Bunch of bugfixes. Made quirk and permissions fixing scripts more reliable.
This commit is contained in:
Raphaël Numbus
@@ -24,7 +24,9 @@ helper.mkPodmanService {
|
||||
DB_PASSWORD = "xkcdpass -n 8 -d -";
|
||||
};
|
||||
dirPermissions = [
|
||||
"100999:users ${cfg.configDir}"
|
||||
"100999:100 ${cfg.configDir}/data"
|
||||
"100999:100 ${cfg.configDir}/config"
|
||||
"100999:100 ${cfg.configDir}/database"
|
||||
];
|
||||
|
||||
composeText = ''
|
||||
|
||||
@@ -23,8 +23,8 @@ helper.mkPodmanService {
|
||||
HOME_ASSISTANT_MQTT_PASSWORD = "xkcdpass -n 8 -d -";
|
||||
};
|
||||
dirPermissions = [
|
||||
"numbus-admin:users ${cfg.configDir}/home-assistant"
|
||||
"100999:users ${cfg.configDir}/mqtt"
|
||||
"1000:100 ${cfg.configDir}/config"
|
||||
"100999:100 ${cfg.configDir}/mqtt"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
@@ -39,7 +39,7 @@ helper.mkPodmanService {
|
||||
ports:
|
||||
- "${cfg.port}:8123/tcp"
|
||||
volumes:
|
||||
- ${cfg.configDir}/home-assistant:/config
|
||||
- ${cfg.configDir}/config:/config
|
||||
- /etc/localtime:/etc/localtime:ro
|
||||
- /run/dbus:/run/dbus:ro
|
||||
${lib.optionalString (cfg.devices != []) ''
|
||||
@@ -95,13 +95,20 @@ ${lib.concatStringsSep "\n" (map (d: " - \"${d}\"") cfg.devices)}
|
||||
};
|
||||
script = ''
|
||||
mkdir -p /var/lib/numbus-server/${name}
|
||||
if [[ -e /var/lib/numbus-server/${name}/quirk-1.true ]]; then
|
||||
exit 0
|
||||
if [[ -e ${cfg.configDir}/config/configuration.yaml ]]; then
|
||||
if grep -qF "${config.numbus.networking.ipAddress}/24" ${cfg.configDir}/config/configuration.yaml; then
|
||||
exit 0
|
||||
elif grep -qF "use_x_forwarded_for" ${cfg.configDir}/config/configuration.yaml && ! grep -qF "${config.numbus.networking.ipAddress}/24" ${cfg.configDir}/config/configuration.yaml
|
||||
tmp=$(mktemp)
|
||||
head -n -4 ${cfg.configDir}/config/configuration.yaml > "$tmp"
|
||||
mv "$tmp" ${cfg.configDir}/config/configuration.yaml
|
||||
fi
|
||||
fi
|
||||
until [[ -e ${cfg.configDir}/home-assistant/configuration.yaml ]]; do
|
||||
|
||||
until [[ -e ${cfg.configDir}/config/configuration.yaml ]]; do
|
||||
sleep 15
|
||||
done
|
||||
cat << 'EOF' >> ${cfg.configDir}/home-assistant/configuration.yaml
|
||||
cat << 'EOF' >> ${cfg.configDir}/config/configuration.yaml
|
||||
|
||||
http:
|
||||
use_x_forwarded_for: true
|
||||
@@ -110,7 +117,6 @@ http:
|
||||
zha:
|
||||
EOF
|
||||
systemctl restart ${name}.service
|
||||
touch /var/lib/numbus-server/${name}/quirk-1.true
|
||||
'';
|
||||
};
|
||||
};
|
||||
@@ -129,10 +135,17 @@ EOF
|
||||
RemainAfterExit = true;
|
||||
};
|
||||
script = ''
|
||||
mkdir -p /var/lib/numbus-server/${name}
|
||||
if [[ -e /var/lib/numbus-server/${name}/quirk-2.true ]]; then
|
||||
exit 0
|
||||
if [[ -e ${cfg.configDir}/mqtt/mosquitto.conf && ${cfg.configDir}/mqtt/password.txt ]]; then
|
||||
if grep -qF "listener 1883" ${cfg.configDir}/mqtt/mosquitto.conf; then
|
||||
exit 0
|
||||
else
|
||||
rm ${cfg.configDir}/mqtt/mosquitto.conf
|
||||
rm ${cfg.configDir}/mqtt/password.txt
|
||||
touch ${cfg.configDir}/mqtt/mosquitto.conf
|
||||
touch ${cfg.configDir}/mqtt/password.txt
|
||||
fi
|
||||
fi
|
||||
|
||||
cat << EOF >> ${cfg.configDir}/mqtt/mosquitto.conf
|
||||
persistence true
|
||||
persistence_location /mosquitto/data/
|
||||
@@ -145,7 +158,6 @@ EOF
|
||||
source /var/lib/numbus-server/${name}/.env
|
||||
mosquitto_passwd -b ${cfg.configDir}/mqtt/password.txt "$HOME_ASSISTANT_MQTT_USER" "$HOME_ASSISTANT_MQTT_PASSWORD"
|
||||
chmod 600 ${cfg.configDir}/mqtt/password.txt
|
||||
touch /var/lib/numbus-server/${name}/quirk-2.true
|
||||
'';
|
||||
};
|
||||
}
|
||||
|
||||
@@ -31,8 +31,11 @@ helper.mkPodmanService {
|
||||
TZ = "${config.time.timeZone}";
|
||||
};
|
||||
dirPermissions = [
|
||||
"100999:users ${cfg.dataDir}"
|
||||
"100999:users ${cfg.configDir}"
|
||||
"100999:100 ${cfg.configDir}/model-cache"
|
||||
"100999:100 ${cfg.configDir}/machine-learning-config"
|
||||
"100999:100 ${cfg.configDir}/machine-learning-cache"
|
||||
"100999:100 ${cfg.configDir}/database"
|
||||
"100999:100 ${cfg.dataDir}"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
|
||||
@@ -139,12 +139,19 @@ ${concatStringsSep "\n" (map (m: " - ${m}") middlewares)}
|
||||
mkdir -p /var/lib/numbus-server/${name}
|
||||
${concatStringsSep "\n" (map (perm: ''
|
||||
set -- ${perm}
|
||||
MARKER="/var/lib/numbus-server/${name}/.perm-fixed-$(echo "$1:$2" | md5sum | cut -d' ' -f1)"
|
||||
if [ ! -f "$MARKER" ]; then
|
||||
rm -f /var/lib/numbus-server/${name}/.perm-fixed-*
|
||||
mkdir -p "$2"
|
||||
chown -R "$1" "$2"
|
||||
touch "$MARKER"
|
||||
WANTED_PERMISSIONS=$1
|
||||
FOLDER_PATH=$2
|
||||
ACTUAL_PERMISSIONS=$(stat -c '%u:%g' "$FOLDER_PATH")
|
||||
|
||||
if [[ ! -e "$FOLDER_PATH" ]]; then
|
||||
mkdir -p "$FOLDER_PATH"
|
||||
elif [[ ! -d "$FOLDER_PATH" ]]; then
|
||||
rm "$FOLDER_PATH"
|
||||
mkdir -p "$FOLDER_PATH"
|
||||
fi
|
||||
|
||||
if [[ "$ACTUAL_PERMISSIONS" != "$WANTED_PERMISSIONS" ]]; then
|
||||
chown -R "$WANTED_PERMISSIONS" "$FOLDER_PATH"
|
||||
fi
|
||||
'') dirPermissions)}
|
||||
exit 0
|
||||
|
||||
@@ -30,11 +30,11 @@ helper.mkPodmanService {
|
||||
SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}";
|
||||
};
|
||||
dirPermissions = [
|
||||
"100032:users ${cfg.configDir}/web"
|
||||
"100999:users ${cfg.configDir}/redis"
|
||||
"100999:users ${cfg.configDir}/database"
|
||||
"100999:users ${cfg.configDir}/onlyoffice"
|
||||
"100032:users ${cfg.dataDir}"
|
||||
"100032:100 ${cfg.configDir}/web"
|
||||
"100999:100 ${cfg.configDir}/redis"
|
||||
"100999:100 ${cfg.configDir}/database"
|
||||
"100999:100 ${cfg.configDir}/onlyoffice"
|
||||
"100032:100 ${cfg.dataDir}"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
|
||||
@@ -26,9 +26,9 @@ helper.mkPodmanService {
|
||||
SMTP_PASSWORD = "cat ${config.numbus.mail.smtpPasswordPath}";
|
||||
};
|
||||
dirPermissions = [
|
||||
"100032:users ${cfg.configDir}/gpg"
|
||||
"100032:users ${cfg.configDir}/jwt"
|
||||
"100999:users ${cfg.configDir}/database"
|
||||
"100032:100 ${cfg.configDir}/gpg"
|
||||
"100032:100 ${cfg.configDir}/jwt"
|
||||
"100999:100 ${cfg.configDir}/database"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
|
||||
@@ -25,7 +25,7 @@ helper.mkPodmanService {
|
||||
PIHOLE_PASSWORD = "xkcdpass -n 10 -d -";
|
||||
};
|
||||
dirPermissions = [
|
||||
"numbus-admin:users ${cfg.configDir}"
|
||||
"100999:100 ${cfg.configDir}"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
|
||||
@@ -24,9 +24,9 @@ helper.mkPodmanService {
|
||||
CLOUDFLARE_DNS_API_TOKEN = "cat ${config.sops.secrets."cloudflareDnsApiToken".path}";
|
||||
};
|
||||
dirPermissions = [
|
||||
"100999:users ${cfg.configDir}"
|
||||
"100999:users ${cfg.configDir}/rules"
|
||||
"100999:users ${cfg.configDir}/certs"
|
||||
"100999:100 ${cfg.configDir}"
|
||||
"100999:100 ${cfg.configDir}/rules"
|
||||
"100999:100 ${cfg.configDir}/certs"
|
||||
];
|
||||
|
||||
# Compose file good
|
||||
|
||||
Reference in New Issue
Block a user