Upgrade to Rust 1.91 and migrate to pop-telemetry 0.12.1
- Updated Rust toolchain from 1.90 to 1.91 (required by pop-telemetry) - Migrated analytics to use pop-telemetry crate for privacy-focused telemetry - Added dirs dependency for cross-platform config directory handling - Refactored init-config.sh to handle permission restrictions in K8s - Gracefully handles chown failures in restricted security contexts - Uses alternative copy methods (cat > file) when cp fails - Continues operation with warnings instead of failing - Updated Dockerfile to use rust:1.91-slim-bookworm base image - Changed telemetry configuration from endpoint/website_id to config file path This addresses permission denied errors when deploying to K3s with security contexts that prevent ownership changes on pre-existing directories.
This commit is contained in:
parent
39e0f55fc4
commit
e870e2e4ec
2
Cargo.lock
generated
2
Cargo.lock
generated
@ -2610,7 +2610,7 @@ dependencies = [
|
||||
|
||||
[[package]]
|
||||
name = "webterm"
|
||||
version = "0.3.2"
|
||||
version = "0.3.4"
|
||||
dependencies = [
|
||||
"actix",
|
||||
"actix-files",
|
||||
|
||||
@ -6,7 +6,7 @@ documentation = "https://docs.rs/webterm"
|
||||
readme = "README.md"
|
||||
categories = ["web-programming", "web-programming::websocket", "web-programming::http-server", "command-line-utilities"]
|
||||
keywords = ["terminal", "xterm", "websocket", "terminus", "console"]
|
||||
version = "0.3.2"
|
||||
version = "0.3.4"
|
||||
authors = ["fabian.freyer@physik.tu-berlin.de","jasonpwitty+socktop@proton.me"]
|
||||
edition = "2021"
|
||||
license = "BSD-3-Clause"
|
||||
|
||||
@ -18,23 +18,29 @@ echo "Current user: $(whoami) (UID: $(id -u))"
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
echo "Running as root, will create directories and set permissions"
|
||||
|
||||
# Ensure socktop user's home directory exists and has correct ownership
|
||||
# Check if socktop home exists and try to ensure it's accessible
|
||||
if [ ! -d "${SOCKTOP_HOME}" ]; then
|
||||
echo "Creating ${SOCKTOP_HOME}..."
|
||||
mkdir -p "${SOCKTOP_HOME}"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted)"
|
||||
else
|
||||
echo " ✓ Home directory exists"
|
||||
# Try to fix ownership if possible, but don't fail if we can't
|
||||
chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted by security context)"
|
||||
fi
|
||||
|
||||
# Ensure the directory is writable by socktop user
|
||||
chown socktop:socktop "${SOCKTOP_HOME}"
|
||||
|
||||
# Create necessary directories as root, then fix ownership
|
||||
# Create config directories with proper structure
|
||||
echo "Creating config directories..."
|
||||
mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs"
|
||||
mkdir -p "${SOCKTOP_HOME}/.config/alacritty"
|
||||
chown -R socktop:socktop "${SOCKTOP_HOME}/.config"
|
||||
mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs" 2>/dev/null || true
|
||||
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
|
||||
|
||||
echo " ✓ Created directories with correct ownership"
|
||||
# Try to fix ownership recursively, ignore errors
|
||||
chown -R socktop:socktop "${SOCKTOP_HOME}/.config" 2>/dev/null || echo " ⚠ Could not change ownership of .config directory (may be restricted)"
|
||||
|
||||
# Ensure directories are writable by socktop user at minimum
|
||||
chmod -R u+rwX "${SOCKTOP_HOME}/.config" 2>/dev/null || true
|
||||
|
||||
echo " ✓ Created directories"
|
||||
else
|
||||
echo "Running as non-root user ($(id -u)), creating directories"
|
||||
# Try to create directories - will work if HOME is writable
|
||||
@ -44,54 +50,80 @@ else
|
||||
echo " ✓ Directories already exist"
|
||||
else
|
||||
echo " ✗ Failed to create directories and they don't exist"
|
||||
exit 1
|
||||
echo " Attempting to continue anyway..."
|
||||
fi
|
||||
}
|
||||
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
|
||||
fi
|
||||
|
||||
# Copy files from mounted locations to actual HOME if they exist
|
||||
# Copy configuration files
|
||||
echo "Copying configuration files..."
|
||||
|
||||
# Copy profiles.json
|
||||
if [ -f "/home/socktop/.config/socktop/profiles.json" ]; then
|
||||
TARGET="${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
|
||||
# Remove existing file if it exists
|
||||
rm -f "${TARGET}" 2>/dev/null || true
|
||||
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
# Copy as root, then fix ownership
|
||||
cp -f /home/socktop/.config/socktop/profiles.json "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
chmod 644 "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
# Running as root - copy and set ownership
|
||||
cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
|
||||
echo " ⚠ Failed to copy profiles.json, trying alternative method..."
