From b75aadd62d25763132be32e3e141601dd7bff213 Mon Sep 17 00:00:00 2001 From: notplants Date: Mon, 11 Apr 2022 10:31:45 -0400 Subject: [PATCH 1/9] Working on peachcloud disc image --- Cargo.lock | 2 +- peach-web/src/utils/sbot.rs | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/Cargo.lock b/Cargo.lock index 79940c0..f70a50a 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -1109,7 +1109,7 @@ dependencies = [ [[package]] name = "golgi" version = "0.1.1" -source = "git+https://git.coopcloud.tech/golgi-ssb/golgi.git#77dd75bcd4649b7487069a61e2a8069b49f60a1d" +source = "git+https://git.coopcloud.tech/golgi-ssb/golgi#77dd75bcd4649b7487069a61e2a8069b49f60a1d" dependencies = [ "async-std", "async-stream 0.3.2", diff --git a/peach-web/src/utils/sbot.rs b/peach-web/src/utils/sbot.rs index b170b7b..f8e53f5 100644 --- a/peach-web/src/utils/sbot.rs +++ b/peach-web/src/utils/sbot.rs @@ -124,6 +124,8 @@ pub fn latest_sequence_number() -> Result> { task::block_on(async { let mut sbot_client = init_sbot_with_config(&sbot_config).await?; + debug!("sbot initialized"); + // retrieve the local id let id = sbot_client.whoami().await?; -- 2.49.0 From 2f1535fbeea802f28ca42585bdee8a76ab7b2675 Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 14:47:43 -0400 Subject: [PATCH 2/9] Update peach-web to use systemd system service --- Cargo.lock | 4 ++-- peach-config/Cargo.toml | 2 +- peach-lib/src/sbot.rs | 6 ++++-- peach-web/Cargo.toml | 2 +- peach-web/debian/peach-web.service | 10 +++------- peach-web/debian/postinst | 20 ++++++++++++++------ peach-web/src/routes/guide.rs | 2 +- peach-web/src/routes/status/scuttlebutt.rs | 5 +++-- peach-web/src/utils/sbot.rs | 6 ++---- 9 files changed, 31 insertions(+), 26 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f70a50a..d6ffdc5 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2380,7 +2380,7 @@ dependencies = [ [[package]] name = "peach-config" -version = "0.1.17" +version = "0.1.18" dependencies = [ "clap", "env_logger 0.6.2", @@ -2510,7 +2510,7 @@ dependencies = [ [[package]] name = "peach-web" -version = "0.6.0" +version = "0.6.10" dependencies = [ "async-std", "base64 0.13.0", diff --git a/peach-config/Cargo.toml b/peach-config/Cargo.toml index 5347c57..5823fec 100644 --- a/peach-config/Cargo.toml +++ b/peach-config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-config" -version = "0.1.17" +version = "0.1.18" authors = ["Andrew Reid ", "Max Fowler "] edition = "2018" description = "Command line tool for installing, updating and configuring PeachCloud" diff --git a/peach-lib/src/sbot.rs b/peach-lib/src/sbot.rs index cca4090..ee9434f 100644 --- a/peach-lib/src/sbot.rs +++ b/peach-lib/src/sbot.rs @@ -62,8 +62,9 @@ impl SbotStatus { pub fn read() -> Result { let mut status = SbotStatus::default(); + // note this command does not need to be run as sudo + // because non-privileged users are able to run systemctl show let info_output = Command::new("systemctl") - .arg("--user") .arg("show") .arg("go-sbot.service") .arg("--no-page") @@ -83,8 +84,9 @@ impl SbotStatus { } } + // note this command does not need to be run as sudo + // because non-privileged users are able to run systemctl status let status_output = Command::new("systemctl") - .arg("--user") .arg("status") .arg("go-sbot.service") .output()?; diff --git a/peach-web/Cargo.toml b/peach-web/Cargo.toml index 0b4f9a7..3c15cb9 100644 --- a/peach-web/Cargo.toml +++ b/peach-web/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-web" -version = "0.6.0" +version = "0.6.10" authors = ["Andrew Reid "] edition = "2018" description = "peach-web is a web application which provides a web interface for monitoring and interacting with the PeachCloud device. This allows administration of the single-board computer (ie. Raspberry Pi) running PeachCloud, as well as the ssb-server and related plugins." diff --git a/peach-web/debian/peach-web.service b/peach-web/debian/peach-web.service index 0891180..29e46b3 100644 --- a/peach-web/debian/peach-web.service +++ b/peach-web/debian/peach-web.service @@ -1,14 +1,10 @@ [Unit] -Description=Rocket web application for serving the PeachCloud web interface. +Description=Rule web application for serving the PeachCloud web interface. [Service] -User=peach-web -Group=www-data +User=peach +Group=peach WorkingDirectory=/usr/share/peach-web -Environment="ROCKET_ENV=prod" -Environment="ROCKET_ADDRESS=127.0.0.1" -Environment="ROCKET_PORT=3000" -Environment="ROCKET_LOG=critical" Environment="RUST_LOG=info" ExecStart=/usr/bin/peach-web Restart=always diff --git a/peach-web/debian/postinst b/peach-web/debian/postinst index c2aba8e..34085a2 100644 --- a/peach-web/debian/postinst +++ b/peach-web/debian/postinst @@ -2,8 +2,7 @@ set -e # create user which peach-web runs as -adduser --quiet --system peach-web -usermod -g peach peach-web +id -u peach &>/dev/null || adduser --quiet peach # create nginx config cat < /etc/nginx/sites-enabled/default @@ -15,16 +14,25 @@ server { rewrite ^/(.*)/$ /$1 permanent; location / { - proxy_pass http://127.0.0.1:3000; + proxy_pass http://127.0.0.1:8000; } } EOF -cat < /etc/sudoers.d/peach-web -# allow peach-web to run commands as peach-go-sbot without a password -peach-web ALL=(peach-go-sbot) NOPASSWD:ALL +# update sudoers to allow peach-web to stop and restart go-sbot.service +mkdir -p /etc/sudoers.d/ +SYSTEMCTL=$(which systemctl) +START="${SYSTEMCTL} start go-sbot.service" +RESTART="${SYSTEMCTL} restart go-sbot.service" +STOP="${SYSTEMCTL} stop go-sbot.service" +ENABLE="${SYSTEMCTL} enable go-sbot.service" +DISABLE="${SYSTEMCTL} disable go-sbot.service" + +cat < /etc/sudoers.d/peach-web +peach ALL=(ALL) NOPASSWD: $START, $STOP, $RESTART, $ENABLE, $DISABLE EOF +chmod 0440 /etc/sudoers.d/peach-web # cargo deb automatically replaces this token below, see https://github.com/mmstick/cargo-deb/blob/master/systemd.md #DEBHELPER# \ No newline at end of file diff --git a/peach-web/src/routes/guide.rs b/peach-web/src/routes/guide.rs index 5babd7c..d5fc4eb 100644 --- a/peach-web/src/routes/guide.rs +++ b/peach-web/src/routes/guide.rs @@ -29,7 +29,7 @@ pub fn build_template() -> PreEscaped { } } " to start the sbot. If the server starts successfully, you will see a green smiley face on the home page. If the face is orange and sleeping, that means the sbot is still inactive (ie. the process is not running). If the face is red and dead, that means the sbot failed to start - indicated an error. For now, the best way to gain insight into the problem is to check the systemd log. Open a terminal and enter: " - code { "systemctl --user status go-sbot.service" } + code { "systemctl status go-sbot.service" } ". The log output may give some clues about the source of the error." } } diff --git a/peach-web/src/routes/status/scuttlebutt.rs b/peach-web/src/routes/status/scuttlebutt.rs index 3630a88..b476635 100644 --- a/peach-web/src/routes/status/scuttlebutt.rs +++ b/peach-web/src/routes/status/scuttlebutt.rs @@ -53,7 +53,6 @@ fn run_on_startup_element(boot_state: &Option) -> Markup { fn database_element(state: &str) -> Markup { // retrieve the sequence number of the latest message in the sbot database let sequence_num = sbot::latest_sequence_number(); - match (state, sequence_num) { // if the state is "active" and latest_sequence_number() was successful ("active", Ok(number)) => { @@ -62,7 +61,9 @@ fn database_element(state: &str) -> Markup { label class="label-small font-gray" { "MESSAGES IN LOCAL DATABASE" } } } - (_, _) => html! { label