LibrePortal/scripts/webui/webui_updater.sh
librelad 3a679d7343 feat(ssh): admin host SSH-access engine (backend + CLI + snapshot)
Fresh, on-demand inbound SSH-access management for the host (replaces the old
maze). scripts/ssh/host_access.sh manages the install user's authorized_keys —
add a pasted public key (validated), list, remove — and toggles sshd password
login behind a lockout guard (won't disable passwords with no key; won't drop
the last key while passwords are off; sshd -t before reload, with backup).

New 'ssh' CLI category (status/key-add/key-remove/password-auth/generate) and
a webuiGenerateSshAccess snapshot (data/ssh/access.json: user, password_auth,
authorized keys as type+fingerprint+comment — public only) wired into the
regen chain. Nothing runs automatically; only explicit admin actions change
anything. WebUI page next.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 16:40:59 +01:00

116 lines
5.0 KiB
Bash
Executable File

#!/bin/bash
# LibrePortal WebUI Main Updater
# Coordinates all webui data updates including system info and app configurations
webuiLibrePortalUpdate() {
# Debounce: during a fresh install this function gets called back-to-back
# by installLibrePortal (line 113) and then startScan (end of preinstall),
# both within ~10 seconds. Skip if the last successful run is within the
# debounce window. Callers that genuinely need a forced refresh can set
# WEBUI_UPDATER_FORCE=1.
local stamp_file="/tmp/libreportal_webui_updater_last"
local debounce_seconds="${WEBUI_UPDATER_DEBOUNCE:-30}"
if [[ -z "$WEBUI_UPDATER_FORCE" && -f "$stamp_file" ]]; then
local _now=$(date +%s)
local _last=$(stat -c '%Y' "$stamp_file" 2>/dev/null)
if [[ -n "$_last" ]] && (( _now - _last < debounce_seconds )); then
isNotice "WebUI updater ran $((_now - _last))s ago — skipping (debounced, within ${debounce_seconds}s)."
return 0
fi
fi
local status=$(dockerCheckAppInstalled "libreportal" "docker")
# Main process: generate config if app is installed
if [ "$status" == "installed" ]; then
isHeader "LibrePortal WebUI Updater"
# Check for update lock file first
local result=$(webuiCheckUpdateLock)
checkSuccess "Checked for update lock file."
if [[ "$lock_file_found" == "true" ]]; then
echo ""
isNotice "Update already in progress. Please wait for current update to complete."
isNotice "Status: Locked"
isNotice "WebUI update skipped due to concurrent update"
echo ""
else
# Create update lock file
local result=$(webuiCreateUpdateLock)
checkSuccess "Created update lock file..."
# Update system information first
local result=$(webuiSystemUpdate)
checkSuccess "Updated system information..."
# Ensure task system files exist (failsafe)
local result=$(webuiEnsureTaskFiles)
checkSuccess "Ensured task system files exist..."
# Generate system configuration
local result=$(webuiGenerateSystemConfigs)
checkSuccess "Generated system configurations..."
# Generate categories
local result=$(webuiCreateCategories $containers_dir/libreportal/frontend/data)
checkSuccess "Generated app and config categories..."
# Generate LibrePortal app configuration
local result=$(webuiGenerateLibrePortalConfig)
checkSuccess "Generated LibrePortal app configuration..."
# Generate apps-services.json
local result=$(webuiGenerateAppsServicesConfig)
checkSuccess "Generated apps-services.json..."
# Generate apps-tools.json (aggregate of per-app *.tools.json)
local result=$(webuiGenerateAppsToolsConfig)
checkSuccess "Generated apps-tools.json..."
# Only refresh the gluetun provider snapshot when gluetun is
# actually deployed — the upstream servers.json is ~7 MB and
# routine WebUI updates shouldn't burn that bandwidth for users
# who never install gluetun. The gluetun installer itself
# (containers/gluetun/gluetun.sh) refreshes on first install,
# and the Tools action 'gluetun_refresh_providers' lets users
# refresh on demand.
if [[ -f "${containers_dir}gluetun/docker-compose.yml" ]]; then
local result=$(webuiGenerateGluetunProviders)
checkSuccess "Refreshed gluetun provider snapshot..."
fi
# Generate Backup locations / snapshots / engines / dashboards
local result=$(webuiGenerateBackupLocations && webuiGenerateBackupDashboard && webuiGenerateBackupSnapshots all && webuiGenerateBackupAppStatus && webuiGenerateBackupEngines && webuiGenerateBackupSchema && webuiGenerateBackupPasswords)
checkSuccess "Refreshed backup dashboard data..."
# SSH access snapshot (authorized keys + password-login state)
local result=$(webuiGenerateSshAccess)
checkSuccess "Refreshed SSH access data..."
# Sync app icons
local result=$(webuiSyncAppIcons)
checkSuccess "Synced app icons..."
# Generate log files for installed apps
local result=$(webuiGenerateAppLogs)
checkSuccess "Generated log files for installed apps..."
# Remove update lock file
local result=$(webuiRemoveUpdateLock)
checkSuccess "Removed update lock file..."
# Remove setup lock file
local result=$(webuiRemoveSetupLock)
checkSuccess "Removed setup lock file..."
isSuccessful "WebUI update completed successfully!"
touch "$stamp_file" 2>/dev/null || true
fi
else
isNotice "LibrePortal not installed - skipping WebUI update"
fi
}