From 293c7b82d6bcd25577e48302efdf92cb1d753800 Mon Sep 17 00:00:00 2001
From: Maxb <bittmanmax@gmail.com>
Date: Tue, 29 Apr 2025 11:53:31 -0700
Subject: [PATCH] Update obfsvpn server image for menshen agent conf

I'd still very much like to tear out the entire start script, but for
now we have it, so these are the necessary changes in order to be able
to configure the container in deployments for the menshen agent.
---
 .env                                    |  2 ++
 .env.hopping                            |  2 ++
 .env.hopping.kcp                        |  2 ++
 .env.hopping.quic                       |  2 ++
 .env.kcp                                |  2 ++
 .env.quic                               |  2 ++
 docker-compose.yml                      |  6 +++--
 images/obfsvpn/scripts/start_obfsvpn.sh | 34 +++++++++++++++----------
 8 files changed, 36 insertions(+), 16 deletions(-)

diff --git a/.env b/.env
index 49c29cc..57eaccb 100644
--- a/.env
+++ b/.env
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT=""
 OBFSVPN_MAX_HOP_PORT=""
 OBFSVPN_PORT_COUNT=""
 MENSHEN_PORT="8443"
+MENSHEN_URL="http://menshen:8443"
+MENSHEN_AGENT_ENABLED=true
diff --git a/.env.hopping b/.env.hopping
index d50273e..7fdc3d1 100644
--- a/.env.hopping
+++ b/.env.hopping
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT=""
 OBFSVPN_MAX_HOP_PORT=""
 OBFSVPN_PORT_COUNT=""
 MENSHEN_PORT="8445"
+MENSHEN_URL="http://menshen:8445"
+MENSHEN_AGENT_ENABLED=true
diff --git a/.env.hopping.kcp b/.env.hopping.kcp
index 264b59b..6f8577a 100644
--- a/.env.hopping.kcp
+++ b/.env.hopping.kcp
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT=""
 OBFSVPN_MAX_HOP_PORT=""
 OBFSVPN_PORT_COUNT=""
 MENSHEN_PORT="8446"
+MENSHEN_URL="http://menshen:8446"
+MENSHEN_AGENT_ENABLED=true
diff --git a/.env.hopping.quic b/.env.hopping.quic
index 525c24e..40279e3 100644
--- a/.env.hopping.quic
+++ b/.env.hopping.quic
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT="45000"
 OBFSVPN_MAX_HOP_PORT="50000"
 OBFSVPN_PORT_COUNT="50"
 MENSHEN_PORT="8447"
+MENSHEN_URL="http://menshen:8447"
+MENSHEN_AGENT_ENABLED=true
diff --git a/.env.kcp b/.env.kcp
index 5d0a7cf..f79cdba 100644
--- a/.env.kcp
+++ b/.env.kcp
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT=""
 OBFSVPN_MAX_HOP_PORT=""
 OBFSVPN_PORT_COUNT=""
 MENSHEN_PORT="8449"
+MENSHEN_URL="http://menshen:8449"
+MENSHEN_AGENT_ENABLED=true
diff --git a/.env.quic b/.env.quic
index 1aa0a2d..a51609e 100644
--- a/.env.quic
+++ b/.env.quic
@@ -12,3 +12,5 @@ OBFSVPN_MIN_HOP_PORT=""
 OBFSVPN_MAX_HOP_PORT=""
 OBFSVPN_PORT_COUNT=""
 MENSHEN_PORT="8452"
+MENSHEN_URL="http://menshen:8452"
+MENSHEN_AGENT_ENABLED=true
diff --git a/docker-compose.yml b/docker-compose.yml
index ee31546..3bd385e 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -43,8 +43,9 @@ services:
       OBFSVPN_LOCATION: "unknown"
       OBFS4_IP: "BRIDGE'S PUBLIC HOST IP"
       OBFS4_HOST: "0.0.0.0"
-      MENSHEN_PORT: "${MENSHEN_PORT}"
+      MENSHEN_URL: "${MENSHEN_URL}"
       MENSHEN_SHARED_KEY: "test-agent-shared-key"
+      MENSHEN_AGENT_ENABLED: "${MENSHEN_AGENT_ENABLED}"
       OPENVPN_HOST: "$OPENVPN_HOST"
       OPENVPN_PORT: "$OPENVPN_PORT"
       HOP_PT: "$HOP_PT"
@@ -74,8 +75,9 @@ services:
       OBFSVPN_LOCATION: "unknown"
       OBFS4_IP: "BRIDGE'S PUBLIC HOST IP"
       OBFS4_HOST: "0.0.0.0"
-      MENSHEN_PORT: "${MENSHEN_PORT}"
+      MENSHEN_URL: "${MENSHEN_URL}"
       MENSHEN_SHARED_KEY: "test-agent-shared-key"
+      MENSHEN_AGENT_ENABLED: "${MENSHEN_AGENT_ENABLED}"
       OPENVPN_HOST: "openvpn-server"
       OPENVPN_PORT: "5540"
       HOP_PT: "$HOP_PT"
diff --git a/images/obfsvpn/scripts/start_obfsvpn.sh b/images/obfsvpn/scripts/start_obfsvpn.sh
index 08ce458..4b00731 100755
--- a/images/obfsvpn/scripts/start_obfsvpn.sh
+++ b/images/obfsvpn/scripts/start_obfsvpn.sh
@@ -28,7 +28,13 @@ if [[ ${QUIT} ]]; then
     exit 1;
 fi
 
