Compare commits
2 Commits
a6ae380aa7
...
6012ae0f32
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
6012ae0f32 | ||
|
|
053a620e22 |
@ -58,18 +58,18 @@ uninstallCrowdsec()
|
||||
echo ""
|
||||
echo "---- $menu_number. Stopping CrowdSec host services."
|
||||
echo ""
|
||||
local result=$(runSystem systemctl disable --now crowdsec-firewall-bouncer 2>&1)
|
||||
local result; result=$(runSystem systemctl disable --now crowdsec-firewall-bouncer 2>&1)
|
||||
checkSuccess "Disabling firewall bouncer"
|
||||
local result=$(runSystem systemctl disable --now crowdsec 2>&1)
|
||||
local result; result=$(runSystem systemctl disable --now crowdsec 2>&1)
|
||||
checkSuccess "Disabling agent"
|
||||
|
||||
((menu_number++))
|
||||
echo ""
|
||||
echo "---- $menu_number. Removing CrowdSec packages."
|
||||
echo ""
|
||||
local result=$(runSystem DEBIAN_FRONTEND=noninteractive apt-get purge -y -q crowdsec crowdsec-firewall-bouncer-nftables </dev/null 2>&1)
|
||||
local result; result=$(runSystem DEBIAN_FRONTEND=noninteractive apt-get purge -y -q crowdsec crowdsec-firewall-bouncer-nftables </dev/null 2>&1)
|
||||
checkSuccess "Purged packages"
|
||||
local result=$(runSystem DEBIAN_FRONTEND=noninteractive apt-get autoremove -y -q </dev/null 2>&1)
|
||||
local result; result=$(runSystem DEBIAN_FRONTEND=noninteractive apt-get autoremove -y -q </dev/null 2>&1)
|
||||
checkSuccess "Removed orphaned dependencies"
|
||||
|
||||
crowdsecToggleLibrePortalLogMounts off
|
||||
@ -81,9 +81,9 @@ uninstallCrowdsec()
|
||||
stopCrowdsec()
|
||||
{
|
||||
isNotice "Stopping CrowdSec host services..."
|
||||
local result=$(runSystem systemctl stop crowdsec-firewall-bouncer 2>&1)
|
||||
local result; result=$(runSystem systemctl stop crowdsec-firewall-bouncer 2>&1)
|
||||
checkSuccess "Stopped firewall bouncer"
|
||||
local result=$(runSystem systemctl stop crowdsec 2>&1)
|
||||
local result; result=$(runSystem systemctl stop crowdsec 2>&1)
|
||||
checkSuccess "Stopped agent"
|
||||
}
|
||||
|
||||
@ -93,8 +93,8 @@ stopCrowdsec()
|
||||
restartCrowdsec()
|
||||
{
|
||||
isNotice "Restarting CrowdSec host services..."
|
||||
local result=$(runSystem systemctl restart crowdsec 2>&1)
|
||||
local result; result=$(runSystem systemctl restart crowdsec 2>&1)
|
||||
checkSuccess "Restarted agent"
|
||||
local result=$(runSystem systemctl restart crowdsec-firewall-bouncer 2>&1)
|
||||
local result; result=$(runSystem systemctl restart crowdsec-firewall-bouncer 2>&1)
|
||||
checkSuccess "Restarted firewall bouncer"
|
||||
}
|
||||
|
||||
@ -54,7 +54,7 @@ installCrowdsecHost()
|
||||
# services, installs the crowdsecurity/linux + /sshd collections, then
|
||||
# reloads the agent. All of it lives in libreportal-crowdsec so the
|
||||
# manager never needs `sudo apt-get` / `sudo bash`.
|
||||
local result=$(runCrowdsec install)
|
||||
local result; result=$(runCrowdsec install)
|
||||
checkSuccess "Installing CrowdSec agent + firewall bouncer + baseline collections"
|
||||
|
||||
((menu_number++))
|
||||
@ -71,11 +71,11 @@ installCrowdsecHost()
|
||||
if runCrowdsec capi status 2>&1 | grep -qi 'You can successfully'; then
|
||||
isNotice "Community blocklist already registered."
|
||||
else
|
||||
local result=$(runCrowdsec capi register 2>&1)
|
||||
local result; result=$(runCrowdsec capi register 2>&1)
|
||||
checkSuccess "Registered with CrowdSec Central API (community blocklist)"
|
||||
fi
|
||||
else
|
||||
local result=$(runCrowdsec capi unregister 2>&1)
|
||||
local result; result=$(runCrowdsec capi unregister 2>&1)
|
||||
checkSuccess "Unregistered from CrowdSec Central API (community blocklist disabled)"
|
||||
fi
|
||||
|
||||
@ -98,12 +98,12 @@ installCrowdsecHost()
|
||||
elif [[ "$enrolled" == true ]]; then
|
||||
isNotice "Already enrolled with the SaaS console — skipping."
|
||||
else
|
||||
local result=$(runCrowdsec console enroll "$console_token" 2>&1)
|
||||
local result; result=$(runCrowdsec console enroll "$console_token" 2>&1)
|
||||
checkSuccess "Enrolled with app.crowdsec.net SaaS console"
|
||||
fi
|
||||
else
|
||||
if [[ "$enrolled" == true ]]; then
|
||||
local result=$(runCrowdsec console disenroll 2>&1)
|
||||
local result; result=$(runCrowdsec console disenroll 2>&1)
|
||||
checkSuccess "Disenrolled from app.crowdsec.net SaaS console"
|
||||
else
|
||||
isNotice "SaaS console enrollment disabled — skipping."
|
||||
@ -144,12 +144,12 @@ installCrowdsecHost()
|
||||
local prom_addr="${prom_listen%%:*}"
|
||||
local prom_port="${prom_listen##*:}"
|
||||
if [[ "$mon_enabled" == "true" ]]; then
|
||||
local result=$(runCrowdsec prometheus on "$prom_addr" "$prom_port")
|
||||
local result; result=$(runCrowdsec prometheus on "$prom_addr" "$prom_port")
|
||||
checkSuccess "CrowdSec metrics endpoint bound to ${prom_listen}"
|
||||
runCrowdsec services restart
|
||||
checkSuccess "CrowdSec restarted"
|
||||
else
|
||||
local result=$(runCrowdsec prometheus off)
|
||||
local result; result=$(runCrowdsec prometheus off)
|
||||
checkSuccess "CrowdSec metrics endpoint rebound to 127.0.0.1 (monitoring off)"
|
||||
runCrowdsec services restart
|
||||
checkSuccess "CrowdSec restarted"
|
||||
@ -243,7 +243,7 @@ installCrowdsecHost()
|
||||
echo "---- $menu_number. Re-enabling CrowdSec services."
|
||||
echo ""
|
||||
|
||||
local result=$(runCrowdsec services enable)
|
||||
local result; result=$(runCrowdsec services enable)
|
||||
checkSuccess "Enabling CrowdSec agent + firewall bouncer"
|
||||
|
||||
isSuccessful "CrowdSec services re-enabled."
|
||||
@ -261,7 +261,7 @@ installCrowdsecHost()
|
||||
echo "---- $menu_number. Stopping and disabling CrowdSec services."
|
||||
echo ""
|
||||
|
||||
local result=$(runCrowdsec services disable)
|
||||
local result; result=$(runCrowdsec services disable)
|
||||
checkSuccess "Disabling CrowdSec agent + firewall bouncer"
|
||||
|
||||
isSuccessful "CrowdSec disabled. Package remains installed — set CFG_CROWDSEC_ENABLED=true to re-enable, or uninstall via the Tools tab."
|
||||
|
||||
@ -7,32 +7,32 @@ appCrowdSecUpdate() {
|
||||
echo ""
|
||||
echo "---- $menu_number. Updating apt package index."
|
||||
echo ""
|
||||
local result=$(runSystem apt-get update)
|
||||
local result; result=$(runSystem apt-get update)
|
||||
checkSuccess "apt-get update"
|
||||
|
||||
((menu_number++))
|
||||
echo ""
|
||||
echo "---- $menu_number. Upgrading CrowdSec packages."
|
||||
echo ""
|
||||
local result=$(runSystem apt-get install -y --only-upgrade crowdsec crowdsec-firewall-bouncer-nftables)
|
||||
local result; result=$(runSystem apt-get install -y --only-upgrade crowdsec crowdsec-firewall-bouncer-nftables)
|
||||
checkSuccess "Upgraded crowdsec + crowdsec-firewall-bouncer-nftables"
|
||||
|
||||
((menu_number++))
|
||||
echo ""
|
||||
echo "---- $menu_number. Refreshing hub collections."
|
||||
echo ""
|
||||
local result=$(runSystem cscli hub update)
|
||||
local result; result=$(runSystem cscli hub update)
|
||||
checkSuccess "Refreshed hub index"
|
||||
local result=$(runSystem cscli hub upgrade)
|
||||
local result; result=$(runSystem cscli hub upgrade)
|
||||
checkSuccess "Upgraded installed collections"
|
||||
|
||||
((menu_number++))
|
||||
echo ""
|
||||
echo "---- $menu_number. Reloading services."
|
||||
echo ""
|
||||
local result=$(runSystem systemctl reload crowdsec)
|
||||
local result; result=$(runSystem systemctl reload crowdsec)
|
||||
checkSuccess "Reloaded crowdsec agent"
|
||||
local result=$(runSystem systemctl restart crowdsec-firewall-bouncer)
|
||||
local result; result=$(runSystem systemctl restart crowdsec-firewall-bouncer)
|
||||
checkSuccess "Restarted crowdsec-firewall-bouncer"
|
||||
|
||||
isSuccessful "CrowdSec updated. Run 'crowdsec_verify_firewall' if you want to re-check nftables priorities."
|
||||
|
||||
@ -5,7 +5,7 @@ tailscaleInstallToContainer()
|
||||
local app_name="$1"
|
||||
local type="$2"
|
||||
|
||||
local result=$(createFolders "loud" $docker_install_user $containers_dir$app_name/tailscale)
|
||||
local result; result=$(createFolders "loud" $docker_install_user $containers_dir$app_name/tailscale)
|
||||
checkSuccess "Creating Tailscale folder"
|
||||
|
||||
copyFile "loud" "${install_containers_dir}headscale/resources/tailscale.sh" "$containers_dir$app_name/tailscale/tailscale.sh" $docker_install_user | runInstallWrite -a "$logs_dir/$docker_log_file" 2>&1
|
||||
|
||||
@ -11,10 +11,10 @@ exportBcryptPassword()
|
||||
|
||||
# bcrypt.txt lives under containers_dir (docker-install-owned) -> runFileOp.
|
||||
if [ ! -f "$log_file" ]; then
|
||||
local result=$(runFileOp touch "$log_file")
|
||||
local result; result=$(runFileOp touch "$log_file")
|
||||
checkSuccess "Created bcrypt.txt file."
|
||||
|
||||
local result=$(runFileOp chmod 600 "$log_file")
|
||||
local result; result=$(runFileOp chmod 600 "$log_file")
|
||||
checkSuccess "Adjusted bcrypt.txt file permissions."
|
||||
fi
|
||||
|
||||
@ -24,11 +24,11 @@ exportBcryptPassword()
|
||||
|
||||
if [ -n "$variable_name" ]; then
|
||||
# Remove old password entries for this app & variable
|
||||
local result=$(runFileOp sed -i "/^$app_name $variable_name /d" "$log_file")
|
||||
local result; result=$(runFileOp sed -i "/^$app_name $variable_name /d" "$log_file")
|
||||
checkSuccess "Removed existing entry for $app_name $variable_name from bcrypt.txt."
|
||||
|
||||
# Log new password
|
||||
local result=$(echo "$app_name $variable_name $raw_password" | runFileWrite -a "$log_file" > /dev/null)
|
||||
local result; result=$(echo "$app_name $variable_name $raw_password" | runFileWrite -a "$log_file" > /dev/null)
|
||||
checkSuccess "Logged $app_name $variable_name in bcrypt.txt."
|
||||
else
|
||||
checkSuccess "Could not extract a variable name before $placeholder in $file."
