alexz/runtipi
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update to latest example-appstore structure with custom apps

Browse Source 
🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Alex Zaw
2025-12-18 09:00:15 +00:00
commit 6a5ccd5c02
135 changed files with 23096 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1944
apps/rego-tunnel/build/src/define.sh Executable file
View File

File diff suppressed because it is too large Load Diff

49
apps/rego-tunnel/build/src/entry.sh Executable file
View File

@@ -0,0 +1,49 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${APP:="Windows"}"
: "${PLATFORM:="x64"}"
: "${BOOT_MODE:="windows"}"
: "${SUPPORT:="https://github.com/dockur/windows"}"
cd /run
. start.sh # Startup hook
. /run/rego-startup.sh 2>/dev/null || true # Rego customizations
. utils.sh # Load functions
. reset.sh # Initialize system
. server.sh # Start webserver
. define.sh # Define versions
. mido.sh # Download Windows
. install.sh # Run installation
. disk.sh # Initialize disks
. display.sh # Initialize graphics
. network.sh # Initialize network
. samba.sh # Configure samba
. boot.sh # Configure boot
. proc.sh # Initialize processor
. power.sh # Configure shutdown
. memory.sh # Check available memory
. config.sh # Configure arguments
. finish.sh # Finish initialization
trap - ERR
version=$(qemu-system-x86_64 --version | head -n 1 | cut -d '(' -f 1 | awk '{ print $NF }')
info "Booting ${APP}${BOOT_DESC} using QEMU v$version..."
{ qemu-system-x86_64 ${ARGS:+ $ARGS} >"$QEMU_OUT" 2>"$QEMU_LOG"; rc=$?; } || :
(( rc != 0 )) && error "$(<"$QEMU_LOG")" && exit 15
terminal
( sleep 30; boot ) &
tail -fn +0 "$QEMU_LOG" --pid=$$ 2>/dev/null &
cat "$QEMU_TERM" 2> /dev/null | tee "$QEMU_PTY" | \
sed -u -e 's/\x1B\[[=0-9;]*[a-z]//gi' \
-e 's/\x1B\x63//g' -e 's/\x1B\[[=?]7l//g' \
-e '/^$/d' -e 's/\x44\x53\x73//g' \
-e 's/failed to load Boot/skipped Boot/g' \
-e 's/0): Not Found/0)/g' & wait $! || :
sleep 1 & wait $!
[ ! -f "$QEMU_END" ] && finish 0

1336
apps/rego-tunnel/build/src/install.sh Executable file
View File

File diff suppressed because it is too large Load Diff

834
apps/rego-tunnel/build/src/mido.sh Executable file
View File

@@ -0,0 +1,834 @@
#!/usr/bin/env bash
set -Eeuo pipefail
handle_curl_error() {
local error_code="$1"
local server_name="$2"
case "$error_code" in
1) error "Unsupported protocol!" ;;
2) error "Failed to initialize curl!" ;;
3) error "The URL format is malformed!" ;;
5) error "Failed to resolve address of proxy host!" ;;
6) error "Failed to resolve $server_name servers! Is there an Internet connection?" ;;
7) error "Failed to contact $server_name servers! Is there an Internet connection or is the server down?" ;;
8) error "$server_name servers returned a malformed HTTP response!" ;;
16) error "A problem was detected in the HTTP2 framing layer!" ;;
22) error "$server_name servers returned a failing HTTP status code!" ;;
23) error "Failed at writing Windows media to disk! Out of disk space or permission error?" ;;
26) error "Failed to read Windows media from disk!" ;;
27) error "Ran out of memory during download!" ;;
28) error "Connection timed out to $server_name server!" ;;
35) error "SSL connection error from $server_name server!" ;;
36) error "Failed to continue earlier download!" ;;
52) error "Received no data from the $server_name server!" ;;
63) error "$server_name servers returned an unexpectedly large response!" ;;
# POSIX defines exit statuses 1-125 as usable by us
# https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_08_02
$((error_code <= 125)))
# Must be some other server or network error (possibly with this specific request/file)
# This is when accounting for all possible errors in the curl manual assuming a correctly formed curl command and an HTTP(S) request, using only the curl features we're using, and a sane build
error "Miscellaneous server or network error, reason: $error_code"
;;
126 | 127 ) error "Curl command not found!" ;;
# Exit statuses are undefined by POSIX beyond this point
*)
case "$(kill -l "$error_code")" in
# Signals defined to exist by POSIX:
# https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html
INT) error "Curl was interrupted!" ;;
# There could be other signals but these are most common
SEGV | ABRT ) error "Curl crashed! Please report any core dumps to curl developers." ;;
*) error "Curl terminated due to fatal signal $error_code !" ;;
esac
esac
return 1
}
get_agent() {
local user_agent
# Determine approximate latest Firefox release
browser_version="$((124 + ($(date +%s) - 1710892800) / 2419200))"
echo "Mozilla/5.0 (X11; Linux x86_64; rv:${browser_version}.0) Gecko/20100101 Firefox/${browser_version}.0"
return 0
}
download_windows() {
local id="$1"
local lang="$2"
local desc="$3"
local sku_id=""
local sku_url=""
local iso_url=""
local iso_json=""
local language=""
local session_id=""
local user_agent=""
local download_type=""
local windows_version=""
local iso_download_link=""
local download_page_html=""
local product_edition_id=""
local language_skuid_json=""
local profile="606624d44113"
user_agent=$(get_agent)
language=$(getLanguage "$lang" "name")
case "${id,,}" in
"win11x64" ) windows_version="11" && download_type="1" ;;
"win10x64" ) windows_version="10" && download_type="1" ;;
"win11arm64" ) windows_version="11arm64" && download_type="2" ;;
* ) error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
esac
local url="https://www.microsoft.com/en-us/software-download/windows$windows_version"
[[ "${id,,}" == "win10"* ]] && url+="ISO"
# uuidgen: For MacOS (installed by default) and other systems (e.g. with no /proc) that don't have a kernel interface for generating random UUIDs
session_id=$(cat /proc/sys/kernel/random/uuid 2> /dev/null || uuidgen --random)
session_id="${session_id//[![:print:]]/}"
# Get product edition ID for latest release of given Windows version
# Product edition ID: This specifies both the Windows release (e.g. 22H2) and edition ("multi-edition" is default, either Home/Pro/Edu/etc., we select "Pro" in the answer files) in one number
# This is the *only* request we make that Fido doesn't. Fido manually maintains a list of all the Windows release/edition product edition IDs in its script (see: $WindowsVersions array). This is helpful for downloading older releases (e.g. Windows 10 1909, 21H1, etc.) but we always want to get the newest release which is why we get this value dynamically
# Also, keeping a "$WindowsVersions" array like Fido does would be way too much of a maintenance burden
# Remove "Accept" header that curl sends by default
[[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --header "Accept:" --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
[[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting Product edition ID: "
product_edition_id=$(echo "$download_page_html" | grep -Eo '<option value="[0-9]+">Windows' | cut -d '"' -f 2 | head -n 1 | tr -cd '0-9' | head -c 16)
[[ "$DEBUG" == [Yy1]* ]] && echo "$product_edition_id"
if [ -z "$product_edition_id" ]; then
error "Product edition ID not found!"
