Last active
August 27, 2025 11:10
-
-
Save alainwolf/38da967521d9ead42985468c3c4aa93a to your computer and use it in GitHub Desktop.
Signal-TLS-Proxy Update and Customize
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| # ***************************************************************************** | |
| # Script to update and customize Signal-TLS-Proxy setup | |
| # This ... | |
| # - checks for commits on GitHub; | |
| # - pulls latest changes if necessary; | |
| # - copies and customizes the docker-compose file. | |
| # | |
| # Requires: | |
| # - Git | |
| # - Docker and Docker Compose | |
| # - Rsync | |
| # - Curl | |
| # | |
| # By Alain Wolf. Wed, 27. Aug 2025 13:09 | |
| # https://gist.github.com/alainwolf/38da967521d9ead42985468c3c4aa93a | |
| # ***************************************************************************** | |
| # -------------------------------------------------------- | |
| # Configuration | |
| # -------------------------------------------------------- | |
| UPSTREAM_DIR="/usr/local/src/Signal-TLS-Proxy" | |
| LOCAL_DIR="/opt/docker/Signal-TLS-Proxy" | |
| COMPOSE_FILE="$LOCAL_DIR/docker-compose.yaml" | |
| LOCKFILE="/tmp/signal-proxy-update.lock" | |
| # IP listening addresses - customize these as needed | |
| IPV4_ADDRESS="192.0.2.1" | |
| IPV6_ADDRESS="2001:DB8::1" | |
| # -------------------------------------------------------- | |
| set -e -u # Exit on any error | |
| # Function to cleanup on exit | |
| cleanup() { | |
| rm -f "$LOCKFILE" | |
| } | |
| trap cleanup EXIT | |
| # Prevent multiple instances | |
| if [ -f "$LOCKFILE" ]; then | |
| echo "Update already in progress (lockfile exists)" | |
| exit 1 | |
| fi | |
| touch "$LOCKFILE" | |
| echo "Checking for updates..." | |
| # Check if git repo has updates | |
| cd "$UPSTREAM_DIR" | |
| git fetch | |
| LOCAL_COMMIT=$(git rev-parse HEAD) | |
| # shellcheck disable=SC1083 | |
| REMOTE_COMMIT=$(git rev-parse @{u}) | |
| # Check if there are any changes in tracked files (including data directory) | |
| NEEDS_UPDATE=false | |
| if [ "$LOCAL_COMMIT" != "$REMOTE_COMMIT" ]; then | |
| echo "Git repository has updates" | |
| NEEDS_UPDATE=true | |
| # Show what changed | |
| echo "Changes detected:" | |
| git log --oneline "$LOCAL_COMMIT..$REMOTE_COMMIT" | |
| fi | |
| if [ "$NEEDS_UPDATE" = false ]; then | |
| echo "No updates available" | |
| exit 0 | |
| fi | |
| echo "Proceeding with update..." | |
| echo "Updating upstream repository..." | |
| git pull | |
| echo "Copying updated docker-compose.yml..." | |
| cp "$UPSTREAM_DIR/docker-compose.yml" "$COMPOSE_FILE" | |
| echo "Copying updated data directory..." | |
| # Sync data directory, using git to determine what to exclude | |
| cd "$UPSTREAM_DIR" | |
| rsync -av --delete \ | |
| --exclude='/certbot/' \ | |
| --exclude='/.idea/' \ | |
| data/ "$LOCAL_DIR/data/" | |
| echo "Customizing ports for IPs: $IPV4_ADDRESS and [$IPV6_ADDRESS]..." | |
| # Replace the nginx-terminate ports section | |
| sed -i '/nginx-terminate:/,/ports:/{ | |
| /ports:/,/^[[:space:]]*[^[:space:]]/{ | |
| /ports:/c\ | |
| ports:\ | |
| - "'$IPV4_ADDRESS':443:443"\ | |
| - "'$IPV4_ADDRESS':80:80"\ | |
| - "['$IPV6_ADDRESS']:443:443"\ | |
| - "['$IPV6_ADDRESS']:80:80" | |
| /^[[:space:]]*-/d | |
| } | |
| }' "$COMPOSE_FILE" | |
| echo "Stopping containers..." | |
| cd "$LOCAL_DIR" | |
| docker compose down | |
| echo "Pulling latest images..." | |
| docker compose pull | |
| echo "Starting containers..." | |
| docker compose up -d | |
| echo "Update complete!" | |
| # Show status | |
| echo "" | |
| echo "Container status:" | |
| docker compose ps | |
| echo "" | |
| echo "Recent changes applied:" | |
| cd "$UPSTREAM_DIR" | |
| git log --oneline -5 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment