48 lines
1.4 KiB
Bash
48 lines
1.4 KiB
Bash
#!/bin/bash
|
|
set -e
|
|
|
|
# Convert TARGET_DATE from ISO format (with T) to faketime format (with space)
|
|
TARGET_STR=$(echo "${TARGET_DATE}" | sed 's/T/ /')
|
|
export FAKETIME="@${TARGET_STR}"
|
|
|
|
# Persist FAKETIME for any future shells (docker exec, su, etc.)
|
|
# This ensures every bash session in the container gets the fake time
|
|
echo "export FAKETIME=\"@${TARGET_STR}\"" > /etc/profile.d/faketime.sh
|
|
echo "export FAKETIME=\"@${TARGET_STR}\"" >> /etc/bash.bashrc
|
|
|
|
# Verify it works
|
|
TEST_DATE=$(date +%Y)
|
|
if [ "$TEST_DATE" = "2010" ]; then
|
|
echo "Time simulation active: $(date)"
|
|
else
|
|
echo "WARNING: faketime not working. date reports year=$TEST_DATE"
|
|
echo " LD_PRELOAD=$LD_PRELOAD"
|
|
echo " FAKETIME=$FAKETIME"
|
|
fi
|
|
|
|
# Fetch MITM CA cert — temporarily unset LD_PRELOAD so curl
|
|
# doesn't have TLS issues with a 2010 clock
|
|
SAVED_PRELOAD="$LD_PRELOAD"
|
|
unset LD_PRELOAD
|
|
|
|
MAX_WAIT=30
|
|
WAITED=0
|
|
while [ $WAITED -lt $MAX_WAIT ]; do
|
|
if curl -s --noproxy '*' --proxy http://172.30.0.4:8080 http://mitm.it/cert/pem -o /tmp/mitmproxy-ca.pem 2>/dev/null; then
|
|
if [ -s /tmp/mitmproxy-ca.pem ]; then
|
|
cp /tmp/mitmproxy-ca.pem /usr/local/share/ca-certificates/mitmproxy-ca.crt
|
|
update-ca-certificates 2>/dev/null || true
|
|
break
|
|
fi
|
|
fi
|
|
sleep 1
|
|
WAITED=$((WAITED + 1))
|
|
done
|
|
rm -f /tmp/mitmproxy-ca.pem
|
|
|
|
# Restore LD_PRELOAD
|
|
export LD_PRELOAD="$SAVED_PRELOAD"
|
|
|
|
echo ""
|
|
exec "$@"
|