public/malta-workshop
2
0
Fork 0
Code Pull Requests Activity

feat: split workshop setup into root and user services

Browse Source
This commit is contained in:
Michael Czechowski
2025-08-19 11:57:09 +02:00
parent 01c2a37070
commit 3761c28ed7
1 changed files with 45 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

79
common.nix
View File

@@ -286,12 +286,13 @@ isoConfig // {
dig dig
]; ];
# Workshop Setup Service - REFACTORED # REFACTORED: System Setup Service (Root Tasks)
systemd.services.workshop-abra-setup = { systemd.services.workshop-system-setup = {
description = "System-level checks for network, DNS, and Docker";
wantedBy = [ "multi-user.target" ]; wantedBy = [ "multi-user.target" ];
after = [ "network-online.target" "docker.service" "dnsmasq.service" ]; after = [ "network-online.target" "docker.service" "dnsmasq.service" ];
wants = [ "network-online.target" ]; wants = [ "network-online.target" ];
path = with pkgs; [ bash curl dnsutils docker gnugrep shadow coreutils wget ]; path = with pkgs; [ bash curl dnsutils docker gnugrep shadow coreutils ];
script = '' script = ''
# Wait for network and services # Wait for network and services
echo "Waiting for services to start..." echo "Waiting for services to start..."
@@ -302,7 +303,6 @@ isoConfig // {
fi fi
sleep 2 sleep 2
done done
# Test DNS resolution # Test DNS resolution
for i in {1..20}; do for i in {1..20}; do
if nslookup test.workshop.local 127.0.0.1 >/dev/null 2>&1; then if nslookup test.workshop.local 127.0.0.1 >/dev/null 2>&1; then
@@ -312,7 +312,6 @@ isoConfig // {
echo "🔄 Waiting for DNS... (attempt $i)" echo "🔄 Waiting for DNS... (attempt $i)"
sleep 2 sleep 2
done done
# Test Docker # Test Docker
for i in {1..10}; do for i in {1..10}; do
if docker info >/dev/null 2>&1; then if docker info >/dev/null 2>&1; then
@@ -321,25 +320,6 @@ isoConfig // {
fi fi
sleep 2 sleep 2
done done
# Install abra for workshop user - as root, to /usr/local/bin
if [ ! -f /usr/local/bin/abra ]; then
echo "🚀 Installing abra for root user..."
# Download and install abra directly to /usr/local/bin
curl -fsSL https://install.abra.coopcloud.tech | bash
if [ -f /usr/local/bin/abra ] && [ -x /usr/local/bin/abra ]; then
echo " abra installed successfully to /usr/local/bin/abra"
else
echo " abra installation failed."
echo "🔍 Debug: Contents of /usr/local/bin:"
ls -la /usr/local/bin/abra 2>/dev/null || echo "File not found"
fi
else
echo " abra already installed at /usr/local/bin/abra"
fi
# Initialize Docker Swarm # Initialize Docker Swarm
echo "🔄 Checking Docker Swarm status..." echo "🔄 Checking Docker Swarm status..."
if ! docker info | grep -q "Swarm: active"; then if ! docker info | grep -q "Swarm: active"; then
@@ -353,8 +333,7 @@ isoConfig // {
else else
echo " Docker Swarm already active." echo " Docker Swarm already active."
fi fi
# Ensure workshop user is in docker group
# Ensure workshop user is in docker group (we are root, can use usermod directly)
echo "🔄 Ensuring workshop user is in docker group..." echo "🔄 Ensuring workshop user is in docker group..."
usermod -aG docker workshop usermod -aG docker workshop
if id -nG workshop | grep -q "docker"; then if id -nG workshop | grep -q "docker"; then
@@ -362,13 +341,9 @@ isoConfig // {
else else
echo " Failed to add workshop user to docker group." echo " Failed to add workshop user to docker group."
fi fi
# Final DNS resolution test
# Set up autocomplete (skip this for now since we can't run as user easily)
# The bash init script will handle abra autocomplete on login
# Test final DNS resolution
if nslookup test.workshop.local 127.0.0.1; then if nslookup test.workshop.local 127.0.0.1; then
echo "🎉 All services ready!" echo "🎉 System services ready!"
else else
echo " DNS may need manual restart: systemctl restart dnsmasq" echo " DNS may need manual restart: systemctl restart dnsmasq"
fi fi
@@ -380,6 +355,42 @@ isoConfig // {
}; };
}; };
# NEW: Abra Installation Service (Workshop User Task)
systemd.services.workshop-abra-install = {
description = "Install abra CLI for the workshop user";
wantedBy = [ "multi-user.target" ];
# This service runs after the main system setup is complete
after = [ "workshop-system-setup.service" ];
wants = [ "workshop-system-setup.service" ];
path = with pkgs; [ bash curl coreutils ]; # Reduced path for user-specific needs
# This script now runs as the 'workshop' user, no 'sudo' needed
script = ''
# Check if abra is already installed
if [ -f /home/workshop/.local/bin/abra ]; then
echo " abra already installed."
exit 0
fi
echo "🚀 Installing abra for workshop user..."
# Create the target directory if it doesn't exist
mkdir -p /home/workshop/.local/bin
# Download and install abra directly into the user's local bin
curl -fsSL https://install.abra.coopcloud.tech | bash -s -- --install-dir /home/workshop/.local/bin
# Verify installation
if [ -f /home/workshop/.local/bin/abra ] && [ -x /home/workshop/.local/bin/abra ]; then
echo " abra installed successfully to /home/workshop/.local/bin/abra"
else
echo " abra installation failed."
fi
'';
# CRITICAL CHANGE: This service runs as the workshop user
serviceConfig = {
Type = "oneshot";
RemainAfterExit = true;
User = "workshop";
Group = "users"; # Or the primary group of the workshop user
};
};
# Enhanced Bash Configuration with All Features # Enhanced Bash Configuration with All Features
programs.bash.interactiveShellInit = programs.bash.interactiveShellInit =
let let
@@ -584,11 +595,11 @@ isoConfig // {
} }
abra-status() { abra-status() {
systemctl status workshop-abra-setup systemctl status workshop-abra-install
} }
abra-logs() { abra-logs() {
journalctl -u workshop-abra-setup -f journalctl -u workshop-abra-install -f
} }