|
||||
|
||||
@ -35,7 +35,7 @@ processBcryptPassword()
|
||||
# Remove any single quotes from the bcrypt hash
|
||||
bcrypt_password=$(echo "$bcrypt_password" | tr -d "'")
|
||||
|
||||
local result=$(runCfgOp sed -i -E "s#$placeholder#$bcrypt_password#g" "$file")
|
||||
local result; result=$(runCfgOp sed -i -E "s#$placeholder#$bcrypt_password#g" "$file")
|
||||
checkSuccess "Use sed to replace placeholder with bcrypt hash"
|
||||
|
||||
# Verify replacement
|
||||
|
||||
@ -22,8 +22,8 @@ crontabSetupBackupScheduler()
|
||||
|
||||
# Drop any previous scheduler entry, then re-add the current one so a
|
||||
# changed schedule (CFG_BACKUP_CRONTAB_APP) always takes effect.
|
||||
local result=$(runAsManager crontab -l 2>/dev/null | grep -v "$marker" | runAsManager crontab -)
|
||||
local result=$( (runAsManager crontab -l 2>/dev/null; echo "$scheduler_entry") | runAsManager crontab - )
|
||||
local result; result=$(runAsManager crontab -l 2>/dev/null | grep -v "$marker" | runAsManager crontab -)
|
||||
local result; result=$( (runAsManager crontab -l 2>/dev/null; echo "$scheduler_entry") | runAsManager crontab - )
|
||||
checkSuccess "Installing the daily backup scheduler entry"
|
||||
|
||||
local schedule_time=$(echo "$CFG_BACKUP_CRONTAB_APP" | cut -d' ' -f2)
|
||||
|
||||
@ -10,11 +10,11 @@ installCrontab()
|
||||
ISCRON=$( (runAsManager crontab -l) 2>&1 )
|
||||
if [[ "$ISCRON" == *"command not found"* ]]; then
|
||||
isNotice "Crontab is not installed, setting up now."
|
||||
local result=$(runSystem apt update)
|
||||
local result; result=$(runSystem apt update)
|
||||
checkSuccess "Updating apt for post installation"
|
||||
local result=$(runSystem apt install cron -y)
|
||||
local result; result=$(runSystem apt install cron -y)
|
||||
isSuccessful "Installing crontab application"
|
||||
local result=$(runAsManager crontab -l)
|
||||
local result; result=$(runAsManager crontab -l)
|
||||
isSuccessful "Enabling crontab on the system"
|
||||
fi
|
||||
|
||||
|
||||
@ -6,7 +6,7 @@ crontabSetup()
|
||||
local cron_output=$(runAsManager crontab -l 2>/dev/null)
|
||||
|
||||
if [[ ! $cron_output == *"$search_line"* ]]; then
|
||||
local result=$( (runAsManager crontab -l 2>/dev/null; echo "# cron is set up for $sudo_user_name") | runAsManager crontab - 2>/dev/null )
|
||||
local result; result=$( (runAsManager crontab -l 2>/dev/null; echo "# cron is set up for $sudo_user_name") | runAsManager crontab - 2>/dev/null )
|
||||
checkSuccess "Setting up Crontab for $sudo_user_name user"
|
||||
fi
|
||||
|
||||
|
||||
@ -43,7 +43,7 @@ databaseAppScan()
|
||||
if (( status == 0 )); then
|
||||
isNotice "The folder for $folder_name has been found."
|
||||
# Update the database to set the status to 1 (installed) and unset the uninstall_date
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE apps SET status = 1, uninstall_date = NULL WHERE name = '$folder_name';")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE apps SET status = 1, uninstall_date = NULL WHERE name = '$folder_name';")
|
||||
checkSuccess "Updating apps database for $folder_name to installed status."
|
||||
((updated_count++)) # Increment updated_count
|
||||
fi
|
||||
@ -72,7 +72,7 @@ databaseAppScan()
|
||||
local folder_time=$(echo "$folder_datetime" | awk '{print $2}')
|
||||
|
||||
# Add the new entry to the database with a default status of 1 (installed) and the extracted or current date
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO apps (name, status, install_date, install_time) VALUES ('$app_name', 1, '$folder_date', '$folder_time');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO apps (name, status, install_date, install_time) VALUES ('$app_name', 1, '$folder_date', '$folder_time');")
|
||||
checkSuccess "Adding $app_name to the apps database."
|
||||
((updated_count++)) # Increment updated_count
|
||||
fi
|
||||
@ -97,7 +97,7 @@ databaseAppScan()
|
||||
isNotice "Folder $folder_name no longer exists. Removing from the Database."
|
||||
|
||||
# Delete the entry from the apps table
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "DELETE FROM apps WHERE name = '$app_name';")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "DELETE FROM apps WHERE name = '$app_name';")
|
||||
checkSuccess "Removing $app_name from the apps database."
|
||||
|
||||
portsRemoveFromDatabase $app_name;
|
||||
|
||||
@ -24,11 +24,11 @@ databaseInstallApp()
|
||||
|
||||
if [ "$app_exists" -eq 0 ]; then
|
||||
isNotice "App does not exist in the database, setting up now."
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO apps (name, status, install_date, install_time) VALUES ('$app_name', '1', '$current_date', '$current_time');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO apps (name, status, install_date, install_time) VALUES ('$app_name', '1', '$current_date', '$current_time');")
|
||||
checkSuccess "Adding $app_name to the apps database."
|
||||
else
|
||||
isNotice "App already exists in the database, updating now."
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE apps SET status = '1', install_date = '$current_date', install_time = '$current_time', uninstall_date = NULL WHERE name = '$app_name';")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE apps SET status = '1', install_date = '$current_date', install_time = '$current_time', uninstall_date = NULL WHERE name = '$app_name';")
|
||||
checkSuccess "Updating apps database for $app_name to installed status."
|
||||
fi
|
||||
}
|
||||
|
||||
@ -3,7 +3,7 @@
|
||||
databaseRemoveFile()
|
||||
{
|
||||
if [[ "$tooldeletedb" == [yY] ]]; then
|
||||
local result=$(runInstallOp rm $docker_dir/$db_file)
|
||||
local result; result=$(runInstallOp rm $docker_dir/$db_file)
|
||||
checkSuccess "Removing $db_file file"
|
||||
fi
|
||||
}
|
||||
@ -4,6 +4,6 @@ databaseBackupInsert()
|
||||
{
|
||||
local app_name="$1"
|
||||
local table_name=backups
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$app_name', '$current_date', '$current_time');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$app_name', '$current_date', '$current_time');")
|
||||
checkSuccess "Adding $app_name to the $table_name table."
|
||||
}
|
||||
|
||||
@ -8,10 +8,10 @@ databaseOptionInsert()
|
||||
local option_in_db=$(runInstallOp sqlite3 "$docker_dir/$db_file" "SELECT COUNT(*) FROM $table_name WHERE option = '$option';")
|
||||
|
||||
if [ "$option_in_db" -eq 0 ]; then
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (option, content) VALUES ('$option', '$content');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (option, content) VALUES ('$option', '$content');")
|
||||
checkSuccess "Adding $option to the $table_name table."
|
||||
else
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE $table_name SET option = '$option', content = '$content';")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "UPDATE $table_name SET option = '$option', content = '$content';")
|
||||
checkSuccess "$option already added to the $table_name table. Updating content to $content."
|
||||
fi
|
||||
}
|
||||
|
||||
@ -12,7 +12,7 @@ databasePortOpenInsert()
|
||||
# Check if already exists in the database
|
||||
local existing_portdata=$(runInstallOp sqlite3 "$docker_dir/$db_file" "SELECT port FROM $table_name WHERE name = '$app_name' AND port = '$port' AND type = '$type';")
|
||||
if [ -z "$existing_portdata" ]; then
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, port, type) VALUES ('$app_name', '$port', '$type');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, port, type) VALUES ('$app_name', '$port', '$type');")
|
||||
checkSuccess "Adding port $port and type $type for $app_name to the $table_name table."
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -10,7 +10,7 @@ databasePortUsedInsert()
|
||||
# Check if already exists in the database
|
||||
local existing_portdata=$(runInstallOp sqlite3 "$docker_dir/$db_file" "SELECT port FROM $table_name WHERE name = '$app_name' AND port = '$port';")
|
||||
if [ -z "$existing_portdata" ]; then
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, port) VALUES ('$app_name', '$port');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, port) VALUES ('$app_name', '$port');")
|
||||
checkSuccess "Adding port $port for $app_name to the $table_name table."
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -4,6 +4,6 @@ databaseRestoreInsert()
|
||||
{
|
||||
local app_name="$1"
|
||||
local table_name=restores
|
||||
local result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$app_name', '$current_date', '$current_time');")
|
||||
local result; result=$(runInstallOp sqlite3 "$docker_dir/$db_file" "INSERT INTO $table_name (name, date, time) VALUES ('$app_name', '$current_date', '$current_time');")
|
||||
checkSuccess "Adding $app_name to the $table_name table."
|
||||
}
|
||||
|
||||
@ -10,10 +10,10 @@ installSQLiteDatabase()
|
||||
|
||||
# Create SQLite database file
|
||||
if [ ! -e "$docker_dir/$db_file" ]; then
|
||||
local result=$(runInstallOp touch $docker_dir/$db_file)
|
||||
local result; result=$(runInstallOp touch $docker_dir/$db_file)
|
||||
checkSuccess "Creating SQLite $db_file file"
|
||||
|
||||
local result=$(runInstallOp chmod 755 $docker_dir/$db_file)
|
||||
local result; result=$(runInstallOp chmod 755 $docker_dir/$db_file)
|
||||
checkSuccess "Changing permissions for SQLite $db_file file"
|
||||
fi
|
||||
|
||||
|
||||
@ -6,21 +6,21 @@ databaseCreateTables()
|
||||
setup_table_name=path
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (path TEXT);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (path TEXT);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=sysupdate
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=options
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (option TEXT UNIQUE, content TEXT);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (option TEXT UNIQUE, content TEXT);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
@ -28,42 +28,42 @@ databaseCreateTables()
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
# status = 1 = installed, 0 uninstalled
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (name TEXT UNIQUE, status DATE, install_date DATE, install_time TIME, uninstall_date DATE, uninstall_time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (name TEXT UNIQUE, status DATE, install_date DATE, install_time TIME, uninstall_date DATE, uninstall_time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=backups
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=restores
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=migrations
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, name TEXT, date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=ssh
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, ip TEXT, date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (id INTEGER PRIMARY KEY AUTOINCREMENT, ip TEXT, date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
setup_table_name=ssh_keys
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Table info here
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (name TEXT UNIQUE, hash TEXT, date DATE, time TIME);")
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (name TEXT UNIQUE, hash TEXT, date DATE, time TIME);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
fi
|
||||
|
||||
@ -77,7 +77,7 @@ databaseCreateTables()
|
||||
# config_json carries kind-specific knobs (hostname, loc_idx, pubkey
|
||||
# fingerprint, relay token, etc.) so adding new kinds doesn't need
|
||||
# another schema migration.
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
name TEXT UNIQUE NOT NULL,
|
||||
kind TEXT NOT NULL DEFAULT 'backup-channel',
|
||||
@ -87,14 +87,14 @@ databaseCreateTables()
|
||||
created_at TEXT DEFAULT CURRENT_TIMESTAMP
|
||||
);")
|
||||
checkSuccess "Creating $setup_table_name table"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_peers_name ON peers(name);")
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_peers_kind ON peers(kind);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_peers_name ON peers(name);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_peers_kind ON peers(kind);")
|
||||
fi
|
||||
|
||||
setup_table_name=network_resources
|
||||
if ! sqlite3 "$docker_dir/$db_file" ".tables" | grep -q "\b$setup_table_name\b"; then
|
||||
# Simple unified network resources table - replaces all complex network tables
|
||||
local result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (
|
||||
local result; result=$(sqlite3 $docker_dir/$db_file "CREATE TABLE IF NOT EXISTS $setup_table_name (
|
||||
id INTEGER PRIMARY KEY AUTOINCREMENT,
|
||||
app_name TEXT NOT NULL,
|
||||
resource_type TEXT NOT NULL, -- 'ip' or 'port'
|
||||
@ -110,15 +110,15 @@ databaseCreateTables()
|
||||
checkSuccess "Creating unified network_resources table"
|
||||
|
||||
# Create simple indexes for performance
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_app ON network_resources(app_name);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_app ON network_resources(app_name);")
|
||||
checkSuccess "Creating network resources app index"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_type ON network_resources(resource_type);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_type ON network_resources(resource_type);")
|
||||
checkSuccess "Creating network resources type index"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_value ON network_resources(resource_value);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_value ON network_resources(resource_value);")
|
||||
checkSuccess "Creating network resources value index"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_status ON network_resources(status);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_status ON network_resources(status);")
|
||||
checkSuccess "Creating network resources status index"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_parent_service ON network_resources(parent_service);")
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "CREATE INDEX IF NOT EXISTS idx_network_resources_parent_service ON network_resources(parent_service);")
|
||||
checkSuccess "Creating network resources parent service index"
|
||||
fi
|
||||
else
|
||||
|
||||
@ -41,10 +41,10 @@ dockerComposeDown()
|
||||
# header is never left without output.
|
||||
local mode="${type:-$CFG_DOCKER_INSTALL_TYPE}"
|
||||
if [[ $mode == "rootless" ]]; then
|
||||
local result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && docker compose $setup_compose down" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && docker compose $setup_compose down" >/dev/null 2>&1)
|
||||
checkSuccess "Shutting down container for $app_name"
|
||||
elif [[ $mode == "rooted" ]]; then
|
||||
local result=$(cd "$containers_dir$app_name" && docker compose $setup_compose down >/dev/null 2>&1)
|
||||
local result; result=$(cd "$containers_dir$app_name" && docker compose $setup_compose down >/dev/null 2>&1)
|
||||
checkSuccess "Shutting down container for $app_name"
|
||||
else
|
||||
isNotice "Unknown Docker install type '$mode' — cannot shut down $app_name."
