From bd835dcd82d6aa157851ca898384f24d709f2c9b Mon Sep 17 00:00:00 2001 From: Tobias K <6317548+theCalcaholic@users.noreply.github.com> Date: Thu, 5 Jan 2023 02:05:28 +0100 Subject: [PATCH] Fix installation and pipeline errors MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Tobias K <6317548+theCalcaholic@users.noreply.github.com> Signed-off-by: Tobias Knöppler <6317548+theCalcaholic@users.noreply.github.com> --- .github/workflows/build-docker.yml | 47 +++++++++++++++++++++++++++++- bin/ncp/CONFIG/nc-datadir.sh | 6 +++- bin/ncp/NETWORKING/SSH.sh | 2 +- build/build-SD-rpi.sh | 2 -- build/docker/Dockerfile | 10 ++++++- etc/library.sh | 33 +++++++++++++++++++++ etc/ncp-config.d/nc-datadir.cfg | 2 +- install.sh | 8 +++++ 8 files changed, 103 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml index e42579ce..97e50abf 100644 --- a/.github/workflows/build-docker.yml +++ b/.github/workflows/build-docker.yml @@ -67,6 +67,41 @@ jobs: VERSION: "${{ inputs.git_ref || github.ref }}" ARCH: "${{ inputs.arch || 'x86' }}" steps: + - name: Checkout code + uses: actions/checkout@v3 + with: + ref: "${{ env.VERSION }}" + fetch-depth: 0 + - name: Get previous release + id: get_previous_version + shell: bash + run: | + set -ex + if [[ -n "${{ github.base_ref }}" ]] + then + version="${{ github.base_ref }}" + elif [[ "${{ env.VERSION }}" == "refs/heads/devel" ]] + then + version="latest" + else + if [[ "${{ github.ref_type }}" != "tag" ]] || ! git describe --tags > /dev/null + then + git fetch -fu --tags origin ${{ env.VERSION }}:${{ env.VERSION }} + fi + version="$(git describe --tags || true)" + [[ "$version" =~ .*-.*-.* ]] || { + git checkout HEAD~1 + version="$(git describe --tags || echo latest)" + } + version="${version%-*-*}" + fi + curl "https://hub.docker.com/v2/repositories/ownyourbits/nextcloudpi-${ARCH}/tags/${version}" | grep 'errinfo' > /dev/null && { + echo "Image ownyourbits/nextcloudpi-${ARCH}:${version} does not exist - falling back to :latest" + version="latest" + } + echo "Previous version is '$version'" + echo "PREVIOUS_VERSION=$version" >> "$GITHUB_ENV" + echo "::set-output name=previous_version::${version}" - name: Set up QEMU uses: docker/setup-qemu-action@v1 @@ -75,7 +110,17 @@ jobs: docker volume create ncdata platform=linux/${ARCH?} [[ "$ARCH" == 'x86' ]] && platform=linux/amd64 - docker run --platform "$platform" -v ncdata:/data -d --rm -p 8443:443 -p 4443:4443 --name nextcloudpi ownyourbits/nextcloudpi:latest + tmpdir=$(mktemp -d) + pushd "$tmpdir" + cat < ./Dockerfile + FROM --platform=$platform ownyourbits/nextcloudpi:${{ steps.get_previous_version.outputs.previous_version }} + + RUN echo 'Mutex posixsem' >> /etc/apache2/mods-available/ssl.conf + EOF + docker build . -t ncp-testing -f Dockerfile + popd + rm -r "$tmpdir" + docker run --platform "$platform" -v ncdata:/data -d --rm -p 8443:443 -p 4443:4443 --name nextcloudpi ncp-testing - name: Checkout code uses: actions/checkout@v3 diff --git a/bin/ncp/CONFIG/nc-datadir.sh b/bin/ncp/CONFIG/nc-datadir.sh index 3a0061d4..8d55a98f 100644 --- a/bin/ncp/CONFIG/nc-datadir.sh +++ b/bin/ncp/CONFIG/nc-datadir.sh @@ -147,7 +147,11 @@ configure() ( . "${BINDIR?}/SYSTEM/metrics.sh" - reload_metrics_config + reload_metrics_config || { + echo 'WARN: There was an issue reloading ncp metrics. This might not affect your installation, + but keep it in mind if there is an issue with metrics.' + true + } ) echo "The NC data directory has been moved successfully." diff --git a/bin/ncp/NETWORKING/SSH.sh b/bin/ncp/NETWORKING/SSH.sh index 62242e97..227ce47b 100644 --- a/bin/ncp/NETWORKING/SSH.sh +++ b/bin/ncp/NETWORKING/SSH.sh @@ -39,7 +39,7 @@ configure() echo -e "$PASS\n$CONFIRM" | passwd "$USER" || return 1 # Reenable pi user - usermod "$USER" -s /bin/bash + chsh -s /bin/bash "$USER" # Check for insecure default pi password ( taken from old jessie method ) # TODO Due to Debian bug #1003151 with mkpasswd this feature is not working properly at the moment - https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1837456.html diff --git a/build/build-SD-rpi.sh b/build/build-SD-rpi.sh index d7cc0b70..b7a2d0f1 100755 --- a/build/build-SD-rpi.sh +++ b/build/build-SD-rpi.sh @@ -79,8 +79,6 @@ PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \ # harden SSH further for Raspbian sed -i 's|^#PermitRootLogin .