Update peach-web to use systemd system service
This commit is contained in:
parent
b75aadd62d
commit
2f1535fbee
|
@ -2380,7 +2380,7 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "peach-config"
|
name = "peach-config"
|
||||||
version = "0.1.17"
|
version = "0.1.18"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"clap",
|
"clap",
|
||||||
"env_logger 0.6.2",
|
"env_logger 0.6.2",
|
||||||
|
@ -2510,7 +2510,7 @@ dependencies = [
|
||||||
|
|
||||||
[[package]]
|
[[package]]
|
||||||
name = "peach-web"
|
name = "peach-web"
|
||||||
version = "0.6.0"
|
version = "0.6.10"
|
||||||
dependencies = [
|
dependencies = [
|
||||||
"async-std",
|
"async-std",
|
||||||
"base64 0.13.0",
|
"base64 0.13.0",
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "peach-config"
|
name = "peach-config"
|
||||||
version = "0.1.17"
|
version = "0.1.18"
|
||||||
authors = ["Andrew Reid <gnomad@cryptolab.net>", "Max Fowler <max@mfowler.info>"]
|
authors = ["Andrew Reid <gnomad@cryptolab.net>", "Max Fowler <max@mfowler.info>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
description = "Command line tool for installing, updating and configuring PeachCloud"
|
description = "Command line tool for installing, updating and configuring PeachCloud"
|
||||||
|
|
|
@ -62,8 +62,9 @@ impl SbotStatus {
|
||||||
pub fn read() -> Result<Self, PeachError> {
|
pub fn read() -> Result<Self, PeachError> {
|
||||||
let mut status = SbotStatus::default();
|
let mut status = SbotStatus::default();
|
||||||
|
|
||||||
|
// note this command does not need to be run as sudo
|
||||||
|
// because non-privileged users are able to run systemctl show
|
||||||
let info_output = Command::new("systemctl")
|
let info_output = Command::new("systemctl")
|
||||||
.arg("--user")
|
|
||||||
.arg("show")
|
.arg("show")
|
||||||
.arg("go-sbot.service")
|
.arg("go-sbot.service")
|
||||||
.arg("--no-page")
|
.arg("--no-page")
|
||||||
|
@ -83,8 +84,9 @@ impl SbotStatus {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// note this command does not need to be run as sudo
|
||||||
|
// because non-privileged users are able to run systemctl status
|
||||||
let status_output = Command::new("systemctl")
|
let status_output = Command::new("systemctl")
|
||||||
.arg("--user")
|
|
||||||
.arg("status")
|
.arg("status")
|
||||||
.arg("go-sbot.service")
|
.arg("go-sbot.service")
|
||||||
.output()?;
|
.output()?;
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
[package]
|
[package]
|
||||||
name = "peach-web"
|
name = "peach-web"
|
||||||
version = "0.6.0"
|
version = "0.6.10"
|
||||||
authors = ["Andrew Reid <gnomad@cryptolab.net>"]
|
authors = ["Andrew Reid <gnomad@cryptolab.net>"]
|
||||||
edition = "2018"
|
edition = "2018"
|
||||||
description = "peach-web is a web application which provides a web interface for monitoring and interacting with the PeachCloud device. This allows administration of the single-board computer (ie. Raspberry Pi) running PeachCloud, as well as the ssb-server and related plugins."
|
description = "peach-web is a web application which provides a web interface for monitoring and interacting with the PeachCloud device. This allows administration of the single-board computer (ie. Raspberry Pi) running PeachCloud, as well as the ssb-server and related plugins."
|
||||||
|
|
|
@ -1,14 +1,10 @@
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Rocket web application for serving the PeachCloud web interface.
|
Description=Rule web application for serving the PeachCloud web interface.
|
||||||
|
|
||||||
[Service]
|
[Service]
|
||||||
User=peach-web
|
User=peach
|
||||||
Group=www-data
|
Group=peach
|
||||||
WorkingDirectory=/usr/share/peach-web
|
WorkingDirectory=/usr/share/peach-web
|
||||||
Environment="ROCKET_ENV=prod"
|
|
||||||
Environment="ROCKET_ADDRESS=127.0.0.1"
|
|
||||||
Environment="ROCKET_PORT=3000"
|
|
||||||
Environment="ROCKET_LOG=critical"
|
|
||||||
Environment="RUST_LOG=info"
|
Environment="RUST_LOG=info"
|
||||||
ExecStart=/usr/bin/peach-web
|
ExecStart=/usr/bin/peach-web
|
||||||
Restart=always
|
Restart=always
|
||||||
|
|
|
@ -2,8 +2,7 @@
|
||||||
set -e
|
set -e
|
||||||
|
|
||||||
# create user which peach-web runs as
|
# create user which peach-web runs as
|
||||||
adduser --quiet --system peach-web
|
id -u peach &>/dev/null || adduser --quiet peach
|
||||||
usermod -g peach peach-web
|
|
||||||
|
|
||||||
# create nginx config
|
# create nginx config
|
||||||
cat <<EOF > /etc/nginx/sites-enabled/default
|
cat <<EOF > /etc/nginx/sites-enabled/default
|
||||||
|
@ -15,16 +14,25 @@ server {
|
||||||
rewrite ^/(.*)/$ /$1 permanent;
|
rewrite ^/(.*)/$ /$1 permanent;
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
proxy_pass http://127.0.0.1:3000;
|
proxy_pass http://127.0.0.1:8000;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
