paulmataruso/patchmon.net
1
0
Fork 0
mirror of https://github.com/9technologygroup/patchmon.net.git synced 2025-11-01 20:44:09 +00:00
Code Issues Packages Projects Releases Wiki Activity

setup: improve sudo handling and add root checks

Browse Source 
- Add root permission check at startup
- Install sudo automatically if not present (for Debian systems)
- Add run_as_user() helper function with better error handling
- Provide fallback PostgreSQL setup using 'su' when sudo unavailable
- Replace all sudo -u commands with the new helper function
- Better error messages for missing users/sudo

This ensures compatibility with minimal Debian systems that don't have sudo by default.
This commit is contained in:
Muhammad Ibrahim
2025-09-24 19:25:49 +01:00
parent a9c579bdd0
commit 456184d327
1 changed files with 66 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

67
setup.sh
View File

@@ -180,13 +180,49 @@ check_timezone() {
fi fi
} }
check_root() {
if [[ $EUID -ne 0 ]]; then
print_error "This script must be run as root"
print_info "Please run: sudo $0"
exit 1
fi
}
# Function to run commands as a specific user with better error handling
run_as_user() {
local user="$1"
local command="$2"
if ! command -v sudo >/dev/null 2>&1; then
print_error "sudo is required but not installed. Please install sudo first."
exit 1
fi
if ! id "$user" &>/dev/null; then
print_error "User '$user' does not exist"
exit 1
fi
sudo -u "$user" bash -c "$command"
}
check_prerequisites() { check_prerequisites() {
print_info "Running and checking prerequisites..." print_info "Running and checking prerequisites..."
# Check if running as root
check_root
print_info "Installing updates..." print_info "Installing updates..."
apt-get update -y apt-get update -y
apt-get upgrade -y apt-get upgrade -y
print_info "Installing prerequisite applications..." print_info "Installing prerequisite applications..."
# Install sudo if not present (needed for user switching)
if ! command -v sudo >/dev/null 2>&1; then
print_info "Installing sudo (required for user switching)..."
apt-get install -y sudo
fi
apt-get install -y wget curl jq git netcat-openbsd apt-get install -y wget curl jq git netcat-openbsd
print_status "Prerequisites installed successfully" print_status "Prerequisites installed successfully"
@@ -579,6 +615,8 @@ EOF
setup_database() { setup_database() {
print_info "Creating database: $DB_NAME" print_info "Creating database: $DB_NAME"
# Check if sudo is available for user switching
if command -v sudo >/dev/null 2>&1; then
# Drop and recreate database and user for clean state # Drop and recreate database and user for clean state
sudo -u postgres psql -c "DROP DATABASE IF EXISTS $DB_NAME;" || true sudo -u postgres psql -c "DROP DATABASE IF EXISTS $DB_NAME;" || true
sudo -u postgres psql -c "DROP USER IF EXISTS $DB_USER;" || true sudo -u postgres psql -c "DROP USER IF EXISTS $DB_USER;" || true
@@ -587,6 +625,17 @@ setup_database() {
sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';" sudo -u postgres psql -c "CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';"
sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;" sudo -u postgres psql -c "CREATE DATABASE $DB_NAME OWNER $DB_USER;"
sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;" sudo -u postgres psql -c "GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;"
else
# Alternative method for systems without sudo (run as postgres user directly)
print_warning "sudo not available, using alternative method for PostgreSQL setup"
# Switch to postgres user using su
su - postgres -c "psql -c \"DROP DATABASE IF EXISTS $DB_NAME;\"" || true
su - postgres -c "psql -c \"DROP USER IF EXISTS $DB_USER;\"" || true
su - postgres -c "psql -c \"CREATE USER $DB_USER WITH PASSWORD '$DB_PASS';\""
su - postgres -c "psql -c \"CREATE DATABASE $DB_NAME OWNER $DB_USER;\""
su - postgres -c "psql -c \"GRANT ALL PRIVILEGES ON DATABASE $DB_NAME TO $DB_USER;\""
