| #!/usr/bin/env bash |
| set -euo pipefail |
|
|
| log() { |
| printf '[asa-api] %s\n' "$*" >&2 |
| } |
|
|
| proxy_url="${ASA_PROXY:-socks5h://127.0.0.1:9050}" |
| proxy_without_scheme="${proxy_url#*://}" |
| proxy_host_port="${proxy_without_scheme%%/*}" |
| proxy_host="${proxy_host_port%:*}" |
| proxy_port="${proxy_host_port##*:}" |
|
|
| if [[ -z "${proxy_host}" || "${proxy_host}" == "${proxy_host_port}" ]]; then |
| proxy_host="127.0.0.1" |
| fi |
|
|
| if [[ "${proxy_host}" != "127.0.0.1" && "${proxy_host}" != "localhost" ]]; then |
| log "ASA_PROXY must target a local Tor SOCKS listener. Got: ${proxy_url}" |
| exit 1 |
| fi |
|
|
| if ! [[ "${proxy_port}" =~ ^[0-9]+$ ]]; then |
| log "ASA_PROXY must include a numeric port. Got: ${proxy_url}" |
| exit 1 |
| fi |
|
|
| control_port="${TOR_CONTROL_PORT:-9051}" |
| if ! [[ "${control_port}" =~ ^[0-9]+$ ]]; then |
| log "TOR_CONTROL_PORT must be numeric. Got: ${control_port}" |
| exit 1 |
| fi |
|
|
| tor_root="/tmp/tor" |
| tor_data_dir="${tor_root}/data" |
| tor_cookie_path="${ASA_TOR_CONTROL_COOKIE:-${tor_root}/control.authcookie}" |
| tor_pid_path="${tor_root}/tor.pid" |
| torrc_path="${tor_root}/torrc" |
| tor_probe_url="${ASA_TOR_PROBE_URL:-https://check.torproject.org/api/ip}" |
| tor_startup_timeout="${ASA_TOR_STARTUP_TIMEOUT_SEC:-90}" |
| if ! [[ "${tor_startup_timeout}" =~ ^[0-9]+$ ]]; then |
| log "ASA_TOR_STARTUP_TIMEOUT_SEC must be numeric. Got: ${tor_startup_timeout}" |
| exit 1 |
| fi |
|
|
| install -d -m 700 "${tor_root}" "${tor_data_dir}" "$(dirname "${tor_cookie_path}")" |
| rm -f "${tor_pid_path}" "${tor_cookie_path}" |
|
|
| cat > "${torrc_path}" <<EOF |
| ClientOnly 1 |
| DataDirectory ${tor_data_dir} |
| PidFile ${tor_pid_path} |
| SocksPort 127.0.0.1:${proxy_port} |
| ControlPort 127.0.0.1:${control_port} |
| CookieAuthentication 1 |
| CookieAuthFile ${tor_cookie_path} |
| AvoidDiskWrites 1 |
| Log notice stderr |
| EOF |
|
|
| log "Starting Tor on ${proxy_url} with control port ${control_port}" |
| tor -f "${torrc_path}" & |
| tor_pid=$! |
|
|
| tor_probe_file="$(mktemp)" |
| tor_probe_error_file="$(mktemp)" |
| cleanup_probe_files() { |
| rm -f "${tor_probe_file}" "${tor_probe_error_file}" |
| } |
| trap cleanup_probe_files EXIT |
|
|
| port_open() { |
| local host="$1" |
| local port="$2" |
| (exec 3<>"/dev/tcp/${host}/${port}") >/dev/null 2>&1 |
| } |
|
|
| wait_for_tor() { |
| local started_at now |
| started_at="$(date +%s)" |
|
|
| while true; do |
| if ! kill -0 "${tor_pid}" 2>/dev/null; then |
| wait "${tor_pid}" || true |
| log "Tor exited before startup completed" |
| exit 1 |
| fi |
|
|
| if curl --silent --show-error --fail --max-time 15 \ |
| --proxy "${proxy_url}" \ |
| "${tor_probe_url}" > "${tor_probe_file}" 2> "${tor_probe_error_file}"; then |
| if grep -Eq '"IsTor"[[:space:]]*:[[:space:]]*true' "${tor_probe_file}"; then |
| if [[ -r "${tor_cookie_path}" ]] && port_open "127.0.0.1" "${control_port}"; then |
| return 0 |
| fi |
| fi |
| fi |
|
|
| now="$(date +%s)" |
| if (( now - started_at >= tor_startup_timeout )); then |
| log "Timed out waiting for Tor readiness" |
| if [[ -s "${tor_probe_error_file}" ]]; then |
| log "Last probe error: $(tail -n 1 "${tor_probe_error_file}")" |
| fi |
| if [[ -s "${tor_probe_file}" ]]; then |
| log "Last probe body: $(tr -d '\n' < "${tor_probe_file}")" |
| fi |
| exit 1 |
| fi |
|
|
| sleep 1 |
| done |
| } |
|
|
| wait_for_tor |
|
|
| export ASA_PROXY="${proxy_url}" |
| export TOR_CONTROL_PORT="${control_port}" |
| export ASA_TOR_CONTROL_COOKIE="${tor_cookie_path}" |
|
|
| log "Tor ready; starting API on port ${PORT:-7860}" |
| exec Rscript -e 'pr <- plumber::plumb("R/plumber.R"); pr$run(host = "0.0.0.0", port = as.integer(Sys.getenv("PORT", "7860")))' |
|
|