|
||||
|
||||
@ -115,20 +115,20 @@ dockerComposeUp()
|
||||
fi
|
||||
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
||||
isNotice "Starting container for $app_name, this may take a while..."
|
||||
local result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && COMPOSE_PROGRESS=plain docker compose $setup_compose up $_compose_quiet $_compose_build_flag -d")
|
||||
local result; result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && COMPOSE_PROGRESS=plain docker compose $setup_compose up $_compose_quiet $_compose_build_flag -d")
|
||||
checkSuccess "Started container for $app_name"
|
||||
elif [[ $CFG_DOCKER_INSTALL_TYPE == "rooted" ]]; then
|
||||
isNotice "Starting container for $app_name, this may take a while..."
|
||||
local result=$(cd "$containers_dir$app_name" && COMPOSE_PROGRESS=plain docker compose $setup_compose up $_compose_quiet $_compose_build_flag -d)
|
||||
local result; result=$(cd "$containers_dir$app_name" && COMPOSE_PROGRESS=plain docker compose $setup_compose up $_compose_quiet $_compose_build_flag -d)
|
||||
checkSuccess "Started container for $app_name"
|
||||
fi
|
||||
# Used for the CLI dockertype switcher.
|
||||
else
|
||||
if [[ $type == "rootless" ]]; then
|
||||
local result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && docker compose $setup_compose down")
|
||||
local result; result=$(dockerCommandRunInstallUser "cd $containers_dir$app_name && docker compose $setup_compose down")
|
||||
checkSuccess "Shutting down container for $app_name"
|
||||
elif [[ $type == "rooted" ]]; then
|
||||
local result=$(cd "$containers_dir$app_name" && docker compose $setup_compose down)
|
||||
local result; result=$(cd "$containers_dir$app_name" && docker compose $setup_compose down)
|
||||
checkSuccess "Shutting down container for $app_name"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -11,9 +11,9 @@ dockerRemoveApp()
|
||||
isNotice "Stopping and removing Docker containers for '$app_name'. Please wait..."
|
||||
|
||||
# Stop and remove containers in one go
|
||||
local result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker stop" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker stop" >/dev/null 2>&1)
|
||||
checkSuccess "Stopped Docker containers matching '$app_name'"
|
||||
|
||||
local result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker rm" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker rm" >/dev/null 2>&1)
|
||||
checkSuccess "Removed Docker containers matching '$app_name'"
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@ dockerRestartApp()
|
||||
isNotice "Restarting Docker containers for '$app_name'. Please wait..."
|
||||
|
||||
# Restart containers in one go
|
||||
local result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker restart" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker restart" >/dev/null 2>&1)
|
||||
checkSuccess "Restarted Docker containers matching '$app_name'"
|
||||
|
||||
# App-specific restart hook — host-installed apps define restart<App> to
|
||||
|
||||
@ -3,6 +3,6 @@
|
||||
dockerStartAllApps()
|
||||
{
|
||||
isNotice "Please wait for docker containers to start"
|
||||
local result=$(dockerCommandRun "docker ps -a -q | xargs -r docker restart")
|
||||
local result; result=$(dockerCommandRun "docker ps -a -q | xargs -r docker restart")
|
||||
checkSuccess "Starting up all docker containers"
|
||||
}
|
||||
|
||||
@ -11,6 +11,6 @@ dockerStartApp()
|
||||
isNotice "Starting Docker containers for '$app_name'. Please wait..."
|
||||
|
||||
# Start containers in one go
|
||||
local result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker start" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -aqf name=$app_name | xargs -r docker start" >/dev/null 2>&1)
|
||||
checkSuccess "Started Docker containers matching '$app_name'"
|
||||
}
|
||||
|
||||
@ -5,6 +5,6 @@ dockerStopAllApps()
|
||||
isNotice "Stopping all running Docker containers. Please wait..."
|
||||
|
||||
# Stop all running containers using a single pipeline
|
||||
local result=$(dockerCommandRun "docker ps -q | xargs -r docker stop" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -q | xargs -r docker stop" >/dev/null 2>&1)
|
||||
checkSuccess "Stopped all running Docker containers."
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@ dockerStopApp()
|
||||
isNotice "Stopping Docker containers for '$app_name'. Please wait..."
|
||||
|
||||
# Stop containers in one go
|
||||
local result=$(dockerCommandRun "docker ps -aq --filter name=${app_name} | xargs -r docker stop" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker ps -aq --filter name=${app_name} | xargs -r docker stop" >/dev/null 2>&1)
|
||||
checkSuccess "Stopped Docker containers matching '$app_name'"
|
||||
|
||||
# App-specific stop hook — host-installed apps define stop<App> to stop
|
||||
|
||||
@ -33,7 +33,7 @@ dockerRemoveAppImages()
|
||||
fi
|
||||
|
||||
while IFS= read -r image; do
|
||||
local result=$(dockerCommandRun "docker rmi -f '$image'" >/dev/null 2>&1)
|
||||
local result; result=$(dockerCommandRun "docker rmi -f '$image'" >/dev/null 2>&1)
|
||||
checkSuccess "Removed Docker image '$image'"
|
||||
done <<< "$all_images"
|
||||
}
|
||||
|
||||
@ -7,10 +7,10 @@ dockerCheckIsRunningForUser()
|
||||
# Check if Docker is running for the specified user
|
||||
if [[ $type == "rootless" ]]; then
|
||||
local docker_command='docker ps 2>&1'
|
||||
local result=$(dockerCommandRunInstallUser "$docker_command")
|
||||
local result; result=$(dockerCommandRunInstallUser "$docker_command")
|
||||
elif [[ $type == "rooted" ]]; then
|
||||
local docker_command='docker ps 2>&1'
|
||||
local result=$(eval "$docker_command")
|
||||
local result; result=$(eval "$docker_command")
|
||||
else
|
||||
echo "Invalid user type specified."
|
||||
fi
|
||||
|
||||
@ -37,7 +37,7 @@ dockerComposeUpdate()
|
||||
|
||||
# Whitelist not set up yet
|
||||
if runFileOp grep -q "ignoreip = ips_whitelist" "$jail_local_file"; then
|
||||
local result=$(runFileOp sed -i "s/ips_whitelist/$CFG_IPS_WHITELIST/" "$jail_local_file")
|
||||
local result; result=$(runFileOp sed -i "s/ips_whitelist/$CFG_IPS_WHITELIST/" "$jail_local_file")
|
||||
checkSuccess "Update the IP whitelist for $app_name"
|
||||
local whitelistupdates=true
|
||||
fi
|
||||
@ -45,7 +45,7 @@ dockerComposeUpdate()
|
||||
# If the IPs are set up already but need an update
|
||||
local current_ip_range=$(grep "ignoreip = " "$jail_local_file" | cut -d ' ' -f 2)
|
||||
if [ "$current_ip_range" != "$CFG_IPS_WHITELIST" ]; then
|
||||
local result=$(runFileOp sed -i "s/ignoreip = ips_whitelist/ignoreip = $CFG_IPS_WHITELIST/" "$jail_local_file")
|
||||
local result; result=$(runFileOp sed -i "s/ignoreip = ips_whitelist/ignoreip = $CFG_IPS_WHITELIST/" "$jail_local_file")
|
||||
checkSuccess "Update the IP whitelist for $app_name"
|
||||
local whitelistupdates=true
|
||||
fi
|
||||
|
||||
@ -8,7 +8,7 @@ installDockerRooted()
|
||||
if command -v docker &> /dev/null; then
|
||||
isSuccessful "Docker is already installed."
|
||||
else
|
||||
local result=$(sudo curl -fsSL https://get.docker.com | sh )
|
||||
local result; result=$(sudo curl -fsSL https://get.docker.com | sh )
|
||||
checkSuccess "Downloading & Installing Docker"
|
||||
|
||||
dockerServiceStart;
|
||||
|
||||
@ -18,13 +18,13 @@ installDockerRootedCompose()
|
||||
######################################
|
||||
|
||||
if [[ "$OS_TYPE" == "Ubuntu" || "$OS_TYPE" == "Debian" ]]; then
|
||||
local result=$(sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s | tr '[:upper:]' '[:lower:]')-$(uname -m)" -o /usr/local/bin/docker-compose)
|
||||
local result; result=$(sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-$(uname -s | tr '[:upper:]' '[:lower:]')-$(uname -m)" -o /usr/local/bin/docker-compose)
|
||||
checkSuccess "Download the official Docker Compose script"
|
||||
|
||||
local result=$(sudo chmod +x /usr/local/bin/docker-compose)
|
||||
local result; result=$(sudo chmod +x /usr/local/bin/docker-compose)
|
||||
checkSuccess "Make the script executable"
|
||||
|
||||
local result=$(docker compose --version)
|
||||
local result; result=$(docker compose --version)
|
||||
checkSuccess "Verify the installation"
|
||||
fi
|
||||
|
||||
|
||||
@ -16,10 +16,10 @@ installDockerRootless()
|
||||
local docker_install_user_id=$(id -u "$CFG_DOCKER_INSTALL_USER")
|
||||
local docker_install_bashrc="/home/$CFG_DOCKER_INSTALL_USER/.bashrc"
|
||||
|
||||
local result=$(runSystem apt-get install -y apt-transport-https ca-certificates curl gnupg software-properties-common uidmap dbus-user-session fuse-overlayfs passt)
|
||||
local result; result=$(runSystem apt-get install -y apt-transport-https ca-certificates curl gnupg software-properties-common uidmap dbus-user-session fuse-overlayfs passt)
|
||||
checkSuccess "Installing necessary packages"
|
||||
|
||||
local result=$(runSystem systemctl disable --now docker.service docker.socket)
|
||||
local result; result=$(runSystem systemctl disable --now docker.service docker.socket)
|
||||
checkSuccess "Disabling Docker service & Socket"
|
||||
|
||||
((menu_number++))
|
||||
@ -30,7 +30,7 @@ installDockerRootless()
|
||||
# slirp4netns update and install
|
||||
if ! command -v slirp4netns &> /dev/null; then
|
||||
isNotice "slirp4netns is not installed. Installing..."
|
||||
local result=$(runSystem apt-get install -y slirp4netns)
|
||||
local result; result=$(runSystem apt-get install -y slirp4netns)
|
||||
checkSuccess "Installing slirp4netns"
|
||||
else
|
||||
isNotice "slirp4netns is already installed"
|
||||
@ -39,9 +39,9 @@ installDockerRootless()
|
||||
if [[ "$installed_version" != "$latest_version" ]]; then
|
||||
isNotice "slirp4netns version $installed_version is outdated."
|
||||
isNotice "Installing version $latest_version..."
|
||||
local result=$(runSystem apt-get update)
|
||||
local result; result=$(runSystem apt-get update)
|
||||
checkSuccess "Updating apt packages"
|
||||
local result=$(runSystem apt-get install -y slirp4netns)
|
||||
local result; result=$(runSystem apt-get install -y slirp4netns)
|
||||
checkSuccess "Installing slirp4netns"
|
||||
else
|
||||
isSuccessful "slirp4netns version $installed_version is up to date"
|
||||
@ -56,9 +56,9 @@ installDockerRootless()
|
||||
if sudo grep -qs "kernel.unprivileged_userns_clone=1" $sysctl; then
|
||||
isNotice "kernel.unprivileged_userns_clone=1 already exists in $sysctl"
|
||||
else
|
||||
local result=$(echo "kernel.unprivileged_userns_clone=1" | sudo tee -a $sysctl > /dev/null)
|
||||
local result; result=$(echo "kernel.unprivileged_userns_clone=1" | sudo tee -a $sysctl > /dev/null)
|
||||
checkSuccess "Adding kernel.unprivileged_userns_clone=1 to $sysctl..."
|
||||
local result=$(runSystem sysctl --system)
|
||||
local result; result=$(runSystem sysctl --system)
|
||||
checkSuccess "Running runAsManager sysctl --system..."
|
||||
fi
|
||||
fi
|
||||
@ -69,22 +69,22 @@ installDockerRootless()
|
||||
echo ""
|
||||
|
||||
if ! grep -qF "# DOCKER ROOTLESS BASHRC START" "$docker_install_bashrc"; then
|
||||
local result=$(echo '# DOCKER ROOTLESS BASHRC START' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo '# DOCKER ROOTLESS BASHRC START' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding rootless header to .bashrc"
|
||||
|
||||
local result=$(echo 'export XDG_RUNTIME_DIR=/run/user/${UID}' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo 'export XDG_RUNTIME_DIR=/run/user/${UID}' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding export path to .bashrc"
|
||||
|
||||
local result=$(echo 'export PATH=/usr/bin:$PATH' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo 'export PATH=/usr/bin:$PATH' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding export path to .bashrc"
|
||||
|
||||
local result=$(echo 'export DOCKER_HOST=unix:///run/user/${UID}/docker.sock' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo 'export DOCKER_HOST=unix:///run/user/${UID}/docker.sock' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding export DOCKER_HOST path to .bashrc"
|
||||
|
||||
local result=$(echo 'export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${UID}/bus"' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo 'export DBUS_SESSION_BUS_ADDRESS="unix:path=/run/user/${UID}/bus"' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding export DBUS_SESSION_BUS_ADDRESS path to .bashrc"
|
||||
|
||||
local result=$(echo '# DOCKER ROOTLESS BASHRC END' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
local result; result=$(echo '# DOCKER ROOTLESS BASHRC END' | sudo tee -a "$docker_install_bashrc" > /dev/null)
|
||||
checkSuccess "Adding rootless header to .bashrc"
|
||||
|
||||
isSuccessful "Added $CFG_DOCKER_INSTALL_USER to bashrc file"
|
||||
@ -97,7 +97,7 @@ installDockerRootless()
|
||||
echo "---- $menu_number. Setting up Rootless Docker."
|
||||
echo ""
|
||||
|
||||
local result=$(runSystem loginctl enable-linger $CFG_DOCKER_INSTALL_USER)
|
||||
local result; result=$(runSystem loginctl enable-linger $CFG_DOCKER_INSTALL_USER)
|
||||
checkSuccess "Adding automatic start (linger)"
|
||||
|
||||
# Rootless Install
|
||||
@ -108,7 +108,7 @@ rootless_install=$(cat <<EOF
|
||||
exit
|
||||
EOF
|
||||
)
|
||||
local result=$(dockerCommandRunInstallUser "$rootless_install")
|
||||
local result; result=$(dockerCommandRunInstallUser "$rootless_install")
|
||||
checkSuccess "Setting up Rootless for $CFG_DOCKER_INSTALL_USER"
|
||||
|
||||
((menu_number++))
|
||||
@ -137,14 +137,14 @@ EOF
|
||||
echo ""
|
||||
|
||||
systemd_user_dir="/home/$CFG_DOCKER_INSTALL_USER/.config/systemd/user"
|
||||
local result=$(dockerCommandRunInstallUser "mkdir -p $systemd_user_dir")
|
||||
local result; result=$(dockerCommandRunInstallUser "mkdir -p $systemd_user_dir")
|
||||
checkSuccess "Create the systemd user directory if it doesn't exist"
|
||||
|
||||
local result=$(dockerCommandRunInstallUser "mkdir -p $systemd_user_dir/docker.service.d")
|
||||
local result; result=$(dockerCommandRunInstallUser "mkdir -p $systemd_user_dir/docker.service.d")
|
||||
checkSuccess "Create the docker.service.d directory if it doesn't exist"
|
||||
|
||||
override_conf_file="$systemd_user_dir/docker.service.d/override.conf"
|
||||
local result=$(sudo touch $override_conf_file)
|
||||
local result; result=$(sudo touch $override_conf_file)
|
||||
checkSuccess "Create the override.conf in docker.service.d"
|
||||
|
||||
sudo bash -c "cat <<EOL > '$override_conf_file'
|
||||
@ -154,7 +154,7 @@ Environment='DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=$rootless_port_driver'
|
||||
Environment='DOCKERD_ROOTLESS_ROOTLESSKIT_MTU=$CFG_NETWORK_MTU'
|
||||
EOL"
|
||||
|
||||
local result=$(sudo chown $CFG_DOCKER_INSTALL_USER:$CFG_DOCKER_INSTALL_USER $override_conf_file)
|
||||
local result; result=$(sudo chown $CFG_DOCKER_INSTALL_USER:$CFG_DOCKER_INSTALL_USER $override_conf_file)
|
||||
checkSuccess "Updating ownership for override.conf"
|
||||
|
||||
# Pasta needs explicit AppArmor permissions that the Debian-shipped
|
||||
@ -173,14 +173,14 @@ EOL"
|
||||
# propagation doesn't matter here: apps sit behind Traefik, which carries
|
||||
# the real client IP via X-Forwarded-For at L7.
|
||||
|
||||
local result=$(dockerCommandRunInstallUser "systemctl --user daemon-reload")
|
||||
local result; result=$(dockerCommandRunInstallUser "systemctl --user daemon-reload")
|
||||
checkSuccess "Reload the systemd user manager configuration"
|
||||
|
||||
isNotice "Restarting docker service...this may take a moment..."
|
||||
local result=$(dockerCommandRunInstallUser "systemctl --user restart docker")
|
||||
local result; result=$(dockerCommandRunInstallUser "systemctl --user restart docker")
|
||||
checkSuccess "Reload the systemd user docker service"
|
||||
|
||||
local result=$(sudo cp $sysctl $sysctl.bak)
|
||||
local result; result=$(sudo cp $sysctl $sysctl.bak)
|
||||
checkSuccess "Backing up sysctl file"
|
||||
|
||||
((menu_number++))
|
||||
@ -191,16 +191,16 @@ EOL"
|
||||
# Update sysctl file
|
||||
if ! grep -qsF "# DOCKER ROOTLESS SYSCTL START" "$sysctl"; then
|
||||
|
||||
local result=$(echo '# DOCKER ROOTLESS SYSCTL START' | sudo tee -a "$sysctl" > /dev/null)
|
||||
local result; result=$(echo '# DOCKER ROOTLESS SYSCTL START' | sudo tee -a "$sysctl" > /dev/null)
|
||||
checkSuccess "Adding rootless header to sysctl"
|
||||
|
||||
local result=$(echo 'net.ipv4.ip_unprivileged_port_start=0' | sudo tee -a "$sysctl" > /dev/null)
|
||||
local result; result=$(echo 'net.ipv4.ip_unprivileged_port_start=0' | sudo tee -a "$sysctl" > /dev/null)
|
||||
checkSuccess "Adding ip_unprivileged_port_start to sysctl"
|
||||
|
||||
local result=$(echo 'kernel.unprivileged_userns_clone=1' | sudo tee -a "$sysctl" > /dev/null)
|
||||
local result; result=$(echo 'kernel.unprivileged_userns_clone=1' | sudo tee -a "$sysctl" > /dev/null)
|
||||
checkSuccess "Adding unprivileged_userns_clone to sysctl"
|
||||
|
||||
local result=$(echo '# DOCKER ROOTLESS SYSCTL END' | sudo tee -a "$sysctl" > /dev/null)
|
||||
local result; result=$(echo '# DOCKER ROOTLESS SYSCTL END' | sudo tee -a "$sysctl" > /dev/null)
|
||||
checkSuccess "Adding rootless end to sysctl"
|
||||
|
||||
isSuccessful "Updated the sysctl with Docker Rootless configuration"
|
||||
@ -224,7 +224,7 @@ net.core.bpf_jit_harden=2
|
||||
EOL
|
||||
checkSuccess "Writing kernel LPE-surface hardening to $hardening_conf"
|
||||
|
||||
local result=$(runSystem sysctl --system)
|
||||
local result; result=$(runSystem sysctl --system)
|
||||
checkSuccess "Applying changes to sysctl"
|
||||
|
||||
menu_number=0
|
||||
|
||||
@ -4,6 +4,6 @@ uninstallDockerRootless()
|
||||
{
|
||||
isHeader "Uninstall Docker Rootless"
|
||||
|
||||
local result=$(dockerCommandRunInstallUser "dockerd-rootless-setuptool.sh uninstall")
|
||||
local result; result=$(dockerCommandRunInstallUser "dockerd-rootless-setuptool.sh uninstall")
|
||||
checkSuccess "Uninstalling Rootless docker."
|
||||
}
|
||||
@ -7,7 +7,7 @@ installDockerRootlessUser()
|
||||
isSuccessful "User $CFG_DOCKER_INSTALL_USER already exists."
|
||||
else
|
||||
# Create the rootless docker user. The login name (last arg) was
|
||||
# missing, so useradd failed silently — masked by local result=$(...)
|
||||
# missing, so useradd failed silently — masked by local result; result=$(...)
|
||||
# — and the user never existed, breaking the whole rootless setup.
|
||||
# -m makes its home; with SUB_UID/GID configured in login.defs,
|
||||
# useradd also assigns its subordinate uid/gid ranges (needed for
|
||||
|
||||
@ -10,7 +10,7 @@ dockerPruneAppNetworks()
|
||||
for network_id in $(runFileOp docker network ls --quiet); do
|
||||
network_name=$(runFileOp docker network inspect --format '{{.Name}}' "$network_id")
|
||||
if [[ "$network_name" == *"$app_name"* ]]; then
|
||||
local result=$(dockerCommandRun "docker network rm "$network_id"")
|
||||
local result; result=$(dockerCommandRun "docker network rm "$network_id"")
|
||||
checkSuccess "Removing the unused runFileOp docker network - $network_name"
|
||||
networks_found=true
|
||||
fi
|
||||
|
||||
@ -21,7 +21,7 @@ installDockerNetwork()
|
||||
$CFG_NETWORK_NAME"
|
||||
|
||||
# Run the network creation command
|
||||
local result=$(dockerCommandRun "$network_create")
|
||||
local result; result=$(dockerCommandRun "$network_create")
|
||||
if [[ $? -eq 0 ]]; then
|
||||
checkSuccess "Docker network $CFG_NETWORK_NAME created successfully"
|
||||
else
|
||||
|
||||
@ -3,16 +3,16 @@
|
||||
dockerServiceStart()
|
||||
{
|
||||
if [[ $CFG_DOCKER_INSTALL_TYPE == "rooted" ]]; then
|
||||
local result=$(runSystem systemctl start docker)
|
||||
local result; result=$(runSystem systemctl start docker)
|
||||
checkSuccess "Starting Docker Service"
|
||||
|
||||
local result=$(runSystem systemctl enable docker)
|
||||
local result; result=$(runSystem systemctl enable docker)
|
||||
checkSuccess "Enabling Docker Service"
|
||||
|
||||
local result=$(runSystem usermod -aG docker $sudo_user_name)
|
||||
local result; result=$(runSystem usermod -aG docker $sudo_user_name)
|
||||
checkSuccess "Adding user to 'docker' group"
|
||||
|
||||
local result=$(runSystem systemctl restart docker)
|
||||
local result; result=$(runSystem systemctl restart docker)
|
||||
checkSuccess "Restarting Docker service after group addition."
