update stable branch with latest changes

update build workflows names update publish workflows Dockerfile.tws Changes to be committed: modified: .github/workflows/build.yml modified: .github/workflows/publish.yml modified: stable/Dockerfile new file: stable/Dockerfile.tws modified: stable/config/ibc/config.ini.tmpl new file: stable/scripts/common.sh modified: stable/scripts/port_forwarding.sh modified: stable/scripts/run.sh new file: stable/tws-scripts/run_tws.sh new file: stable/tws-scripts/start_session.sh
gnzsnz · Nov 26, 2023 · 0433fe3 · 0433fe3
1 parent 2acf739
commit 0433fe3
Show file tree

Hide file tree

Showing 10 changed files with 376 additions and 105 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -42,7 +42,7 @@ jobs:
             type=match,pattern=v(\d+.\d+.\w+),group=1
             type=match,pattern=v(\d+.\d+.\w+)+\-(stable|latest),group=2
 
-      - name: Build ibgateway Docker image ibgateway
+      - name: Build ibgateway Docker image
         uses: docker/build-push-action@v5
         with:
           push: false
@@ -70,7 +70,7 @@ jobs:
             type=match,pattern=v(\d+.\d+.\w+),group=1
             type=match,pattern=v(\d+.\d+.\w+)+\-(stable|latest),group=2
 
-      - name: Build ibgateway Docker image tws
+      - name: Build TWS Docker image
         uses: docker/build-push-action@v5
         with:
           push: false

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -45,7 +45,7 @@ jobs:
       #   Build ibgateway
       ###############################################################
 
-      - name: Docker meta
+      - name: Docker meta ibgateway
         id: meta
         uses: docker/metadata-action@v5
         with:
@@ -59,7 +59,7 @@ jobs:
             type=match,pattern=v(\d+.\d+.\w+),group=1
             type=match,pattern=v(\d+.\d+.\w+)+\-(stable|latest),group=2
 
-      - name: Build and push
+      - name: Build and push ibgateway
         uses: docker/build-push-action@v5
         with:
           context: ${{ steps.channel.outputs.channel }}
@@ -73,7 +73,7 @@ jobs:
       #   Build tws
       ###############################################################
 
-      - name: Docker meta
+      - name: Docker meta TWS
         id: meta-tws
         uses: docker/metadata-action@v5
         with:
@@ -87,11 +87,11 @@ jobs:
             type=match,pattern=v(\d+.\d+.\w+),group=1
             type=match,pattern=v(\d+.\d+.\w+)+\-(stable|latest),group=2
 
-      - name: Build and push
+      - name: Build and push TWS
         uses: docker/build-push-action@v5
         with:
             context: ${{ steps.channel.outputs.channel }}
-            file: Dockerfile.tws
+            file: ${{ steps.channel.outputs.channel }}/Dockerfile.tws
             cache-from: type=gha
             cache-to: type=gha,mode=max
             push: true

diff --git a/stable/Dockerfile b/stable/Dockerfile
@@ -53,14 +53,17 @@ ENV IB_GATEWAY_VERSION=10.19.2g
 ARG USER_ID="${USER_ID:-1000}"
 ARG USER_GID="${USER_GID:-1000}"
 # IBC env vars
+ENV HOME=/home/ibgateway
 ENV TWS_MAJOR_VRSN=${IB_GATEWAY_VERSION}
-ENV TWS_PATH=/home/ibgateway/Jts
+ENV TWS_PATH=${HOME}/Jts
 ENV TWS_INI=jts.ini
-ENV IBC_PATH=/home/ibgateway/ibc
-ENV IBC_INI=/home/ibgateway/ibc/config.ini
+ENV IBC_PATH=${HOME}/ibc
+ENV IBC_INI=${HOME}/ibc/config.ini
+ENV SCRIPT_PATH=${HOME}/scripts
+ENV GATEWAY_OR_TWS=gateway
 # Copy files
 COPY --from=setup /usr/local/i4j_jres/ /usr/local/i4j_jres
-COPY --chown=${USER_ID}:${USER_GID} --from=setup /root/ /home/ibgateway/
+COPY --chown=${USER_ID}:${USER_GID} --from=setup /root/ ${HOME}
 
