Macintosh-HW
/
RASCSI
mirror of https://github.com/akuker/RASCSI.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Improve token auth and oled monitor install scripts; better venv cleanup logic (#587) 

* Trigger installation of the oled monitor script after installing rascsi; break out the token auth code and clarify wordings.

* Better logic for venv cleanup
This commit is contained in:
Daniel Markstedt 2022-01-01 09:38:10 -08:00 committed by GitHub
parent 3af3f3e2de
commit 5befff28e6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 53 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

57
easyinstall.sh
View File

@ -142,12 +142,14 @@ function installRaScsiScreen() {
SCREEN_HEIGHT="32" SCREEN_HEIGHT="32"
fi fi
echo "" if [ -z "$TOKEN" ]; then
echo "Is RaSCSI using token-based authentication? [y/N]" echo ""
read -r REPLY echo "Did you protect your RaSCSI installation with a token password? [y/N]"
if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then read -r REPLY
echo -n "Enter the passphrase that you configured: " if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then
read -r TOKEN echo -n "Enter the password that you configured with RaSCSI at the time of installation: "
read -r TOKEN
fi
fi fi
stopRaScsiScreen stopRaScsiScreen
@ -178,7 +180,7 @@ function installRaScsiScreen() {
if [ ! -z "$TOKEN" ]; then if [ ! -z "$TOKEN" ]; then
sudo sed -i "8 i ExecStart=$BASE/src/oled_monitor/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT --password=$TOKEN" "$SYSTEMD_PATH/monitor_rascsi.service" sudo sed -i "8 i ExecStart=$BASE/src/oled_monitor/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT --password=$TOKEN" "$SYSTEMD_PATH/monitor_rascsi.service"
sudo chmod 600 "$SYSTEMD_PATH/monitor_rascsi.service" sudo chmod 600 "$SYSTEMD_PATH/monitor_rascsi.service"
echo "Granted access to the OLED Monitor with the token passphrase that you configured for RaSCSI." echo "Granted access to the OLED Monitor with the password that you configured for RaSCSI."
else else
sudo sed -i "8 i ExecStart=$BASE/src/oled_monitor/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT" "$SYSTEMD_PATH/monitor_rascsi.service" sudo sed -i "8 i ExecStart=$BASE/src/oled_monitor/start.sh --rotation=$ROTATION --height=$SCREEN_HEIGHT" "$SYSTEMD_PATH/monitor_rascsi.service"
fi fi
@ -277,14 +279,14 @@ function backupRaScsiService() {
fi fi
} }
# Modifies and installs the rascsi service # Offers the choice of enabling token-based authentication for RaSCSI
function enableRaScsiService() { function configureTokenAuth() {
echo "" echo ""
echo "Do you want to enable token-based access control for RaSCSI? [y/N]" echo "Do you want to protect your RaSCSI installation with a password? [y/N]"
read REPLY read REPLY
if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then if [ "$REPLY" == "y" ] || [ "$REPLY" == "Y" ]; then
echo -n "Enter the passphrase that you want to use: " echo -n "Enter the password that you want to use: "
read -r TOKEN read -r TOKEN
if [ -f "$HOME/.rascsi_secret" ]; then if [ -f "$HOME/.rascsi_secret" ]; then
sudo rm "$HOME/.rascsi_secret" sudo rm "$HOME/.rascsi_secret"
@ -293,10 +295,17 @@ function enableRaScsiService() {
echo "$TOKEN" > "$HOME/.rascsi_secret" echo "$TOKEN" > "$HOME/.rascsi_secret"
sudo chown root:root "$HOME/.rascsi_secret" sudo chown root:root "$HOME/.rascsi_secret"
sudo chmod 600 "$HOME/.rascsi_secret" sudo chmod 600 "$HOME/.rascsi_secret"
echo ""
echo "Configured RaSCSI to use $HOME/.rascsi_secret for authentication. This file is readable by root only."
echo "Make note of your password: you will need it to use rasctl and other RaSCSI clients."
fi
}
# Modifies and installs the rascsi service
function enableRaScsiService() {
if [ ! -z "$TOKEN" ]; then
sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH -P $HOME/.rascsi_secret@" "$SYSTEMD_PATH/rascsi.service" sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH -P $HOME/.rascsi_secret@" "$SYSTEMD_PATH/rascsi.service"
sudo chmod 600 "$SYSTEMD_PATH/rascsi.service" sudo chmod 600 "$SYSTEMD_PATH/rascsi.service"
echo "Configured to use $HOME/.rascsi_secret to secure RaSCSI. This file is readable by root only."
echo "Make note of your passphrase; you will need it to use rasctl, and other RaSCSI clients."
else else
sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH@" "$SYSTEMD_PATH/rascsi.service" sudo sed -i "s@^ExecStart.*@& -F $VIRTUAL_DRIVER_PATH@" "$SYSTEMD_PATH/rascsi.service"
fi fi
@ -318,7 +327,7 @@ function installWebInterfaceService() {
if [ ! -z "$TOKEN" ]; then if [ ! -z "$TOKEN" ]; then
sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh --password=$TOKEN" "$SYSTEMD_PATH/rascsi-web.service" sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh --password=$TOKEN" "$SYSTEMD_PATH/rascsi-web.service"
sudo chmod 600 "$SYSTEMD_PATH/rascsi-web.service" sudo chmod 600 "$SYSTEMD_PATH/rascsi-web.service"
echo "Granted access to the Web Interface with the token passphrase that you configured for RaSCSI." echo "Granted access to the Web Interface with the token password that you configured for RaSCSI."
else else
sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh" "$SYSTEMD_PATH/rascsi-web.service" sudo sed -i "8 i ExecStart=$WEB_INSTALL_PATH/start.sh" "$SYSTEMD_PATH/rascsi-web.service"
fi fi
@ -784,11 +793,13 @@ function runChoice() {
echo "- Install additional packages with apt-get" echo "- Install additional packages with apt-get"
echo "- Add and modify systemd services" echo "- Add and modify systemd services"
echo "- Modify and enable Apache2 and Nginx web services" echo "- Modify and enable Apache2 and Nginx web services"
echo "- Create directories and change permissions" echo "- Create files and directories"
echo "- Change permissions of files and directories"
echo "- Modify user groups and permissions" echo "- Modify user groups and permissions"
echo "- Install binaries to /usr/local/bin" echo "- Install binaries to /usr/local/bin"
echo "- Install manpages to /usr/local/man" echo "- Install manpages to /usr/local/man"
sudoCheck sudoCheck
configureTokenAuth
stopOldWebInterface stopOldWebInterface
updateRaScsiGit updateRaScsiGit
createImagesDir createImagesDir
@ -800,9 +811,13 @@ function runChoice() {
backupRaScsiService backupRaScsiService
installRaScsi installRaScsi
enableRaScsiService enableRaScsiService
startRaScsiScreen if [ -f "$SYSTEMD_PATH/monitor_rascsi.service" ]; then
echo "Detected monitor_rascsi.service; will run the installation steps for the OLED monitor."
installRaScsiScreen
fi
installRaScsiWebInterface installRaScsiWebInterface
installWebInterfaceService installWebInterfaceService
showRaScsiScreenStatus
showRaScsiStatus showRaScsiStatus
showRaScsiWebStatus showRaScsiWebStatus
notifyBackup notifyBackup
@ -813,11 +828,13 @@ function runChoice() {
echo "This script will make the following changes to your system:" echo "This script will make the following changes to your system:"
echo "- Install additional packages with apt-get" echo "- Install additional packages with apt-get"
echo "- Add and modify systemd services" echo "- Add and modify systemd services"
echo "- Create directories and change permissions" echo "- Create files ans directories"
echo "- Change permissions of files and directories"
echo "- Modify user groups and permissions" echo "- Modify user groups and permissions"
echo "- Install binaries to /usr/local/bin" echo "- Install binaries to /usr/local/bin"
echo "- Install manpages to /usr/local/man" echo "- Install manpages to /usr/local/man"
sudoCheck sudoCheck
configureTokenAuth
updateRaScsiGit updateRaScsiGit
createImagesDir createImagesDir
installPackages installPackages
@ -827,7 +844,11 @@ function runChoice() {
backupRaScsiService backupRaScsiService
installRaScsi installRaScsi
enableRaScsiService enableRaScsiService
startRaScsiScreen if [ -f "$SYSTEMD_PATH/monitor_rascsi.service" ]; then
echo "Detected monitor_rascsi.service; will run the installation steps for the OLED monitor."
installRaScsiScreen
fi
showRaScsiScreenStatus
showRaScsiStatus showRaScsiStatus
notifyBackup notifyBackup
echo "Installing / Updating RaSCSI Service (${CONNECT_TYPE:-FULLSPEC}) - Complete!" echo "Installing / Updating RaSCSI Service (${CONNECT_TYPE:-FULLSPEC}) - Complete!"

