The rootless task-processor service env used id -u $sudo_user_name (the manager, e.g. 1001) for DOCKER_HOST/XDG_RUNTIME_DIR, but the rootless daemon runs as the docker install user, so its socket lives at /run/user/<install-user-uid>/docker.sock (e.g. 1002). The manager-uid path doesn't exist. Use id -u $CFG_DOCKER_INSTALL_USER so the env matches the actual rootless socket (same values dockerCommandRunInstallUser uses). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
93 lines
3.5 KiB
Bash
Executable File
93 lines
3.5 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# LibrePortal Task Processor Systemd Service Setup
|
|
# Replaces crontabSetupTaskProcessor with systemd service
|
|
installLibrePortalWebUITaskService()
|
|
{
|
|
if [[ "$CFG_REQUIREMENT_WEBUI_SERVICE" == "true" ]]; then
|
|
local service_file="/etc/systemd/system/libreportal.service"
|
|
if [[ ! -f "$service_file" ]]; then
|
|
local task_processor_script="$install_scripts_dir/crontab/task/crontab_task_processor.sh"
|
|
local task_dir="$containers_dir/libreportal/frontend/data/tasks"
|
|
|
|
# Update TASK_DIR in the task processor script
|
|
if [ -f "$task_processor_script" ]; then
|
|
sed -i "s|TASK_DIR=\".*\"|TASK_DIR=\"$task_dir\"|g" "$task_processor_script"
|
|
chmod +x "$task_processor_script"
|
|
else
|
|
isNotice "Task processor script not found"
|
|
fi
|
|
|
|
# Rootless docker exposes the daemon at /run/user/<uid>/docker.sock and
|
|
# depends on XDG_RUNTIME_DIR being set. Systemd units don't inherit user
|
|
# bashrc, so without these Environment= lines the processor would fall
|
|
# back to /var/run/docker.sock (which rootless does not create) and any
|
|
# `docker …` call inside the task would fail. Rootful gets no extras —
|
|
# the default /var/run path is already correct.
|
|
#
|
|
# The rootless daemon runs as the DOCKER INSTALL USER, so its socket lives in
|
|
# that user's runtime dir — not the manager's. Use the docker install user's
|
|
# uid here (matches dockerCommandRunInstallUser); pointing at the manager's
|
|
# uid was wrong — that socket doesn't exist.
|
|
local service_env_block=""
|
|
if [[ "$CFG_DOCKER_INSTALL_TYPE" == "rootless" ]]; then
|
|
local docker_install_uid
|
|
docker_install_uid="$(id -u "$CFG_DOCKER_INSTALL_USER")"
|
|
service_env_block="Environment=DOCKER_HOST=unix:///run/user/${docker_install_uid}/docker.sock
|
|
Environment=XDG_RUNTIME_DIR=/run/user/${docker_install_uid}"
|
|
fi
|
|
|
|
# Create systemd service file
|
|
runSystem tee "$service_file" > /dev/null <<EOF
|
|
[Unit]
|
|
Description=LibrePortal Task Processor
|
|
After=network.target
|
|
Wants=network.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
User=$sudo_user_name
|
|
Group=$sudo_user_name
|
|
WorkingDirectory=$install_scripts_dir
|
|
ExecStart=$task_processor_script start_script
|
|
Restart=always
|
|
RestartSec=5
|
|
SyslogIdentifier=libreportal
|
|
${service_env_block}
|
|
|
|
# Security
|
|
PrivateTmp=true
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
# Remove from crontab if it exists
|
|
if sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -q "task_processor.sh"; then
|
|
sudo -u $sudo_user_name crontab -l 2>/dev/null | grep -v "task_processor.sh" | sudo -u $sudo_user_name crontab -
|
|
isNotice "Removed task processor from crontab"
|
|
fi
|
|
|
|
# Reload systemd and enable service
|
|
runSystem systemctl daemon-reload
|
|
runSystem systemctl enable libreportal.service >/dev/null 2>&1
|
|
runSystem systemctl start libreportal.service
|
|
|
|
isSuccessful "LibrePortal task processor service setup."
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Restart the task processor after a docker-type switch. The processor reads the
|
|
# install type (rooted/rootless) ONCE at startup to decide how runFileOp writes
|
|
# into the docker-install-owned task dir, so a running instance keeps using the
|
|
# old mode until it's bounced. The switch is a CLI one-shot (not a processor
|
|
# task), so this won't kill an in-flight switch.
|
|
restartLibrePortalWebUITaskService()
|
|
{
|
|
[[ "$CFG_REQUIREMENT_WEBUI_SERVICE" == "true" ]] || return 0
|
|
[[ -f /etc/systemd/system/libreportal.service ]] || return 0
|
|
runSystem systemctl restart libreportal.service 2>/dev/null
|
|
isSuccessful "Restarted task processor for $CFG_DOCKER_INSTALL_TYPE Docker mode"
|
|
}
|