 # Prepare system
 RUN apt-get update -y && \
@@ -70,10 +73,10 @@ RUN apt-get update -y && \
   rm -rf /var/lib/apt/lists/* && \
   groupadd --gid ${USER_GID} ibgateway && \
   useradd -ms /bin/bash --uid ${USER_ID} --gid ${USER_GID} ibgateway && \
-  chmod a+x /home/ibgateway/scripts/*.sh
+  chmod a+x ${SCRIPT_PATH}/*.sh
 
 USER ${USER_ID}:${USER_GID}
-WORKDIR /home/ibgateway/
+WORKDIR ${HOME}
 
 # Start run script
 CMD ["/home/ibgateway/scripts/run.sh"]

diff --git a/stable/Dockerfile.tws b/stable/Dockerfile.tws
@@ -0,0 +1,54 @@
+##############################################################################
+# Setup Stage: install apps
+#
+# This is a dedicated stage used as source for needed files.
+#
+##############################################################################
+ARG IB_VERSION=10.19.2g
+FROM ghcr.io/gnzsnz/ib-gateway:${IB_VERSION} as setup
+
+WORKDIR /
+
+##############################################################################
+# Build Stage: build production image
+##############################################################################
+
+FROM lscr.io/linuxserver/rdesktop:ubuntu-xfce
+
+ENV IB_GATEWAY_VERSION=10.19.2g
+ENV IB_GATEWAY_RELEASE_CHANNEL=stable
+ENV IBC_VERSION=3.18.0
+
+# IB Gateway user constants
+# IBC env vars
+ENV TWS_MAJOR_VRSN=${IB_GATEWAY_VERSION}
+ENV TWS_PATH=/opt/ibkr
+ENV TWS_INI=jts.ini
+ENV IBC_PATH=/opt/ibc
+ENV IBC_INI=${IBC_PATH}/config.ini
+ENV SCRIPT_PATH=/defaults
+ENV GATEWAY_OR_TWS=tws
+
+ARG DEBIAN_FRONTEND=noninteractive
+
+RUN \
+  apt-get update -y && \
+  apt-get install --no-install-recommends --yes socat sshpass gettext-base \
+  libnspr4 libnss3 && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists/* # end
+
+# Copy files
+COPY --from=setup /usr/local/i4j_jres/ /usr/local/i4j_jres
+COPY --chown=abc:abc --from=setup /home/ibgateway/Jts ${TWS_PATH}
+COPY --chown=abc:abc --from=setup /home/ibgateway/ibc ${IBC_PATH}
+COPY ./tws-scripts/start_session.sh /custom-services.d/start_session.sh
+COPY ./tws-scripts/run_tws.sh ${SCRIPT_PATH}
+COPY ./scripts/* ${SCRIPT_PATH}
+
+# labels
+LABEL org.opencontainers.image.source=https://github.com/gnzsnz/ib-gateway-docker
+LABEL org.opencontainers.image.url=https://github.com/gnzsnz/ib-gateway-docker/pkgs/container/tws-rdesktop
+LABEL org.opencontainers.image.description="Docker image with XFCE, TWS & IBC"
+LABEL org.opencontainers.image.licenses="Apache License Version 2.0"
+LABEL org.opencontainers.image.version=${IB_GATEWAY_VERSION}-${IB_GATEWAY_RELEASE_CHANNEL}
diff --git a/stable/config/ibc/config.ini.tmpl b/stable/config/ibc/config.ini.tmpl
@@ -411,23 +411,23 @@ ReadOnlyApi=${READ_ONLY_API}
 # should use the Global Configuration to set the relevant checkboxes and not
 # provide values for these settings.
 
-BypassOrderPrecautions=
+BypassOrderPrecautions=${BYPASS_WARNING}
 
-BypassBondWarning=
+BypassBondWarning=${BYPASS_WARNING}
 
-BypassNegativeYieldToWorstConfirmation=
+BypassNegativeYieldToWorstConfirmation=${BYPASS_WARNING}
 
-BypassCalledBondWarning=
+BypassCalledBondWarning=${BYPASS_WARNING}
 
-BypassSameActionPairTradeWarning=
+BypassSameActionPairTradeWarning=${BYPASS_WARNING}
 
-BypassPriceBasedVolatilityRiskWarning=
+BypassPriceBasedVolatilityRiskWarning=${BYPASS_WARNING}
 
-BypassUSStocksMarketDataInSharesWarning=
+BypassUSStocksMarketDataInSharesWarning=${BYPASS_WARNING}
 
-BypassRedirectOrderWarning=
+BypassRedirectOrderWarning=${BYPASS_WARNING}
 
-BypassNoOverfillProtectionPrecaution=
+BypassNoOverfillProtectionPrecaution=${BYPASS_WARNING}
 
 
 # Market data size for US stocks - lots or shares
@@ -605,7 +605,7 @@ ConfirmOrderIdReset=
 # AutoRestartTime to your desired value before running IBC. NB: this does not
 # apply to TWS from version 1018 onwards.
 
-AutoLogoffTime=
+AutoLogoffTime=${AUTO_LOGOFF_TIME}
 
 AutoRestartTime=${AUTO_RESTART_TIME}
 
@@ -719,7 +719,7 @@ AllowBlindTrading=no
 # To save every 90 minutes starting at 08:00 up to and including 17:43
 #SaveTwsSettingsAt=Every 90 08:00 17:43
 
-SaveTwsSettingsAt=
+SaveTwsSettingsAt=${SAVE_TWS_SETTINGS}
 
 
 # Confirm Crypto Currency Orders Automatically

diff --git a/stable/scripts/common.sh b/stable/scripts/common.sh
@@ -0,0 +1,118 @@
+#!/bin/bash
+# shellcheck disable=SC1091
+
+setup_ssh() {
+	# setup SSH Tunnel
+	if [ "$SSH_TUNNEL" = "yes" ]; then
+		echo ".> Setting SSH tunnel"
+
+		_SSH_OPTIONS="-o ServerAliveInterval=${SSH_ALIVE_INTERVAL:-20}"
+		_SSH_OPTIONS+=" -o ServerAliveCountMax=${SSH_ALIVE_COUNT:-3}"
+
+		if [ -n "$SSH_OPTIONS" ]; then
+			_SSH_OPTIONS+=" $SSH_OPTIONS"
+		fi
+		SSH_ALL_OPTIONS="$_SSH_OPTIONS"
+		export SSH_ALL_OPTIONS
+		echo ".> SSH options: $SSH_ALL_OPTIONS"
+
+		if [ -n "$SSH_PASSPHRASE" ]; then
+			if ! pgrep ssh-agent >/dev/null; then
+				# start agent if it's not already running
+				# https://wiki.archlinux.org/title/SSH_keys#SSH_agents
+				echo ".> Starting ssh-agent."
+				ssh-agent >"/config/.ssh-agent.env"
+				source "/config/.ssh-agent.env"
+				echo ".> ssh-agent sock: ${SSH_AUTH_SOCK}"
+			else
+				echo ".> ssh-agent already running"
+				if [ -z "${SSH_AUTH_SOCK}" ]; then
+					echo ".> Loading agent environment"
+					source "/config/.ssh-agent.env"
+				fi
+				echo ".> ssh-agent sock: ${SSH_AUTH_SOCK}"
+			fi
+
+			echo ".> Adding keys to ssh-agent."
+			export SSH_ASKPASS_REQUIRE=never
+			SSHPASS="${SSH_PASSPHRASE}" sshpass -e -P "passphrase" ssh-add
+			echo ".> ssh-agent identities: $(ssh-add -l)"
+		fi
+	else
+		echo ".> SSH tunnel disabled"
+	fi
+}
+
+apply_settings() {
+	# apply env variables into IBC and gateway/TWS config files
+	if [ "$CUSTOM_CONFIG" != "yes" ]; then
+		echo ".> Appling settings to IBC's config.ini"
+		# replace env variables
+		envsubst <"${IBC_INI}.tmpl" >"${IBC_INI}"
+
+		# where are settings stored
+		if [ -n "$TWS_SETTINGS_PATH" ]; then
+			echo ".> Settings directory set to: $TWS_SETTINGS_PATH"
+			_JTS_PATH=$TWS_SETTINGS_PATH
+			if [ ! -d "$TWS_SETTINGS_PATH" ]; then
+				# if TWS_SETTINGS_PATH does not exists, create it
+				echo ".> Creating directory: $TWS_SETTINGS_PATH"
+				mkdir "$TWS_SETTINGS_PATH"
+			fi
+		else
+			echo ".> Settings directory NOT set, defaulting to: $TWS_PATH"
+			_JTS_PATH=$TWS_PATH
+		fi
+		# only if jts.ini does not exists
+		if [ ! -f "$_JTS_PATH/$TWS_INI" ]; then
+			echo ".> Setting timezone in ${_JTS_PATH}/${TWS_INI}"
+			envsubst <"${TWS_PATH}/${TWS_INI}.tmpl" >"${_JTS_PATH}/${TWS_INI}"
+		else
+			echo ".> File jts.ini already exists, not setting timezone"
+		fi
+	else
+		echo ".> Using CUSTOM_CONFIG, (value:${CUSTOM_CONFIG})"
+	fi
+}
+
+set_ports() {
+	# set ports for API and SOCAT
+
+	# ibgateway ports
+	if [ "${GATEWAY_OR_TWS}" = "gateway" ]; then
+		if [ "$TRADING_MODE" = "paper" ]; then
+			# paper ibgateway ports
+			API_PORT=4002
+			SOCAT_PORT=4004
+			export API_PORT SOCAT_PORT
+		elif [ "$TRADING_MODE" = "live" ]; then
+			# live ibgateway ports
+			API_PORT=4001
+			SOCAT_PORT=4003
+			export API_PORT SOCAT_PORT
+		else
+			# invalid option
+			echo ".> Invalid TRADING_MODE: $TRADING_MODE"
+			exit 1
+		fi
+	elif [ "${GATEWAY_OR_TWS}" = "tws" ]; then
+		if [ "$TRADING_MODE" = "paper" ]; then
+			# paper TWS ports
+			API_PORT=7497
+			SOCAT_PORT=7499
+			export API_PORT SOCAT_PORT
+		elif [ "$TRADING_MODE" = "live" ]; then
+			# live TWS ports
+			API_PORT=7496
+			SOCAT_PORT=7498
+			export API_PORT SOCAT_PORT
+		else
+			# invalid option
+			echo ".> Invalid TRADING_MODE: $TRADING_MODE"
+			exit 1
+		fi
+	fi
+	echo ".> API_PORT set to: ${API_PORT}"
+	echo ".> SOCAT_PORT set to: ${SOCAT_PORT}"
+
+}
diff --git a/stable/scripts/port_forwarding.sh b/stable/scripts/port_forwarding.sh
@@ -1,40 +1,55 @@
 #!/bin/bash
 
+# validate API port
+if [ -z "${API_PORT}" ]; then
+	echo ".> API_PORT not set, port: ${API_PORT}"
+	exit 1
+fi
+
 if [ "$SSH_TUNNEL" = "yes" ]; then
 