*|PermitRootLogin no|' /etc/ssh/sshd_config - # default user 'pi' for SSH - # cleanup source etc/library.sh && run_app_unsafe post-inst.sh rm /etc/resolv.conf diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile index 1f813bec..7d9351a0 100644 --- a/build/docker/Dockerfile +++ b/build/docker/Dockerfile @@ -144,6 +144,7 @@ COPY ncp-previewgenerator /tmp/ncp-build/ncp-previewgenerator/ COPY build/docker /tmp/ncp-build/build/docker/ COPY ncp.sh update.sh post-inst.sh /tmp/ncp-build/ COPY etc/ncp-config.d/nc-init.cfg /usr/local/etc/ncp-config.d/nc-init-copy.cfg +COPY etc/ncp-config.d/nc-datadir.cfg /usr/local/etc/ncp-config.d/nc-datadir.cfg RUN --mount=type=cache,target=/var/cache/apt --mount=type=cache,target=/var/lib/apt \ set -e; \ @@ -160,13 +161,20 @@ touch /.docker-image; \ apt-get update; \ apt-get install --no-install-recommends -y wget ca-certificates; \ -# install nextcloudpi +# install nextcloudpiset_app_param nc-datadir.sh DATADIR '/data-ro/ncdata' \ source /usr/local/etc/library.sh; \ cd /tmp/ncp-build/; \ install_app ncp.sh; \ mv /usr/local/etc/ncp-config.d/nc-init-copy.cfg /usr/local/etc/ncp-config.d/nc-init.cfg; \ run_app_unsafe bin/ncp/CONFIG/nc-init.sh; \ +echo 'Moving data directory to a more sensible location' \ +mkdir -p /opt/ncdata \ +set_app_param nc-datadir.sh DATADIR '/data-ro/ncdata' \ +run_app_unsafe bin/ncp/CONFIG/nc-datadir.sh \ +set_app_param nc-datadir.sh DATADIR '/data/ncdata' \ +# Remove nc-datadir.cfg as it's disabled in docker +rm /usr/local/etc/nc-datadir.cfg \ sed -i 's|data-ro|data|' /data-ro/nextcloud/config/config.php; \ # fix default paths diff --git a/etc/library.sh b/etc/library.sh index e43a8f45..80327d56 100644 --- a/etc/library.sh +++ b/etc/library.sh @@ -246,6 +246,39 @@ find_app_param() jq -r ".params[$p_num].value" < "$cfg_file" } +set_app_param() +{ + local script="${1?}" + local param_id="${2?}" + local param_value="${3?}" + local ncp_app="$(basename "$script" .sh)" + local cfg_file="$CFGDIR/$ncp_app.cfg" + + grep -q '[\\&#;'"'"'`|*?~<>^"()[{}$&[:space:]]' <<< "${param_value}" && { echo "Invalid characters in field ${vars[$i]}"; return 1; } + + cfg="$(cat "$cfg_file")" + + local len="$(jq '.params | length' <<<"$cfg")" + local param_found=false + + for (( i = 0 ; i < len ; i++ )); do + # check for invalid characters + [[ "$(jq -r ".params[$i].id" <<<"$cfg")" == "$param_id" ]] && { + cfg="$(jq ".params[$i].value = \"${param_value}\"" <<<"$cfg")" + param_found=true + } + + done + + [[ "$param_found" == "true" ]] || { + echo "Did not find parameter '${param_id}' in configuration of app '$(basename "$script" .sh)'" + return 1 + } + + echo "$cfg" > "$cfg_file" + +} + # receives a script file, no security checks function run_app_unsafe() { diff --git a/etc/ncp-config.d/nc-datadir.cfg b/etc/ncp-config.d/nc-datadir.cfg index f387c3e3..7ec1cd72 100644 --- a/etc/ncp-config.d/nc-datadir.cfg +++ b/etc/ncp-config.d/nc-datadir.cfg @@ -9,7 +9,7 @@ { "id": "DATADIR", "name": "Data directory", - "value": "/media/USBdrive/ncdata", + "value": "/opt/ncdata", "suggest": "/media/USBdrive/ncdata", "default": "/var/www/nextcloud/data", "type": "directory" diff --git a/install.sh b/install.sh index b7a45979..ace57455 100644 --- a/install.sh +++ b/install.sh @@ -67,6 +67,14 @@ rm /usr/local/etc/ncp-config.d/nc-nextcloud.cfg # armbian overlay is ro systemctl restart mysqld # TODO this shouldn't be necessary, but somehow it's needed in Debian 9.6. Fixme install_app ncp.sh run_app_unsafe bin/ncp/CONFIG/nc-init.sh +echo 'Moving data directory to a more sensible location' +mkdir -p /opt/ncdata +[[ -f "/usr/local/etc/nc-datadir.cfg" ]] || { + should_rm_datadir_cfg=true + cp etc/ncp-config.d/nc-datadir.cfg /usr/local/etc/nc-datadir.cfg +} +run_app_unsafe bin/ncp/CONFIG/nc-datadir.sh +[[ -z "$should_rm_datadir_cfg" ]] || rm /usr/local/etc/nc-datadir.cfg rm /.ncp-image # skip on Armbian / Vagrant / LXD ...