nathan/vctp2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
9a561f3b0785a83f4aa4e81e7d199e3c38d42f71
vctp2/src/preinstall.sh
Nathan Coad 9a561f3b07
All checks were successful
continuous-integration/drone/push Build is passing
Details
cleanups and code fixes incl templ
2026-03-20 13:21:15 +11:00

68 lines
2.5 KiB
Bash
Raw Blame History

#!/bin/bash
USER="vctp"
GROUP="dtms"
CONFIG_FILE="/etc/dtms/vctp.yml"
DEFAULT_PORT=9443
# Path to the custom sudoers file
SUDOERS_FILE="/etc/sudoers.d/${USER}"
# create a group & user if not exists
getent group "$GROUP" >/dev/null || groupadd -r "$GROUP"; /bin/true
getent passwd "$USER" >/dev/null || useradd -r -g "$GROUP" -m -s /bin/bash -c "vctp service" "$USER"
# create vctp config directory if it doesn't exist
[ -d /etc/dtms ] || mkdir -p /etc/dtms
# set group ownership on vctp config directory if not already done
[ "$(stat -c "%G" /etc/dtms)" = "$GROUP" ] || chgrp "$GROUP" /etc/dtms
# set permissions on vctp config directory if not already done
[ "$(stat -c "%a" /etc/dtms)" = "750" ] || chmod 750 /etc/dtms
# create vctp data directory if it doesn't exist
[ -d /var/lib/vctp ] || mkdir -p /var/lib/vctp
[ -d /var/lib/vctp/reports ] || mkdir -p /var/lib/vctp/reports
# set user ownership on vctp data directory if not already done
[ "$(stat -c "%U" /var/lib/vctp)" = "$USER" ] || chown -R "$USER" /var/lib/vctp
# set group ownership on vctp data directory if not already done
[ "$(stat -c "%G" /var/lib/vctp)" = "$GROUP" ] || chgrp -R "$GROUP" /var/lib/vctp
# Resolve effective application port from existing config (if present).
# Falls back to 9443 when the config file is missing/empty or bind_port is invalid.
APP_PORT="$DEFAULT_PORT"
if [ -s "$CONFIG_FILE" ]; then
CONFIGURED_PORT="$(awk '
/^[[:space:]]*#/ { next }
/^[[:space:]]*bind_port[[:space:]]*:/ {
line=$0
sub(/^[[:space:]]*bind_port[[:space:]]*:[[:space:]]*/, "", line)
sub(/[[:space:]]*#.*/, "", line)
gsub(/["'\''[:space:]]/, "", line)
if (line ~ /^[0-9]+$/) {
print line
exit
}
}
' "$CONFIG_FILE")"
if [ -n "$CONFIGURED_PORT" ] && [ "$CONFIGURED_PORT" -ge 1 ] && [ "$CONFIGURED_PORT" -le 65535 ]; then
APP_PORT="$CONFIGURED_PORT"
fi
fi
# Check if firewalld is installed and active
if command -v systemctl >/dev/null 2>&1 && systemctl is-enabled firewalld >/dev/null 2>&1 && systemctl is-active firewalld >/dev/null 2>&1; then
echo "Firewalld is enabled and running. Opening vCTP port ${APP_PORT}/tcp..."
# Open effective application port.
firewall-cmd --permanent --add-port="${APP_PORT}/tcp" >/dev/null 2>&1
# Reload firewalld to apply changes
firewall-cmd --reload >/dev/null 2>&1
else
echo "Firewalld is not running or not enabled. Skipping firewall configuration."
fi
Reference in New Issue View Git Blame Copy Permalink