:00			`docker update --restart=unless-stopped watchtower`

install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`ln -sf /etc/dnscrypt-server/keys /root`
add Vultr install script 2019-10-30 10:07:21 +00:00
			`echo 3 >/proc/sys/vm/drop_caches`

			`if [ ! -L /etc/motd ]; then`
			`rm -f /etc/motd`
install-centos.sh - update paths to match the documentation Fixes #85 2020-04-24 10:30:13 +00:00			`ln -s /etc/dnscrypt-server/keys/provider-info.txt /etc/motd`
add Vultr install script 2019-10-30 10:07:21 +00:00			`reboot`
			`fi`