-	if [ "$TRADING_MODE" = "paper" ]; then
-		SSH_LOCAL_PORT=4002
-	else
-		SSH_LOCAL_PORT=4001
+	if [ -n "$(pgrep -x ssh)" ]; then
+		# if this script is already running don't start it
+		echo ".> SSH tunnel already active. Not starting a new one"
+		exit 0
 	fi
 
 	if [ -z "$SSH_REMOTE_PORT" ]; then
-		SSH_REMOTE_PORT="$SSH_LOCAL_PORT"
+		# by default remote port is same than API_PORT
+		SSH_REMOTE_PORT="$API_PORT"
+	fi
+	echo ".> SSH_REMOTE_PORT set to :${SSH_REMOTE_PORT}"
+
+	# set vnc ssh tunnel
+	if [ "$GATEWAY_OR_TWS" = "gateway" ] && [ -n "$SSH_VNC_PORT" ] && [ -n "$VNC_SERVER_PASSWORD" ]; then
+		# set ssh tunnel for vnc
+		SSH_SCREEN="-R 127.0.0.1:5900:localhost:$SSH_VNC_PORT"
+		echo ".> SSH_VNC_TUNNEL set to :${SSH_SCREEN}"
 	fi
 
-	if [ -n "$SSH_VNC_PORT" ] && [ -n "$VNC_SERVER_PASSWORD" ]; then
-		SSH_VNC_TUNNEL="-R 127.0.0.1:5900:localhost:$SSH_VNC_PORT"
+	# set rdp ssh tunnel
+	if [ "$GATEWAY_OR_TWS" = "tws" ] && [ -n "$SSH_RDP_PORT" ]; then
+		# set ssh tunnel for rdp
+		SSH_SCREEN="-R 127.0.0.1:3389:localhost:$SSH_RDP_PORT"
+		echo ".> SSH_RDP_TUNNEL set to :${SSH_SCREEN}"
 	fi
 
 	while true; do
-		echo "> ssh sock: $SSH_AUTH_SOCK"
-		bash -c "ssh ${SSH_ALL_OPTIONS} -TNR 127.0.0.1:${SSH_LOCAL_PORT}:localhost:${SSH_REMOTE_PORT} ${SSH_VNC_TUNNEL:-} ${SSH_USER_TUNNEL}"
+		echo ".> Starting ssh tunnel with ssh sock: $SSH_AUTH_SOCK"
+		bash -c "ssh ${SSH_ALL_OPTIONS} -TNR 127.0.0.1:${API_PORT}:localhost:${SSH_REMOTE_PORT} ${SSH_SCREEN:-} ${SSH_USER_TUNNEL}"
 		sleep "${SSH_RESTART:-5}"
 	done
-
 else
+	if [ -z "${SOCAT_PORT}" ]; then
+		echo ".> SOCAT_PORT not set, port: ${SOCAT_PORT}"
+		exit 1
+	fi
 	# no ssh tunnel, start socat
+	echo ".> Waiting for socat to start"
 	sleep 30
+
 	#
-	if [ "$TRADING_MODE" = "paper" ]; then
-		# paper
-		printf "Forking :::4002 onto 0.0.0.0:4004 > trading mode %s \n" \
-			"${TRADING_MODE}"
-		socat TCP-LISTEN:4004,fork TCP:127.0.0.1:4002
-	else
-		# live
-		printf "Forking :::4001 onto 0.0.0.0:4003 > trading mode %s \n" \
-			"${TRADING_MODE}"
-		socat TCP-LISTEN:4003,fork TCP:127.0.0.1:4001
-	fi
+	printf "Forking :::%d onto 0.0.0.0:%d > trading mode %s \n" \
+		"${API_PORT}" "${SOCAT_PORT}" "${TRADING_MODE}"
+	socat TCP-LISTEN:"${SOCAT_PORT}",fork TCP:127.0.0.1:"${API_PORT}"
 fi