LibrePortal/scripts/update/git/reset_git.sh
librelad f1ce5e3822 harden(desudo): fix docker-cmd helper bug; convert jitsi/authelia/reset_git
FIX: dockerCommandRun rooted path is 'sudo $command' (unquoted word-split),
so 'docker ps --format "{{.Names}}"' was passing the format with LITERAL
quotes -> docker emitted '<name>' and the downstream grep never matched
(broken in rooted too). Switch all docker invocations to runFileOp, which
preserves args via "$@" in both modes (and runs as dockerinstall against
the rootless socket). Fixed monitoring.sh, dashy, tags_processor_network_mode.

Convert: jitsimeet (rm/wget/unzip/mv/sed/tee/gen-passwords on /docker ->
runFileOp/runFileWrite), authelia (config sed/mkdir/chmod/chown/secrets tee
-> runFileOp/runFileWrite; docker exec -> runFileOp docker, preserving
--password), reset_git (cp->/root runSystem, install-dir chown runInstallOp;
kept sudo -u manager). check_update/update_git_check need no change (all
sudo -u manager git, already least-privilege).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-23 23:51:01 +01:00

58 lines
2.3 KiB
Bash
Executable File

#!/bin/bash
gitReset()
{
# Check if this is a local installation
if [[ "$CFG_INSTALL_MODE" == "local" ]]; then
isNotice "Local installation detected - Git reset is not applicable."
echo "To reset a local installation, please manually restore files and rerun the init script."
else
gitCheckGitDetails;
gitMiscUpdate()
{
runSystem cp -f $script_dir/init.sh /root/
runInstallOp chown -R $sudo_user_name:$sudo_user_name "$script_dir"
}
local result=$(sudo -u $sudo_user_name rm -rf $script_dir)
checkSuccess "Deleting all Git files"
cd $docker_dir
# Strip http:// or https:// and .git for CLEAN_GIT_URL
CLEAN_GIT_URL=$(echo "$CFG_GIT_URL" | sed -E 's~^(https?://)?(.+?)\.git?$~\2~')
# Use authenticated clone if Git login is required
if [[ $CFG_INSTALL_MODE == "git" ]]; then
# Create authenticated URLs
AUTH_HTTPS_REPO_URL="https://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
AUTH_HTTP_REPO_URL="http://${CFG_GIT_USER}:${CFG_GIT_KEY}@${CLEAN_GIT_URL}.git"
# Try HTTPS first
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTPS_REPO_URL" "$script_dir" 2>/dev/null; then
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
else
# If HTTPS fails, try HTTP
if sudo -u $sudo_user_name git clone -q "$AUTH_HTTP_REPO_URL" "$script_dir" 2>/dev/null; then
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
else
isError " Failed to clone repository via both HTTPS and HTTP."
exit 1
fi
fi
elif [[ $CFG_INSTALL_MODE == "local" ]]; then
if sudo -u $sudo_user_name git clone -q "https://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
isSuccessful "Git repository cloned via HTTPS into '$script_dir'."
else
# If HTTPS fails, try HTTP
if sudo -u $sudo_user_name git clone -q "http://${CLEAN_GIT_URL}.git" "$script_dir" 2>/dev/null; then
isSuccessful "Git repository cloned via HTTP into '$script_dir'."
fi
fi
fi
gitMiscUpdate;
fi
}