From be462777c0d96d18078458f864e727fce02281bf Mon Sep 17 00:00:00 2001 From: ukkopahis <95980324+ukkopahis@users.noreply.github.com> Date: Fri, 29 Apr 2022 00:17:02 +0300 Subject: [PATCH 1/2] menu: add help and cleanup --- install.sh | 2 ++ menu.sh | 42 +++++++++++++++++++++++++++++------------- 2 files changed, 31 insertions(+), 13 deletions(-) diff --git a/install.sh b/install.sh index 21f6d438..3beb172f 100755 --- a/install.sh +++ b/install.sh @@ -17,6 +17,8 @@ do --no-ask) NOASKCONFIRM="true" ;; --*) echo "bad option $1" + echo "USAGE: $0 [--no-ask]" + exit 1 ;; esac shift diff --git a/menu.sh b/menu.sh index 55e19ae6..3a28a8a2 100755 --- a/menu.sh +++ b/menu.sh @@ -1,4 +1,5 @@ #!/bin/bash +# vim: noexpandtab CURRENT_BRANCH=$(git name-rev --name-only HEAD) @@ -14,9 +15,6 @@ VGET_CMD="$PYTHON_CMD ./scripts/python_deps_check.py" sys_arch=$(uname -m) -# ---------------------------------------------- -# Helper functions -# ---------------------------------------------- function command_exists() { command -v "$@" > /dev/null 2>&1 } @@ -359,13 +357,7 @@ function do_env_checks() { fi } -# ---------------------------------------------- -# Menu bootstrap entry point -# ---------------------------------------------- - -if [[ "$*" == *"--no-check"* ]]; then - echo "Skipping preflight checks." -else +function do_checks() { do_project_checks do_env_checks do_python3_checks @@ -384,14 +376,27 @@ else echo " rm .docker_notinstalled || rm .docker_outofdate || rm .project_outofdate" echo "" fi -fi +} + +function do_help() { + echo "USAGE: + $0 [OPTIONS...]" + echo $'OPTIONS: + --branch override branch to check for updates + (default: current branch) + --no-check don\'t run any environment or git checks + --run-env-setup try to make required user&group changes + --encoding set encoding for menu' +} while test $# -gt 0 do case "$1" in --branch) CURRENT_BRANCH=${2:-$(git name-rev --name-only HEAD)} ;; - --no-check) echo "" + --no-check) + NO_CHECKS=true + echo "Skipping preflight checks." ;; --run-env-setup) # Sudo cannot be run from inside functions. echo "Setting up environment:" @@ -411,12 +416,23 @@ do ;; --encoding) ENCODING_TYPE=$2 ;; - --*) echo "bad option $1" + --help) + do_help + exit 1 + ;; + --*) + echo "ERROR: unknown option: $1" + do_help + exit 1 ;; esac shift done +if [[ -z "$NO_CHECKS" ]]; then + do_checks +fi + # This section is temporary, it's just for notifying people of potential breaking changes. if [[ -f .new_install ]]; then echo "Existing installation detected." From 0c6d56476274a873d2d720b9731d1e1f911f6f2b Mon Sep 17 00:00:00 2001 From: ukkopahis <95980324+ukkopahis@users.noreply.github.com> Date: Fri, 29 Apr 2022 08:41:50 +0300 Subject: [PATCH 2/2] remove assumption user ID is 1000 On menu.sh start, store current UID and GID to .env, if they are missing. Use these to run services that use a customized user. --- .gitignore | 2 ++ .templates/blynk_server/service.yml | 4 ++-- .templates/domoticz/service.yml | 4 ++-- .templates/gitea/service.yml | 4 ++-- .templates/heimdall/service.yml | 4 ++-- .templates/homebridge/service.yml | 4 ++-- .templates/homer/service.yml | 4 ++-- .templates/mariadb/service.yml | 4 ++-- .templates/n8n/service.yml | 10 ++++---- .templates/nextcloud/service.yml | 4 ++-- .templates/plex/service.yml | 4 ++-- .templates/prometheus/service.yml | 4 ++-- .templates/python/service.yml | 4 ++-- .templates/qbittorrent/service.yml | 4 ++-- .templates/syncthing/service.yml | 4 ++-- .templates/transmission/service.yml | 4 ++-- .templates/wireguard/service.yml | 4 ++-- docs/Basic_setup/Backup-and-Restore.md | 13 +++++++++-- docs/Basic_setup/index.md | 32 ++++++++++++++++++-------- docs/Containers/Home-Assistant.md | 4 ++-- docs/Containers/NextCloud.md | 4 ++-- docs/Containers/Prometheus.md | 6 ++--- docs/Containers/Python.md | 30 +++++++++++++----------- docs/Containers/WireGuard.md | 8 +++---- menu.sh | 19 +++++++++++++++ scripts/backup.sh | 2 ++ 26 files changed, 118 insertions(+), 72 deletions(-) diff --git a/.gitignore b/.gitignore index 19fb83c2..dd3e3de4 100644 --- a/.gitignore +++ b/.gitignore @@ -5,7 +5,9 @@ /.tmp/* __pycache__ docker-compose.yml +docker-compose.override.yml compose-override.yml +.env postbuild.sh pre_backup.sh post_backup.sh diff --git a/.templates/blynk_server/service.yml b/.templates/blynk_server/service.yml index 28c3e01b..784d3541 100644 --- a/.templates/blynk_server/service.yml +++ b/.templates/blynk_server/service.yml @@ -7,8 +7,8 @@ blynk_server: restart: unless-stopped environment: - TZ=Etc/UTC - - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} ports: - "8180:8080" - "8440:8440" diff --git a/.templates/domoticz/service.yml b/.templates/domoticz/service.yml index 58367c31..c7d53f94 100644 --- a/.templates/domoticz/service.yml +++ b/.templates/domoticz/service.yml @@ -10,8 +10,8 @@ domoticz: restart: unless-stopped network_mode: bridge environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} # - TZ= # - WEBROOT=domoticz diff --git a/.templates/gitea/service.yml b/.templates/gitea/service.yml index 6bb8525d..bcc2e3db 100644 --- a/.templates/gitea/service.yml +++ b/.templates/gitea/service.yml @@ -6,8 +6,8 @@ gitea: - "7920:3000/tcp" - "2222:22/tcp" environment: - - USER_UID=1000 - - USER_GID=1000 + - USER_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - USER_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} volumes: - ./volumes/gitea/data:/data - /etc/timezone:/etc/timezone:ro diff --git a/.templates/heimdall/service.yml b/.templates/heimdall/service.yml index 9d785575..0f469400 100644 --- a/.templates/heimdall/service.yml +++ b/.templates/heimdall/service.yml @@ -2,8 +2,8 @@ heimdall: image: ghcr.io/linuxserver/heimdall container_name: heimdall environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Europe/Paris volumes: - ./volumes/heimdall/config:/config diff --git a/.templates/homebridge/service.yml b/.templates/homebridge/service.yml index c2461c40..fcdfaf98 100644 --- a/.templates/homebridge/service.yml +++ b/.templates/homebridge/service.yml @@ -4,8 +4,8 @@ homebridge: restart: unless-stopped environment: - TZ=Etc/UTC - - PGID=1000 - - PUID=1000 + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} - HOMEBRIDGE_CONFIG_UI=1 - HOMEBRIDGE_CONFIG_UI_PORT=8581 volumes: diff --git a/.templates/homer/service.yml b/.templates/homer/service.yml index 1e72fb3d..4908998d 100644 --- a/.templates/homer/service.yml +++ b/.templates/homer/service.yml @@ -2,8 +2,8 @@ homer: image: b4bz/homer:latest container_name: homer environment: - - UID=1000 - - GID=1000 + - UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} volumes: - ./volumes/homer/assets:/www/assets ports: diff --git a/.templates/mariadb/service.yml b/.templates/mariadb/service.yml index 37b4d95f..88be1ad7 100644 --- a/.templates/mariadb/service.yml +++ b/.templates/mariadb/service.yml @@ -3,8 +3,8 @@ mariadb: container_name: mariadb environment: - TZ=Etc/UTC - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - MYSQL_ROOT_PASSWORD=%randomAdminPassword% - MYSQL_DATABASE=default - MYSQL_USER=mariadbuser diff --git a/.templates/n8n/service.yml b/.templates/n8n/service.yml index c547a028..069a817a 100644 --- a/.templates/n8n/service.yml +++ b/.templates/n8n/service.yml @@ -21,9 +21,9 @@ n8n: # - N8N_BASIC_AUTH_ACTIVE=true # - N8N_BASIC_AUTH_USER= # - N8N_BASIC_AUTH_PASSWORD= - -# - PGID=1000 -# - PUID=1000 -# - USBDEVICES=/dev/ttyAMA0 -# - PACKAGES=mc +# +# - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} +# - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} +# - USBDEVICES=/dev/ttyAMA0 +# - PACKAGES=mc diff --git a/.templates/nextcloud/service.yml b/.templates/nextcloud/service.yml index 9a31651a..cf4de93f 100644 --- a/.templates/nextcloud/service.yml +++ b/.templates/nextcloud/service.yml @@ -23,8 +23,8 @@ nextcloud_db: restart: unless-stopped environment: - TZ=Etc/UTC - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - MYSQL_ROOT_PASSWORD=%randomPassword% - MYSQL_PASSWORD=%randomMySqlPassword% - MYSQL_DATABASE=nextcloud diff --git a/.templates/plex/service.yml b/.templates/plex/service.yml index 2e642dc6..450790cb 100644 --- a/.templates/plex/service.yml +++ b/.templates/plex/service.yml @@ -3,8 +3,8 @@ plex: container_name: plex network_mode: host environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - VERSION=docker volumes: - ./volumes/plex/config:/config diff --git a/.templates/prometheus/service.yml b/.templates/prometheus/service.yml index 702678c8..6dc8c05d 100644 --- a/.templates/prometheus/service.yml +++ b/.templates/prometheus/service.yml @@ -6,8 +6,8 @@ prometheus: ports: - "9090:9090" environment: - - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} volumes: - ./volumes/prometheus/data:/prometheus command: diff --git a/.templates/python/service.yml b/.templates/python/service.yml index 5d4851b4..41005153 100644 --- a/.templates/python/service.yml +++ b/.templates/python/service.yml @@ -4,8 +4,8 @@ python: restart: unless-stopped environment: - TZ=Etc/UTC - - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} # ports: # - "external:internal" volumes: diff --git a/.templates/qbittorrent/service.yml b/.templates/qbittorrent/service.yml index 504d29de..fce7ecd1 100644 --- a/.templates/qbittorrent/service.yml +++ b/.templates/qbittorrent/service.yml @@ -2,8 +2,8 @@ image: linuxserver/qbittorrent container_name: qbittorrent environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - UMASK_SET=022 - WEBUI_PORT=15080 volumes: diff --git a/.templates/syncthing/service.yml b/.templates/syncthing/service.yml index 1dfbc9c3..99aef8e6 100644 --- a/.templates/syncthing/service.yml +++ b/.templates/syncthing/service.yml @@ -3,8 +3,8 @@ container_name: syncthing hostname: raspberrypi #optional environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - HOME=/app - TZ=Etc/UTC volumes: diff --git a/.templates/transmission/service.yml b/.templates/transmission/service.yml index d179123d..f184eb51 100644 --- a/.templates/transmission/service.yml +++ b/.templates/transmission/service.yml @@ -2,8 +2,8 @@ transmission: image: linuxserver/transmission container_name: transmission environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Etc/UTC volumes: - ./volumes/transmission/config:/config diff --git a/.templates/wireguard/service.yml b/.templates/wireguard/service.yml index 757f4967..a3ba77e5 100644 --- a/.templates/wireguard/service.yml +++ b/.templates/wireguard/service.yml @@ -3,8 +3,8 @@ wireguard: image: ghcr.io/linuxserver/wireguard restart: unless-stopped environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Etc/UTC - SERVERURL=your.dynamic.dns.name - SERVERPORT=51820 diff --git a/docs/Basic_setup/Backup-and-Restore.md b/docs/Basic_setup/Backup-and-Restore.md index 48de688a..0c5a016a 100644 --- a/docs/Basic_setup/Backup-and-Restore.md +++ b/docs/Basic_setup/Backup-and-Restore.md @@ -14,7 +14,9 @@ There are 2 ways to run backups: The command that's run from the command line can also be executed from a cronjob: -```0 2 * * * cd /home/pi/IOTstack && /bin/bash ./scripts/backup.sh``` +``` +0 2 * * * cd /home/pi/IOTstack && /bin/bash ./scripts/backup.sh +``` The current directory of bash must be in IOTstack's