jason/socktop-webterm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
main
socktop-webterm/docker/init-config.sh
jasonwitty e870e2e4ec
Some checks failed
Build and Deploy to K3s / test (push) Successful in 2m6s
Details
Build and Deploy to K3s / lint (push) Successful in 1m33s
Details
Build and Deploy to K3s / build-and-push (push) Successful in 5m24s
Details
Build and Deploy to K3s / deploy (push) Failing after 10m8s
Details
Upgrade to Rust 1.91 and migrate to pop-telemetry 0.12.1 
- Updated Rust toolchain from 1.90 to 1.91 (required by pop-telemetry)
- Migrated analytics to use pop-telemetry crate for privacy-focused telemetry
- Added dirs dependency for cross-platform config directory handling
- Refactored init-config.sh to handle permission restrictions in K8s
  - Gracefully handles chown failures in restricted security contexts
  - Uses alternative copy methods (cat > file) when cp fails
  - Continues operation with warnings instead of failing
- Updated Dockerfile to use rust:1.91-slim-bookworm base image
- Changed telemetry configuration from endpoint/website_id to config file path

This addresses permission denied errors when deploying to K3s with
security contexts that prevent ownership changes on pre-existing directories.
2025-11-30 04:01:43 -08:00

189 lines
7.9 KiB
Bash
Raw Permalink Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

