From d2973d23b00d09739bc9bb8e842130166d593f7b Mon Sep 17 00:00:00 2001 From: Dmitry Smirnov Date: Thu, 26 Dec 2024 13:16:25 +0200 Subject: [PATCH] systemd module integration --- .gitignore | 2 +- Dockerfile | 41 ++++++++++++++++++++++---- etc/home/default.service | 10 +++++++ lib/environment.sh | 9 ++++++ lib/process_manager.sh | 53 ++++++++++++++++++++++++++++++++++ src/configs/services.yml | 4 +++ src/scripts/process_example.sh | 9 ++++++ 7 files changed, 121 insertions(+), 7 deletions(-) create mode 100644 etc/home/default.service create mode 100644 lib/process_manager.sh create mode 100644 src/configs/services.yml create mode 100644 src/scripts/process_example.sh diff --git a/.gitignore b/.gitignore index 9b244e56..887a5e63 100644 --- a/.gitignore +++ b/.gitignore @@ -28,7 +28,7 @@ dist/ *_creds.json # Environment variables file -*env* +.env # Ignore Prettier configuration overrides for development .prettierignore diff --git a/Dockerfile b/Dockerfile index de216e81..487f8a19 100644 --- a/Dockerfile +++ b/Dockerfile @@ -52,9 +52,9 @@ RUN ARCH=$(uname -m) && \ # Install Google Cloud SDK (architecture-aware) RUN ARCH=$(uname -m) && \ if [ "$ARCH" = "x86_64" ]; then \ - curl -sSL "https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-504.0.0-linux-x86_64.tar.gz" -o google-cloud-sdk.tar.gz; \ + curl -sSL "https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-504.0.0-linux-x86_64.tar.gz" -o google-cloud-sdk.tar.gz; \ elif [ "$ARCH" = "aarch64" ]; then \ - curl -sSL "https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-504.0.0-linux-arm.tar.gz" -o google-cloud-sdk.tar.gz; \ + curl -sSL "https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-sdk-504.0.0-linux-arm.tar.gz" -o google-cloud-sdk.tar.gz; \ fi && \ tar -xzf google-cloud-sdk.tar.gz && \ ./google-cloud-sdk/install.sh -q && \ @@ -85,15 +85,43 @@ RUN mkdir -p $GNUPGHOME && \ # Install Bitwarden CLI (architecture-aware) RUN ARCH=$(uname -m) && \ if [ "$ARCH" = "x86_64" ]; then \ - curl -Lso /usr/local/bin/bw "https://vault.bitwarden.com/download/linux/amd64/bw"; \ + curl -Lso /usr/local/bin/bw "https://vault.bitwarden.com/download/linux/amd64/bw"; \ elif [ "$ARCH" = "aarch64" ]; then \ - curl -Lso /usr/local/bin/bw "https://vault.bitwarden.com/download/linux/arm64/bw"; \ + curl -Lso /usr/local/bin/bw "https://vault.bitwarden.com/download/linux/arm64/bw"; \ else \ - echo "Unsupported architecture: $ARCH" && exit 1; \ + echo "Unsupported architecture: $ARCH" && exit 1; \ fi && \ chmod +x /usr/local/bin/bw && \ rm -rf /tmp/* /var/tmp/* +# Prepare the system for systemd usage +RUN find /etc/systemd/system \ + /lib/systemd/system \ + -path '*.wants/*' \ + -not -name '*journald*' \ + -delete; \ + systemctl set-default multi-user.target; \ + systemctl mask \ + tmp.mount \ + etc-hostname.mount \ + etc-hosts.mount \ + etc-resolv.conf.mount \ + -- -.mount \ + swap.target \ + getty.target \ + getty-static.service \ + dev-mqueue.mount \ + cgproxy.service \ + systemd-remount-fs.service \ + sys-kernel-config.mount \ + sys-kernel-debug.mount \ + sys-fs-fuse-connections.mount \ + systemd-logind.service \ + systemd-random-seed.service \ + systemd-tmpfiles-setup-dev.service \ + systemd-tmpfiles-setup.service \ + systemd-update-utmp.service + # Create a new user and group with specific UID and GID, and set permissions RUN groupadd -g ${GID} ${USER} && \ useradd -l -m -u ${UID} -g ${GID} -s /bin/bash ${USER} @@ -110,7 +138,8 @@ RUN mkdir -p /etc/worker /home/${USER}/.cd/bin /home/${USER}/.cd/configs && \ WORKDIR /home/${USER} # Copy built-in worker.yml to the container -COPY ./src/configs/worker.yml /etc/worker/worker.yml +COPY ./src/configs /etc/worker +COPY ./src/scripts /usr/local/scripts # Copy