class="label-small font-gray" { "DATABASE UNAVAILABLE" } }, + (_, _) => { + html! { label class="label-small font-gray" { "DATABASE UNAVAILABLE" } } + }, } } diff --git a/peach-web/src/utils/sbot.rs b/peach-web/src/utils/sbot.rs index f8e53f5..8a8b34c 100644 --- a/peach-web/src/utils/sbot.rs +++ b/peach-web/src/utils/sbot.rs @@ -24,8 +24,8 @@ use crate::{error::PeachWebError, utils::sbot}; /// Executes a systemctl command for the go-sbot.service process. pub fn systemctl_sbot_cmd(cmd: &str) -> io::Result { - Command::new("systemctl") - .arg("--user") + Command::new("sudo") + .arg("systemctl") .arg(cmd) .arg("go-sbot.service") .output() @@ -124,8 +124,6 @@ pub fn latest_sequence_number() -> Result> { task::block_on(async { let mut sbot_client = init_sbot_with_config(&sbot_config).await?; - debug!("sbot initialized"); - // retrieve the local id let id = sbot_client.whoami().await?; -- 2.49.0 From df3b4b88587e285d35cecdc8f75b74a9a71b5c7d Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 14:51:27 -0400 Subject: [PATCH 3/9] Update peach-config to install go-sbot instead of peach-go-sbot --- peach-config/src/constants.rs | 2 +- peach-web/src/routes/status/scuttlebutt.rs | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/peach-config/src/constants.rs b/peach-config/src/constants.rs index 4a539a0..0437acd 100644 --- a/peach-config/src/constants.rs +++ b/peach-config/src/constants.rs @@ -10,7 +10,7 @@ pub const SERVICES: [&str; 8] = [ "peach-buttons", "peach-oled", "peach-dyndns-updater", - "peach-go-sbot", + "go-sbot", "peach-config", ]; diff --git a/peach-web/src/routes/status/scuttlebutt.rs b/peach-web/src/routes/status/scuttlebutt.rs index b476635..fd8ca8d 100644 --- a/peach-web/src/routes/status/scuttlebutt.rs +++ b/peach-web/src/routes/status/scuttlebutt.rs @@ -63,7 +63,7 @@ fn database_element(state: &str) -> Markup { } (_, _) => { html! { label class="label-small font-gray" { "DATABASE UNAVAILABLE" } } - }, + } } } -- 2.49.0 From 65d5352c855d328fca6f6f2738968a4b2cdd079f Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 14:51:43 -0400 Subject: [PATCH 4/9] Bump version number of peach-config --- Cargo.lock | 2 +- peach-config/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index d6ffdc5..46be947 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2380,7 +2380,7 @@ dependencies = [ [[package]] name = "peach-config" -version = "0.1.18" +version = "0.1.19" dependencies = [ "clap", "env_logger 0.6.2", diff --git a/peach-config/Cargo.toml b/peach-config/Cargo.toml index 5823fec..023bc42 100644 --- a/peach-config/Cargo.toml +++ b/peach-config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-config" -version = "0.1.18" +version = "0.1.19" authors = ["Andrew Reid ", "Max Fowler "] edition = "2018" description = "Command line tool for installing, updating and configuring PeachCloud" -- 2.49.0 From bff86a490bec2a1d4423c633f7b004c12b6f8a7c Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 15:53:09 -0400 Subject: [PATCH 5/9] Bump version number --- Cargo.lock | 2 +- peach-web/Cargo.toml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 46be947..c781310 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2510,7 +2510,7 @@ dependencies = [ [[package]] name = "peach-web" -version = "0.6.10" +version = "0.6.11" dependencies = [ "async-std", "base64 0.13.0", diff --git a/peach-web/Cargo.toml b/peach-web/Cargo.toml index 3c15cb9..dc4fb24 100644 --- a/peach-web/Cargo.toml +++ b/peach-web/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-web" -version = "0.6.10" +version = "0.6.11" authors = ["Andrew Reid "] edition = "2018" description = "peach-web is a web application which provides a web interface for monitoring and interacting with the