LibrePortal/scripts/docker/compose/update_compose_yml.sh
librelad 053a620e22 fix(reliability): split local result=$(cmd) so $? survives for checkSuccess
'local result=$(cmd)' resets $? to 0 (the local builtin's own exit), so the
following checkSuccess always saw success regardless of cmd's real exit — the
mechanism that masked the de-sudo write failures. Split declaration from
assignment ('local result; result=$(cmd)') across all 235 active-code sites
(84 files) so the command's exit reaches checkSuccess. No behaviour change
beyond $? now being accurate (no set -e in runtime code; multi-line
assignments transform safely).

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-31 03:09:25 +01:00

56 lines
2.0 KiB
Bash
Executable File

#!/bin/bash
dockerComposeUpdate()
{
local app_name="$1"
local flags="$2"
local norestart="$3"
local whitelistupdates=false
if [[ $compose_setup == "default" ]]; then
local compose_file="docker-compose.yml"
elif [[ $compose_setup == "app" ]]; then
local compose_file="docker-compose.$app_name.yml"
fi
if [ "$flags" == "install" ]; then
dockerConfigSetupFileWithData $app_name;
if [[ $norestart != "norestart" ]]; then
dockerComposeRestartAfterUpdate $app_name $flags;
fi
fi
if [ "$flags" == "restart" ]; then
dockerConfigSetupFileWithData $app_name;
if [[ $norestart != "norestart" ]]; then
dockerComposeRestartAfterUpdate $app_name $flags;
fi
fi
# Fail2ban specifics
if [[ "$app_name" == "fail2ban" ]]; then
local jail_local_file="$containers_dir/$app_name/config/$app_name/jail.local"
if [ -f "$jail_local_file" ]; then
if runFileOp grep -q "ignoreip = ips_whitelist" "$jail_local_file"; then
# Whitelist not set up yet
if runFileOp grep -q "ignoreip = ips_whitelist" "$jail_local_file"; then
local result; result=$(runFileOp sed -i "s/ips_whitelist/$CFG_IPS_WHITELIST/" "$jail_local_file")
checkSuccess "Update the IP whitelist for $app_name"
local whitelistupdates=true
fi
# If the IPs are set up already but need an update
local current_ip_range=$(grep "ignoreip = " "$jail_local_file" | cut -d ' ' -f 2)
if [ "$current_ip_range" != "$CFG_IPS_WHITELIST" ]; then
local result; result=$(runFileOp sed -i "s/ignoreip = ips_whitelist/ignoreip = $CFG_IPS_WHITELIST/" "$jail_local_file")
checkSuccess "Update the IP whitelist for $app_name"
local whitelistupdates=true
fi
fi
fi
fi
}