cat <<EOF > /etc/sudoers.d/peach-web
|
# update sudoers to allow peach-web to stop and restart go-sbot.service
|
||||||
# allow peach-web to run commands as peach-go-sbot without a password
|
mkdir -p /etc/sudoers.d/
|
||||||
peach-web ALL=(peach-go-sbot) NOPASSWD:ALL
|
|
||||||
|
|
||||||
|
SYSTEMCTL=$(which systemctl)
|
||||||
|
START="${SYSTEMCTL} start go-sbot.service"
|
||||||
|
RESTART="${SYSTEMCTL} restart go-sbot.service"
|
||||||
|
STOP="${SYSTEMCTL} stop go-sbot.service"
|
||||||
|
ENABLE="${SYSTEMCTL} enable go-sbot.service"
|
||||||
|
DISABLE="${SYSTEMCTL} disable go-sbot.service"
|
||||||
|
|
||||||
|
cat <<EOF > /etc/sudoers.d/peach-web
|
||||||
|
peach ALL=(ALL) NOPASSWD: $START, $STOP, $RESTART, $ENABLE, $DISABLE
|
||||||
EOF
|
EOF
|
||||||
|
chmod 0440 /etc/sudoers.d/peach-web
|
||||||
|
|
||||||
# cargo deb automatically replaces this token below, see https://github.com/mmstick/cargo-deb/blob/master/systemd.md
|
# cargo deb automatically replaces this token below, see https://github.com/mmstick/cargo-deb/blob/master/systemd.md
|
||||||
#DEBHELPER#
|
#DEBHELPER#
|
|
@ -29,7 +29,7 @@ pub fn build_template() -> PreEscaped<String> {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
" to start the sbot. If the server starts successfully, you will see a green smiley face on the home page. If the face is orange and sleeping, that means the sbot is still inactive (ie. the process is not running). If the face is red and dead, that means the sbot failed to start - indicated an error. For now, the best way to gain insight into the problem is to check the systemd log. Open a terminal and enter: "
|
" to start the sbot. If the server starts successfully, you will see a green smiley face on the home page. If the face is orange and sleeping, that means the sbot is still inactive (ie. the process is not running). If the face is red and dead, that means the sbot failed to start - indicated an error. For now, the best way to gain insight into the problem is to check the systemd log. Open a terminal and enter: "
|
||||||
code { "systemctl --user status go-sbot.service" }
|
code { "systemctl status go-sbot.service" }
|
||||||
". The log output may give some clues about the source of the error."
|
". The log output may give some clues about the source of the error."
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -53,7 +53,6 @@ fn run_on_startup_element(boot_state: &Option<String>) -> Markup {
|
||||||
fn database_element(state: &str) -> Markup {
|
fn database_element(state: &str) -> Markup {
|
||||||
// retrieve the sequence number of the latest message in the sbot database
|
// retrieve the sequence number of the latest message in the sbot database
|
||||||
let sequence_num = sbot::latest_sequence_number();
|
let sequence_num = sbot::latest_sequence_number();
|
||||||
|
|
||||||
match (state, sequence_num) {
|
match (state, sequence_num) {
|
||||||
// if the state is "active" and latest_sequence_number() was successful
|
// if the state is "active" and latest_sequence_number() was successful
|
||||||
("active", Ok(number)) => {
|
("active", Ok(number)) => {
|
||||||
|
@ -62,7 +61,9 @@ fn database_element(state: &str) -> Markup {
|
||||||
label class="label-small font-gray" { "MESSAGES IN LOCAL DATABASE" }
|
label class="label-small font-gray" { "MESSAGES IN LOCAL DATABASE" }
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
(_, _) => html! { label class="label-small font-gray" { "DATABASE UNAVAILABLE" } },
|
(_, _) => {
|
||||||
|
html! { label class="label-small font-gray" { "DATABASE UNAVAILABLE" } }
|
||||||
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -24,8 +24,8 @@ use crate::{error::PeachWebError, utils::sbot};
|
||||||
|
|
||||||
/// Executes a systemctl command for the go-sbot.service process.
|
/// Executes a systemctl command for the go-sbot.service process.
|
||||||
pub fn systemctl_sbot_cmd(cmd: &str) -> io::Result<Output> {
|
pub fn systemctl_sbot_cmd(cmd: &str) -> io::Result<Output> {
|
||||||
Command::new("systemctl")
|
Command::new("sudo")
|
||||||
.arg("--user")
|
.arg("systemctl")
|
||||||
.arg(cmd)
|
.arg(cmd)
|
||||||
.arg("go-sbot.service")
|
.arg("go-sbot.service")
|
||||||
.output()
|
.output()
|
||||||
|
@ -124,8 +124,6 @@ pub fn latest_sequence_number() -> Result<u64, Box<dyn Error>> {
|
||||||
task::block_on(async {
|
task::block_on(async {
|
||||||
let mut sbot_client = init_sbot_with_config(&sbot_config).await?;
|
let mut sbot_client = init_sbot_with_config(&sbot_config).await?;
|
||||||
|
|
||||||
debug!("sbot initialized");
|
|
||||||
|
|
||||||
// retrieve the local id
|
// retrieve the local id
|
||||||
let id = sbot_client.whoami().await?;
|
let id = sbot_client.whoami().await?;
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue