jason/socktop-webterm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Upgrade to Rust 1.91 and migrate to pop-telemetry 0.12.1
Some checks failed
Build and Deploy to K3s / test (push) Successful in 2m6s
Details
Build and Deploy to K3s / lint (push) Successful in 1m33s
Details
Build and Deploy to K3s / build-and-push (push) Successful in 5m24s
Details
Build and Deploy to K3s / deploy (push) Failing after 10m8s
Details

Browse Source 
- Updated Rust toolchain from 1.90 to 1.91 (required by pop-telemetry)
- Migrated analytics to use pop-telemetry crate for privacy-focused telemetry
- Added dirs dependency for cross-platform config directory handling
- Refactored init-config.sh to handle permission restrictions in K8s
  - Gracefully handles chown failures in restricted security contexts
  - Uses alternative copy methods (cat > file) when cp fails
  - Continues operation with warnings instead of failing
- Updated Dockerfile to use rust:1.91-slim-bookworm base image
- Changed telemetry configuration from endpoint/website_id to config file path

This addresses permission denied errors when deploying to K3s with
security contexts that prevent ownership changes on pre-existing directories.
This commit is contained in:
jasonwitty 2025-11-30 04:01:43 -08:00
parent 39e0f55fc4
commit e870e2e4ec
3 changed files with 81 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
Cargo.lock generated
View File

@ -2610,7 +2610,7 @@ dependencies = [
[[package]] [[package]]
name = "webterm" name = "webterm"
version = "0.3.2" version = "0.3.4"
dependencies = [ dependencies = [
"actix", "actix",
"actix-files", "actix-files",

2
Cargo.toml
View File

@ -6,7 +6,7 @@ documentation = "https://docs.rs/webterm"
readme = "README.md" readme = "README.md"
categories = ["web-programming", "web-programming::websocket", "web-programming::http-server", "command-line-utilities"] categories = ["web-programming", "web-programming::websocket", "web-programming::http-server", "command-line-utilities"]
keywords = ["terminal", "xterm", "websocket", "terminus", "console"] keywords = ["terminal", "xterm", "websocket", "terminus", "console"]
version = "0.3.2" version = "0.3.4"
authors = ["fabian.freyer@physik.tu-berlin.de","jasonpwitty+socktop@proton.me"] authors = ["fabian.freyer@physik.tu-berlin.de","jasonpwitty+socktop@proton.me"]
edition = "2021" edition = "2021"
license = "BSD-3-Clause" license = "BSD-3-Clause"

