Moved all systemd untis to user bridgehead

2022-05-04 09:14:32 +02:00 · 2022-05-04 09:14:32 +02:00 · 26c9fc0cff
parent 5bacdf02fb
commit 26c9fc0cff
6 changed files with 20 additions and 11 deletions
--- a/README.md
+++ b/README.md
@ -70,6 +70,11 @@ sudo mkdir /srv/docker/;
 sudo git clone https://github.com/samply/bridgehead.git /srv/docker/bridgehead;
 ```

+adduser --no-create-home --disabled-login --ingroup docker --gecos "" bridgehead
+ useradd -M -g docker -N -s /sbin/nologin bridgehead
+chown bridghead /srv/docker/bridgehead/ -R
+
+
 Next, you need to configure a set of variables, specific for your site with not so high security concerns. You can visit the configuration template at [GitHub](https://github.com/samply/bridgehead-config). You can download the repositories contents and add them to the "bridgehead-config" directory.

 ``` shell
@ -98,6 +103,16 @@ sudo ./lib/setup-bridgehead-units.sh

 Finally, you need to configure your sites secrets. These are places as configuration for each bridgeheads system unit. Refer to the section for your specific project:

+### For Any Project you need to set the proxy in Update too
+
+``` conf
+[Service]
+Environment=http_proxy=
+Environment=https_proxy=
+```
+
+
+
 ### DKTK/C4
 You can create the site specific configuration with: 

--- a/lib/generate.sh
+++ b/lib/generate.sh
@ -5,11 +5,6 @@ then
  mkdir landing
 fi

-if [ ! -f ./landing/index.html ]
-then
-  touch index.html
-fi
-
 CENTRAL_SERVICES="          <tr>
            <td>CCP-IT</td>
            <td><a href=\"https://monitor.vmitro.de/icingaweb2/dashboard\">Monitoring Service</td>
--- a/lib/prerequisites.sh
+++ b/lib/prerequisites.sh
@ -4,7 +4,7 @@
 ## Check if user is a su
 echo "Welcome to the starting a bridgehead. We will get your instance up and running in no time"
 echo "First we will check if all prerequisites are met ..."
-prerequisites="git docker docker-compose cat"
+prerequisites="git docker docker-compose"
 for prerequisite in $prerequisites; do
  $prerequisite --version 2>&1
  is_available=$?
--- a/lib/setup-bridgehead-units.sh
+++ b/lib/setup-bridgehead-units.sh
@ -3,7 +3,7 @@

 source lib/functions.sh

-if ! su bridgehead ./lib/prerequisites.sh; then
+if ! ./lib/prerequisites.sh; then
    log "Prerequisites failed, exiting"
    exit 1
 fi
@ -18,8 +18,6 @@ cp -v \

 systemctl daemon-reload

-su bridgehead source ./lib/generate.sh
-
 echo

 if ! systemctl is-active --quiet bridgehead@"${project}"; then
--- a/lib/systemd/bridgehead-update@.service
+++ b/lib/systemd/bridgehead-update@.service
@ -3,8 +3,10 @@ Description=Bridgehead (%i) Update Service

 [Service]
 Type=oneshot
+User=bridgehead
 WorkingDirectory=/srv/docker/bridgehead/
-ExecStart=/bin/bash -c "/srv/docker/bridgehead/update-bridgehead.sh %i"
+
+ExecStart=/srv/docker/bridgehead/update-bridgehead.sh %i

 [Install]
 WantedBy=multi-user.target
--- a/lib/systemd/bridgehead@.service
+++ b/lib/systemd/bridgehead@.service
@ -8,7 +8,6 @@ RestartSec=30

 WorkingDirectory=/srv/docker/bridgehead/

-ExecStartPre=/srv/docker/bridgehead/stop-bridgehead.sh %i
 ExecStart=/srv/docker/bridgehead/start-bridgehead.sh %i
 RemainAfterExit=true
 ExecStop=/srv/docker/bridgehead/stop-bridgehead.sh %i