|
||||
elif [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
||||
installDockerRootless;
|
||||
|
||||
@ -8,10 +8,10 @@ dockerServiceStop()
|
||||
if [[ "$docker_rooted_found" == "true" ]]; then
|
||||
isNotice "Stopping rooted Docker service...this may take a moment..."
|
||||
|
||||
local result=$(runSystem systemctl stop docker)
|
||||
local result; result=$(runSystem systemctl stop docker)
|
||||
checkSuccess "Stopping Rooted Docker Service"
|
||||
|
||||
local result=$(runSystem systemctl disable docker)
|
||||
local result; result=$(runSystem systemctl disable docker)
|
||||
checkSuccess "Disabling Rooted Docker Service"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -2,6 +2,6 @@
|
||||
|
||||
dockerSetupEnvFile()
|
||||
{
|
||||
local result=$(copyFile "loud" $containers_dir$app_name/env.example $containers_dir$app_name/.env $docker_install_user)
|
||||
local result; result=$(copyFile "loud" $containers_dir$app_name/env.example $containers_dir$app_name/.env $docker_install_user)
|
||||
checkSuccess "Setting up .env file to path"
|
||||
}
|
||||
|
||||
@ -16,12 +16,12 @@ dockerSwitcherScanContainersForSocket()
|
||||
fi
|
||||
isSuccessful "Found Docker socket to change in file: $file"
|
||||
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
||||
local result=$(runFileOp sed -i \
|
||||
local result; result=$(runFileOp sed -i \
|
||||
-e "/#SOCKETHERE/s|.*| - /run/user/${docker_install_user_id}/docker.sock:/run/user/${docker_install_user_id}/docker.sock:ro #SOCKETHERE|" \
|
||||
"$file")
|
||||
checkSuccess "Updating docker socket for $app_name"
|
||||
elif [[ $CFG_DOCKER_INSTALL_TYPE == "rooted" ]]; then
|
||||
local result=$(runFileOp sed -i \
|
||||
local result; result=$(runFileOp sed -i \
|
||||
-e "/#SOCKETHERE/s|.*| - $docker_rooted_socket:$docker_rooted_socket:ro #SOCKETHERE|" \
|
||||
"$file")
|
||||
checkSuccess "Updating docker socket for $app_name"
|
||||
|
||||
@ -2,6 +2,6 @@
|
||||
|
||||
updateDockerSudoPassword()
|
||||
{
|
||||
local result=$(echo -e "$CFG_LIBREPORTAL_USER_PASS\n$CFG_LIBREPORTAL_USER_PASS" | runSystem passwd "$sudo_user_name" > /dev/null 2>&1)
|
||||
local result; result=$(echo -e "$CFG_LIBREPORTAL_USER_PASS\n$CFG_LIBREPORTAL_USER_PASS" | runSystem passwd "$sudo_user_name" > /dev/null 2>&1)
|
||||
checkSuccess "Updating the password for the $sudo_user_name user"
|
||||
}
|
||||
|
||||
@ -2,6 +2,6 @@
|
||||
|
||||
updateDockerInstallPassword()
|
||||
{
|
||||
local result=$(echo -e "$CFG_DOCKER_INSTALL_PASS\n$CFG_DOCKER_INSTALL_PASS" | runSystem passwd "$CFG_DOCKER_INSTALL_USER" > /dev/null 2>&1)
|
||||
local result; result=$(echo -e "$CFG_DOCKER_INSTALL_PASS\n$CFG_DOCKER_INSTALL_PASS" | runSystem passwd "$CFG_DOCKER_INSTALL_USER" > /dev/null 2>&1)
|
||||
checkSuccess "Updating the password for the $CFG_DOCKER_INSTALL_USER user"
|
||||
}
|
||||
|
||||
@ -7,7 +7,7 @@ backupContainerFilesToTemp()
|
||||
|
||||
temp_backup_folder="temp_$(date +%Y%m%d%H%M%S)_$(tr -dc 'a-zA-Z0-9' < /dev/urandom | head -c 6)"
|
||||
|
||||
local result=$(createFolders "loud" $docker_install_user "$temp_backup_folder")
|
||||
local result; result=$(createFolders "loud" $docker_install_user "$temp_backup_folder")
|
||||
checkSuccess "Creating temp folder for backing up purposes."
|
||||
|
||||
if [[ $compose_setup == "default" ]]; then
|
||||
|
||||
@ -6,9 +6,9 @@ backupContainerFilesRestore()
|
||||
local source_folder="$containers_dir$app_name"
|
||||
|
||||
if [ -d "$temp_backup_folder" ]; then
|
||||
local result=$(copyFiles "loud" "$temp_backup_folder" "$source_folder" $docker_install_user)
|
||||
local result; result=$(copyFiles "loud" "$temp_backup_folder" "$source_folder" $docker_install_user)
|
||||
checkSuccess "Copying files from temp folder to $app_name folder."
|
||||
local result=$(rm -rf "$temp_backup_folder")
|
||||
local result; result=$(rm -rf "$temp_backup_folder")
|
||||
checkSuccess "Removing temp folder as no longer needed."
|
||||
fi
|
||||
}
|
||||
|
||||
@ -20,7 +20,7 @@ copyFile()
|
||||
[[ "$save_dir" == "$containers_dir"* || "$save_dir" == "${LP_CONTAINERS_DIR:-/libreportal-containers}"/* ]] && op="runFileOp"
|
||||
|
||||
if [ "$silent_flag" == "loud" ]; then
|
||||
local result=$($op cp $flags_full "$file" "$save_dir")
|
||||
local result; result=$($op cp $flags_full "$file" "$save_dir")
|
||||
checkSuccess "Copying $file_name to $save_dir_file"
|
||||
else
|
||||
$op cp $flags_full "$file" "$save_dir" >/dev/null 2>&1
|
||||
|
||||
@ -19,7 +19,7 @@ copyFiles()
|
||||
for file in "${files[@]}"; do
|
||||
local file_name=$(basename "$file")
|
||||
if [ "$silent_flag" == "loud" ]; then
|
||||
local result=$($op cp -f "$file" "$save_dir")
|
||||
local result; result=$($op cp -f "$file" "$save_dir")
|
||||
checkSuccess "Copying $file_name to $save_dir"
|
||||
else
|
||||
$op cp -f "$file" "$save_dir" >/dev/null 2>&1
|
||||
|
||||
@ -18,13 +18,13 @@ copyResource()
|
||||
if [ -n "$save_path" ]; then
|
||||
local destination_dir="$destination_dir/$save_path"
|
||||
if [ ! -d "$destination_dir" ]; then
|
||||
local result=$(createFolders "loud" $docker_install_user "$destination_dir")
|
||||
local result; result=$(createFolders "loud" $docker_install_user "$destination_dir")
|
||||
checkSuccess "Creating $save_path folder(s) for $app_name"
|
||||
fi
|
||||
fi
|
||||
|
||||
# Destination is always /docker/containers/<app> -> write as the docker
|
||||
# install user (runFileOp); no root, no chown.
|
||||
local result=$(runFileOp cp "$app_dir/resources/$file_name" "$destination_dir/")
|
||||
local result; result=$(runFileOp cp "$app_dir/resources/$file_name" "$destination_dir/")
|
||||
checkSuccess "Copying $file_name to $destination_dir"
|
||||
}
|
||||
|
||||
@ -29,8 +29,8 @@ createTouch()
|
||||
$op mkdir -p "$file_dir" 2>/dev/null
|
||||
$op touch "$clean_file"
|
||||
else
|
||||
local result=$($op mkdir -p "$file_dir")
|
||||
local result=$($op touch "$clean_file")
|
||||
local result; result=$($op mkdir -p "$file_dir")
|
||||
local result; result=$($op touch "$clean_file")
|
||||
checkSuccess "Touching $file_name"
|
||||
fi
|
||||
}
|
||||
|
||||
@ -6,7 +6,7 @@ removeEmptyLineAtFileEnd()
|
||||
local last_line=$(tail -n 1 "$file_path")
|
||||
|
||||
if [ -z "$last_line" ]; then
|
||||
local result=$(sudo sed -i '$d' "$file_path")
|
||||
local result; result=$(sudo sed -i '$d' "$file_path")
|
||||
checkSuccess "Removed the empty line at the end of $file_path"
|
||||
fi
|
||||
}
|
||||
@ -11,7 +11,7 @@ moveFile()
|
||||
# Move as the destination's owner — no root, no chown (see copyFile).
|
||||
local op="runInstallOp"
|
||||
[[ "$save_dir" == "$containers_dir"* || "$save_dir" == "${LP_CONTAINERS_DIR:-/libreportal-containers}"/* ]] && op="runFileOp"
|
||||
local result=$($op mv "$file" "$save_dir")
|
||||
local result; result=$($op mv "$file" "$save_dir")
|
||||
checkSuccess "Moving $file_name to $save_dir"
|
||||
else
|
||||
isNotice "Source file does not exist: $file"
|
||||
|
||||
@ -7,9 +7,9 @@ zipFile()
|
||||
local zip_directory="$3"
|
||||
|
||||
# Run the SSH command using the existing SSH variables
|
||||
local result=$(sudo zip -r -MM -e -P $passphrase $zip_file $zip_directory)
|
||||
local result; result=$(sudo zip -r -MM -e -P $passphrase $zip_file $zip_directory)
|
||||
checkSuccess "Zipped up $(basename "$zip_file")"
|
||||
|
||||
local result=$(sudo chown $sudo_user_name:$sudo_user_name "$zip_file")
|
||||
local result; result=$(sudo chown $sudo_user_name:$sudo_user_name "$zip_file")
|
||||
checkSuccess "Updating $(basename "$zip_file") with $sudo_user_name ownership"
|
||||
}
|
||||
|
||||
@ -11,7 +11,7 @@ copyFolder()
|
||||
if [[ "$save_dir" == "$containers_dir"* || "$save_dir" == "${LP_CONTAINERS_DIR:-/libreportal-containers}"/* ]]; then
|
||||
if [[ "$folder" == "$containers_dir"* || "$folder" == "${LP_CONTAINERS_DIR:-/libreportal-containers}"/* ]]; then
|
||||
# container -> container: same owner (dockerinstall), a plain cp works.
|
||||
local result=$(runFileOp cp -rf "$folder" "$save_dir")
|
||||
local result; result=$(runFileOp cp -rf "$folder" "$save_dir")
|
||||
else
|
||||
# Cross-owner: a manager-owned source (e.g. the install dir) into the
|
||||
# container-owned destination. Under rootless a single cp can't read
|
||||
@ -24,7 +24,7 @@ copyFolder()
|
||||
| runFileOp tar -C "$save_dir" -xf - )
|
||||
fi
|
||||
else
|
||||
local result=$(runInstallOp cp -rf "$folder" "$save_dir")
|
||||
local result; result=$(runInstallOp cp -rf "$folder" "$save_dir")
|
||||
fi
|
||||
checkSuccess "Copying $folder_name to $save_dir"
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@ copyFolders()
|
||||
|
||||
for subdir in "${subdirs[@]}"; do
|
||||
local subdir_name=$(basename "$subdir")
|
||||
local result=$($op cp -rf "$subdir" "$save_dir")
|
||||
local result; result=$($op cp -rf "$subdir" "$save_dir")
|
||||
checkSuccess "Copying $subdir_name to $save_dir"
|
||||
done
|
||||
}
|
||||
|
||||
@ -16,7 +16,7 @@ createFolders()