114
docker/init-config.sh
View File

@ -18,23 +18,29 @@ echo "Current user: $(whoami) (UID: $(id -u))"
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
echo "Running as root, will create directories and set permissions" echo "Running as root, will create directories and set permissions"
# Ensure socktop user's home directory exists and has correct ownership # Check if socktop home exists and try to ensure it's accessible
if [ ! -d "${SOCKTOP_HOME}" ]; then if [ ! -d "${SOCKTOP_HOME}" ]; then
echo "Creating ${SOCKTOP_HOME}..." echo "Creating ${SOCKTOP_HOME}..."
mkdir -p "${SOCKTOP_HOME}" mkdir -p "${SOCKTOP_HOME}"
chown socktop:socktop "${SOCKTOP_HOME}" chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted)"
else
echo " ✓ Home directory exists"
# Try to fix ownership if possible, but don't fail if we can't
chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted by security context)"
fi fi
# Ensure the directory is writable by socktop user # Create config directories with proper structure
chown socktop:socktop "${SOCKTOP_HOME}"
# Create necessary directories as root, then fix ownership
echo "Creating config directories..." echo "Creating config directories..."
mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs" mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs" 2>/dev/null || true
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
chown -R socktop:socktop "${SOCKTOP_HOME}/.config"
echo " ✓ Created directories with correct ownership" # Try to fix ownership recursively, ignore errors
chown -R socktop:socktop "${SOCKTOP_HOME}/.config" 2>/dev/null || echo " ⚠ Could not change ownership of .config directory (may be restricted)"
# Ensure directories are writable by socktop user at minimum
chmod -R u+rwX "${SOCKTOP_HOME}/.config" 2>/dev/null || true
echo " ✓ Created directories"
else else
echo "Running as non-root user ($(id -u)), creating directories" echo "Running as non-root user ($(id -u)), creating directories"
# Try to create directories - will work if HOME is writable # Try to create directories - will work if HOME is writable
@ -44,54 +50,80 @@ else
echo " ✓ Directories already exist" echo " ✓ Directories already exist"
else else
echo " ✗ Failed to create directories and they don't exist" echo " ✗ Failed to create directories and they don't exist"
exit 1 echo " Attempting to continue anyway..."
fi fi
} }
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
fi fi
# Copy files from mounted locations to actual HOME if they exist # Copy configuration files
echo "Copying configuration files..." echo "Copying configuration files..."
# Copy profiles.json # Copy profiles.json
if [ -f "/home/socktop/.config/socktop/profiles.json" ]; then if [ -f "/home/socktop/.config/socktop/profiles.json" ]; then
TARGET="${SOCKTOP_HOME}/.config/socktop/profiles.json"
# Remove existing file if it exists
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
# Copy as root, then fix ownership # Running as root - copy and set ownership
cp -f /home/socktop/.config/socktop/profiles.json "${SOCKTOP_HOME}/.config/socktop/profiles.json" cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json" echo " ⚠ Failed to copy profiles.json, trying alternative method..."
chmod 644 "${SOCKTOP_HOME}/.config/socktop/profiles.json" cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
}
chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${TARGET}" 2>/dev/null || true
else else
cp -f /home/socktop/.config/socktop/profiles.json "${SOCKTOP_HOME}/.config/socktop/profiles.json" # Running as socktop user
cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
}
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied profiles.json"
fi fi
echo " ✓ Copied profiles.json"
else else
echo " ⚠ profiles.json not found at mount point" echo " ⚠ profiles.json not found at mount point"
fi fi
# Copy alacritty.toml # Copy alacritty.toml
if [ -f "/home/socktop/.config/alacritty/alacritty.toml" ]; then if [ -f "/home/socktop/.config/alacritty/alacritty.toml" ]; then
TARGET="${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
cp -f /home/socktop/.config/alacritty/alacritty.toml "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml" cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml" chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml" chmod 644 "${TARGET}" 2>/dev/null || true
else else
cp -f /home/socktop/.config/alacritty/alacritty.toml "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml" cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied alacritty.toml"
fi fi
echo " ✓ Copied alacritty.toml"
else else
echo " ⚠ alacritty.toml not found at mount point" echo " ⚠ alacritty.toml not found at mount point"
fi fi
# Copy catppuccin-frappe.toml # Copy catppuccin-frappe.toml
if [ -f "/home/socktop/.config/alacritty/catppuccin-frappe.toml" ]; then if [ -f "/home/socktop/.config/alacritty/catppuccin-frappe.toml" ]; then
TARGET="${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml" cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml" chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml" chmod 644 "${TARGET}" 2>/dev/null || true
else else
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml" cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied catppuccin-frappe.toml"
fi fi
echo " ✓ Copied catppuccin-frappe.toml"
else else
echo " ⚠ catppuccin-frappe.toml not found at mount point" echo " ⚠ catppuccin-frappe.toml not found at mount point"
fi fi
@ -101,14 +133,20 @@ if [ -d "/home/socktop/.config/socktop/certs" ]; then
echo "Copying certificates..." echo "Copying certificates..."
for cert in /home/socktop/.config/socktop/certs/*.pem; do for cert in /home/socktop/.config/socktop/certs/*.pem; do
if [ -f "$cert" ]; then if [ -f "$cert" ]; then
TARGET="${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
cp -f "$cert" "${SOCKTOP_HOME}/.config/socktop/certs/" cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")" chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")" chmod 644 "${TARGET}" 2>/dev/null || true
else else
cp -f "$cert" "${SOCKTOP_HOME}/.config/socktop/certs/" cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied $(basename "$cert")"
fi fi
echo " ✓ Copied $(basename "$cert")"
fi fi
done done
else else
@ -119,9 +157,15 @@ fi
if [ -f "${SOCKTOP_HOME}/.config/socktop/profiles.json" ]; then if [ -f "${SOCKTOP_HOME}/.config/socktop/profiles.json" ]; then
echo "Rewriting paths in profiles.json..." echo "Rewriting paths in profiles.json..."
# Replace /home/socktop with actual HOME directory and ensure certs/ subdirectory # Replace /home/socktop with actual HOME directory and ensure certs/ subdirectory
sed -i "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" sed -i "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || {
echo " ⚠ Could not rewrite paths in-place, trying alternative method..."
sed "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" > "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" 2>/dev/null && \
mv "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || \
echo " ✗ Could not rewrite paths"
}
if [ "$(id -u)" -eq 0 ]; then if [ "$(id -u)" -eq 0 ]; then
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json" chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || true
fi fi
echo " ✓ Updated certificate paths" echo " ✓ Updated certificate paths"
fi fi