-
Notifications
You must be signed in to change notification settings - Fork 9
Important Files and Directories
All E2Guardian files are contained within the /app and /config directories in the container. This makes managing it very simple.
| Path | Description |
|---|---|
/app/ |
Contains all E2Guardian non-configuration files and directories |
/config/ |
Contains all E2Guardian configuration files and lists |
/config/e2guardian.conf |
Main E2Guardian configuration file |
/config/examplef1.story |
Storyboard file for the default filtergroup |
/config/e2guardianf1.conf |
Config file for the default filtergroup |
/config/lists/ |
Contains all of the E2Guardian lists |
/config/ssl/ |
Contains all of the SSL certs and keys for SSL MITM |
/config/ssl/generatedcerts/ |
Contains all of the upstream SSL certs used for MITM |
/config/ssl/servercerts/ |
Contains all of the CA SSL certs used for MITM |
| Path | Description |
|---|---|
/app/sbin/e2g-mitm.sh |
A tool I created that lets you easily toggle SSL MITM on/off |
/app/sbin/entrypoint.sh |
Container entrypoint script that prepares the environment and starts E2Guardian |
This script is responsible for toggling SSL MITM on/off without the user having to directly edit any configuration files. Only entrypoint.sh can use this script to toggle SSL MITM on/off (via the -d, -D, -e, or -E flags). The user can use this script directly to backup and/or generate new MITM SSL certs via the -b and -g flags, respectively.
Usage: e2g-mitm.sh [options]
-b Backup any certs that are present before overwriting/deleting them
-d Disable SSL MITM; can't be used with -e, -E, or -g flags.
-D Disable SSL MITM and delete any certs that are present; can't be used with -e, -E, or -g flags.
-e Enable SSL MITM
-E Enable SSL MIT and generate new SSL certs (same as -eg)
-g Generate new SSL certs (overwrites previous ones); can't be used with -d or -D flags.
-h Display this help menu
To backup the MITM SSL certs located in /config/ssl/servercerts, use the -b flag. When using the -b flag, a .tar.gz file is created in /config/ssl/backup/.
To generate new MITM SSL certs in /config/ssl/servercerts, use the -g flag. This option will overwrite any certs that currently exist in that directory.
To use this tool when directly inside the container: e2g-mitm.sh [options]
To use this tool from the host: docker exec -it e2guardian e2g-mitm.sh [options]
| Description | Command |
|---|---|
Backup MITM SSL certs that exist in /config/ssl/serverscerts
|
e2g-mitm.sh -b |
Generate new certs into /config/ssl/servercerts/ (will overwrite any existing certs) |
e2g-mitm.sh -g |
| Back up MITM SSL certs and generate new ones | e2g-mitm.sh -bg |
This is the Entrypoint for the container; it's the first thing that is ran when the container is started and is responsible for:
- Setting the UID/GID of the e2guardian user account
- Ensuring the
/configdirectory is not empty - Removing any existing
.pidfile that could prevent e2guardian from starting - Ensuring correct ownership and permissions of all files in the
/appand/configdirectories - Starting E2Guardian