10
src/oled_monitor/start.sh
View File

@ -66,9 +66,13 @@ fi
# Test for two known broken venv states # Test for two known broken venv states
if test -e venv; then if test -e venv; then
GOOD_VENV=true GOOD_VENV=true
! test -e venv/bin/activate && GOOD_VENV=false if ! test -e venv/bin/activate; then
pip3 list 1> /dev/null GOOD_VENV=false
test $? -eq 1 && GOOD_VENV=false else
source venv/bin/activate
pip3 list 1> /dev/null
test $? -eq 1 && GOOD_VENV=false
fi
if ! "$GOOD_VENV"; then if ! "$GOOD_VENV"; then
echo "Deleting bad python venv" echo "Deleting bad python venv"
sudo rm -rf venv sudo rm -rf venv

10
src/web/start.sh
View File

@ -34,9 +34,13 @@ fi
# Test for two known broken venv states # Test for two known broken venv states
if test -e venv; then if test -e venv; then
GOOD_VENV=true GOOD_VENV=true
! test -e venv/bin/activate && GOOD_VENV=false if ! test -e venv/bin/activate; then
pip3 list 1> /dev/null GOOD_VENV=false
test $? -eq 1 && GOOD_VENV=false else
source venv/bin/activate
pip3 list 1> /dev/null
test $? -eq 1 && GOOD_VENV=false
fi
if ! "$GOOD_VENV"; then if ! "$GOOD_VENV"; then
echo "Deleting bad python venv" echo "Deleting bad python venv"
sudo rm -rf venv sudo rm -rf venv