Convert the remaining ad-hoc 'sudo' calls across the data plane to the run_privileged helpers so every file op lands as the correct owner with no blanket root: - DB/configs (manager-owned): db_list_all_apps, delete_db_file, install_sqlite, cli_webui_commands -> runInstallOp - containers (dockerinstall-owned): scan_container_socket, delete_data, webui_task_files, webui_app_log, webui_config_patch, application_missing_variables, uninstall_app -> runFileOp/runFileWrite - genuine root: passwd, tailscale, ufw-docker, sysctl grep, systemd unit read, authorized_keys read, nobody chown -> runSystem - interactive editors and 'id -u': drop sudo entirely (run as caller) - owncloud/adguard container-UID config edits -> runSystem (funnel; docker-exec rework deferred) Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com> Signed-off-by: librelad <librelad@digitalangels.vip>
127 lines
4.6 KiB
Bash
Executable File
127 lines
4.6 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
# Function to view and edit Docker Compose files in a selected app's folder
|
|
viewComposeFiles()
|
|
{
|
|
local app_names=()
|
|
local app_dir
|
|
|
|
isHeader "Docker Compose YML Editor"
|
|
isNotice "*WARNING* Only use this if you know what you are doing!"
|
|
echo ""
|
|
|
|
# Find all subdirectories under $containers_dir
|
|
for app_dir in "$containers_dir"/*/; do
|
|
if [[ -d "$app_dir" ]]; then
|
|
# Extract the app name (folder name)
|
|
local app_name=$(basename "$app_dir")
|
|
local app_names+=("$app_name")
|
|
fi
|
|
done
|
|
|
|
# Check if any apps were found
|
|
if [ ${#app_names[@]} -eq 0 ]; then
|
|
isNotice "No apps found in $containers_dir."
|
|
fi
|
|
|
|
# List numbered options for app names
|
|
isNotice "Select an app to view and edit Docker Compose files:"
|
|
echo ""
|
|
for i in "${!app_names[@]}"; do
|
|
isOption "$((i + 1)). ${app_names[i]}"
|
|
done
|
|
|
|
# Read user input for app selection
|
|
echo ""
|
|
isQuestion "Enter the number of the app (or 'x' to exit): "
|
|
read -p "" selected_option
|
|
|
|
case "$selected_option" in
|
|
[1-9]*)
|
|
# Check if the selected option is a valid number
|
|
if ((selected_option >= 1 && selected_option <= ${#app_names[@]})); then
|
|
local selected_app="${app_names[selected_option - 1]}"
|
|
local selected_app_dir="$containers_dir/$selected_app"
|
|
|
|
# List Docker Compose files in the selected app's folder
|
|
echo ""
|
|
isNotice "Docker Compose files in '$selected_app':"
|
|
local selected_compose_files=($(listDockerComposeFiles "$selected_app_dir"))
|
|
|
|
# Check if any Docker Compose files were found
|
|
if [ ${#selected_compose_files[@]} -eq 0 ]; then
|
|
isNotice "No Docker Compose files found in '$selected_app'."
|
|
else
|
|
local original_checksums=() # To store original MD5 checksums
|
|
local edited_checksums=() # To store edited MD5 checksums
|
|
|
|
# Calculate the original MD5 checksums for the selected Docker Compose files
|
|
for file in "${selected_compose_files[@]}"; do
|
|
original_checksums+=("$(md5sum "$file" | cut -d ' ' -f 1)")
|
|
done
|
|
|
|
while true; do
|
|
# List numbered options for Docker Compose files
|
|
echo ""
|
|
isNotice "Select Docker Compose files to edit (space-separated numbers, or 'x' to exit):"
|
|
echo ""
|
|
for i in "${!selected_compose_files[@]}"; do
|
|
local compose_file_name=$(basename "${selected_compose_files[i]}")
|
|
isOption "$((i + 1)). $compose_file_name"
|
|
done
|
|
|
|
# Read user input for file selection
|
|
echo ""
|
|
isQuestion "Enter the numbers of the files to edit (or 'x' to exit): "
|
|
read -p "" selected_files
|
|
|
|
case "$selected_files" in
|
|
[0-9]*)
|
|
# Edit the selected Docker Compose files with $CFG_TEXT_EDITOR
|
|
local IFS=' ' # Declare IFS as a local variable
|
|
read -r -a selected_file_numbers <<< "$selected_files" # Declare selected_file_numbers as an array
|
|
for file_number in "${selected_file_numbers[@]}"; do
|
|
local index=$((file_number - 1))
|
|
if ((index >= 0 && index < ${#selected_compose_files[@]})); then
|
|
local selected_file="${selected_compose_files[index]}"
|
|
$CFG_TEXT_EDITOR "$selected_file"
|
|
fi
|
|
done
|
|
|
|
# Calculate the edited MD5 checksums for the selected Docker Compose files
|
|
edited_checksums=() # Clear the edited checksums
|
|
for file in "${selected_compose_files[@]}"; do
|
|
edited_checksums+=("$(md5sum "$file" | cut -d ' ' -f 1)")
|
|
done
|
|
|
|
# Check if any files have been modified
|
|
for i in "${!selected_compose_files[@]}"; do
|
|
if [ "${original_checksums[i]}" != "${edited_checksums[i]}" ]; then
|
|
isNotice "File ${selected_compose_files[i]} has been modified."
|
|
dockerComposeUpdateAndStartApp "$selected_app" restart;
|
|
break # Stop processing files if any have been modified
|
|
fi
|
|
done
|
|
;;
|
|
x)
|
|
isNotice "Exiting..."
|
|
;;
|
|
*)
|
|
isNotice "Invalid option. Please choose valid file numbers or 'x' to exit."
|
|
;;
|
|
esac
|
|
done
|
|
fi
|
|
else
|
|
isNotice "Invalid app number. Please choose a valid option."
|
|
fi
|
|
;;
|
|
x)
|
|
isNotice "Exiting..."
|
|
;;
|
|
*)
|
|
isNotice "Invalid option. Please choose a valid option or 'x' to exit."
|
|
;;
|
|
esac
|
|
}
|