From c2143d278a633077ebe686f96605188a3c7881e9 Mon Sep 17 00:00:00 2001 From: Steven Foerster Date: Mon, 24 Aug 2020 01:54:02 +0000 Subject: [PATCH] Resolve "Mistborn and wireguard fail after restart and nextcloud" --- scripts/env/setup.sh | 13 +++++++++++++ scripts/install.sh | 19 ++++++------------- scripts/restart.sh | 9 +++++++++ scripts/services/Mistborn-setup.service | 1 + scripts/update.sh | 15 +++++---------- 5 files changed, 34 insertions(+), 23 deletions(-) create mode 100755 scripts/restart.sh diff --git a/scripts/env/setup.sh b/scripts/env/setup.sh index 8234cd1..b7c9643 100755 --- a/scripts/env/setup.sh +++ b/scripts/env/setup.sh @@ -1,5 +1,7 @@ #!/bin/bash +#### ENV file + VAR_FILE=/opt/mistborn/.env source /opt/mistborn/scripts/subinstallers/platform.sh @@ -19,3 +21,14 @@ if [ "$GIT_BRANCH" != "master" ]; then fi echo "MISTBORN_TAG=$MISTBORN_TAG" | sudo tee -a ${VAR_FILE} + +#### install and base services +iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk 'NR==1{print $2}') + +# default interface +sudo cp /opt/mistborn/scripts/services/Mistborn* /etc/systemd/system/ +sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=root/User=$USER/" +#sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/ root:root / $USER:$USER /" +sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/" + +sudo systemctl daemon-reload \ No newline at end of file diff --git a/scripts/install.sh b/scripts/install.sh index e777b79..c87bc2f 100755 --- a/scripts/install.sh +++ b/scripts/install.sh @@ -117,10 +117,10 @@ fi # SSH Server sudo -E apt-get install -y openssh-server -sudo sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config -sudo sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config -sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config -sudo sed -i 's/PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config +#sudo sed -i 's/#PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config +#sudo sed -i 's/PasswordAuthentication.*/PasswordAuthentication yes/' /etc/ssh/sshd_config +#sudo sed -i 's/#PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config +#sudo sed -i 's/PermitRootLogin.*/PermitRootLogin prohibit-password/' /etc/ssh/sshd_config sudo sed -i 's/#Port.*/Port 22/' /etc/ssh/sshd_config sudo sed -i 's/Port.*/Port 22/' /etc/ssh/sshd_config sudo systemctl enable ssh @@ -166,8 +166,6 @@ sudo pip3 install -e ./modules/mistborn-cli # Mistborn # final setup vars -iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk 'NR==1{print $2}') -figlet "Mistborn default NIC: $iface" #IPV4_PUBLIC=$(ip -o -4 route show default | egrep -o 'dev [^ ]*' | awk '{print $2}' | xargs ip -4 addr show | grep 'inet ' | awk '{print $2}' | grep -o "^[0-9.]*" | tr -cd '\11\12\15\40-\176' | head -1) # tail -1 to get last IPV4_PUBLIC="10.2.3.1" @@ -188,18 +186,13 @@ sudo systemctl restart unattended-upgrades # setup Mistborn services -# install and start base services -# default interface -sudo cp ./scripts/services/Mistborn* /etc/systemd/system/ -sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=root/User=$USER/" -#sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/ root:root / $USER:$USER /" -sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/" - #if [ "$DISTRO" == "debian" ] || [ "$DISTRO" == "raspbian" ]; then # # remove systemd-resolved lines # sudo sed -i '/.*systemd-resolved/d' /etc/systemd/system/Mistborn-base.service #fi +sudo cp ./scripts/services/Mistborn-setup.service /etc/systemd/system/ + # setup local volumes for pihole sudo mkdir -p ../mistborn_volumes/ sudo chown -R root:root ../mistborn_volumes/ diff --git a/scripts/restart.sh b/scripts/restart.sh new file mode 100755 index 0000000..b3a59a8 --- /dev/null +++ b/scripts/restart.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -e + +export DEBIAN_FRONTEND=noninteractive + +sudo systemctl stop Mistborn-base +sudo systemctl restart Mistborn-setup +sudo systemctl restart Mistborn-base \ No newline at end of file diff --git a/scripts/services/Mistborn-setup.service b/scripts/services/Mistborn-setup.service index 9b83c71..706942e 100644 --- a/scripts/services/Mistborn-setup.service +++ b/scripts/services/Mistborn-setup.service @@ -4,6 +4,7 @@ Before=Mistborn-base.service [Service] Type=oneshot +User=mistborn ExecStart=/opt/mistborn/scripts/env/setup.sh [Install] diff --git a/scripts/update.sh b/scripts/update.sh index ce5a4e2..8026316 100755 --- a/scripts/update.sh +++ b/scripts/update.sh @@ -10,19 +10,14 @@ sudo git -C /opt/mistborn submodule update --init --recursive # ensure mistborn-cli is installed sudo pip3 install -e /opt/mistborn/modules/mistborn-cli -# handle updates to Mistborn systemd scripts -iface=$(ip -o -4 route show to default | egrep -o 'dev [^ ]*' | awk 'NR==1{print $2}') -sudo cp /opt/mistborn/scripts/services/Mistborn* /etc/systemd/system/ -sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/User=root/User=mistborn/" -sudo find /etc/systemd/system/ -type f -name 'Mistborn*' | xargs sudo sed -i "s/DIFACE/$iface/" - # handle updates to traefik #sudo cp /opt/mistborn/compose/production/traefik/traefik.toml.template /opt/mistborn/compose/production/traefik/traefik.toml -sudo systemctl daemon-reload -sudo systemctl enable Mistborn-setup.service -sudo systemctl restart Mistborn-setup.service - sudo mistborn-cli pullbuild +sudo docker container prune -f +sudo docker image prune -f + +sudo systemctl stop Mistborn-base +sudo systemctl restart Mistborn-setup sudo systemctl restart Mistborn-base