return 1
fi
[[ "$DEBUG" == [Yy1]* ]] && echo "Permit Session ID: $session_id"
# Permit Session ID
curl --silent --max-time 30 --output /dev/null --user-agent "$user_agent" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "https://vlscppe.microsoft.com/tags?org_id=y6jn8c31&session_id=$session_id" || {
# This should only happen if there's been some change to how this API works
handle_curl_error "$?" "Microsoft"
return $?
}
[[ "$DEBUG" == [Yy1]* ]] && echo -n "Getting language SKU ID: "
sku_url="https://www.microsoft.com/software-download-connector/api/getskuinformationbyproductedition?profile=$profile&ProductEditionId=$product_edition_id&SKU=undefined&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
language_skuid_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$sku_url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
{ sku_id=$(echo "$language_skuid_json" | jq --arg LANG "$language" -r '.Skus[] | select(.Language==$LANG).Id') 2>/dev/null; rc=$?; } || :
if [ -z "$sku_id" ] || [[ "${sku_id,,}" == "null" ]] || (( rc != 0 )); then
language=$(getLanguage "$lang" "desc")
error "No download in the $language language available for $desc!"
return 1
fi
[[ "$DEBUG" == [Yy1]* ]] && echo "$sku_id"
[[ "$DEBUG" == [Yy1]* ]] && echo "Getting ISO download link..."
# Get ISO download link
# If any request is going to be blocked by Microsoft it's always this last one (the previous requests always seem to succeed)
iso_url="https://www.microsoft.com/software-download-connector/api/GetProductDownloadLinksBySku?profile=$profile&ProductEditionId=undefined&SKU=$sku_id&friendlyFileName=undefined&Locale=en-US&sessionID=$session_id"
iso_json=$(curl --silent --max-time 30 --request GET --user-agent "$user_agent" --referer "$url" --header "Accept:" --max-filesize 100K --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_url")
if ! [ "$iso_json" ]; then
# This should only happen if there's been some change to how this API works
error "Microsoft servers gave us an empty response to our request for an automated download."
return 1
fi
if echo "$iso_json" | grep -q "Sentinel marked this request as rejected."; then
error "Microsoft blocked the automated download request based on your IP address."
return 1
fi
if echo "$iso_json" | grep -q "We are unable to complete your request at this time."; then
error "Microsoft blocked the automated download request based on your IP address."
return 1
fi
{ iso_download_link=$(echo "$iso_json" | jq --argjson TYPE "$download_type" -r '.ProductDownloadOptions[] | select(.DownloadType==$TYPE).Uri') 2>/dev/null; rc=$?; } || :
if [ -z "$iso_download_link" ] || [[ "${iso_download_link,,}" == "null" ]] || (( rc != 0 )); then
error "Microsoft servers gave us no download link to our request for an automated download!"
info "Response: $iso_json"
return 1
fi
MIDO_URL="$iso_download_link"
return 0
}
download_windows_eval() {
local id="$1"
local lang="$2"
local desc="$3"
local filter=""
local culture=""
local compare=""
local language=""
local user_agent=""
local enterprise_type=""
local windows_version=""
case "${id,,}" in
"win11${PLATFORM,,}-enterprise-eval" )
enterprise_type="enterprise"
windows_version="windows-11-enterprise" ;;
"win11${PLATFORM,,}-enterprise-iot-eval" )
enterprise_type="iot"
windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
"win11${PLATFORM,,}-enterprise-ltsc-eval" )
enterprise_type="iot"
windows_version="windows-11-iot-enterprise-ltsc-eval" ;;
"win10${PLATFORM,,}-enterprise-eval" )
enterprise_type="enterprise"
windows_version="windows-10-enterprise" ;;
"win10${PLATFORM,,}-enterprise-ltsc-eval" )
enterprise_type="ltsc"
windows_version="windows-10-enterprise" ;;
"win2025-eval" )
enterprise_type="server"
windows_version="windows-server-2025" ;;
"win2022-eval" )
enterprise_type="server"
windows_version="windows-server-2022" ;;
"win2019-hv" )
enterprise_type="server"
windows_version="hyper-v-server-2019" ;;
"win2019-eval" )
enterprise_type="server"
windows_version="windows-server-2019" ;;
"win2016-eval" )
enterprise_type="server"
windows_version="windows-server-2016" ;;
"win2012r2-eval" )
enterprise_type="server"
windows_version="windows-server-2012-r2" ;;
* )
error "Invalid VERSION specified, value \"$id\" is not recognized!" && return 1 ;;
esac
user_agent=$(get_agent)
culture=$(getLanguage "$lang" "culture")
local country="${culture#*-}"
local iso_download_page_html=""
local url="https://www.microsoft.com/en-us/evalcenter/download-$windows_version"
[[ "$DEBUG" == [Yy1]* ]] && echo "Parsing download page: ${url}"
iso_download_page_html=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --max-filesize 1M --fail --proto =https --tlsv1.2 --http1.1 -- "$url") || {
handle_curl_error "$?" "Microsoft"
return $?
}
if ! [ "$iso_download_page_html" ]; then
# This should only happen if there's been some change to where this download page is located
error "Windows server download page gave us an empty response"
return 1
fi
[[ "$DEBUG" == [Yy1]* ]] && echo "Getting download link.."
filter="https://go.microsoft.com/fwlink/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
if ! echo "$iso_download_page_html" | grep -io "$filter" > /dev/null; then
filter="https://go.microsoft.com/fwlink/p/?linkid=[0-9]\+&clcid=0x[0-9a-z]\+&culture=${culture,,}&country=${country,,}"
fi
iso_download_links=$(echo "$iso_download_page_html" | grep -io "$filter") || {
# This should only happen if there's been some change to the download endpoint web address
if [[ "${lang,,}" == "en" || "${lang,,}" == "en-"* ]]; then
error "Windows server download page gave us no download link!"
else
language=$(getLanguage "$lang" "desc")
error "No download in the $language language available for $desc!"
fi
return 1
}
case "$enterprise_type" in
"iot" | "ltsc" )
case "${PLATFORM,,}" in
"x64" )
if [[ "$windows_version" != "windows-10"* ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 1)
else
iso_download_link=$(echo "$iso_download_links" | head -n 4 | tail -n 1)
fi ;;
"arm64" )
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
esac ;;
"enterprise" )
case "${PLATFORM,,}" in
"x64" )
if [[ "$windows_version" != "windows-10"* ]]; then
iso_download_link=$(echo "$iso_download_links" | head -n 1)
else
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1)
fi ;;
"arm64" )
iso_download_link=$(echo "$iso_download_links" | head -n 2 | tail -n 1) ;;
esac ;;
"server" )
case "${PLATFORM,,}" in
"x64" )
iso_download_link=$(echo "$iso_download_links" | head -n 1) ;;
esac ;;
* )
error "Invalid type specified, value \"$enterprise_type\" is not recognized!" && return 1 ;;
esac
[ -z "$iso_download_link" ] && error "Could not parse download link from page!" && return 1
# Follow redirect so proceeding log message is useful
# This is a request we make that Fido doesn't
iso_download_link=$(curl --silent --max-time 30 --user-agent "$user_agent" --location --output /dev/null --silent --write-out "%{url_effective}" --head --fail --proto =https --tlsv1.2 --http1.1 -- "$iso_download_link") || {
# This should only happen if the Microsoft servers are down
handle_curl_error "$?" "Microsoft"
return $?
}
case "${PLATFORM,,}" in
"x64" )
if [[ "${iso_download_link,,}" != *"x64"* ]]; then
echo "Found download link: $iso_download_link"
error "Download link is for the wrong platform? Please report this at $SUPPORT/issues"
return 1
fi ;;
"arm64" )
if [[ "${iso_download_link,,}" != *"a64"* && "${iso_download_link,,}" != *"arm64"* ]]; then
if [[ "$DEBUG" == [Yy1]* ]]; then
echo "Found download link: $iso_download_link"
echo "Link for ARM platform currently not available!"
fi
return 1
fi ;;
esac
if [[ "$DEBUG" == [Yy1]* && "$VERIFY" == [Yy1]* && "${lang,,}" == "en"* ]]; then
compare=$(getMido "$id" "$lang" "")
if [[ "${iso_download_link,,}" != "${compare,,}" ]]; then
echo "Retrieved link does not match the fixed link: $compare"
fi
fi
MIDO_URL="$iso_download_link"
return 0
}
getWindows() {
local version="$1"
local lang="$2"
local desc="$3"
local language edition
language=$(getLanguage "$lang" "desc")
edition=$(printEdition "$version" "$desc")
local msg="Requesting $desc from the Microsoft servers..."
info "$msg" && html "$msg"
case "${version,,}" in
"win2008r2" | "win81${PLATFORM,,}"* | "win11${PLATFORM,,}-enterprise-iot"* | "win11${PLATFORM,,}-enterprise-ltsc"* )
if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
error "No download in the $language language available for $edition!"
MIDO_URL="" && return 1
fi ;;
esac
case "${version,,}" in
"win11${PLATFORM,,}" ) ;;
"win11${PLATFORM,,}-enterprise"* ) ;;
* )
if [[ "${PLATFORM,,}" != "x64" ]]; then
error "No download for the ${PLATFORM^^} platform available for $edition!"
MIDO_URL="" && return 1
fi ;;
esac
case "${version,,}" in
"win10${PLATFORM,,}" | "win11${PLATFORM,,}" )
download_windows "$version" "$lang" "$edition" && return 0
;;
"win11${PLATFORM,,}-enterprise"* | "win10${PLATFORM,,}-enterprise"* )
download_windows_eval "$version" "$lang" "$edition" && return 0
;;
"win2025-eval" | "win2022-eval" | "win2019-eval" | "win2019-hv" | "win2016-eval" | "win2012r2-eval" )
download_windows_eval "$version" "$lang" "$edition" && return 0
;;
"win81${PLATFORM,,}-enterprise"* | "win2008r2" )
;;
* ) error "Invalid VERSION specified, value \"$version\" is not recognized!" ;;
esac
MIDO_URL=$(getMido "$version" "$lang" "")
[ -z "$MIDO_URL" ] && return 1
return 0
}
getBuild() {
local id="$1"
local ret="$2"
local url=""
local name=""
local build="$3"
local edition=""
local file="catalog.xml"
case "${id,,}" in
"win11${PLATFORM,,}" )
name="Windows 11 Pro"
url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Professional" ;;
"win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
name="Windows 11 Enterprise"
url="https://worproject.com/dldserv/esd/getcatalog.php?build=${build}&arch=${PLATFORM^^}&edition=Enterprise" ;;
esac
case "${ret,,}" in
"url" ) echo "$url" ;;
"file" ) echo "$file" ;;
"name" ) echo "$name" ;;
"edition" ) echo "$edition" ;;
*) echo "";;
esac
return 0
}
getCatalog() {
local id="$1"
local ret="$2"
local url=""
local name=""
local edition=""
local file="catalog.cab"
if [[ "${id,,}" == "win11"* ]] && ! isCompatible; then
# ARMv8.0 cannot run Windows 11 builds 24H2 and up.
getBuild "$1" "$2" "22631.2861" && return 0
fi
case "${id,,}" in
"win11${PLATFORM,,}" )
edition="Professional"
name="Windows 11 Pro"
url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
"win10${PLATFORM,,}" )
edition="Professional"
name="Windows 10 Pro"
url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
"win11${PLATFORM,,}-enterprise" | "win11${PLATFORM,,}-enterprise-eval")
edition="Enterprise"
name="Windows 11 Enterprise"
url="https://go.microsoft.com/fwlink?linkid=2156292" ;;
"win10${PLATFORM,,}-enterprise" | "win10${PLATFORM,,}-enterprise-eval" )
edition="Enterprise"
name="Windows 10 Enterprise"
url="https://go.microsoft.com/fwlink/?LinkId=841361" ;;
esac
case "${ret,,}" in
"url" ) echo "$url" ;;
"file" ) echo "$file" ;;
"name" ) echo "$name" ;;
"edition" ) echo '[Edition="'"${edition}"'"]' ;;
*) echo "";;
esac
return 0
}
getESD() {
local dir="$1"
local version="$2"
local lang="$3"
local desc="$4"
local file
local result
local culture
local language
local edition
local catalog
file=$(getCatalog "$version" "file")
catalog=$(getCatalog "$version" "url")
culture=$(getLanguage "$lang" "culture")
edition=$(getCatalog "$version" "edition")
if [ -z "$file" ] || [ -z "$catalog" ]; then
error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
fi
local msg="Downloading catalog..."
info "$msg" && html "$msg"
rm -rf "$dir"
if ! makeDir "$dir"; then
error "Failed to create directory \"$dir\" !" && return 1
fi
local xFile="products.xml"
local eFile="esd_edition.xml"
local fFile="products_filter.xml"
{ wget "$catalog" -O "$dir/$file" -q --timeout=30 --no-http-keep-alive; rc=$?; } || :
msg="Failed to download $catalog"
(( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
(( rc == 4 )) && error "$msg , network failure!" && return 1
(( rc == 8 )) && error "$msg , server issued an error response!" && return 1
(( rc != 0 )) && error "$msg , reason: $rc" && return 1
if [[ "$file" == *".xml" ]]; then
mv -f "$dir/$file" "$dir/$xFile"
else
cd "$dir"
if ! cabextract "$file" > /dev/null; then
cd /run
error "Failed to extract $file!" && return 1
fi
cd /run
fi
if [ ! -s "$dir/$xFile" ]; then
error "Failed to find $xFile in $file!" && return 1
fi
local edQuery='//File[Architecture="'${PLATFORM,,}'"]'"${edition}"''
result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
if [ -z "$result" ]; then
edQuery='//File[Architecture="'${PLATFORM^^}'"]'"${edition}"''
result=$(xmllint --nonet --xpath "${edQuery}" "$dir/$xFile" 2>/dev/null)
if [ -z "$result" ]; then
desc=$(printEdition "$version" "$desc")
language=$(getLanguage "$lang" "desc")
error "No download link available for $desc!" && return 1
fi
fi
echo -e '<Catalog>' > "$dir/$fFile"
echo "$result" >> "$dir/$fFile"
echo -e '</Catalog>'>> "$dir/$fFile"
result=$(xmllint --nonet --xpath "//File[LanguageCode=\"${culture,,}\"]" "$dir/$fFile" 2>/dev/null)
if [ -z "$result" ]; then
desc=$(printEdition "$version" "$desc")
language=$(getLanguage "$lang" "desc")
error "No download in the $language language available for $desc!" && return 1
fi
echo "$result" > "$dir/$eFile"
local tag="FilePath"
ESD=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD" ]; then
error "Failed to find ESD URL in $eFile!" && return 1
fi
tag="Sha1"
ESD_SUM=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD_SUM" ]; then
error "Failed to find ESD checksum in $eFile!" && return 1
fi
tag="Size"
ESD_SIZE=$(xmllint --nonet --xpath "//$tag" "$dir/$eFile" | sed -E -e "s/<[\/]?$tag>//g" 2>/dev/null)
if [ -z "$ESD_SIZE" ]; then
error "Failed to find ESD filesize in $eFile!" && return 1
fi
rm -rf "$dir"
return 0
}
isCompressed() {
local file="$1"
case "${file,,}" in
*".7z" | *".zip" | *".rar" | *".lzma" | *".bz" | *".bz2" )
return 0 ;;
esac
return 1
}
verifyFile() {
local iso="$1"
local size="$2"
local total="$3"
local check="$4"
if [ -n "$size" ] && [[ "$total" != "$size" && "$size" != "0" ]]; then
if [[ "$VERIFY" == [Yy1]* || "$DEBUG" == [Yy1]* ]]; then
warn "The downloaded file has a different size ( $total bytes) than expected ( $size bytes). Please report this at $SUPPORT/issues"
fi
fi
local hash=""
local algo="SHA256"
[ -z "$check" ] && return 0
[[ "$VERIFY" != [Yy1]* ]] && return 0
[[ "${#check}" == "40" ]] && algo="SHA1"
local msg="Verifying downloaded ISO..."
