sudo_user_name (the real manager — owns the install, runs the runtime, baked as __MANAGER__ into the root helpers) was hardcoded to 'libreportal'. Make it configurable, consistent with the relocatable roots: - --manager-user=NAME flag + LP_MANAGER_USER env (default libreportal); resolved early in init.sh and in scripts/source/paths.sh (so the standalone processors get it too), validated as a real Linux username in libreportalValidatePaths. - Baked everywhere it must be stable: the helpers + CLI wrapper (CHECK_USER now __MANAGER__, exports LP_MANAGER_USER) via the install-time sed; the systemd unit exports LP_MANAGER_USER=<manager>. User creation (initUsers), the sudoers drop-in, and ~35 call sites already used $sudo_user_name, so they follow. - Fix the stray manager-name literals: install_crowdsec.sh chown, the check_install_type fallback. (Brand/identity strings like the backup engine:libreportal tag are left — they're not the username.) Verified: resolves default/env/flag; wrapper bakes a custom name (admin) with no placeholders left; validation rejects invalid usernames. The footprint paths (/etc, /usr/local) stay fixed by design. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
67 lines
3.1 KiB
Bash
67 lines
3.1 KiB
Bash
#!/bin/bash
|
|
#
|
|
# LibrePortal path roots — single source of truth for the (relocatable) layout.
|
|
#
|
|
# Three independently-placeable roots, each owned by exactly one principal:
|
|
# LP_SYSTEM_DIR control plane — manager (libreportal) owned, 750
|
|
# configs/ logs/ install/ database.db ssl/ ssh/ migrate/ restore/
|
|
# LP_CONTAINERS_DIR live app data — container user (dockerinstall) owned (rootless)
|
|
# LP_BACKUPS_DIR restic/kopia repos — container user owned (separable / own mount)
|
|
#
|
|
# The roots come from the environment when set (the install bakes them into the
|
|
# task-processor systemd unit, and the CLI/app inherit them from init.sh), else
|
|
# they default to /libreportal-*. A custom location is chosen at INSTALL time and
|
|
# baked by root — never read at runtime from a manager-writable config.
|
|
#
|
|
# SECURITY: the root-owned helpers under /usr/local/lib/libreportal/ do NOT source
|
|
# this file. They get the paths baked in at install (sed placeholders), so the
|
|
# manager cannot redirect a root `chown`/`chmod` by editing config. This file is
|
|
# only for the manager-run code (app, CLI, task processor), which runs without
|
|
# extra privilege.
|
|
#
|
|
# Mirror copy: init.sh derives the same vars inline (it is self-contained for the
|
|
# bare /root/init.sh reinstall case, where scripts/ isn't alongside). Keep the two
|
|
# derivations in sync.
|
|
|
|
# --- Resolve the three roots ------------------------------------------------
|
|
# Transitional compat: an EXISTING install (the legacy single /docker tree,
|
|
# identified by its config marker) keeps using /docker until a deliberate
|
|
# reinstall to the split layout — so deploying new code never strands a running
|
|
# box. Fresh installs (no marker) get the /libreportal-* split.
|
|
if [[ -z "${LP_SYSTEM_DIR:-}" ]]; then
|
|
if [[ ! -e /libreportal-system && -f /docker/configs/general/general_docker_install ]]; then
|
|
LP_SYSTEM_DIR=/docker
|
|
: "${LP_CONTAINERS_DIR:=/docker/containers}"
|
|
: "${LP_BACKUPS_DIR:=/docker/backups}"
|
|
else
|
|
LP_SYSTEM_DIR=/libreportal-system
|
|
fi
|
|
fi
|
|
: "${LP_CONTAINERS_DIR:=/libreportal-containers}"
|
|
: "${LP_BACKUPS_DIR:=/libreportal-backups}"
|
|
|
|
# --- Derived: system tree (manager-owned). docker_dir is the legacy name. ---
|
|
docker_dir="$LP_SYSTEM_DIR"
|
|
system_dir="$LP_SYSTEM_DIR"
|
|
configs_dir="$LP_SYSTEM_DIR/configs/"
|
|
logs_dir="$LP_SYSTEM_DIR/logs/"
|
|
ssl_dir="$LP_SYSTEM_DIR/ssl/"
|
|
ssh_dir="$LP_SYSTEM_DIR/ssh/"
|
|
wireguard_dir="$LP_SYSTEM_DIR/wireguard/"
|
|
migrate_dir="$LP_SYSTEM_DIR/migrate"
|
|
restore_dir="$LP_SYSTEM_DIR/restore"
|
|
script_dir="$LP_SYSTEM_DIR/install"
|
|
install_configs_dir="$script_dir/configs/"
|
|
install_containers_dir="$script_dir/containers/"
|
|
install_scripts_dir="$script_dir/scripts/"
|
|
|
|
# --- Derived: data tree (container-user-owned) — the root IS the dir ---------
|
|
containers_dir="$LP_CONTAINERS_DIR/"
|
|
|
|
# --- Derived: backups tree (container-user-owned; own mount-able) -----------
|
|
backup_dir="$LP_BACKUPS_DIR"
|
|
|
|
# --- Control-plane manager user (configurable; baked into helpers at install) -
|
|
# The systemd unit + CLI wrapper export LP_MANAGER_USER; else default libreportal.
|
|
sudo_user_name="${LP_MANAGER_USER:-libreportal}"
|