|
||||
# createTouch; the $user_name hint is advisory for these paths.
|
||||
if [[ "$clean_dir" == "$containers_dir"* || "$clean_dir" == "${LP_CONTAINERS_DIR:-/libreportal-containers}"/* ]]; then
|
||||
if [ ! -d "$dir_path" ]; then
|
||||
local result=$(runFileOp mkdir -p "$dir_path")
|
||||
local result; result=$(runFileOp mkdir -p "$dir_path")
|
||||
[ "$silent_flag" == "loud" ] && checkSuccess "Creating $folder_name directory"
|
||||
elif [ "$silent_flag" == "loud" ]; then
|
||||
isNotice "$folder_name directory already exists"
|
||||
@ -27,7 +27,7 @@ createFolders()
|
||||
# Non-container path = manager-owned control plane -> create AS the
|
||||
# manager (runInstallOp); no root, no chown.
|
||||
if [ ! -d "$dir_path" ]; then
|
||||
local result=$(runInstallOp mkdir -p "$dir_path")
|
||||
local result; result=$(runInstallOp mkdir -p "$dir_path")
|
||||
[ "$silent_flag" == "loud" ] && checkSuccess "Creating $folder_name directory"
|
||||
elif [ "$silent_flag" == "loud" ]; then
|
||||
isNotice "$folder_name directory already exists"
|
||||
|
||||
@ -23,12 +23,12 @@ fixPermissionsBeforeStart()
|
||||
# Traefik
|
||||
if [ -f "${containers_dir}traefik/etc/certs/acme.json" ]; then
|
||||
runOwnership app-file traefik etc/certs/acme.json
|
||||
local result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/certs/acme.json")
|
||||
local result; result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/certs/acme.json")
|
||||
checkSuccess "Set permissions to acme.json file for traefik"
|
||||
fi
|
||||
if [ -f "${containers_dir}traefik/etc/traefik.yml" ]; then
|
||||
runOwnership app-file traefik etc/traefik.yml
|
||||
local result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/traefik.yml")
|
||||
local result; result=$(runFileOp chmod 600 "${containers_dir}traefik/etc/traefik.yml")
|
||||
checkSuccess "Set permissions to traefik.yml file for traefik"
|
||||
fi
|
||||
}
|
||||
|
||||
@ -6,7 +6,7 @@ fixConfigPermissions()
|
||||
local app_name="$2"
|
||||
local config_file="$containers_dir$app_name/$app_name.config"
|
||||
|
||||
local result=$(runFileOp chmod g+rw $config_file)
|
||||
local result; result=$(runFileOp chmod g+rw $config_file)
|
||||
if [ "$silent_flag" == "loud" ]; then
|
||||
isNotice "Updating config read permissions for LibrePortal"
|
||||
fi
|
||||
|
||||
@ -8,6 +8,6 @@ updateFileOwnership()
|
||||
local user_name_1="$2"
|
||||
local user_name_2="$3"
|
||||
|
||||
local result=$(runSystem chown $user_name_1:$user_name_2 "$file")
|
||||
local result; result=$(runSystem chown $user_name_1:$user_name_2 "$file")
|
||||
checkSuccess "Updating $file_name with $user_name ownership"
|
||||
}
|
||||
|
||||
@ -23,7 +23,7 @@ changeUserGroupOnFolder()
|
||||
isError "Directory '$directory' not found."
|
||||
fi
|
||||
|
||||
local result=$(find "$directory" -user "$source_user" -exec chown "$target_user" {} +)
|
||||
local result; result=$(find "$directory" -user "$source_user" -exec chown "$target_user" {} +)
|
||||
checkSuccess "Updating $directory user to be $target_user... This may take a while..."
|
||||
|
||||
# Check if the source group exists
|
||||
@ -38,6 +38,6 @@ changeUserGroupOnFolder()
|
||||
isError "Unable to determine target group for user '$target_user'."
|
||||
fi
|
||||
|
||||
local result=$(find "$directory" -group "$source_group" -exec chgrp "$target_group" {} +)
|
||||
local result; result=$(find "$directory" -group "$source_group" -exec chgrp "$target_group" {} +)
|
||||
checkSuccess "Updating $directory group to be $target_user... This may take a while..."
|
||||
}
|
||||
|
||||
@ -14,7 +14,7 @@ changeRootOwnedFile()
|
||||
isNotice "File '$file_full' does not exist."
|
||||
fi
|
||||
else
|
||||
local result=$(runSystem chown "$user_name:$user_name" "$file_full")
|
||||
local result; result=$(runSystem chown "$user_name:$user_name" "$file_full")
|
||||
checkSuccess "Updating $file_name to be owned by $user_name"
|
||||
fi
|
||||
}
|
||||
|
||||
@ -29,9 +29,9 @@ runReinstall()
|
||||
gitCheckGitDetails;
|
||||
|
||||
# Reset git
|
||||
local result=$(runAsManager rm -rf $script_dir)
|
||||
local result; result=$(runAsManager rm -rf $script_dir)
|
||||
checkSuccess "Deleting all Git files"
|
||||
local result=$(createFolders "loud" $sudo_user_name "$script_dir")
|
||||
local result; result=$(createFolders "loud" $sudo_user_name "$script_dir")
|
||||
checkSuccess "Create the directory if it doesn't exist"
|
||||
|
||||
# Validate non-empty input
|
||||
|
||||
@ -30,7 +30,7 @@ installSSLCertificate()
|
||||
# Function to generate SSL certificate for a given domain
|
||||
generateSSLCertificate() {
|
||||
local domain_value="$1"
|
||||
local result=$(cd $ssl_dir && openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj "/CN=$domain_value" -keyout "$ssl_dir/$domain_value.key" -out "$ssl_dir/$domain_value.crt" > /dev/null 2>&1)
|
||||
local result; result=$(cd $ssl_dir && openssl req -new -newkey rsa:2048 -days 365 -nodes -x509 -subj "/CN=$domain_value" -keyout "$ssl_dir/$domain_value.key" -out "$ssl_dir/$domain_value.crt" > /dev/null 2>&1)
|
||||
checkSuccess "SSL Generation for $domain_value"
|
||||
}
|
||||
|
||||
|
||||
@ -7,20 +7,20 @@ installSwapfile()
|
||||
isHeader "Increasing Swapfile"
|
||||
ISSWAP=$( (runAsManager swapoff /swapfile) 2>&1 )
|
||||
if [[ "$ISSWAP" != *"No such file or directory"* ]]; then
|
||||
local result=$(runAsManager swapoff /swapfile)
|
||||
local result; result=$(runAsManager swapoff /swapfile)
|
||||
isSuccessful "Turning off /swapfile (if needed)"
|
||||
fi
|
||||
|
||||
local result=$(runAsManager fallocate -l $CFG_SWAPFILE_SIZE /swapfile)
|
||||
local result; result=$(runAsManager fallocate -l $CFG_SWAPFILE_SIZE /swapfile)
|
||||
checkSuccess "Allocating $CFG_SWAPFILE_SIZE to the /swapfile"
|
||||
|
||||
local result=$(sudo chmod 0600 /swapfile)
|
||||
local result; result=$(sudo chmod 0600 /swapfile)
|
||||
checkSuccess "Adding permissions to the /swapfile"
|
||||
|
||||
local result=$(runAsManager mkswap /swapfile)
|
||||
local result; result=$(runAsManager mkswap /swapfile)
|
||||
checkSuccess "Swapping to the new /swapfile"
|
||||
|
||||
local result=$(runAsManager swapon /swapfile)
|
||||
local result; result=$(runAsManager swapon /swapfile)
|
||||
checkSuccess "Enabling the new /swapfile"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -12,7 +12,7 @@ installUFW()
|
||||
echo "---- $menu_number. Installing using linux package installer"
|
||||
echo ""
|
||||
|
||||
local result=$(yes | runSystem apt-get install ufw )
|
||||
local result; result=$(yes | runSystem apt-get install ufw )
|
||||
checkSuccess "Installing UFW package"
|
||||
|
||||
# ((menu_number++))
|
||||
@ -27,9 +27,9 @@ installUFW()
|
||||
# ssh_port=${ssh_port:-22} # Default to 22 if not found
|
||||
# fi
|
||||
|
||||
# local result=$(runSystem ufw allow $ssh_port)
|
||||
# local result; result=$(runSystem ufw allow $ssh_port)
|
||||
# checkSuccess "Enabling Port $ssh_port through the firewall"
|
||||
# local result=$(runSystem ufw allow ssh)
|
||||
# local result; result=$(runSystem ufw allow ssh)
|
||||
# checkSuccess "Enabling SSH through the firewall"
|
||||
|
||||
# while true; do
|
||||
@ -42,13 +42,13 @@ installUFW()
|
||||
# done
|
||||
|
||||
# if [[ "$UFWSSH" == [nN] ]]; then
|
||||
# local result=$(runSystem ufw deny $ssh_port)
|
||||
# local result; result=$(runSystem ufw deny $ssh_port)
|
||||
# checkSuccess "Blocking Port $ssh_port through the firewall"
|
||||
# local result=$(runSystem ufw deny ssh)
|
||||
# local result; result=$(runSystem ufw deny ssh)
|
||||
# checkSuccess "Blocking SSH through the firewall"
|
||||
# fi
|
||||
|
||||
local result=$(runSystem ufw --force enable)
|
||||
local result; result=$(runSystem ufw --force enable)
|
||||
checkSuccess "Enabling UFW Firewall"
|
||||
|
||||
((menu_number++))
|
||||
@ -56,7 +56,7 @@ installUFW()
|
||||
echo "---- $menu_number. Changing logging options"
|
||||
echo ""
|
||||
|
||||
local result=$(yes | runSystem ufw logging $CFG_UFW_LOGGING)
|
||||
local result; result=$(yes | runSystem ufw logging $CFG_UFW_LOGGING)
|
||||
checkSuccess "Disabling UFW Firewall Logging"
|
||||
|
||||
isSuccessful "UFW Firewall has been installed, you can use ufw status to see the status"
|
||||
|
||||
@ -14,19 +14,19 @@ installUFWDocker()
|
||||
|
||||
local ufwpath="/usr/local/bin/ufw-docker"
|
||||
|
||||
local result=$(sudo wget -O $ufwpath https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /dev/null 2>&1)
|
||||
local result; result=$(sudo wget -O $ufwpath https://github.com/chaifeng/ufw-docker/raw/master/ufw-docker > /dev/null 2>&1)
|
||||
checkSuccess "Downloading UFW Docker installation files"
|
||||
|
||||
local result=$(sudo rm -rf $script_dir/wget-log)
|
||||
local result; result=$(sudo rm -rf $script_dir/wget-log)
|
||||
checkSuccess "Setting permissions for install files"
|
||||
|
||||
local result=$(sudo chmod +x $ufwpath)
|
||||
local result; result=$(sudo chmod +x $ufwpath)
|
||||
checkSuccess "Setting permissions for install files"
|
||||
|
||||
local result=$(runSystem ufw-docker install > /dev/null 2>&1)
|
||||
local result; result=$(runSystem ufw-docker install > /dev/null 2>&1)
|
||||
checkSuccess "Installing UFW Docker"
|
||||
|
||||
local result=$(runSystem systemctl restart ufw)
|
||||
local result; result=$(runSystem systemctl restart ufw)
|
||||
checkSuccess "Restarting UFW Firewall service"
|
||||
|
||||
isSuccessful "UFW-Docker has been installed, you can use ufw-docker to see the available commands"
|
||||
|
||||
@ -15,7 +15,7 @@ firewallInitialSetup()
|
||||
break
|
||||
fi
|
||||
if [[ "$firewallallowport_port" =~ ^[0-9]+$ && $firewallallowport_port -ge 1 && $firewallallowport_port -le 65535 ]]; then
|
||||
local result=$(runSystem ufw allow "$firewallallowport_port")
|
||||
local result; result=$(runSystem ufw allow "$firewallallowport_port")
|
||||
checkSuccess "Opening port $firewallallowport_port in the UFW Firewall"
|
||||
break
|
||||
fi
|
||||
@ -36,7 +36,7 @@ firewallInitialSetup()
|
||||
break
|
||||
fi
|
||||
if [[ "$firewallblockport_port" =~ ^[0-9]+$ && $firewallblockport_port -ge 1 && $firewallblockport_port -le 65535 ]]; then
|
||||
local result=$(runSystem ufw deny "$firewallblockport_port")
|
||||
local result; result=$(runSystem ufw deny "$firewallblockport_port")
|
||||
checkSuccess "Blocking port $firewallblockport_port in the UFW Firewall"
|
||||
break
|
||||
fi
|
||||
@ -49,9 +49,9 @@ firewallInitialSetup()
|
||||
echo ""
|
||||
echo "---- Block port 22 (SSH) :"
|
||||
echo ""
|
||||
local result=$(runSystem ufw deny 22)
|
||||
local result; result=$(runSystem ufw deny 22)
|
||||
checkSuccess "Disabling Port 22 through the firewall"
|
||||
local result=$(runSystem ufw deny ssh)
|
||||
local result; result=$(runSystem ufw deny ssh)
|
||||
checkSuccess "Disabling SSH through the firewall"
|
||||
fi
|
||||
|
||||
@ -60,9 +60,9 @@ firewallInitialSetup()
|
||||
echo ""
|
||||
echo "---- Allow port 22 (SSH) :"
|
||||
echo ""
|
||||
local result=$(runSystem ufw allow 22)
|
||||
local result; result=$(runSystem ufw allow 22)
|
||||
checkSuccess "Allowing Port 22 through the firewall"
|
||||
local result=$(runSystem ufw allow ssh)
|
||||
local result; result=$(runSystem ufw allow ssh)
|
||||
checkSuccess "Allowing SSH through the firewall"
|
||||
fi
|
||||
|
||||
@ -75,7 +75,7 @@ firewallInitialSetup()
|
||||
case "$CFG_UFW_LOGGING" in
|
||||
on|off|low|medium|high|full)
|
||||
# Valid logging type
|
||||
local result=$(yes | runSystem ufw logging $CFG_UFW_LOGGING)
|
||||
local result; result=$(yes | runSystem ufw logging $CFG_UFW_LOGGING)
|
||||
checkSuccess "Updating UFW Firewall Logging to $CFG_UFW_LOGGING"
|
||||
;;
|
||||
*)
|
||||
|
||||
@ -16,7 +16,7 @@ firewallClearLibrePortalRules()
|
||||
|
||||
# Only clear LibrePortal app rules (not system rules)
|
||||
if [[ -d "$containers_dir/$container" ]]; then
|
||||
local result=$(runSystem ufw-docker delete "$action" "$container" "$port_spec" 2>&1)
|
||||
local result; result=$(runSystem ufw-docker delete "$action" "$container" "$port_spec" 2>&1)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
((total_cleared++))
|
||||
isSuccessful "Cleared: $action $container $port_spec"
|
||||
@ -40,7 +40,7 @@ firewallClearLibrePortalRules()
|
||||
local action="${BASH_REMATCH[2]}"
|
||||
local port_spec="${BASH_REMATCH[3]}"
|
||||
|
||||
local result=$(runSystem ufw --force delete "$rule_num" 2>&1)
|
||||
local result; result=$(runSystem ufw --force delete "$rule_num" 2>&1)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
((total_cleared++))
|
||||
isNotice "Cleared rule #$rule_num: $action $port_spec"
|
||||
|
||||
@ -8,7 +8,7 @@ ipRemoveFromDatabase()
|
||||
if [[ -z "$app_name" ]]; then
|
||||
isError "App name is required for IP removal"
|
||||
else
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "DELETE FROM network_resources WHERE app_name = '$app_name' AND resource_type = 'ip';" 2>/dev/null)
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "DELETE FROM network_resources WHERE app_name = '$app_name' AND resource_type = 'ip';" 2>/dev/null)
|
||||
if [[ $? -eq 0 ]]; then
|
||||
isSuccessful "Removed IP allocations for $app_name"
|
||||
else
|
||||
|
||||
@ -140,7 +140,7 @@ monitoringRefreshPrometheus()
|
||||
runFileOp chmod -R a+rX "$scrape_dir" 2>/dev/null
|
||||
|
||||
if runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^prometheus-service$'; then
|
||||
local result=$(runFileOp docker kill --signal=HUP prometheus-service 2>&1)
|
||||
local result; result=$(runFileOp docker kill --signal=HUP prometheus-service 2>&1)
|
||||
checkSuccess "Reloaded Prometheus ($count monitored app(s))"
|
||||
else
|
||||
isNotice "Prometheus container not running — scrape.d updated, applied on next start ($count app(s))."
|
||||
@ -208,7 +208,7 @@ EOF
|
||||
runFileOp chmod -R a+rX "$prov" 2>/dev/null
|
||||
|
||||
if runFileOp docker ps --format '{{.Names}}' 2>/dev/null | grep -q '^grafana-service$'; then
|
||||
local result=$(runFileOp docker restart grafana-service 2>&1)
|
||||
local result; result=$(runFileOp docker restart grafana-service 2>&1)
|
||||
checkSuccess "Restarted Grafana ($count dashboard(s) provisioned)"
|
||||
else
|
||||
isNotice "Grafana container not running — provisioning updated, applied on next start ($count dashboard(s))."
|
||||
|
||||
@ -8,7 +8,7 @@ portGetServicePorts()
|
||||
|
||||
local sql="SELECT resource_value FROM network_resources
|
||||
WHERE app_name='$app_name' AND resource_type='port' AND service_name='$service_name' AND status='active';"
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "$sql" 2>/dev/null)
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "$sql" 2>/dev/null)
|
||||
|
||||
service_ports="$result"
|
||||
}
|
||||
|
||||
@ -9,7 +9,7 @@ portsRemoveFromDatabase()
|
||||
isError "App name is required for port removal"
|
||||
else
|
||||
# Delete port allocations for this app
|
||||
local result=$(sqlite3 "$docker_dir/$db_file" "DELETE FROM network_resources WHERE app_name = '$app_name' AND resource_type = 'port';" 2>/dev/null)
|
||||
local result; result=$(sqlite3 "$docker_dir/$db_file" "DELETE FROM network_resources WHERE app_name = '$app_name' AND resource_type = 'port';" 2>/dev/null)
|
||||
|
||||
if [[ $? -eq 0 ]]; then
|
||||
isSuccessful "Removed port allocations for $app_name"
|
||||
|
||||
@ -16,9 +16,9 @@ traefikSetupLoginCredentials()
|
||||
# Setup BasicAuth credentials
|
||||
local login_credentials=$(htpasswd -Bbn "$CFG_TRAEFIK_USER" "$CFG_TRAEFIK_PASS")
|
||||
|
||||
local result=$(runFileOp sed -i '/#protection credentials/d' "$protectionauth_file")
|
||||
local result; result=$(runFileOp sed -i '/#protection credentials/d' "$protectionauth_file")
|
||||
checkSuccess "Delete the line containing protection credentials"
|
||||
local result=$(runFileOp sed -i "/users:/a\\ - '$login_credentials' #protection credentials" "$protectionauth_file")
|
||||
local result; result=$(runFileOp sed -i "/users:/a\\ - '$login_credentials' #protection credentials" "$protectionauth_file")
|
||||
checkSuccess "Add the new line with new protection credentials"
|
||||
fi
|
||||
}
|
||||
@ -11,13 +11,13 @@ installDebianUbuntu()
|
||||
export DEBIAN_FRONTEND="noninteractive"
|
||||
fi
|
||||
|
||||
local result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt update -qq 2>&1 && DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt install sudo -yqq 2>&1 && apt-get autoclean 2>&1)
|
||||
local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt update -qq 2>&1 && DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 apt install sudo -yqq 2>&1 && apt-get autoclean 2>&1)
|
||||
checkSuccess "Updating System Operating system."
|
||||
|
||||
local result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 runSystem apt update -qq 2>&1)
|
||||
local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 runSystem apt update -qq 2>&1)
|
||||
checkSuccess "Running application update"
|
||||
|
||||
local result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 sudo $installed_apps -yqq 2>&1)
|
||||
local result; result=$(DEBIAN_FRONTEND=noninteractive APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=1 sudo $installed_apps -yqq 2>&1)
|
||||
checkSuccess "Installing system applications"
|
||||
else
|
||||
isNotice "System Updates already ran within the last ${CFG_UPDATER_CHECK} minutes, skipping..."
|
||||
|
||||
@ -9,8 +9,8 @@ gitCleanInstallBackups()
|
||||
# mis-applied the -exec to only the second clause (-o binds looser than
|
||||
# the implicit -a), so it deleted every non-.zip dir under the WHOLE tree
|
||||
# while matching no files at all.
|
||||
local result=$(runInstallOp find "$backup_install_dir" -mindepth 1 -maxdepth 1 ! -name '*.zip' -exec rm -rf {} +)
|
||||
local result; result=$(runInstallOp find "$backup_install_dir" -mindepth 1 -maxdepth 1 ! -name '*.zip' -exec rm -rf {} +)
|
||||
checkSuccess "Cleaning up install backup folders."
|
||||
local result=$(cd "$backup_install_dir" && find . -maxdepth 1 -type f -name '*.zip' | xargs ls -t | tail -n +6 | xargs -r rm)
|
||||
local result; result=$(cd "$backup_install_dir" && find . -maxdepth 1 -type f -name '*.zip' | xargs ls -t | tail -n +6 | xargs -r rm)
|
||||
checkSuccess "Deleting old install backup and keeping the latest 5."
|
||||
}
|
||||
@ -16,23 +16,23 @@ gitPerformUpdate()
|
||||
update_done=false
|
||||
|
||||
if [ ! -d "$backup_install_dir/$backupFolder" ]; then
|
||||
local result=$(createFolders "loud" $sudo_user_name "$backup_install_dir/$backupFolder")
|
||||
local result; result=$(createFolders "loud" $sudo_user_name "$backup_install_dir/$backupFolder")
|
||||
checkSuccess "Create the backup folder"
|
||||
fi
|
||||
local result=$(cd $backup_install_dir)
|
||||
local result; result=$(cd $backup_install_dir)
|
||||
checkSuccess "Going into the backup install folder"
|
||||
|
||||
local result=$(copyFolder "$configs_dir" "$backup_install_dir/$backupFolder" "$sudo_user_name")
|
||||
local result; result=$(copyFolder "$configs_dir" "$backup_install_dir/$backupFolder" "$sudo_user_name")
|
||||
checkSuccess "Copy the configs to the backup folder"
|
||||
local result=$(copyFolder "$logs_dir" "$backup_install_dir/$backupFolder" "$sudo_user_name")
|
||||
local result; result=$(copyFolder "$logs_dir" "$backup_install_dir/$backupFolder" "$sudo_user_name")
|
||||
checkSuccess "Copy the logs to the backup folder"
|
||||
|
||||
gitReset;
|
||||
|
||||
local result=$(copyFolders "$backup_install_dir/$backupFolder/" "$docker_dir" "$sudo_user_name")
|
||||
local result; result=$(copyFolders "$backup_install_dir/$backupFolder/" "$docker_dir" "$sudo_user_name")
|
||||
checkSuccess "Copy the backed up folders back into the installation directory"
|
||||
|
||||
local result=$(runAsManager zip -r "$backup_install_dir/$backupFolder.zip" "$backup_install_dir/$backupFolder")
|
||||
local result; result=$(runAsManager zip -r "$backup_install_dir/$backupFolder.zip" "$backup_install_dir/$backupFolder")
|
||||
checkSuccess "Zipping up the the backup folder for safe keeping"
|
||||
|
||||
gitCleanInstallBackups;
|
||||
|
||||
@ -7,12 +7,12 @@ gitUseExistingBackup()
|
||||
local backup_file_without_zip=$(basename "$backup_file" .zip)
|
||||
update_done=false
|
||||
|
||||
local result=$(runInstallOp unzip -o $backup_file -d $backup_install_dir)
|
||||
local result; result=$(runInstallOp unzip -o $backup_file -d $backup_install_dir)
|
||||
checkSuccess "Copy the configs to the backup folder"
|
||||
|
||||
gitReset;
|
||||
|
||||
local result=$(copyFolders "$backup_install_dir/$backup_file_without_zip/" "$docker_dir" "$sudo_user_name")
|
||||
local result; result=$(copyFolders "$backup_install_dir/$backup_file_without_zip/" "$docker_dir" "$sudo_user_name")
|
||||
checkSuccess "Copy the backed up folders back into the installation directory"
|
||||
|
||||
gitCleanInstallBackups;
|
||||
|
||||
@ -27,7 +27,7 @@ gitReset()
|
||||
runInstallOp chown -R $sudo_user_name:$sudo_user_name "$script_dir"
|
||||
}
|
||||
|
||||
local result=$(runAsManager rm -rf $script_dir)
|
||||
local result; result=$(runAsManager rm -rf $script_dir)
|
||||
checkSuccess "Deleting all Git files"
|
||||
|
||||
cd $docker_dir
|
||||
|
||||
@ -4,8 +4,8 @@ gitUntrackFiles()
|
||||
{
|
||||
# Fixing the issue where the git does not use the .gitignore
|
||||
cd $script_dir
|
||||
local result=$(runAsManager git config core.fileMode false)
|
||||
local result; result=$(runAsManager git config core.fileMode false)
|
||||
checkSuccess "Removing configs and logs from git for git changes"
|
||||
local result=$(runAsManager git commit -m "Stop tracking ignored files")
|
||||
local result; result=$(runAsManager git commit -m "Stop tracking ignored files")
|
||||
checkSuccess "Removing tracking ignored files"
|
||||
}
|
||||
|
||||
@ -15,7 +15,7 @@ webuiGenerateAppLogs()
|
||||
# Fast approach: Scan containers directory directly
|
||||
if [ -d "$containers_dir" ]; then
|
||||
runFileOp find "$containers_dir" -maxdepth 1 -type d -not -path "$containers_dir" | while read -r dir; do
|
||||
local result=$(basename "$dir")
|
||||
local result; result=$(basename "$dir")
|
||||
local app_name="$result"
|
||||
total_apps=$((total_apps + 1))
|
||||
|
||||
@ -24,7 +24,7 @@ webuiGenerateAppLogs()
|
||||
installed_count=$((installed_count + 1))
|
||||
|
||||
# Create log file for this app
|
||||
local result=$(webuiUpdateAppLog "$app_name" install)
|
||||
local result; result=$(webuiUpdateAppLog "$app_name" install)
|
||||
checkSuccess "Created log file for: $app_name"
|
||||
fi
|
||||
done
|
||||
|
||||
@ -7,7 +7,7 @@ webuiCreateLogsFolders()
|
||||
local log_dir="${containers_dir}libreportal/frontend/logs"
|
||||
local apps_dir="${log_dir}/apps"
|
||||
if [ ! -d "$apps_dir" ]; then
|
||||
local result=$(createFolders "loud" $sudo_user_name $log_dir $apps_dir)
|
||||
local result; result=$(createFolders "loud" $sudo_user_name $log_dir $apps_dir)
|
||||
checkSuccess "Creating frontend logs folder"
|
||||
fi
|
||||
}
|
||||
|
||||
@ -8,7 +8,7 @@ webuiEnsureTaskFiles() {
|
||||
|
||||
# Create tasks directory if it doesn't exist
|
||||
if [ ! -d "$task_dir" ]; then
|
||||
local result=$(createFolders "quiet" $docker_install_user "$task_dir")
|
||||
local result; result=$(createFolders "quiet" $docker_install_user "$task_dir")
|
||||
checkSuccess "Created tasks directory..."