info "$msg" && html "$msg"
if [[ "${algo,,}" != "sha256" ]]; then
hash=$(sha1sum "$iso" | cut -f1 -d' ')
else
hash=$(sha256sum "$iso" | cut -f1 -d' ')
fi
if [[ "$hash" == "$check" ]]; then
info "Successfully verified ISO!" && return 0
fi
error "The downloaded file has an unknown $algo checksum: $hash , as the expected value was: $check. Please report this at $SUPPORT/issues"
return 1
}
downloadFile() {
local iso="$1"
local url="$2"
local sum="$3"
local size="$4"
local lang="$5"
local desc="$6"
local msg="Downloading $desc"
local rc total total_gb progress domain dots agent space folder
agent=$(get_agent)
if [ -n "$size" ] && [[ "$size" != "0" ]]; then
folder=$(dirname -- "$iso")
space=$(df --output=avail -B 1 "$folder" | tail -n 1)
total_gb=$(formatBytes "$space")
(( size > space )) && error "Not enough free space to download file, only $total_gb left!" && return 1
fi
# Check if running with interactive TTY or redirected to docker log
if [ -t 1 ]; then
progress="--progress=bar:noscroll"
else
progress="--progress=dot:giga"
fi
html "$msg..."
/run/progress.sh "$iso" "$size" "$msg ([P])..." &
domain=$(echo "$url" | awk -F/ '{print $3}')
dots=$(echo "$domain" | tr -cd '.' | wc -c)
(( dots > 1 )) && domain=$(expr "$domain" : '.*\.\(.*\..*\)')
if [ -n "$domain" ] && [[ "${domain,,}" != *"microsoft.com" ]]; then
msg="Downloading $desc from $domain"
fi
info "$msg..."
[[ "$DEBUG" == [Yy1]* ]] && echo "Downloading: $url"
{ wget "$url" -O "$iso" --continue -q --timeout=30 --no-http-keep-alive --user-agent "$agent" --show-progress "$progress"; rc=$?; } || :
fKill "progress.sh"
if (( rc == 0 )) && [ -f "$iso" ]; then
total=$(stat -c%s "$iso")
total_gb=$(formatBytes "$total")
if [ "$total" -lt 100000000 ]; then
error "Invalid download link: $url (is only $total_gb ?). Please report this at $SUPPORT/issues" && return 1
fi
verifyFile "$iso" "$size" "$total" "$sum" || return 1
isCompressed "$url" && UNPACK="Y"
html "Download finished successfully..." && return 0
fi
msg="Failed to download $url"
(( rc == 3 )) && error "$msg , cannot write file (disk full?)" && return 1
(( rc == 4 )) && error "$msg , network failure!" && return 1
(( rc == 8 )) && error "$msg , server issued an error response! Please report this at $SUPPORT/issues" && return 1
error "$msg , reason: $rc"
return 1
}
delay() {
local i
local delay="$1"
local msg="Will retry in X seconds..."
info "${msg/X/$delay}"
for i in $(seq "$delay" -1 1); do
html "${msg/X/$i}"
sleep 1
done
return 0
}
downloadImage() {
local iso="$1"
local version="$2"
local lang="$3"
local tried="n"
local success="n"
local seconds="5"
local url sum size base desc language
if [[ "${version,,}" == "http"* ]]; then
base=$(basename "$iso")
desc=$(fromFile "$base")
rm -f "$iso"
downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$version" "" "" "" "$desc" && return 0
rm -f "$iso"
return 1
fi
if ! validVersion "$version" "en"; then
error "Invalid VERSION specified, value \"$version\" is not recognized!" && return 1
fi
desc=$(printVersion "$version" "")
if [[ "${lang,,}" != "en" && "${lang,,}" != "en-"* ]]; then
language=$(getLanguage "$lang" "desc")
if ! validVersion "$version" "$lang"; then
desc=$(printEdition "$version" "$desc")
error "The $language language version of $desc is not available, please switch to English." && return 1
fi
desc+=" in $language"
fi
if isMido "$version" "$lang"; then
tried="y"
success="n"
if getWindows "$version" "$lang" "$desc"; then
success="y"
else
delay "$seconds"
getWindows "$version" "$lang" "$desc" && success="y"
fi
if [[ "$success" == "y" ]]; then
size=$(getMido "$version" "$lang" "size" )
sum=$(getMido "$version" "$lang" "sum")
rm -f "$iso"
downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$MIDO_URL" "$sum" "$size" "$lang" "$desc" && return 0
rm -f "$iso"
fi
fi
switchEdition "$version"
if isESD "$version" "$lang"; then
if [[ "$tried" != "n" ]]; then
info "Failed to download $desc, will try a different method now..."