+menshen_agent_enabled=$MENSHEN_AGENT_ENABLED;
+if [[ -z "$MENSHEN_URL" || -z "$MENSHEN_SHARED_KEY" || -z "$MENSHEN_AGENT_ENABLED"  ]]; then
+    menshen_agent_enabled=false
+fi
+
 echo ">>>> starting obfsvpn server - pointing to gateway ${OPENVPN_HOST}:${OPENVPN_PORT}"
+echo ">>>> menshen_agent_enabled: $menshen_agent_enabled"
 
 if [[ "$HOP_PT" == "1" ]]; then
     if [[ "$KCP" == "1" ]]; then
@@ -42,8 +48,8 @@ if [[ "$HOP_PT" == "1" ]]; then
           --persist="${PERSIST_BRIDGE_STATE:-false}" \
           --location="${OBFSVPN_LOCATION}" \
           --hostname="$(hostname)" \
-          --menshen-agent-enabled="true" \
-          --menshen-url="http://menshen:${MENSHEN_PORT}" \
+          --menshen-agent-enabled="$menshen_agent_enabled" \
+          --menshen-url="$MENSHEN_URL" \
           --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
           -v
     elif [[ "$QUIC" == "1" ]]; then
@@ -59,8 +65,8 @@ if [[ "$HOP_PT" == "1" ]]; then
           --persist="${PERSIST_BRIDGE_STATE:-false}" \
           --location="${OBFSVPN_LOCATION}" \
           --hostname="$(hostname)" \
-          --menshen-agent-enabled="true" \
-          --menshen-url="http://menshen:${MENSHEN_PORT}" \
+          --menshen-agent-enabled="$menshen_agent_enabled" \
+          --menshen-url="$MENSHEN_URL" \
           --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
           -v
     fi
@@ -73,8 +79,8 @@ if [[ "$HOP_PT" == "1" ]]; then
         --persist="${PERSIST_BRIDGE_STATE:-false}" \
         --location="${OBFSVPN_LOCATION}" \
         --hostname="$(hostname)" \
-        --menshen-agent-enabled="true" \
-        --menshen-url="http://menshen:${MENSHEN_PORT}" \
+        --menshen-agent-enabled="$menshen_agent_enabled" \
+        --menshen-url="$MENSHEN_URL" \
         --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
         -v
 elif [[ "$KCP" == "1" ]]; then
@@ -90,8 +96,8 @@ elif [[ "$KCP" == "1" ]]; then
         --persist="${PERSIST_BRIDGE_STATE:-false}" \
         --location="${OBFSVPN_LOCATION}" \
         --hostname="$(hostname)" \
-        --menshen-agent-enabled="true" \
-        --menshen-url="http://menshen:${MENSHEN_PORT}" \
+        --menshen-agent-enabled="$menshen_agent_enabled" \
+        --menshen-url="$MENSHEN_URL" \
         --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
         -v
 
@@ -110,8 +116,8 @@ elif [[ "$QUIC" == "1" ]]; then
         --persist="${PERSIST_BRIDGE_STATE:-false}" \
         --location="${OBFSVPN_LOCATION}" \
         --hostname="$(hostname)" \
-        --menshen-agent-enabled="true" \
-        --menshen-url="http://menshen:${MENSHEN_PORT}" \
+        --menshen-agent-enabled="$menshen_agent_enabled" \
+        --menshen-url="$MENSHEN_URL" \
         --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
         -v
 
@@ -126,8 +132,8 @@ elif [[ "$TCP" == "1" ]]; then
         --persist="${PERSIST_BRIDGE_STATE:-false}" \
         --location="${OBFSVPN_LOCATION}" \
         --hostname="$(hostname)" \
-        --menshen-agent-enabled="true" \
-        --menshen-url="http://menshen:${MENSHEN_PORT}" \
+        --menshen-agent-enabled="$menshen_agent_enabled" \
+        --menshen-url="$MENSHEN_URL" \
         --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
         -v
 else
@@ -142,8 +148,8 @@ else
         --persist="${PERSIST_BRIDGE_STATE:-false}" \
         --location="${OBFSVPN_LOCATION}" \
         --hostname="$(hostname)" \
-        --menshen-agent-enabled="true" \
-        --menshen-url="http://menshen:${MENSHEN_PORT}" \
+        --menshen-agent-enabled="$menshen_agent_enabled" \
+        --menshen-url="$MENSHEN_URL" \
         --menshen-agent-key="${MENSHEN_SHARED_KEY}" \
         -v
 fi
-- 
GitLab