#!/bin/bash
set -e
# Init script to copy configuration files to the correct locations
# This handles the discrepancy between where K8s mounts configs
# and where the socktop package expects them (HOME directory)
echo "==================================="
echo "Initializing socktop webterm config"
echo "==================================="
# Determine the actual HOME directory for the socktop user
SOCKTOP_HOME=$(eval echo ~socktop)
echo "Socktop HOME: ${SOCKTOP_HOME}"
echo "Current user: $(whoami) (UID: $(id -u))"
# Check if we're running as root
if [ "$(id -u)" -eq 0 ]; then
echo "Running as root, will create directories and set permissions"
# Check if socktop home exists and try to ensure it's accessible
if [ ! -d "${SOCKTOP_HOME}" ]; then
echo "Creating ${SOCKTOP_HOME}..."
mkdir -p "${SOCKTOP_HOME}"
chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted)"
else
echo " ✓ Home directory exists"
# Try to fix ownership if possible, but don't fail if we can't
chown socktop:socktop "${SOCKTOP_HOME}" 2>/dev/null || echo " ⚠ Could not change ownership of home directory (may be restricted by security context)"
fi
# Create config directories with proper structure
echo "Creating config directories..."
mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs" 2>/dev/null || true
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
# Try to fix ownership recursively, ignore errors
chown -R socktop:socktop "${SOCKTOP_HOME}/.config" 2>/dev/null || echo " ⚠ Could not change ownership of .config directory (may be restricted)"
# Ensure directories are writable by socktop user at minimum
chmod -R u+rwX "${SOCKTOP_HOME}/.config" 2>/dev/null || true
echo " ✓ Created directories"
else
echo "Running as non-root user ($(id -u)), creating directories"
# Try to create directories - will work if HOME is writable
mkdir -p "${SOCKTOP_HOME}/.config/socktop/certs" 2>/dev/null || {
echo " ⚠ Could not create directories - checking if they already exist..."
if [ -d "${SOCKTOP_HOME}/.config/socktop/certs" ]; then
echo " ✓ Directories already exist"
else
echo " ✗ Failed to create directories and they don't exist"
echo " Attempting to continue anyway..."
fi
}
mkdir -p "${SOCKTOP_HOME}/.config/alacritty" 2>/dev/null || true
fi
# Copy configuration files
echo "Copying configuration files..."
# Copy profiles.json
if [ -f "/home/socktop/.config/socktop/profiles.json" ]; then
TARGET="${SOCKTOP_HOME}/.config/socktop/profiles.json"
# Remove existing file if it exists
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then
# Running as root - copy and set ownership
cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
echo " ⚠ Failed to copy profiles.json, trying alternative method..."
cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
}
chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${TARGET}" 2>/dev/null || true
else
# Running as socktop user
cp -f /home/socktop/.config/socktop/profiles.json "${TARGET}" 2>/dev/null || {
cat /home/socktop/.config/socktop/profiles.json > "${TARGET}" 2>/dev/null || echo " ✗ Could not copy profiles.json"
}
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied profiles.json"
fi
else
echo " ⚠ profiles.json not found at mount point"
fi
# Copy alacritty.toml
if [ -f "/home/socktop/.config/alacritty/alacritty.toml" ]; then
TARGET="${SOCKTOP_HOME}/.config/alacritty/alacritty.toml"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then
cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${TARGET}" 2>/dev/null || true
else
cp -f /home/socktop/.config/alacritty/alacritty.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/alacritty.toml > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied alacritty.toml"
fi
else
echo " ⚠ alacritty.toml not found at mount point"
fi
# Copy catppuccin-frappe.toml
if [ -f "/home/socktop/.config/alacritty/catppuccin-frappe.toml" ]; then
TARGET="${SOCKTOP_HOME}/.config/alacritty/catppuccin-frappe.toml"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${TARGET}" 2>/dev/null || true
else
cp -f /home/socktop/.config/alacritty/catppuccin-frappe.toml "${TARGET}" 2>/dev/null || cat /home/socktop/.config/alacritty/catppuccin-frappe.toml > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied catppuccin-frappe.toml"
fi
else
echo " ⚠ catppuccin-frappe.toml not found at mount point"
fi
# Copy certificates if they exist
if [ -d "/home/socktop/.config/socktop/certs" ]; then
echo "Copying certificates..."
for cert in /home/socktop/.config/socktop/certs/*.pem; do
if [ -f "$cert" ]; then
TARGET="${SOCKTOP_HOME}/.config/socktop/certs/$(basename "$cert")"
rm -f "${TARGET}" 2>/dev/null || true
if [ "$(id -u)" -eq 0 ]; then
cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
chown socktop:socktop "${TARGET}" 2>/dev/null || true
chmod 644 "${TARGET}" 2>/dev/null || true
else
cp -f "$cert" "${TARGET}" 2>/dev/null || cat "$cert" > "${TARGET}" 2>/dev/null || true
fi
if [ -f "${TARGET}" ]; then
echo " ✓ Copied $(basename "$cert")"
fi
fi
done
else
echo " No certificates directory found (optional)"
fi
# Fix paths in profiles.json if it exists
if [ -f "${SOCKTOP_HOME}/.config/socktop/profiles.json" ]; then
echo "Rewriting paths in profiles.json..."
# Replace /home/socktop with actual HOME directory and ensure certs/ subdirectory
sed -i "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || {
echo " ⚠ Could not rewrite paths in-place, trying alternative method..."
sed "s|/home/socktop/.config/socktop/rpi-|${SOCKTOP_HOME}/.config/socktop/certs/rpi-|g" "${SOCKTOP_HOME}/.config/socktop/profiles.json" > "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" 2>/dev/null && \
mv "${SOCKTOP_HOME}/.config/socktop/profiles.json.tmp" "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || \
echo " ✗ Could not rewrite paths"
}
if [ "$(id -u)" -eq 0 ]; then
chown socktop:socktop "${SOCKTOP_HOME}/.config/socktop/profiles.json" 2>/dev/null || true
fi
echo " ✓ Updated certificate paths"
fi
# Verify final permissions
echo "Verifying permissions..."
ls -la "${SOCKTOP_HOME}/.config/" 2>&1 || echo " ⚠ Could not list config directory"
echo "==================================="
echo "Configuration initialization complete"
echo "==================================="
# Switch to socktop user only if running as root
if [ "$(id -u)" -eq 0 ]; then
echo "Switching to socktop user and executing: $@"
exec runuser -u socktop -- "$@"
else
echo "Already running as non-root user ($(whoami)), continuing..."
exec "$@"
fi
Reference in New Issue View Git Blame Copy Permalink