directory, to ensure that it can find the relative paths of the files it's meant to back up. In the example above, it's assume that it's inside the `pi` user's home directory. @@ -60,7 +62,14 @@ There are 2 ways to run a restore: * From the menu: `Backup and Restore` > `Restore from backup` * Running the following command: `bash ./scripts/restore.sh` -**Important**: The restore script assumes that the IOTstack directory is fresh, as if it was just cloned. If it is not fresh, errors may occur, or your data may not correctly be restored even if no errors are apparent. +**Important**: + +* The restore script assumes that the IOTstack directory is fresh, as if it was + just cloned. If it's not clean git clone, errors may occur, or your data may + not be restored correctly even if no errors are apparent. +* When reinstalling Raspberry or migrating to a new installation, use the same + user and ID (usually pi and 1000) as when you created the backup. Changing + to another user ID is explicitly NOT supported. *Note*: It is suggested that you test that your backups can be restored after initially setting up, and anytime you add or remove a service. Major updates to services can also break backups. diff --git a/docs/Basic_setup/index.md b/docs/Basic_setup/index.md index 5311ae43..8b69eb0d 100644 --- a/docs/Basic_setup/index.md +++ b/docs/Basic_setup/index.md @@ -17,9 +17,11 @@ IOTstack makes the following assumptions: 1. Your hardware is a Raspberry Pi (typically a 3B+ or 4B). * The Raspberry Pi Zero W2 has been tested with IOTstack. It works but the 512MB RAM means you should not try to run too many containers concurrently. - * Users have also [reported success - ](https://github.com/SensorsIot/IOTstack/issues/375) on Orange Pi + * Users have also [reported success]( + https://github.com/SensorsIot/IOTstack/issues/375) on Orange Pi Win/Plus. + * Most services will run on any Linux machine with Docker, but some have + Raspberry Pi specific default configurations or dependencies. 2. Your Raspberry Pi has a reasonably-recent version of 32-bit or 64-bit Raspberry Pi OS (aka "Raspbian") installed. You can download operating-system images: @@ -28,21 +30,31 @@ IOTstack makes the following assumptions: * [Prior releases](http://downloads.raspberrypi.org/raspios_armhf/images/) : This offers only "Raspberry Pi OS with desktop" images. -3. Your operating system has been updated: +3. You've done a "default" Raspberry Pi OS install, which automatically + satisfies: + + - you log in as a regular user, not root. The actual username and its + numeric uid doesn't matter. + - this user has `sudo`-access, usually this is done by belonging to the + *sudo*-group. + - boot partition is mounted at `/boot`. + +4. Your operating system has been updated: ``` console $ sudo apt update $ sudo apt upgrade -y ``` -4. You are logged-in as the user "pi". -5. User "pi" has the user ID 1000. -6. The home directory for user "pi" is `/home/pi/`. -7. IOTstack is installed at `/home/pi/IOTstack` (with that exact spelling). - -If the first three assumptions hold, assumptions four through six are Raspberry Pi defaults on a clean installation. The seventh is what you get if you follow these instructions faithfully. +For brevity, this documentation also makes some guesses, but these aren't +technical requirements. If you have a different choice, you'll just have to +adjust the commands presented in these instructions to match the change. For +first-time Linux users it's recommended to start with these: -Please don't read these assumptions as saying that IOTstack will not run on other hardware, other operating systems, or as a different user. It is just that IOTstack gets most of its testing under these conditions. The further you get from these implicit assumptions, the more your mileage may vary. +- You are logged-in as the user "pi". +- The home directory for user "pi" is `/home/pi/`. +- IOTstack is installed at `~/IOTstack` (with that exact spelling). +- The system hostname is `raspberrypi` ## New installation diff --git a/docs/Containers/Home-Assistant.md b/docs/Containers/Home-Assistant.md index 4edcd1db..8b541cea 100644 --- a/docs/Containers/Home-Assistant.md +++ b/docs/Containers/Home-Assistant.md @@ -124,8 +124,8 @@ your RPi hostname is raspberrypi) cap_add: - NET_ADMIN environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Etc/UTC - URL=.duckdns.org - SUBDOMAINS=wildcard diff --git a/docs/Containers/NextCloud.md b/docs/Containers/NextCloud.md index b8585648..922408c3 100644 --- a/docs/Containers/NextCloud.md +++ b/docs/Containers/NextCloud.md @@ -27,8 +27,8 @@ nextcloud_db: restart: unless-stopped environment: - TZ=Etc/UTC - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - MYSQL_ROOT_PASSWORD=«root_password» - MYSQL_PASSWORD=«user_password» - MYSQL_DATABASE=nextcloud diff --git a/docs/Containers/Prometheus.md b/docs/Containers/Prometheus.md index 094a1c55..e16d5cac 100644 --- a/docs/Containers/Prometheus.md +++ b/docs/Containers/Prometheus.md @@ -237,11 +237,11 @@ The IOTstack implementation of *Prometheus* supports two environment variables: ```yaml environment: - - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} ``` -Those variables control ownership of the [Configuration directory](#configDir) and its contents. Those environment variables are present in the standard IOTstack service definition for *Prometheus* and have the effect of assigning ownership to "pi:pi". +Those variables control ownership of the [Configuration directory](#configDir) and its contents. Those environment variables are present in the standard IOTstack service definition for *Prometheus* and have the effect of assigning ownership to your current user, e.g. "pi". If you delete those environment variables from your *Compose* file, the [Configuration directory](#configDir) will be owned by "nobody:nobody"; otherwise the directory and its contents will be owned by whatever values you pass for those variables. diff --git a/docs/Containers/Python.md b/docs/Containers/Python.md index 331c637a..b0464ba2 100644 --- a/docs/Containers/Python.md +++ b/docs/Containers/Python.md @@ -34,8 +34,8 @@ When you select Python in the menu: restart: unless-stopped environment: - TZ=Etc/UTC - - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - IOTSTACK_GID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} # ports: # - "external:internal" volumes: @@ -48,18 +48,20 @@ The service definition contains a number of customisation points: 1. `restart: unless-stopped` assumes your Python script will run in an infinite loop. If your script is intended to run once and terminate, you should remove this directive. 2. `TZ=Etc/UTC` should be set to your local time-zone. Never use quote marks on the right hand side of a `TZ=` variable. -3. If you are running as a different user ID, you may want to change both `IOTSTACK_UID` and `IOTSTACK_GID` to appropriate values. +3. If you need a different user ID, you may want to change both `IOTSTACK_UID` + and `IOTSTACK_GID` to appropriate values. By default they are defined to be + the same as the current user when you run the menu. Defaults are stored in + `~/IOTstack/.env`, but don't edit that file. Make your edits directly to + `docker-compose.yml`. - Notes: + !!! note - * Don't use user and group *names* because these variables are applied *inside* the container where those names are (probably) undefined. - * The only thing these variables affect is the ownership of: - - ``` - ~/IOTstack/volumes/python/app - ``` - - and its contents. If you want everything to be owned by root, set both of these variables to zero (eg `IOTSTACK_UID=0`). + * Don't use user and group *names* because these variables are applied + *inside* the container where those names are (probably) undefined. + * The only thing these variables affect is the ownership of + `~/IOTstack/volumes/python/app` and its contents. If you want + everything to be owned by root, set both of these variables to zero + (e.g. `IOTSTACK_UID=0`). 4. If your Python script listens to data-communications traffic, you can set up the port mappings by uncommenting the `ports:` directive. @@ -444,8 +446,8 @@ Proceed like this: restart: unless-stopped restart: unless-stopped environment: environment: - TZ=Etc/UTC - TZ=Etc/UTC - - IOTSTACK_UID=1000 - IOTSTACK_UID=1000 - - IOTSTACK_GID=1000 - IOTSTACK_GID=1000 + - IOTSTACK_UID=${IOTSTACK_UID:?...} - IOTSTACK_UID=${IOTSTACK_UID:?...} + - IOTSTACK_GID=${IOTSTACK_GID:?...} - IOTSTACK_GID=${IOTSTACK_GID:?...} # ports: # ports: # - "external:internal" # - "external:internal" volumes: volumes: diff --git a/docs/Containers/WireGuard.md b/docs/Containers/WireGuard.md index 49c6deba..05424902 100644 --- a/docs/Containers/WireGuard.md +++ b/docs/Containers/WireGuard.md @@ -41,8 +41,8 @@ wireguard: image: ghcr.io/linuxserver/wireguard restart: unless-stopped environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Etc/UTC - SERVERURL=your.dynamic.dns.name - SERVERPORT=51820 @@ -247,8 +247,8 @@ You will need to create the `compose-override.yml` **before** running the menu t services: wireguard: environment: - - PUID=1000 - - PGID=1000 + - PUID=${IOTSTACK_UID:?IOTSTACK_UID must be defined in ~/IOTstack/.env} + - PGID=${IOTSTACK_GID:?IOTSTACK_GID must be defined in ~/IOTstack/.env} - TZ=Australia/Sydney - SERVERURL=downunda.duckdns.org - SERVERPORT=51820 diff --git a/menu.sh b/menu.sh index 3a28a8a2..af941105 100755 --- a/menu.sh +++ b/menu.sh @@ -378,6 +378,23 @@ function do_checks() { fi } +function do_dotenv_defaults() { + ENV_FILE=.env + echo "Checking $ENV_FILE is setting IOTSTACK_UID and IOTSTACK_GID" + grep -qs '^IOTSTACK_UID=' $ENV_FILE || { + echo Adding missing definitions to $ENV_FILE using UID:GID=$(id --user):$(id --group) + cat >> $ENV_FILE <<- EOF + # Changing IOTSTACK_UID or IOTSTACK_GID after you have started the stack is not + # supported. File owners in the 'volumes'-folder won't automatically update to + # match, resulting in various problems. i.e. Do NOT change the next two lines. + IOTSTACK_UID=$(id --user) + EOF + } + grep -qs '^IOTSTACK_GID=' $ENV_FILE || { + echo "IOTSTACK_GID=$(id --group)" >> $ENV_FILE + } +} + function do_help() { echo "USAGE: $0 [OPTIONS...]" @@ -433,6 +450,8 @@ if [[ -z "$NO_CHECKS" ]]; then do_checks fi +do_dotenv_defaults + # This section is temporary, it's just for notifying people of potential breaking changes. if [[ -f .new_install ]]; then echo "Existing installation detected." diff --git a/scripts/backup.sh b/scripts/backup.sh index 6856c1d7..643ef0fd 100755 --- a/scripts/backup.sh +++ b/scripts/backup.sh @@ -90,6 +90,8 @@ bash ./scripts/backup_restore/pre_backup_complete.sh >> $LOGFILE 2>&1 echo "./services/" >> $BACKUPLIST echo "./volumes/" >> $BACKUPLIST [ -f "./docker-compose.yml" ] && echo "./docker-compose.yml" >> $BACKUPLIST +[ -f "./docker-compose.override.yml" ] && echo "./docker-compose.override.yml" >> $BACKUPLIST +[ -f "./.env" ] && echo "./.env" >> $BACKUPLIST [ -f "./compose-override.yml" ] && echo "./compose-override.yml" >> $BACKUPLIST [ -f "./extra" ] && echo "./extra" >> $BACKUPLIST [ -f "./.tmp/databases_backup" ] && echo "./.tmp/databases_backup" >> $BACKUPLIST