|
||||
fi
|
||||
|
||||
@ -16,7 +16,7 @@ webuiEnsureTaskFiles() {
|
||||
if [ ! -f "$task_dir/queue.json" ]; then
|
||||
echo " Creating queue.json"
|
||||
createTouch "$task_dir/queue.json" $docker_install_user "silent"
|
||||
local result=$(echo "[]" | runFileWrite "$task_dir/queue.json" > /dev/null)
|
||||
local result; result=$(echo "[]" | runFileWrite "$task_dir/queue.json" > /dev/null)
|
||||
checkSuccess "Created queue.json..."
|
||||
else
|
||||
echo " queue.json exists"
|
||||
@ -26,7 +26,7 @@ webuiEnsureTaskFiles() {
|
||||
if [ ! -f "$task_dir/current.json" ]; then
|
||||
echo " Creating current.json"
|
||||
createTouch "$task_dir/current.json" $docker_install_user "silent"
|
||||
local result=$(echo '{}' | runFileWrite "$task_dir/current.json" > /dev/null)
|
||||
local result; result=$(echo '{}' | runFileWrite "$task_dir/current.json" > /dev/null)
|
||||
checkSuccess "Created current.json..."
|
||||
else
|
||||
echo " current.json exists"
|
||||
|
||||
@ -9,7 +9,7 @@ webuiUpdateAppLog()
|
||||
local log_dir="${containers_dir}libreportal/frontend/logs"
|
||||
local apps_dir="${log_dir}/apps"
|
||||
if [ ! -d "$apps_dir" ]; then
|
||||
local result=$(createFolders "loud" $sudo_user_name $log_dir $apps_dir)
|
||||
local result; result=$(createFolders "loud" $sudo_user_name $log_dir $apps_dir)
|
||||
checkSuccess "Creating frontend logs folder"
|
||||
fi
|
||||
|
||||
@ -27,7 +27,7 @@ webuiUpdateAppLog()
|
||||
# interactively for write-protected files, which hangs an unattended
|
||||
# deploy (the uninstall phase of a 'full' redeploy).
|
||||
if [ -f "${log_file}" ]; then
|
||||
local result=$(runFileOp rm -f "${log_file}")
|
||||
local result; result=$(runFileOp rm -f "${log_file}")
|
||||
checkSuccess "Removed ${app_name}.log"
|
||||
fi
|
||||
fi
|
||||
|
||||
@ -13,7 +13,7 @@ installLibrePortalImageWebUI()
|
||||
# Establish traversal + containers-root ownership FIRST.
|
||||
fixFolderPermissions
|
||||
|
||||
local result=$(copyFolder "$install_containers_dir/libreportal" "$containers_dir" "$sudo_user_name")
|
||||
local result; result=$(copyFolder "$install_containers_dir/libreportal" "$containers_dir" "$sudo_user_name")
|
||||
checkSuccess "Copy the LibrePortal to the containers folder"
|
||||
|
||||
reconcileWebuiDirOwnership
|
||||
@ -34,6 +34,6 @@ installLibrePortalImageWebUI()
|
||||
fi
|
||||
|
||||
isNotice "Building libreportal-service image, this may take a while..."
|
||||
local result=$(runFileOp docker build -t libreportal-service -f $containers_dir/libreportal/Dockerfile $containers_dir/libreportal >/dev/null 2>&1)
|
||||
local result; result=$(runFileOp docker build -t libreportal-service -f $containers_dir/libreportal/Dockerfile $containers_dir/libreportal >/dev/null 2>&1)
|
||||
checkSuccess "Built LibrePortal WebUI Docker image"
|
||||
}
|
||||
@ -27,7 +27,7 @@ webuiLibrePortalUpdate() {
|
||||
isHeader "LibrePortal WebUI Updater"
|
||||
|
||||
# Check for update lock file first
|
||||
local result=$(webuiCheckUpdateLock)
|
||||
local result; result=$(webuiCheckUpdateLock)
|
||||
checkSuccess "Checked for update lock file."
|
||||
|
||||
if [[ "$lock_file_found" == "true" ]]; then
|
||||
@ -38,35 +38,35 @@ webuiLibrePortalUpdate() {
|
||||
echo ""
|
||||
else
|
||||
# Create update lock file
|
||||
local result=$(webuiCreateUpdateLock)
|
||||
local result; result=$(webuiCreateUpdateLock)
|
||||
checkSuccess "Created update lock file..."
|
||||
|
||||
# Update system information first
|
||||
local result=$(webuiSystemUpdate)
|
||||
local result; result=$(webuiSystemUpdate)
|
||||
checkSuccess "Updated system information..."
|
||||
|
||||
# Ensure task system files exist (failsafe)
|
||||
local result=$(webuiEnsureTaskFiles)
|
||||
local result; result=$(webuiEnsureTaskFiles)
|
||||
checkSuccess "Ensured task system files exist..."
|
||||
|
||||
# Generate system configuration
|
||||
local result=$(webuiGenerateSystemConfigs)
|
||||
local result; result=$(webuiGenerateSystemConfigs)
|
||||
checkSuccess "Generated system configurations..."
|
||||
|
||||
# Generate categories
|
||||
local result=$(webuiCreateCategories $containers_dir/libreportal/frontend/data)
|
||||
local result; result=$(webuiCreateCategories $containers_dir/libreportal/frontend/data)
|
||||
checkSuccess "Generated app and config categories..."
|
||||
|
||||
# Generate LibrePortal app configuration
|
||||
local result=$(webuiGenerateLibrePortalConfig)
|
||||
local result; result=$(webuiGenerateLibrePortalConfig)
|
||||
checkSuccess "Generated LibrePortal app configuration..."
|
||||
|
||||
# Generate apps-services.json
|
||||
local result=$(webuiGenerateAppsServicesConfig)
|
||||
local result; result=$(webuiGenerateAppsServicesConfig)
|
||||
checkSuccess "Generated apps-services.json..."
|
||||
|
||||
# Generate apps-tools.json (aggregate of per-app *.tools.json)
|
||||
local result=$(webuiGenerateAppsToolsConfig)
|
||||
local result; result=$(webuiGenerateAppsToolsConfig)
|
||||
checkSuccess "Generated apps-tools.json..."
|
||||
|
||||
# Per-app routine refresh hooks. An installed app may define
|
||||
@ -81,38 +81,38 @@ webuiLibrePortalUpdate() {
|
||||
[[ -f "${containers_dir}${_app}/docker-compose.yml" ]] || continue
|
||||
_hook="appWebuiRefresh_${_app}"
|
||||
declare -F "$_hook" >/dev/null 2>&1 || continue
|
||||
local result=$($_hook)
|
||||
local result; result=$($_hook)
|
||||
checkSuccess "Refreshed ${_app} WebUI data..."
|
||||
done
|
||||
|
||||
# Generate Backup locations / snapshots / engines / dashboards
|
||||
local result=$(webuiGenerateBackupLocations && webuiGenerateBackupDashboard && webuiGenerateBackupSnapshots all && webuiGenerateBackupAppStatus && webuiGenerateBackupEngines && webuiGenerateBackupSchema && webuiGenerateBackupPasswords && webuiGenerateBackupMigrate)
|
||||
local result; result=$(webuiGenerateBackupLocations && webuiGenerateBackupDashboard && webuiGenerateBackupSnapshots all && webuiGenerateBackupAppStatus && webuiGenerateBackupEngines && webuiGenerateBackupSchema && webuiGenerateBackupPasswords && webuiGenerateBackupMigrate)
|
||||
checkSuccess "Refreshed backup dashboard data..."
|
||||
|
||||
# Peers (named other LibrePortal instances) — small, cheap; lives
|
||||
# in its own data/peers/generated/peers.json file consumed by
|
||||
# /peers and overlay-read by the migrate tab.
|
||||
local result=$(webuiGeneratePeers)
|
||||
local result; result=$(webuiGeneratePeers)
|
||||
checkSuccess "Refreshed peers data..."
|
||||
|
||||
# SSH access snapshot (authorized keys + password-login state)
|
||||
local result=$(webuiGenerateSshAccess)
|
||||
local result; result=$(webuiGenerateSshAccess)
|
||||
checkSuccess "Refreshed SSH access data..."
|
||||
|
||||
# Sync app icons
|
||||
local result=$(webuiSyncAppIcons)
|
||||
local result; result=$(webuiSyncAppIcons)
|
||||
checkSuccess "Synced app icons..."
|
||||
|
||||
# Generate log files for installed apps
|
||||
local result=$(webuiGenerateAppLogs)
|
||||
local result; result=$(webuiGenerateAppLogs)
|
||||
checkSuccess "Generated log files for installed apps..."
|
||||
|
||||
# Remove update lock file
|
||||
local result=$(webuiRemoveUpdateLock)
|
||||
local result; result=$(webuiRemoveUpdateLock)
|
||||
checkSuccess "Removed update lock file..."
|
||||
|
||||
# Remove setup lock file
|
||||
local result=$(webuiRemoveSetupLock)
|
||||
local result; result=$(webuiRemoveSetupLock)
|
||||
checkSuccess "Removed setup lock file..."
|
||||
|
||||
isSuccessful "WebUI update completed successfully!"
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user