2020-08-27 17:46:09 +00:00
|
|
|
#!/bin/sh -e
|
|
|
|
|
2020-09-06 11:44:03 +00:00
|
|
|
# control state
|
|
|
|
state="$(cat "$__object/parameter/state")"
|
2020-08-27 17:46:09 +00:00
|
|
|
|
2020-10-11 14:39:19 +00:00
|
|
|
# Set capabilities to aquire privileaged ports as netbox user. Two modes are
|
|
|
|
# available to efficiently set capabilites. Assumes libcap-bin is installed as
|
|
|
|
# default on debian systems.
|
|
|
|
#
|
|
|
|
# Arguments:
|
|
|
|
# 1: mode to detect if capabilites are required to set ('set' or 'correct')
|
|
|
|
set_bind_cap() {
|
|
|
|
cap_mode="" # reset variable from the execution before
|
|
|
|
|
|
|
|
# check if capabilites are required after given mode
|
|
|
|
case "$1" in
|
|
|
|
# assumes capabilites are not set (cause of new binaries)
|
|
|
|
set)
|
|
|
|
if [ "$SYSTEMD_SOCKET" != "yes" ]; then
|
|
|
|
cap_mode="+ep"
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
|
|
|
|
# check if capabilities have changed
|
|
|
|
correct)
|
|
|
|
if [ -s "$__object/explorer/bind-capability" ]; then
|
|
|
|
# capabilites are set
|
|
|
|
if [ "$SYSTEMD_SOCKET" = "yes" ]; then
|
|
|
|
cap_mode="-ep" # unset
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
# capabilities are unset
|
|
|
|
if [ "$SYSTEMD_SOCKET" != "yes" ]; then
|
|
|
|
cap_mode="+ep" # set
|
|
|
|
fi
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
|
|
|
|
# faulty mode
|
|
|
|
*)
|
|
|
|
echo "called set_bind_cap incorrect (\$1 missing)" >&2
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
# set capabilities if any
|
|
|
|
if [ "$cap_mode" ]; then
|
|
|
|
printf "setcap -q CAP_NET_BIND_SERVICE%s /opt/netbox/venv/bin/uwsgi\n" "$cap_mode"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
SYSTEMD_SOCKET="$(cat "$__object/files/systemd_socket")"
|
|
|
|
|
|
|
|
|
2020-09-06 11:44:03 +00:00
|
|
|
case "$state" in
|
|
|
|
# install uwsgi
|
|
|
|
enabled|disabled)
|
|
|
|
# not installed
|
|
|
|
if ! [ -s "$__object/explorer/installed" ]; then
|
2020-10-11 14:39:19 +00:00
|
|
|
echo "/opt/netbox/venv/bin/pip3 install -q uwsgi"
|
|
|
|
set_bind_cap set
|
2020-09-06 11:44:03 +00:00
|
|
|
do_restart=yes
|
|
|
|
printf "installed\n" >> "$__messages_out"
|
2020-08-27 17:46:09 +00:00
|
|
|
|
2020-09-06 11:44:03 +00:00
|
|
|
# updates available
|
|
|
|
elif [ -s "$__object/explorer/upgradeable" ]; then
|
2020-10-11 14:39:19 +00:00
|
|
|
echo "/opt/netbox/venv/bin/pip3 install -q --upgrade uwsgi"
|
|
|
|
set_bind_cap set
|
2020-09-06 11:44:03 +00:00
|
|
|
do_restart=yes
|
|
|
|
printf "upgraded\n" >> "$__messages_out"
|
|
|
|
fi
|
2020-08-27 17:46:09 +00:00
|
|
|
|
2020-09-06 11:44:03 +00:00
|
|
|
# changed configuration
|
|
|
|
if grep -q "^__file/opt/netbox/uwsgi.ini:" "$__messages_in"; then
|
|
|
|
do_restart=yes
|
|
|
|
printf "configured\n" >> "$__messages_out"
|
|
|
|
fi
|
2020-08-27 17:46:09 +00:00
|
|
|
|
2020-10-11 14:39:19 +00:00
|
|
|
# if no capabilities were set yet, check if any are required
|
|
|
|
if [ -z "$cap_mode" ]; then
|
|
|
|
set_bind_cap correct
|
|
|
|
fi
|
|
|
|
|
2020-09-06 11:44:03 +00:00
|
|
|
|
|
|
|
# restart uwsgi
|
|
|
|
if [ "$do_restart" ] && [ "$state" != "disabled" ]; then
|
|
|
|
cat << EOF
|
2020-08-27 17:46:09 +00:00
|
|
|
# Restart service
|
2020-09-09 17:08:46 +00:00
|
|
|
systemctl restart uwsgi-netbox
|
2020-08-27 17:46:09 +00:00
|
|
|
EOF
|
2020-09-06 11:44:03 +00:00
|
|
|
fi
|
|
|
|
;;
|
|
|
|
|
|
|
|
# uninstall
|
|
|
|
absent)
|
|
|
|
# check if installed
|
|
|
|
if [ -s "$__object/explorer/installed" ]; then
|
|
|
|
# service already disabled
|
2020-10-11 14:39:19 +00:00
|
|
|
echo "/opt/netbox/venv/bin/pip3 uninstall -qy uwsgi"
|
2020-09-06 11:44:03 +00:00
|
|
|
printf "uninstalled\n" >> "$__messages_out"
|
|
|
|
fi
|
|
|
|
;;
|
|
|
|
esac
|