PeachCloud device. This allows administration of the single-board computer (ie. Raspberry Pi) running PeachCloud, as well as the ssb-server and related plugins." -- 2.49.0 From 1866e289a625f6a4f8bea471a0a438c56dec0186 Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 16:11:20 -0400 Subject: [PATCH 6/9] Fix clippy warning in update.rs --- Cargo.lock | 2 +- peach-config/src/update.rs | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index c781310..676f32f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2584,7 +2584,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f77e66f6d6d898cbbd4a09c48fd3507cfc210b7c83055de02a38b5f7a1e6d216" dependencies = [ "libc", - "time 0.3.7", + "time 0.1.44", ] [[package]] diff --git a/peach-config/src/update.rs b/peach-config/src/update.rs index 7b404d9..031255f 100644 --- a/peach-config/src/update.rs +++ b/peach-config/src/update.rs @@ -48,7 +48,8 @@ pub fn update_microservices() -> Result<(), PeachConfigError> { // filter out peach-config from list of services let services_to_update: Vec<&str> = SERVICES .to_vec() - .into_iter() + .iter() + .copied() .filter(|&x| x != "peach-config") .collect(); -- 2.49.0 From 315b04a63e8477861887ca12883a48f9c028a4a7 Mon Sep 17 00:00:00 2001 From: notplants Date: Thu, 14 Apr 2022 16:29:57 -0400 Subject: [PATCH 7/9] Update permissions for peach home dir in peach-config --- Cargo.lock | 2 +- peach-config/Cargo.toml | 2 +- peach-config/src/set_permissions.rs | 4 +++- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 676f32f..6e8785f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2380,7 +2380,7 @@ dependencies = [ [[package]] name = "peach-config" -version = "0.1.19" +version = "0.1.20" dependencies = [ "clap", "env_logger 0.6.2", diff --git a/peach-config/Cargo.toml b/peach-config/Cargo.toml index 023bc42..225524d 100644 --- a/peach-config/Cargo.toml +++ b/peach-config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-config" -version = "0.1.19" +version = "0.1.20" authors = ["Andrew Reid ", "Max Fowler "] edition = "2018" description = "Command line tool for installing, updating and configuring PeachCloud" diff --git a/peach-config/src/set_permissions.rs b/peach-config/src/set_permissions.rs index 20d79ab..45a6959 100644 --- a/peach-config/src/set_permissions.rs +++ b/peach-config/src/set_permissions.rs @@ -5,6 +5,7 @@ use crate::utils::cmd; /// so they can be read and written by all PeachCloud services. pub const CONFIGS_DIR: &str = "/var/lib/peachcloud"; pub const PEACH_WEB_DIR: &str = "/usr/share/peach-web"; +pub const PEACH_HOME_DIR: &str = "/home/peach"; /// Utility function to set correct file permissions on the PeachCloud device. /// Accidentally changing file permissions is a fairly common thing to happen, @@ -15,7 +16,8 @@ pub fn set_permissions() -> Result<(), PeachConfigError> { cmd(&["chown", "-R", "peach", CONFIGS_DIR])?; cmd(&["chgrp", "-R", "peach", CONFIGS_DIR])?; cmd(&["chmod", "-R", "u+rwX,g+rwX", PEACH_WEB_DIR])?; - cmd(&["chown", "-R", "peach-web:peach", PEACH_WEB_DIR])?; + cmd(&["chown", "-R", "peach:peach", PEACH_WEB_DIR])?; + cmd(&["chown", "-R", "peach:peach", PEACH_HOME_DIR])?; println!("[ PERMISSIONS SUCCESSFULLY UPDATED ]"); Ok(()) } -- 2.49.0 From 64b5929e5cda4e3b6f0bdbfa33a83158a387ac74 Mon Sep 17 00:00:00 2001 From: notplants Date: Tue, 19 Apr 2022 12:50:29 -0400 Subject: [PATCH 8/9] Update peach-config to set file permissions correctly --- Cargo.lock | 6 +++--- peach-config/Cargo.toml | 2 +- peach-config/src/setup_peach.rs | 4 ++++ peach-config/src/update.rs | 2 +- peach-web/Cargo.toml | 2 +- 5 files changed, 10 insertions(+), 6 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index f2a6a0e..a28c5aa 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -2381,7 +2381,7 @@ dependencies = [ [[package]] name = "peach-config" -version = "0.1.20" +version = "0.1.21" dependencies = [ "clap", "env_logger 0.6.2", @@ -2511,7 +2511,7 @@ dependencies = [ [[package]] name = "peach-web" -version = "0.6.11" +version = "0.6.13" dependencies = [ "async-std", "base64 0.13.0", @@ -2585,7 +2585,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f77e66f6d6d898cbbd4a09c48fd3507cfc210b7c83055de02a38b5f7a1e6d216" dependencies = [ "libc", - "time 0.1.44", + "time 0.1.43", ] [[package]] diff --git a/peach-config/Cargo.toml b/peach-config/Cargo.toml index 225524d..f3168de 100644 --- a/peach-config/Cargo.toml +++ b/peach-config/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-config" -version = "0.1.20" +version = "0.1.21" authors = ["Andrew Reid ", "Max Fowler "] edition = "2018" description = "Command line tool for installing, updating and configuring PeachCloud" diff --git a/peach-config/src/setup_peach.rs b/peach-config/src/setup_peach.rs index e027db3..d2736f9 100644 --- a/peach-config/src/setup_peach.rs +++ b/peach-config/src/setup_peach.rs @@ -6,6 +6,7 @@ use crate::error::{FileWriteError, PeachConfigError}; use crate::generate_manifest::save_hardware_config; use crate::setup_networking::configure_networking; use crate::setup_peach_deb::setup_peach_deb; +use crate::set_permissions::set_permissions; use crate::update::update_microservices; use crate::utils::{cmd, conf, create_group_if_doesnt_exist, does_user_exist, get_output}; use crate::RtcOption; @@ -239,6 +240,9 @@ pub fn setup_peach( info!("[ SAVING LOG OF HARDWARE CONFIGURATIONS ]"); save_hardware_config(i2c, rtc)?; + info!("[ SETTING FILE PERMISSIONS ]"); + set_permissions()?; + info!("[ PEACHCLOUD SETUP COMPLETE ]"); info!("[ ------------------------- ]"); info!("[ please reboot your device ]"); diff --git a/peach-config/src/update.rs b/peach-config/src/update.rs index 4f3b8a6..51398c1 100644 --- a/peach-config/src/update.rs +++ b/peach-config/src/update.rs @@ -47,8 +47,8 @@ pub fn update_microservices() -> Result<(), PeachConfigError> { cmd(&["apt-get", "update"])?; // filter out peach-config from list of services let services_to_update: Vec<&str> = SERVICES - .to_vec() .iter() + .copied() .filter(|&x| x != "peach-config") .collect(); diff --git a/peach-web/Cargo.toml b/peach-web/Cargo.toml index 4f557bc..11d345b 100644 --- a/peach-web/Cargo.toml +++ b/peach-web/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "peach-web" -version = "0.6.12 +version = "0.6.13" authors = ["Andrew Reid "] edition = "2018" description = "peach-web is a web application which provides a web interface for monitoring and interacting with the PeachCloud device. This allows administration of the single-board computer (ie. Raspberry Pi) running PeachCloud, as well as the ssb-server and related plugins." -- 2.49.0 From 2adb3006fec37c179bfd1bf9c22235bff409d72b Mon Sep 17 00:00:00 2001 From: notplants Date: Tue, 19 Apr 2022 12:57:09 -0400 Subject: [PATCH 9/9] Cargo fmt --- peach-config/src/setup_peach.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/peach-config/src/setup_peach.rs b/peach-config/src/setup_peach.rs index d2736f9..1e09e95 100644 --- a/peach-config/src/setup_peach.rs +++ b/peach-config/src/setup_peach.rs @@ -4,9 +4,9 @@ use std::fs; use crate::error::{FileWriteError, PeachConfigError}; use crate::generate_manifest::save_hardware_config; +use crate::set_permissions::set_permissions; use crate::setup_networking::configure_networking; use crate::setup_peach_deb::setup_peach_deb; -use crate::set_permissions::set_permissions; use crate::update::update_microservices; use crate::utils::{cmd, conf, create_group_if_doesnt_exist, does_user_exist, get_output}; use crate::RtcOption; -- 2.49.0