fi
tried="y"
success="n"
if getESD "$TMP/esd" "$version" "$lang" "$desc"; then
success="y"
else
delay "$seconds"
getESD "$TMP/esd" "$version" "$lang" "$desc" && success="y"
fi
if [[ "$success" == "y" ]]; then
ISO="${ISO%.*}.esd"
rm -f "$ISO"
downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$ISO" "$ESD" "$ESD_SUM" "$ESD_SIZE" "$lang" "$desc" && return 0
rm -f "$ISO"
ISO="$iso"
fi
fi
for ((i=1;i<=MIRRORS;i++)); do
url=$(getLink "$i" "$version" "$lang")
if [ -n "$url" ]; then
if [[ "$tried" != "n" ]]; then
info "Failed to download $desc, will try another mirror now..."
fi
tried="y"
size=$(getSize "$i" "$version" "$lang")
sum=$(getHash "$i" "$version" "$lang")
rm -f "$iso"
downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
delay "$seconds"
downloadFile "$iso" "$url" "$sum" "$size" "$lang" "$desc" && return 0
rm -f "$iso"
fi
done
return 1
}
return 0

241
apps/rego-tunnel/build/src/power.sh Executable file
View File

@@ -0,0 +1,241 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${QEMU_TIMEOUT:="110"}" # QEMU Termination timeout
# Configure QEMU for graceful shutdown
QEMU_TERM=""
QEMU_DIR="/run/shm"
QEMU_PID="$QEMU_DIR/qemu.pid"
QEMU_PTY="$QEMU_DIR/qemu.pty"
QEMU_LOG="$QEMU_DIR/qemu.log"
QEMU_OUT="$QEMU_DIR/qemu.out"
QEMU_END="$QEMU_DIR/qemu.end"
rm -f "$QEMU_DIR/qemu.*"
touch "$QEMU_LOG"
_trap() {
func="$1" ; shift
for sig ; do
trap "$func $sig" "$sig"
done
}
boot() {
[ -f "$QEMU_END" ] && return 0
if [ -s "$QEMU_PTY" ]; then
if [ "$(stat -c%s "$QEMU_PTY")" -gt 7 ]; then
local fail=""
if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
grep -Fq "No bootable device." "$QEMU_PTY" && fail="y"
grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && fail="y"
fi
if [ -z "$fail" ]; then
info "Windows started successfully, visit http://127.0.0.1:8006/ to view the screen..."
return 0
fi
fi
fi
error "Timeout while waiting for QEMU to boot the machine!"
local pid
pid=$(<"$QEMU_PID")
{ kill -15 "$pid" || true; } 2>/dev/null
return 0
}
ready() {
[ -f "$STORAGE/windows.boot" ] && return 0
[ ! -s "$QEMU_PTY" ] && return 1
if [[ "${BOOT_MODE,,}" == "windows_legacy" ]]; then
local last
local bios="Booting from Hard"
last=$(grep "^Booting.*" "$QEMU_PTY" | tail -1)
[[ "${last,,}" != "${bios,,}"* ]] && return 1
grep -Fq "No bootable device." "$QEMU_PTY" && return 1
grep -Fq "BOOTMGR is missing" "$QEMU_PTY" && return 1
return 0
fi
local line="\"Windows Boot Manager\""
grep -Fq "$line" "$QEMU_PTY" && return 0
return 1
}
finish() {
local pid
local cnt=0
local reason=$1
local pids=(
"/var/run/tpm.pid"
"/var/run/wsdd.pid"
"/var/run/samba/nmbd.pid"
"/var/run/samba/smbd.pid"
)
touch "$QEMU_END"
if [ -s "$QEMU_PID" ]; then
pid=$(<"$QEMU_PID")
echo && error "Forcefully terminating Windows, reason: $reason..."
{ kill -15 "$pid" || true; } 2>/dev/null
while isAlive "$pid"; do
sleep 1
cnt=$((cnt+1))
# Workaround for zombie pid
[ ! -s "$QEMU_PID" ] && break
if [ "$cnt" == "5" ]; then
echo && error "QEMU did not terminate itself, forcefully killing process..."
{ kill -9 "$pid" || true; } 2>/dev/null
fi
done
fi
if [ ! -f "$STORAGE/windows.boot" ] && [ -f "$BOOT" ]; then
# Remove CD-ROM ISO after install
if ready; then
local file="$STORAGE/windows.boot"
touch "$file"
! setOwner "$file" && error "Failed to set the owner for \"$file\" !"
if [[ "$REMOVE" != [Nn]* ]]; then
rm -f "$BOOT" 2>/dev/null || true
fi
fi
fi
for pid in "${pids[@]}"; do
if [[ -s "$pid" ]]; then
pKill "$(cat "$pid")"
fi
rm -f "$pid"
done
closeNetwork
sleep 0.5
echo " Shutdown completed!"
exit "$reason"
}
terminal() {
local dev=""
if [ -s "$QEMU_OUT" ]; then
local msg
msg=$(<"$QEMU_OUT")
if [ -n "$msg" ]; then
if [[ "${msg,,}" != "char"* || "$msg" != *"serial0)" ]]; then
echo "$msg"
fi
dev="${msg#*/dev/p}"
dev="/dev/p${dev%% *}"
fi
fi
if [ ! -c "$dev" ]; then
dev=$(echo 'info chardev' | nc -q 1 -w 1 localhost "$MON_PORT" | tr -d '\000')
dev="${dev#*serial0}"
dev="${dev#*pty:}"
dev="${dev%%$'\n'*}"
dev="${dev%%$'\r'*}"
fi
if [ ! -c "$dev" ]; then
error "Device '$dev' not found!"
finish 34 && return 34
fi
QEMU_TERM="$dev"
return 0
}
_graceful_shutdown() {
local code=$?
set +e
if [ -f "$QEMU_END" ]; then
info "Received $1 while already shutting down..."
return
fi
touch "$QEMU_END"
info "Received $1, sending ACPI shutdown signal..."
if [ ! -s "$QEMU_PID" ]; then
error "QEMU PID file does not exist?"
finish "$code" && return "$code"
fi
local pid=""
pid=$(<"$QEMU_PID")
if ! isAlive "$pid"; then
error "QEMU process does not exist?"
finish "$code" && return "$code"
fi
if ! ready; then
info "Cannot send ACPI signal during Windows setup, aborting..."
finish "$code" && return "$code"
fi
# Send ACPI shutdown signal
echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
local cnt=0
while [ "$cnt" -lt "$QEMU_TIMEOUT" ]; do
sleep 1
cnt=$((cnt+1))
! isAlive "$pid" && break
# Workaround for zombie pid
[ ! -s "$QEMU_PID" ] && break
info "Waiting for Windows to shutdown... ($cnt/$QEMU_TIMEOUT)"
# Send ACPI shutdown signal
echo 'system_powerdown' | nc -q 1 -w 1 localhost "$MON_PORT" > /dev/null
done
if [ "$cnt" -ge "$QEMU_TIMEOUT" ]; then
error "Shutdown timeout reached, aborting..."
fi
finish "$code" && return "$code"
}
SERIAL="pty"
MONITOR="telnet:localhost:$MON_PORT,server,nowait,nodelay"
MONITOR+=" -daemonize -D $QEMU_LOG -pidfile $QEMU_PID"
_trap _graceful_shutdown SIGTERM SIGHUP SIGINT SIGABRT SIGQUIT
return 0

64
apps/rego-tunnel/build/src/rego-startup.sh Executable file
View File

@@ -0,0 +1,64 @@
#!/usr/bin/env bash
# Rego-tunnel startup customizations
# Copies VPN scripts to shared folder and sets up networking
echo "[rego] Initializing rego-tunnel customizations..."
# Copy VPN scripts to shared folder if it exists
if [ -d "/shared" ]; then
echo "[rego] Copying VPN scripts to shared folder..."
mkdir -p /shared/vpn_scripts
cp -rn /opt/rego-scripts/* /shared/vpn_scripts/ 2>/dev/null || true
chmod -R 755 /shared/vpn_scripts/ 2>/dev/null || true
echo "[rego] Scripts available at \\\\TSCLIENT\\shared\\vpn_scripts\\"
fi
# Background task: Wait for Windows and setup networking
(
WINDOWS_IP=""
MAX_WAIT=300 # 5 minutes max wait
echo "[rego] Waiting for Windows VM to get IP..."
for i in $(seq 1 $MAX_WAIT); do
WINDOWS_IP=$(cat /run/shm/qemu.ip 2>/dev/null || ip neigh show dev docker 2>/dev/null | grep -oE '172\.[0-9]+\.[0-9]+\.[0-9]+' | head -1)
if [ -n "$WINDOWS_IP" ]; then
echo "[rego] Windows VM IP: $WINDOWS_IP"
break
fi
sleep 1
done
if [ -z "$WINDOWS_IP" ]; then
echo "[rego] Warning: Could not detect Windows IP after ${MAX_WAIT}s"
exit 0
fi
# Wait for SSH to be available
echo "[rego] Waiting for SSH on Windows..."
for i in $(seq 1 120); do
if nc -z "$WINDOWS_IP" 22 2>/dev/null; then
echo "[rego] SSH is available on Windows"
break
fi
sleep 2
done
# Setup iptables rules
echo "[rego] Setting up iptables rules..."
# MASQUERADE for outbound traffic
iptables -t nat -C POSTROUTING -o docker -j MASQUERADE 2>/dev/null || \
iptables -t nat -A POSTROUTING -o docker -j MASQUERADE
# Route to IBM i network via Windows VPN
ip route add 10.35.33.0/24 via $WINDOWS_IP dev docker 2>/dev/null || true
# Allow forwarding
iptables -C FORWARD -d $WINDOWS_IP -j ACCEPT 2>/dev/null || \
iptables -A FORWARD -d $WINDOWS_IP -j ACCEPT
echo "[rego] Network setup complete"
) &
echo "[rego] Startup script initialized"

228
apps/rego-tunnel/build/src/samba.sh Executable file
View File

@@ -0,0 +1,228 @@
#!/usr/bin/env bash
set -Eeuo pipefail
: "${SAMBA:="Y"}" # Enable Samba
: "${SAMBA_LEVEL:="1"}" # Logging level
: "${SAMBA_DEBUG:="N"}" # Disable debug
tmp="/tmp/smb"
rm -rf "$tmp"
rm -f /var/run/wsdd.pid
rm -f /var/run/samba/nmbd.pid
rm -f /var/run/samba/smbd.pid
[[ "$SAMBA" == [Nn]* ]] && return 0
[[ "$NETWORK" == [Nn]* ]] && return 0
if [[ "$DHCP" == [Yy1]* ]]; then
socket="$IP"
hostname="$IP"
interfaces="$VM_NET_DEV"
else
hostname="host.lan"
case "${NETWORK,,}" in
"passt" | "slirp" )
interfaces="lo"
socket="127.0.0.1" ;;
*)
socket="$VM_NET_IP"
interfaces="$VM_NET_BRIDGE" ;;
esac
if [ -n "${SAMBA_INTERFACE:-}" ]; then
interfaces+=",$SAMBA_INTERFACE"
fi
fi
html "Initializing shared folder..."
SAMBA_CONFIG="/etc/samba/smb.conf"
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting Samba daemon..."
addShare() {
local dir="$1"
local ref="$2"
local name="$3"
local comment="$4"
local cfg="$5"
local owner=""
if [ ! -d "$dir" ]; then
if ! mkdir -p "$dir"; then
error "Failed to create shared folder ($dir)." && return 1
fi
fi
if ! ls -A "$dir" >/dev/null 2>&1; then
msg="No permission to access shared folder ($dir)."
msg+=" If SELinux is active, you need to add the \":Z\" flag to the bind mount."
error "$msg" && return 1
fi
if [ ! -w "$dir" ]; then
msg="shared folder ($dir) is not writeable!"
warn "$msg"
fi
if [ -z "$(ls -A "$dir")" ]; then
if ! chmod 2777 "$dir"; then
error "Failed to set permissions for directory $dir" && return 1
fi
owner=$(stat -c %u "$dir")
if [[ "$owner" == "0" ]]; then
if ! chown "1000:1000" "$dir"; then
error "Failed to set ownership for directory $dir" && return 1
fi
fi
fi
if [[ "$dir" == "$tmp" ]]; then
{ echo "--------------------------------------------------------"
echo " $APP for $ENGINE v$(</run/version)..."
echo " For support visit $SUPPORT"
echo "--------------------------------------------------------"
echo ""
echo "Using this folder you can exchange files with the host machine."
echo ""
echo "To select a folder on the host for this purpose, include the following bind mount in your compose file:"
echo ""
echo " volumes:"
echo " - \"./example:${ref}\""
echo ""
echo "Or in your run command:"
echo ""
echo " -v \"\${PWD:-.}/example:${ref}\""
echo ""
echo "Replace the example path ./example with your desired shared folder, which then will become visible here."
echo ""
} | unix2dos > "$dir/readme.txt"
fi
{ echo ""
echo "[$name]"
echo " path = $dir"
echo " comment = $comment"
echo " writable = yes"
echo " guest ok = yes"
echo " guest only = yes"
} >> "$cfg"
return 0
}
{ echo "[global]"
echo " server string = Dockur"
echo " netbios name = $hostname"
echo " workgroup = WORKGROUP"
echo " interfaces = $interfaces"
echo " bind interfaces only = yes"
echo " socket address = $socket"
echo " security = user"
echo " guest account = nobody"
echo " map to guest = Bad User"
echo " server min protocol = NT1"
echo " follow symlinks = yes"
echo " wide links = yes"
echo " unix extensions = no"
echo " inherit owner = yes"
echo " create mask = 0666"
echo " directory mask = 02777"
echo " force user = root"
echo " force group = root"
echo " force create mode = 0666"
echo " force directory mode = 02777"
echo ""
echo " # Disable printing services"
echo " load printers = no"
echo " printing = bsd"
echo " printcap name = /dev/null"
echo " disable spoolss = yes"
} > "$SAMBA_CONFIG"
# Add shared folders
share="/shared"
[ ! -d "$share" ] && [ -d "$STORAGE/shared" ] && share="$STORAGE/shared"
[ ! -d "$share" ] && [ -d "/data" ] && share="/data"
[ ! -d "$share" ] && [ -d "$STORAGE/data" ] && share="$STORAGE/data"
[ ! -d "$share" ] && share="$tmp"
! addShare "$share" "/shared" "Data" "Shared" "$SAMBA_CONFIG" && return 0
if [ -d "/shared2" ]; then
addShare "/shared2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
else
if [ -d "/data2" ]; then
addShare "/data2" "/shared2" "Data2" "Shared" "$SAMBA_CONFIG" || :
fi
fi
if [ -d "/shared3" ]; then
addShare "/shared3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
else
if [ -d "/data3" ]; then
addShare "/data3" "/shared3" "Data3" "Shared" "$SAMBA_CONFIG" || :
fi
fi
# Create directories if missing
mkdir -p /var/lib/samba/sysvol
mkdir -p /var/lib/samba/private
mkdir -p /var/lib/samba/bind-dns
# Try to repair Samba permissions
[ -d /run/samba/msg.lock ] && chmod -R 0755 /run/samba/msg.lock 2>/dev/null || :
[ -d /var/log/samba/cores ] && chmod -R 0700 /var/log/samba/cores 2>/dev/null || :
[ -d /var/cache/samba/msg.lock ] && chmod -R 0755 /var/cache/samba/msg.lock 2>/dev/null || :
rm -f /var/log/samba/log.smbd
if ! smbd -l /var/log/samba; then
SAMBA_DEBUG="Y"
error "Failed to start Samba daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/samba/log.smbd --pid=$$ &
fi
case "${NETWORK,,}" in
"passt" | "slirp" )
return 0 ;;
esac
if [[ "${BOOT_MODE:-}" == "windows_legacy" ]]; then
# Enable NetBIOS on Windows 7 and lower
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting NetBIOS daemon..."
rm -f /var/log/samba/log.nmbd
if ! nmbd -l /var/log/samba; then
SAMBA_DEBUG="Y"
error "Failed to start NetBIOS daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/samba/log.nmbd --pid=$$ &
fi
else
# Enable Web Service Discovery on Vista and up
[[ "$DEBUG" == [Yy1]* ]] && echo "Starting wsddn daemon..."
rm -f /var/log/wsddn.log
if ! wsddn -i "${interfaces%%,*}" -H "$hostname" --unixd --log-file=/var/log/wsddn.log --pid-file=/var/run/wsdd.pid; then
SAMBA_DEBUG="Y"
error "Failed to start wsddn daemon!"
fi
if [[ "$SAMBA_DEBUG" == [Yy1]* ]]; then
tail -fn +0 /var/log/wsddn.log --pid=$$ &
fi
fi
return 0