boban
/
mailwolt-installer
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
mailwolt-installer/scripts/88-update-wrapper.sh

210 lines
5.4 KiB
Bash
Raw Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

#!/usr/bin/env bash
set -euo pipefail
source ./lib.sh
log "Update-Wrapper & Sudoers …"
WRAPPER="/usr/local/sbin/mw-update"
LOGFILE="/var/log/mailwolt-update.log"
STATEDIR="/var/lib/mailwolt/update"
SUDOERS="/etc/sudoers.d/mailwolt-update"
VERSION_FILE="/var/lib/mailwolt/version"
# Kandidaten: wo liegt update.sh?
CANDIDATES=(
/opt/mailwolt-installer/scripts/update.sh
/mailwolt-installer/scripts/update.sh
/usr/local/lib/mailwolt/update.sh
)
# State/Log vorbereiten
install -d -m 0755 "$(dirname "$LOGFILE")"
install -d -m 0755 "$STATEDIR"
: > "$LOGFILE" || true
chmod 0644 "$LOGFILE"
# Wrapper erzeugen
cat > "$WRAPPER" <<'EOF'
#!/usr/bin/env bash
set -euo pipefail
LOG="/var/log/mailwolt-update.log"
STATE_DIR="/var/lib/mailwolt/update"
VERSION_FILE="/var/lib/mailwolt/version"
CANDIDATES=(
/opt/mailwolt-installer/scripts/update.sh
/mailwolt-installer/scripts/update.sh
/usr/local/lib/mailwolt/update.sh
)
# Beste vorhandene update.sh finden
SCRIPT=""
for p in "${CANDIDATES[@]}"; do
if [[ -x "$p" ]]; then SCRIPT="$p"; break; fi
if [[ -f "$p" && -r "$p" ]]; then SCRIPT="$p"; break; fi
done
install -d -m 0755 "$STATE_DIR"
echo "running" > "$STATE_DIR/state"
{
echo "===== $(date -Is) :: Update gestartet ====="
if [[ -z "$SCRIPT" ]]; then
echo "[!] update.sh nicht gefunden oder nicht ausführbar (versucht: ${CANDIDATES[*]})"
rc=127
else
echo "[i] benutze: $SCRIPT"
if [[ "$(id -u)" -ne 0 ]]; then
echo "[!] Bitte als root ausführen"
rc=1
else
# Dirty-Working-Tree zulassen, damit UI-Commits/Änderungen kein Blocker sind
if [[ -x "$SCRIPT" ]]; then
ALLOW_DIRTY=1 "$SCRIPT"
else
ALLOW_DIRTY=1 bash "$SCRIPT"
fi
rc=$?
fi
fi
echo "===== $(date -Is) :: Update beendet (rc=$rc) ====="
# Version schreiben (Git-Tag oder Commit)
if command -v git >/dev/null 2>&1; then
cd /opt/mailwolt-installer >/dev/null 2>&1 || true
ver=$(git describe --tags --always --dirty 2>/dev/null || echo "unknown")
echo "$ver" > "$VERSION_FILE"
echo "[i] Version aktualisiert: $ver"
else
echo "unknown" > "$VERSION_FILE"
fi
echo "$rc" > "$STATE_DIR/rc"
echo "done" > "$STATE_DIR/state"
exit "$rc"
} | tee -a "$LOG"
EOF
chmod 0755 "$WRAPPER"
chown root:root "$WRAPPER"
# Sudoers: www-data (Laravel) & mailwolt dürfen den Wrapper laufen lassen
cat > "$SUDOERS" <<'EOF'
Defaults!/usr/local/sbin/mw-update !requiretty
www-data ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
mailwolt ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
EOF
chown root:root "$SUDOERS"
chmod 440 "$SUDOERS"
if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then
echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS entferne Datei."
