LibrePortal/scripts/start/start_recommended.sh
librelad c6dd2659be refactor(de-sudo): apps DB access via runInstallOp, not sudo
The apps SQLite DB ($docker_dir/$db_file) is owned by the manager user, so
read/write it AS the manager via runInstallOp instead of sudo (root). 48 call
sites across 28 scripts. In rooted this drops root->manager (correct owner);
in rootless it's the manager too (using runFileOp/dockerinstall here was the
'unable to open database' bug). The broken 'command -v sudo sqlite3' check
lines are left untouched (separate pre-existing issue).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 16:23:33 +01:00

217 lines
10 KiB
Bash
Executable File

#!/bin/bash
installRecommendedApps()
{
# The Setup Wizard now owns recommended-app installs. If the user has
# been through it (lock file exists), skip the legacy in-flow prompts
# entirely so we don't ask about Wireguard/Traefik twice.
if isSetupWizardComplete; then
return 0
fi
if [[ $CFG_REQUIREMENT_SUGGEST_INSTALLS == "true" ]]; then
local wireguard_status=$(dockerCheckAppInstalled "wireguard" "docker")
if [[ $CFG_REQUIREMENT_SSHKEY_DOWNLOADER == "true" ]]; then
local sshdownload_status=$(dockerCheckAppInstalled "sshdownload" "docker")
else
local sshdownload_status="installed"
fi
local traefik_status=$(dockerCheckAppInstalled "traefik" "docker")
if [ "$wireguard_status" != "installed" ] || \
[ "$sshdownload_status" != "installed" ] || \
[ "$traefik_status" != "installed" ]; then
isHeader "Recommended Applications"
isNotice "There are recommended applications available to install."
echo ""
while true; do
isQuestion "Would you like to follow the recommended app installation process? (y/n): "
read -p "" default_recommendation_choice
if [[ -n "$default_recommendation_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$default_recommendation_choice" == [nN] ]]; then
while true; do
isQuestion "Would you like to stop being asked to install the recommended applications? (y/n): "
read -p "" disable_recommended_apps
if [[ -n "$disable_recommended_apps" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$disable_recommended_apps" == [yY] ]]; then
updateConfigOption "CFG_REQUIREMENT_SUGGEST_INSTALLS" "false"
isNotice "You can re-enable this in the requirements config file"
sourceScanFiles "libreportal_configs";
elif [[ "$disable_recommended_apps" == [nN] ]]; then
isSuccessful "You will be asked to install the recommended applications upon loading LibrePortal again."
fi
elif [[ "$default_recommendation_choice" == [yY] ]]; then
# List of applications available for install
# Wireguard
if [[ "$wireguard_status" != "installed" ]]; then
isHeader "Recommended Application - Wireguard"
isNotice "It's recommended to install Wireguard upon first install."
echo ""
isNotice "Wireguard allows you to access the server via VPN."
echo ""
while true; do
isQuestion "Would you like to Wireguard as per the recommendation? (y/n): "
read -p "" wireguard_recommendation_choice
if [[ -n "$wireguard_recommendation_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$wireguard_recommendation_choice" == [yY] ]]; then
dockerInstallApp wireguard;
fi
fi
# SSHdownload
local ssh_new_key=$(runInstallOp sqlite3 "$docker_dir/$db_file" 'SELECT content FROM options WHERE option = "ssh_new_key";')
if [[ "$sshdownload_status" != "installed" ]]; then
if [[ "$ssh_new_key" == "true" ]]; then
isHeader "SSH Key Downloader"
isNotice "New SSH Keys have been setup and installed on the system."
isNotice "The SSH Key downloader has not been setup to download the installed keys."
echo ""
while true; do
isQuestion "Would you like to install the SSH Key Downloader as per the recommendation? (y/n): "
read -p "" sshdownload_recommendation_choice
if [[ -n "$sshdownload_recommendation_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$sshdownload_recommendation_choice" == [yY] ]]; then
dockerInstallApp sshdownload;
databaseOptionInsert "ssh_new_key" "false";
fi
else
isHeader "SSH Key Downloader"
isNotice "The SSH Key downloader has not been found on your system."