|
||||
cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
|
||||
}
|
||||
chown socktop:socktop "${TARGET}" 2>/dev/null || true
|
||||
chmod 644 "${TARGET}" 2>/dev/null || true
|
||||
else
|
||||
cp -f /home/socktop/.config/socktop/profiles.json "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
# Running as socktop user
|
||||
cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
|
||||
cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
|
||||
}
|
||||
fi
|
||||
|
||||
if [ -f "${TARGET}" ]; then
|
||||
echo " ✓ Copied profiles.json"
|
||||
fi
|
||||
else
|
||||
echo " ⚠ profiles.json not found at mount point"
|
||||
fi
|
||||
|
||||
# Copy alacritty.toml
|
||||
if [ -f "/home/socktop/.config/alacritty/alacritty.toml" ]; then
|
||||
TARGET="${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
|
||||
rm -f "${TARGET}" 2>/dev/null || true
|
||||
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
cp -f /home/socktop/.config/alacritty/alacritty.toml "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
|
||||
chmod 644 "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
|
||||
cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
|
||||
chown socktop:socktop "${TARGET}" 2>/dev/null || true
|
||||
chmod 644 "${TARGET}" 2>/dev/null || true
|
||||
else
|
||||
cp -f /home/socktop/.config/alacritty/alacritty.toml "${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
|
||||
cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
|
||||
fi
|
||||
|
||||
if [ -f "${TARGET}" ]; then
|
||||
echo " ✓ Copied alacritty.toml"
|
||||
fi
|
||||
else
|
||||
echo " ⚠ alacritty.toml not found at mount point"
|
||||
fi
|
||||
|
||||
# Copy catppuccin-frappe.toml
|
||||
if [ -f "/home/socktop/.config/alacritty/catppuccin-frappe.toml" ]; then
|
||||
TARGET="${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
|
||||
rm -f "${TARGET}" 2>/dev/null || true
|
||||
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
|
||||
chmod 644 "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
|
||||
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
|
||||
chown socktop:socktop "${TARGET}" 2>/dev/null || true
|
||||
chmod 644 "${TARGET}" 2>/dev/null || true
|
||||
else
|
||||
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
|
||||
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
|
||||
fi
|
||||
|
||||
if [ -f "${TARGET}" ]; then
|
||||
echo " ✓ Copied catppuccin-frappe.toml"
|
||||
fi
|
||||
else
|
||||
echo " ⚠ catppuccin-frappe.toml not found at mount point"
|
||||
fi
|
||||
@ -101,15 +133,21 @@ if [ -d "/home/socktop/.config/socktop/certs" ]; then
|
||||
echo "Copying certificates..."
|
||||
for cert in /home/socktop/.config/socktop/certs/*.pem; do
|
||||
if [ -f "$cert" ]; then
|
||||
TARGET="${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")"
|
||||
rm -f "${TARGET}" 2>/dev/null || true
|
||||
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
cp -f "$cert" "${SOCKTOP_HOME}/.config/socktop/certs/"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")"
|
||||
chmod 644 "${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")"
|
||||
cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
|
||||
chown socktop:socktop "${TARGET}" 2>/dev/null || true
|
||||
chmod 644 "${TARGET}" 2>/dev/null || true
|
||||
else
|
||||
cp -f "$cert" "${SOCKTOP_HOME}/.config/socktop/certs/"
|
||||
cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
|
||||
fi
|
||||
|
||||
if [ -f "${TARGET}" ]; then
|
||||
echo " ✓ Copied $(basename "$cert")"
|
||||
fi
|
||||
fi
|
||||
done
|
||||
else
|
||||
echo " ℹ No certificates directory found (optional)"
|
||||
@ -119,9 +157,15 @@ fi
|
||||
if [ -f "${SOCKTOP_HOME}/.config/socktop/profiles.json" ]; then
|
||||
echo "Rewriting paths in profiles.json..."
|
||||
# Replace /home/socktop with actual HOME directory and ensure certs/ subdirectory
|
||||
sed -i "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
sed -i "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || {
|
||||
echo " ⚠ Could not rewrite paths in-place, trying alternative method..."
|
||||
sed "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" > "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" 2>/dev/null && \
|
||||
mv "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || \
|
||||
echo " ✗ Could not rewrite paths"
|
||||
}
|
||||
|
||||
if [ "$(id -u)" -eq 0 ]; then
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json"
|
||||
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || true
|
||||
fi
|
||||
echo " ✓ Updated certificate paths"
|
||||
fi
|
||||
|
||||
Loading…
Reference in New Issue
Block a user