Do not use sudo on startup (separate install from startup)

pludov · Jun 13, 2019 · e724666 · e724666
1 parent ea03982
commit e724666
Show file tree

Hide file tree

Showing 6 changed files with 143 additions and 51 deletions.
diff --git a/.gitignore b/.gitignore
@@ -1,3 +1,5 @@
+mobindi.conf
+.mobindi.conf.tmp
 node_modules
 local/
 dist/

diff --git a/README.md b/README.md
@@ -47,7 +47,7 @@ Next release will include:
   * Remember camera settings accros restarts
   * Auto focuser graph improvment
   * Preliminary support for ssl (on port 8443)
-  * New script for build/startup (startup.sh)
+  * New script for build/startup (install.sh/startup.sh)
   * Support for landscape orientation
   * UI fixes for Chrome
 
@@ -144,10 +144,15 @@ sudo apt-get install -y nodejs
 npm install
 ```
 
-Installation and startup:
+Installation:
 ```
 git clone https://github.com/pludov/mobindi.git
 cd mobindi
+./install.sh
+```
+
+Startup:
+```
 ./startup.sh
 ```
 
@@ -157,6 +162,7 @@ Connect to http://localhost:8080, or if you want to test the new support for htt
 To upgrade to the latest version, issue:
 ```
 git pull --ff-only
+./install.sh
 ./startup.sh
 ```
 

diff --git a/install.sh b/install.sh
@@ -0,0 +1,86 @@
+#!/bin/bash
+
+set -euo pipefail
+
+INSTALL_DIR="$(dirname "$BASH_SOURCE")"
+
+cd "$INSTALL_DIR"
+
+
+LOGDIR=""
+
+if [ -f ./mobindi.conf ]; then
+    . ./mobindi.conf
+fi
+
+UPDATECONF=0
+FORCE_BUILD=0
+while [ "$#" != 0 ]; do
+    case "$1" in
+        --log-dir)
+                shift
+                LOGDIR="$1"
+                shift
+                UPDATECONF=1
+                ;;
+        --no-log-dir)
+                shift
+                LOGDIR=""
+                UPDATECONF=1
+                ;;
+        --force-build)
+                shift
+                FORCE_BUILD=1
+                ;;
+        *)
+                echo "Usage: $0 [--log-dir logdirectory] [--no-log-dir] [--force-build]"
+                exit 1
+                ;;
+    esac
+done
+
+printf "Settings:\n * Log directory: %s\n" "$LOGDIR"
+
+if [ "$UPDATECONF" != 0 ]; then
+    printf "LOGDIR='%q'" "$LOGDIR" > ./.mobindi.conf.tmp
+    mv ./.mobindi.conf.tmp ./mobindi.conf
+fi
+
+if [ "${LOGDIR-}" != "" ]; then
+	which multilog > /dev/null || (echo "Installation of daemontools required" >&2 ; sudo apt install daemontools)
+	[ -d "$LOGDIR" ] || sudo mkdir -p -- "$LOGDIR"
+	[ -w "$LOGDIR" ] || sudo chown "$UID" -R -- "$LOGDIR"
+fi
+
+# Rebuild if required
+CURRENTREV="`git rev-parse HEAD`"
+if [ "$CURRENTREV" == "" ]; then
+    echo "Git repo is broken. Aborting" 2>&1
+    exit 1
+fi
+
+if [ "$FORCE_BUILD" != 0 ]; then
+    LATESTBUILD=""
+else
+    ISCLEAN="`git status --porcelain`"
+    if [ "$ISCLEAN" != "" ]; then
+        echo "WARNING: You're git repo is not clean - Automated build cannot be deduced from local modification" 2>&1
+    fi
+    if [ -f ".latestbuild" ]; then
+        LATESTBUILD="`cat .latestbuild`"
+    else
+        LATESTBUILD=""
+    fi
+fi
+
+if [ "$CURRENTREV" != "$LATESTBUILD" ]; then
+    echo "Build required... Please wait" 2>&1
+    rm -f .latestbuild
+    ./build.sh
+    echo "$CURRENTREV" >> .latestbuild
+fi
+
+# Setup nginx
+./nginx/install.sh
+
+echo "System ready" >&2
diff --git a/nginx/install.sh b/nginx/install.sh
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+set -euo pipefail
+
+INSTALL_DIR="$(dirname "$BASH_SOURCE")"
+
+cd "$INSTALL_DIR"
+
+LOGDIR=""
+
+if [ -f ../mobindi.conf ]; then
+    . ../mobindi.conf
+fi
+
+[[ ":$PATH:" != *":/usr/sbin:"* ]] && PATH="${PATH}:/usr/sbin"
+
+which nginx > /dev/null || (echo "Installation of nginx required" >&2 ; sudo apt install nginx)
+
+if [ ! -f nginx-selfsigned.key ] \
+        || [ ! -f nginx-selfsigned.crt ] \
+        || [ "$(find nginx-selfsigned.key -mtime +360)" ] \
+        || [ "$(find nginx-selfsigned.crt -mtime +360)" ]; then
+    which openssl > /dev/null || (echo "Installation of openssl required" >&2; sudo apt install openssl)
+
+    echo "SSL certificate required" >&2
+
+    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
+            -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com" \
+            -keyout /tmp/nginx-selfsigned.key -out /tmp/nginx-selfsigned.crt
+
+    mv /tmp/nginx-selfsigned.key /tmp/nginx-selfsigned.crt .
+fi
diff --git a/nginx/nginx.sh b/nginx/nginx.sh
@@ -6,26 +6,15 @@ INSTALL_DIR="$(dirname "$BASH_SOURCE")"
 
 cd "$INSTALL_DIR"
 
-[[ ":$PATH:" != *":/usr/sbin:"* ]] && PATH="${PATH}:/usr/sbin"
-
-which nginx > /dev/null || (echo "Installation of nginx required" >&2 ; sudo apt install nginx)
-
-if [ ! -f nginx-selfsigned.key ] \
-        || [ ! -f nginx-selfsigned.crt ] \
-        || [ "$(find nginx-selfsigned.key -mtime +360)" ] \
-        || [ "$(find nginx-selfsigned.crt -mtime +360)" ]; then
-    which openssl > /dev/null || (echo "Installation of openssl required" >&2; sudo apt install openssl)
-
-    echo "SSL certificate required" >&2
+LOGDIR=""
 
-    openssl req -x509 -nodes -days 365 -newkey rsa:2048 \
-            -subj "/C=GB/ST=London/L=London/O=Global Security/OU=IT Department/CN=example.com" \
-            -keyout /tmp/nginx-selfsigned.key -out /tmp/nginx-selfsigned.crt
-
-    mv /tmp/nginx-selfsigned.key /tmp/nginx-selfsigned.crt .
+if [ -f ../mobindi.conf ]; then
+    . ../mobindi.conf
 fi
 
 
+[[ ":$PATH:" != *":/usr/sbin:"* ]] && PATH="${PATH}:/usr/sbin"
+
 if [ -f "nginx.pid" ]; then
     if kill -HUP "`cat nginx.pid`" ; then
         echo "Nginx reloaded" >&2

diff --git a/startup.sh b/startup.sh
@@ -6,47 +6,24 @@ INSTALL_DIR="$(dirname "$BASH_SOURCE")"
 
 cd "$INSTALL_DIR"
 
-if [ "${LOGDIR-}" != "" ]; then
-	which multilog > /dev/null || (echo "Installation of daemontools required" >&2 ; sudo apt install daemontools)
-	[ -d "$LOGDIR" ] || sudo mkdir -p -- "$LOGDIR"
-	[ -w "$LOGDIR" ] || sudo chown "$UID" -R -- "$LOGDIR"
+LOGDIR=""
+
+if [ -f ./mobindi.conf ]; then
+    . ./mobindi.conf
+fi
+
+if [ "$LOGDIR" != "" ]; then
 	echo "Logging into $LOGDIR"
 	exec < /dev/null
 	exec > >( multilog '.s9999999' "$LOGDIR" )
 	exec 2>&1
 fi
 
-# Rebuild if required
-CURRENTREV="`git rev-parse HEAD`"
-if [ "$CURRENTREV" == "" ]; then
-    echo "Git is broken. Aborting" 2>&1
-    exit 1
-fi
-
-ISCLEAN="`git status --porcelain`"
-if [ "$ISCLEAN" != "" ]; then
-    echo "WARNING: You're git repo is not clean - Automated build cannot be deduced from local modification" 2>&1
-fi
-
-if [ "$#" != 0 ] && [ "$1" == "--rebuild" ]; then
-    shift
-    LATESTBUILD=""
-else
-    if [ -f ".latestbuild" ]; then
-        LATESTBUILD="`cat .latestbuild`"
-    else
-        LATESTBUILD=""
-    fi
-fi
-
-if [ "$CURRENTREV" != "$LATESTBUILD" ]; then
-    echo "Build required... Please wait" 2>&1
-    rm -f .latestbuild
-    ./build.sh
-    echo "$CURRENTREV" >> .latestbuild
-fi
 
 # Startup nginx
 ./nginx/nginx.sh
 
+# Leave reasonable time to die
+( pkill -U "$UID" -fx "node dist/app.js" && sleep 0.5 ) || /bin/true
+
 exec npm start "$@"