isNotice "You may not need to install this if you have already downloaded all of your keys."
isNotice "You can disable being asked to install this in the future if you select the 'n' option"
echo ""
while true; do
isQuestion "Would you like to install the SSH Key Downloader as per the recommendation? (y/n): "
read -p "" sshdownload_recommendation_choice
if [[ -n "$sshdownload_recommendation_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$sshdownload_recommendation_choice" == [yY] ]]; then
dockerInstallApp sshdownload;
databaseOptionInsert "ssh_new_key" "false";
elif [[ "$sshdownload_recommendation_choice" == [nN] ]]; then
while true; do
isQuestion "Would you like to stop being asked to install the SSH Key Downloader? (y/n): "
read -p "" disable_recommended_apps
if [[ -n "$disable_recommended_apps" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$disable_recommended_apps" == [yY] ]]; then
updateConfigOption "CFG_REQUIREMENT_SSHKEY_DOWNLOADER" "false"
isNotice "You can re-enable this in the requirements config file"
sourceScanFiles "libreportal_configs";
elif [[ "$disable_recommended_apps" == [nN] ]]; then
isSuccessful "You will be asked to install the recommended applications upon loading LibrePortal again."
fi
fi
fi
fi
# Traefik
if [[ "$traefik_status" != "installed" ]]; then
isHeader "Recommended Application - Traefik"
isNotice "It's recommended to install Traefik upon first install."
echo ""
isNotice "Traefik secures your Network traffic and automatically installs SSL Certificates"
echo ""
while true; do
isQuestion "Would you like to Traefik as per the recommendation? (y/n): "
read -p "" traefik_recommendation_choice
if [[ -n "$traefik_recommendation_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$traefik_recommendation_choice" == [yY] ]]; then
dockerInstallApp traefik;
fi
fi
isSuccessful "All recommended apps have successfully been set up."
fi
fi
fi
}
installOptionalMetricsApps()
{
if isSetupWizardComplete; then
return 0
fi
if [[ $CFG_REQUIREMENT_SUGGEST_INSTALLS != "true" ]]; then
return 0
fi
if [[ $CFG_REQUIREMENT_SUGGEST_METRICS != "true" ]]; then
return 0
fi
local prometheus_status=$(dockerCheckAppInstalled "prometheus" "docker")
local grafana_status=$(dockerCheckAppInstalled "grafana" "docker")
if [[ "$prometheus_status" == "installed" && "$grafana_status" == "installed" ]]; then
return 0
fi
isHeader "Optional Applications - Metrics"
isNotice "Prometheus and Grafana provide metrics scraping and dashboards for your apps."
isNotice "These are optional and not installed by default."
echo ""
while true; do
isQuestion "Would you like to install Prometheus and Grafana now? (y/n): "
read -p "" metrics_choice
if [[ -n "$metrics_choice" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$metrics_choice" == [yY] ]]; then
if [[ "$prometheus_status" != "installed" ]]; then
dockerInstallApp prometheus;
fi
if [[ "$grafana_status" != "installed" ]]; then
dockerInstallApp grafana;
fi
isSuccessful "Metrics apps have successfully been set up."
elif [[ "$metrics_choice" == [nN] ]]; then
while true; do
isQuestion "Would you like to stop being asked about the metrics apps? (y/n): "
read -p "" disable_metrics
if [[ -n "$disable_metrics" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$disable_metrics" == [yY] ]]; then
updateConfigOption "CFG_REQUIREMENT_SUGGEST_METRICS" "false"
isNotice "You can re-enable this in the requirements config file"
sourceScanFiles "libreportal_configs";
elif [[ "$disable_metrics" == [nN] ]]; then
isSuccessful "You will be asked about the metrics apps upon loading LibrePortal again."
fi
fi
}