rm -f "$SUDOERS"
fi
# Version-File initial anlegen, falls nicht existiert
if [[ ! -f "$VERSION_FILE" ]]; then
echo "unknown" > "$VERSION_FILE"
chmod 0644 "$VERSION_FILE"
fi
log "[✓] Update-Wrapper bereit: $WRAPPER"
log "[✓] Version wird unter $VERSION_FILE gespeichert"
##!/usr/bin/env bash
#set -euo pipefail
#source ./lib.sh
#
#log "Update-Wrapper & Sudoers …"
#
#WRAPPER="/usr/local/sbin/mw-update"
#LOGFILE="/var/log/mailwolt-update.log"
#STATEDIR="/var/lib/mailwolt/update"
#SUDOERS="/etc/sudoers.d/mailwolt-update"
#
## Kandidaten: wo liegt update.sh?
#CANDIDATES=(
# /opt/mailwolt-installer/scripts/update.sh
# /mailwolt-installer/scripts/update.sh
# /usr/local/lib/mailwolt/update.sh
#)
#
## State/Log vorbereiten
#install -d -m 0755 "$(dirname "$LOGFILE")"
#install -d -m 0755 "$STATEDIR"
#: > "$LOGFILE" || true
#chmod 0644 "$LOGFILE"
#
## Wrapper erzeugen
#cat > "$WRAPPER" <<'EOF'
##!/usr/bin/env bash
#set -euo pipefail
#
#LOG="/var/log/mailwolt-update.log"
#STATE_DIR="/var/lib/mailwolt/update"
#
#CANDIDATES=(
# /opt/mailwolt-installer/scripts/update.sh
# /mailwolt-installer/scripts/update.sh
# /usr/local/lib/mailwolt/update.sh
#)
#
## Beste vorhandene update.sh finden
#SCRIPT=""
#for p in "${CANDIDATES[@]}"; do
# if [[ -x "$p" ]]; then SCRIPT="$p"; break; fi
# if [[ -f "$p" && -r "$p" ]]; then SCRIPT="$p"; break; fi
#done
#
#install -d -m 0755 "$STATE_DIR"
#echo "running" > "$STATE_DIR/state"
#
#{
# echo "===== $(date -Is) :: Update gestartet ====="
# if [[ -z "$SCRIPT" ]]; then
# echo "[!] update.sh nicht gefunden oder nicht ausführbar (versucht: ${CANDIDATES[*]})"
# rc=127
# else
# echo "[i] benutze: $SCRIPT"
# if [[ "$(id -u)" -ne 0 ]]; then
# echo "[!] Bitte als root ausführen"
# rc=1
# else
# # Dirty-Working-Tree zulassen, damit UI-Commits/Änderungen kein Blocker sind
# if [[ -x "$SCRIPT" ]]; then
# ALLOW_DIRTY=1 "$SCRIPT"
# else
# ALLOW_DIRTY=1 bash "$SCRIPT"
# fi
# rc=$?
# fi
# fi
# echo "===== $(date -Is) :: Update beendet (rc=$rc) ====="
# echo "$rc" > "$STATE_DIR/rc"
# echo "done" > "$STATE_DIR/state"
# exit "$rc"
#} | tee -a "$LOG"
#EOF
#
#chmod 0755 "$WRAPPER"
#chown root:root "$WRAPPER"
#
## Sudoers: www-data (Laravel) & mailwolt dürfen den Wrapper laufen lassen
#cat > "$SUDOERS" <<'EOF'
#Defaults!/usr/local/sbin/mw-update !requiretty
#www-data ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
#mailwolt ALL=(root) NOPASSWD: /usr/local/sbin/mw-update
#EOF
#
#chown root:root "$SUDOERS"
#chmod 440 "$SUDOERS"
#
#if ! visudo -c -f "$SUDOERS" >/dev/null 2>&1; then
# echo "[!] Ungültiger sudoers-Eintrag in $SUDOERS entferne Datei."
# rm -f "$SUDOERS"
#fi
#
#log "[✓] Update-Wrapper bereit: $WRAPPER"
Reference in New Issue View Git Blame Copy Permalink