diff --git a/scripts/88-update-wrapper.sh b/scripts/88-update-wrapper.sh index 52a0730..57f799b 100644 --- a/scripts/88-update-wrapper.sh +++ b/scripts/88-update-wrapper.sh @@ -8,6 +8,7 @@ WRAPPER="/usr/local/sbin/mw-update" LOGFILE="/var/log/mailwolt-update.log" STATEDIR="/var/lib/mailwolt/update" SUDOERS="/etc/sudoers.d/mailwolt-update" +VERSION_FILE="/var/lib/mailwolt/version" # Kandidaten: wo liegt update.sh? CANDIDATES=( @@ -29,6 +30,7 @@ set -euo pipefail LOG="/var/log/mailwolt-update.log" STATE_DIR="/var/lib/mailwolt/update" +VERSION_FILE="/var/lib/mailwolt/version" CANDIDATES=( /opt/mailwolt-installer/scripts/update.sh @@ -67,6 +69,17 @@ echo "running" > "$STATE_DIR/state" fi fi echo "===== $(date -Is) :: Update beendet (rc=$rc) =====" + + # Version schreiben (Git-Tag oder Commit) + if command -v git >/dev/null 2>&1; then + cd /opt/mailwolt-installer >/dev/null 2>&1 || true + ver=$(git describe --tags --always --dirty 2>/dev/null || echo "unknown") + echo "$ver" > "$VERSION_FILE" + echo "[i] Version aktualisiert: $ver" + else + echo "unknown" > "$VERSION_FILE" + fi + echo "$rc" > "$STATE_DIR/rc" echo "done" > "$STATE_DIR/state" exit "$rc" @@ -91,4 +104,107 @@ if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then rm -f "$SUDOERS" fi -log "[✓] Update-Wrapper bereit: $WRAPPER" \ No newline at end of file +# Version-File initial anlegen, falls nicht existiert +if [[ ! -f "$VERSION_FILE" ]]; then + echo "unknown" > "$VERSION_FILE" + chmod 0644 "$VERSION_FILE" +fi + +log "[✓] Update-Wrapper bereit: $WRAPPER" +log "[✓] Version wird unter $VERSION_FILE gespeichert" + + +##!/usr/bin/env bash +#set -euo pipefail +#source ./lib.sh +# +#log "Update-Wrapper & Sudoers …" +# +#WRAPPER="/usr/local/sbin/mw-update" +#LOGFILE="/var/log/mailwolt-update.log" +#STATEDIR="/var/lib/mailwolt/update" +#SUDOERS="/etc/sudoers.d/mailwolt-update" +# +## Kandidaten: wo liegt update.sh? +#CANDIDATES=( +# /opt/mailwolt-installer/scripts/update.sh +# /mailwolt-installer/scripts/update.sh +# /usr/local/lib/mailwolt/update.sh +#) +# +## State/Log vorbereiten +#install -d -m 0755 "$(dirname "$LOGFILE")" +#install -d -m 0755 "$STATEDIR" +#: > "$LOGFILE" || true +#chmod 0644 "$LOGFILE" +# +## Wrapper erzeugen +#cat > "$WRAPPER" <<'EOF' +##!/usr/bin/env bash +#set -euo pipefail +# +#LOG="/var/log/mailwolt-update.log" +#STATE_DIR="/var/lib/mailwolt/update" +# +#CANDIDATES=( +# /opt/mailwolt-installer/scripts/update.sh +# /mailwolt-installer/scripts/update.sh +# /usr/local/lib/mailwolt/update.sh +#) +# +## Beste vorhandene update.sh finden +#SCRIPT="" +#for p in "${CANDIDATES[@]}"; do +# if [[ -x "$p" ]]; then SCRIPT="$p"; break; fi +# if [[ -f "$p" && -r "$p" ]]; then SCRIPT="$p"; break; fi +#done +# +#install -d -m 0755 "$STATE_DIR" +#echo "running" > "$STATE_DIR/state" +# +#{ +# echo "===== $(date -Is) :: Update gestartet =====" +# if [[ -z "$SCRIPT" ]]; then +# echo "[!] update.sh nicht gefunden oder nicht ausführbar (versucht: ${CANDIDATES[*]})" +# rc=127 +# else +# echo "[i] benutze: $SCRIPT" +# if [[ "$(id -u)" -ne 0 ]]; then +# echo "[!] Bitte als root ausführen" +# rc=1 +# else +# # Dirty-Working-Tree zulassen, damit UI-Commits/Änderungen kein Blocker sind +# if [[ -x "$SCRIPT" ]]; then +# ALLOW_DIRTY=1 "$SCRIPT" +# else +# ALLOW_DIRTY=1 bash "$SCRIPT" +# fi +# rc=$? +# fi +# fi +# echo "===== $(date -Is) :: Update beendet (rc=$rc) =====" +# echo "$rc" > "$STATE_DIR/rc" +# echo "done" > "$STATE_DIR/state" +# exit "$rc" +#} | tee -a "$LOG" +#EOF +# +#chmod 0755 "$WRAPPER" +#chown root:root "$WRAPPER" +# +## Sudoers: www-data (Laravel) & mailwolt dürfen den Wrapper laufen lassen +#cat > "$SUDOERS" <<'EOF' +#Defaults!/usr/local/sbin/mw-update !requiretty +#www-data ALL=(root) NOPASSWD: /usr/local/sbin/mw-update +#mailwolt ALL=(root) NOPASSWD: /usr/local/sbin/mw-update +#EOF +# +#chown root:root "$SUDOERS" +#chmod 440 "$SUDOERS" +# +#if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then +# echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS – entferne Datei." +# rm -f "$SUDOERS" +#fi +# +#log "[✓] Update-Wrapper bereit: $WRAPPER" \ No newline at end of file