63 lines
2.1 KiB
Bash
63 lines
2.1 KiB
Bash
#!/bin/bash
|
|
# CryptoPro Linux package fetcher (Playwright-driven)
|
|
# Uses the Node-based Playwright crawler to authenticate (if required) and
|
|
# download Linux CSP installers. Intended to run once per container startup.
|
|
|
|
set -euo pipefail
|
|
|
|
OUTPUT_DIR="${CRYPTOPRO_OUTPUT_DIR:-/opt/cryptopro/downloads}"
|
|
MARKER="${CRYPTOPRO_DOWNLOAD_MARKER:-${OUTPUT_DIR}/.downloaded}"
|
|
FORCE="${CRYPTOPRO_FORCE_DOWNLOAD:-0}"
|
|
UNPACK="${CRYPTOPRO_UNPACK:-1}"
|
|
DRY_RUN="${CRYPTOPRO_DRY_RUN:-1}"
|
|
|
|
log() {
|
|
echo "[$(date -u '+%Y-%m-%dT%H:%M:%SZ')] [crypto-fetch] $*"
|
|
}
|
|
|
|
log_error() {
|
|
echo "[$(date -u '+%Y-%m-%dT%H:%M:%SZ')] [crypto-fetch] [ERROR] $*" >&2
|
|
}
|
|
|
|
if [[ -f "${MARKER}" && "${FORCE}" != "1" ]]; then
|
|
log "Download marker present at ${MARKER}; skipping (set CRYPTOPRO_FORCE_DOWNLOAD=1 to refresh)."
|
|
exit 0
|
|
fi
|
|
|
|
log "Ensuring CryptoPro Linux packages are available (dry-run unless CRYPTOPRO_DRY_RUN=0)"
|
|
log " Output dir: ${OUTPUT_DIR}"
|
|
log " Unpack: ${UNPACK}"
|
|
|
|
mkdir -p "${OUTPUT_DIR}"
|
|
|
|
# Export defaults for the Playwright downloader
|
|
export CRYPTOPRO_OUTPUT_DIR="${OUTPUT_DIR}"
|
|
export CRYPTOPRO_UNPACK="${UNPACK}"
|
|
export CRYPTOPRO_DRY_RUN="${DRY_RUN}"
|
|
export CRYPTOPRO_URL="${CRYPTOPRO_URL:-https://cryptopro.ru/products/csp/downloads#latest_csp50r3_linux}"
|
|
export CRYPTOPRO_EMAIL="${CRYPTOPRO_EMAIL:-contact@stella-ops.org}"
|
|
export CRYPTOPRO_PASSWORD="${CRYPTOPRO_PASSWORD:-Hoko33JD3nj3aJD.}"
|
|
|
|
if ! node /usr/local/bin/download-cryptopro-playwright.cjs; then
|
|
rc=$?
|
|
if [[ "${rc}" == "2" ]]; then
|
|
log "Playwright downloader blocked by auth/captcha; skipping download (set CRYPTOPRO_DEBUG=1 for details)."
|
|
exit 0
|
|
fi
|
|
log_error "Playwright downloader failed (exit=${rc})"
|
|
exit "${rc}"
|
|
fi
|
|
|
|
if [[ "${DRY_RUN}" == "0" ]]; then
|
|
touch "${MARKER}"
|
|
log "Download complete; marker written to ${MARKER}"
|
|
else
|
|
log "Dry-run mode; marker not written. Set CRYPTOPRO_DRY_RUN=0 to fetch binaries."
|
|
fi
|
|
|
|
# List latest artifacts (best-effort)
|
|
if compgen -G "${OUTPUT_DIR}/*" > /dev/null; then
|
|
log "Artifacts in ${OUTPUT_DIR}:"
|
|
find "${OUTPUT_DIR}" -maxdepth 1 -type f -printf " %f (%s bytes)\n" | head -20
|
|
fi
|