fi
print_status "Database $DB_NAME created with user $DB_USER" print_status "Database $DB_NAME created with user $DB_USER"
} }
@@ -639,11 +688,11 @@ install_dependencies() {
chown -R "$INSTANCE_USER:$INSTANCE_USER" "$APP_DIR/.npm" chown -R "$INSTANCE_USER:$INSTANCE_USER" "$APP_DIR/.npm"
# Clean npm cache to avoid permission issues # Clean npm cache to avoid permission issues
sudo -u "$INSTANCE_USER" bash -c "cd $APP_DIR && npm cache clean --force" 2>/dev/null || true run_as_user "$INSTANCE_USER" "cd $APP_DIR && npm cache clean --force" 2>/dev/null || true
# Install root dependencies as the dedicated user # Install root dependencies as the dedicated user
print_info "Installing root dependencies..." print_info "Installing root dependencies..."
if ! sudo -u "$INSTANCE_USER" bash -c " if ! run_as_user "$INSTANCE_USER" "
cd $APP_DIR cd $APP_DIR
export NPM_CONFIG_CACHE=$APP_DIR/.npm export NPM_CONFIG_CACHE=$APP_DIR/.npm
export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global
@@ -658,7 +707,7 @@ install_dependencies() {
print_info "Installing backend dependencies..." print_info "Installing backend dependencies..."
cd backend cd backend
rm -rf node_modules rm -rf node_modules
if ! sudo -u "$INSTANCE_USER" bash -c " if ! run_as_user "$INSTANCE_USER" "
cd $APP_DIR/backend cd $APP_DIR/backend
export NPM_CONFIG_CACHE=$APP_DIR/.npm export NPM_CONFIG_CACHE=$APP_DIR/.npm
export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global
@@ -674,7 +723,7 @@ install_dependencies() {
print_info "Installing frontend dependencies..." print_info "Installing frontend dependencies..."
cd frontend cd frontend
rm -rf node_modules rm -rf node_modules
if ! sudo -u "$INSTANCE_USER" bash -c " if ! run_as_user "$INSTANCE_USER" "
cd $APP_DIR/frontend cd $APP_DIR/frontend
export NPM_CONFIG_CACHE=$APP_DIR/.npm export NPM_CONFIG_CACHE=$APP_DIR/.npm
export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global
@@ -687,7 +736,7 @@ install_dependencies() {
# Build frontend # Build frontend
print_info "Building frontend..." print_info "Building frontend..."
if ! sudo -u "$INSTANCE_USER" bash -c " if ! run_as_user "$INSTANCE_USER" "
cd $APP_DIR/frontend cd $APP_DIR/frontend
export NPM_CONFIG_CACHE=$APP_DIR/.npm export NPM_CONFIG_CACHE=$APP_DIR/.npm
export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global export NPM_CONFIG_PREFIX=$APP_DIR/.npm-global
@@ -757,8 +806,8 @@ run_migrations() {
cd "$APP_DIR/backend" cd "$APP_DIR/backend"
# Suppress Prisma CLI output (still logged to install log via tee) # Suppress Prisma CLI output (still logged to install log via tee)
sudo -u "$INSTANCE_USER" npx prisma migrate deploy >/dev/null 2>&1 || true run_as_user "$INSTANCE_USER" "cd $APP_DIR/backend && npx prisma migrate deploy" >/dev/null 2>&1 || true
sudo -u "$INSTANCE_USER" npx prisma generate >/dev/null 2>&1 || true run_as_user "$INSTANCE_USER" "cd $APP_DIR/backend && npx prisma generate" >/dev/null 2>&1 || true
print_status "Database migrations completed as $INSTANCE_USER" print_status "Database migrations completed as $INSTANCE_USER"
} }
@@ -1048,7 +1097,7 @@ populate_server_settings() {
cd "$APP_DIR/backend" cd "$APP_DIR/backend"
# Create settings update script # Create settings update script
sudo -u "$INSTANCE_USER" cat > update_settings.js << EOF cat > update_settings.js << EOF
const { PrismaClient } = require('@prisma/client'); const { PrismaClient } = require('@prisma/client');
const prisma = new PrismaClient(); const prisma = new PrismaClient();
@@ -1092,7 +1141,7 @@ updateSettings();
EOF EOF
# Run the settings update script as the dedicated user # Run the settings update script as the dedicated user
sudo -u "$INSTANCE_USER" node update_settings.js run_as_user "$INSTANCE_USER" "cd $APP_DIR/backend && node update_settings.js"
# Clean up temporary script # Clean up temporary script
rm -f update_settings.js rm -f update_settings.js