the bin, etc, and lib directories COPY ./etc/home /home/${USER}/etc diff --git a/etc/home/default.service b/etc/home/default.service new file mode 100644 index 00000000..808fdb4d --- /dev/null +++ b/etc/home/default.service @@ -0,0 +1,10 @@ +[Unit] +Description=${name} +After=${after} + +[Service] +ExecStart=${exec_start} +Restart=always + +[Install] +WantedBy=multi-user.target \ No newline at end of file diff --git a/lib/environment.sh b/lib/environment.sh index c1ca2aa2..44b60d4a 100644 --- a/lib/environment.sh +++ b/lib/environment.sh @@ -24,6 +24,8 @@ source_if_exists "$SCRIPT_DIR/auth.sh" source_if_exists "$SCRIPT_DIR/secrets.sh" # shellcheck source=./cleanup.sh source_if_exists "$SCRIPT_DIR/cleanup.sh" +# shellcheck source=./process_manager.sh +source_if_exists "$SCRIPT_DIR/process_manager.sh" # shellcheck source=./worker_config.sh source_if_exists "$SCRIPT_DIR/worker_config.sh" @@ -86,6 +88,13 @@ configure_environment() { return 1 fi + # Perform process manager setup + log_info "Setting up process manager..." + if ! generate_and_activate_services; then + log_error "Failed to activate services." + return 1 + fi + log_info "Environment setup completed successfully." } diff --git a/lib/process_manager.sh b/lib/process_manager.sh new file mode 100644 index 00000000..e3b6ae9c --- /dev/null +++ b/lib/process_manager.sh @@ -0,0 +1,53 @@ +#!/bin/bash + +# Function to check if systemd should be enabled +should_enable_systemd() { + if [ -f "$CONFIG_FILE" ]; then + return 0 + else + return 1 + fi +} + +# Function to parse service information from YAML configuration +parse_service_info() { + local service_yaml="$1" + name=$(echo "$service_yaml" | yq e '.name' -) + exec_start=$(echo "$service_yaml" | yq e '.exec_start' -) + after=$(echo "$service_yaml" | yq e '.after' -) +} + +# Function to create a systemd service file from a template +create_service_file() { + local template_file="$SERVICE_DIR/default.service" + sed -e "s|\${name}|$name|g" \ + -e "s|\${exec_start}|$exec_start|g" \ + -e "s|\${after}|$after|g" \ + "$template_file" > "${SERVICE_DIR}/${name}.service" +} + +# Main function to generate systemd service unit files from template based on services.yml +generate_and_activate_services() { + if ! should_enable_systemd; then + echo "Systemd is not enabled. services.yml not found." + return 1 + fi + + echo "services.yml found. Generating and managing systemd service files..." + + yq e '.services[]' "$CONFIG_FILE" | while IFS= read -r service_yaml; do + parse_service_info "$service_yaml" + + if [[ -n "$name" && -n "$exec_start" && -n "$after" ]]; then + create_service_file || { echo "Failed to create service file for $name"; return 1; } + echo "Service file for $name created." + else + echo "Missing required service fields for a service in services.yml" + return 1 + fi + done +} + +# Variables (these should be defined or passed to the script) +CONFIG_FILE="/etc/worker/services.yml" +SERVICE_DIR="/home/${USER}/etc" \ No newline at end of file diff --git a/src/configs/services.yml b/src/configs/services.yml new file mode 100644 index 00000000..9ca0a366 --- /dev/null +++ b/src/configs/services.yml @@ -0,0 +1,4 @@ +services: + - name: myservice1 + exec_start: /usr/local/scripts/process_example.sh + after: network.target diff --git a/src/scripts/process_example.sh b/src/scripts/process_example.sh new file mode 100644 index 00000000..ffe8534b --- /dev/null +++ b/src/scripts/process_example.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +# Script to run as a systemd service in a loop + +while true; do +# echo "Service is running at $(date)" >> /tmp/service_example.log + echo "Service is running at $(date)" + sleep 5 +done \ No newline at end of file