Browse Source

Make sudo required for commands, try to sync network key between conf and settings

Joachim M. Giæver 4 years ago
parent
commit
89849a9b0f
7 changed files with 67 additions and 35 deletions
  1. 2 1
      snap/snapcraft.yaml
  2. 11 6
      src/bin/daemonize
  3. 7 1
      src/bin/de-daemonize
  4. 16 26
      src/bin/env-wrapper
  5. 6 0
      src/bin/restart
  6. 24 0
      src/hooks/configure
  7. 1 1
      src/hooks/install

+ 2 - 1
snap/snapcraft.yaml

@@ -65,6 +65,8 @@ parts:
     build-packages:
       - gcc
       - build-essential
+    stage-snaps:
+      - jq
     stage-packages:
       - git
     override-build: |
@@ -79,7 +81,6 @@ parts:
       - -usr/lib/zwavejs2mqtt/kustomization.yaml
       - -usr/lib/zwavejs2mqtt/docker
       - -usr/lib/zwavejs2mqtt/.dockerignore
-      - -usr/lib/zwavejs2mqtt/.git*
       - -usr/lib/zwavejs2mqtt/.markdown*
   nodejs:
     plugin: dump

+ 11 - 6
src/bin/daemonize

@@ -1,13 +1,18 @@
 #!/usr/bin/env bash
 
+if [ $(id -u) -ne 0 ]; then
+    echo "Run as root" >&2
+    exit 1
+fi
+
 if ! snapctl is-connected raw-usb; then
-    echo "Failed to enable ${SNAP_NAME} service!"
+    echo "Failed to enable ${SNAP_NAME} service!" >&2
     echo ""
-    echo "Consult the help command:"
-    echo "${SNAP_NAME}.exec --help"
+    echo "Consult the help command:" >&2
+    echo "${SNAP_NAME}.help" >&2
     echo ""
-    echo "Ensure ${SNAP_NAME} is booting successfully before daemonize it"
-    echo "by running the app manually (remove the --help flag)."
+    echo "Ensure ${SNAP_NAME} is booting successfully before daemonize it" >&2
+    echo "by running the app manually (${SNAP_NAME}.exec)." >&2
     exit 1
 fi
 
@@ -19,5 +24,5 @@ if [ $? -eq 0 ]; then
     exit 0
 fi
 
-echo "Failed enabling service"
+echo "Failed enabling service" >&2
 exit 1

+ 7 - 1
src/bin/de-daemonize

@@ -1,9 +1,15 @@
 #!/usr/bin/env bash
+
+if [ $(id -u) -ne 0 ]; then
+    echo "Run as root" >&2
+    exit 1
+fi
+
 snapctl stop --disable "${SNAP_NAME}.${SNAP_NAME}"
 
 if [ $? -eq 0 ]; then
     echo "Service ${SNAP_NAME} disabled."
     exit 0
 fi
-echo "Failed disabling ${SNAP_NAME} service"
+echo "Failed disabling ${SNAP_NAME} service" >&2
 exit 1

+ 16 - 26
src/bin/env-wrapper

@@ -20,39 +20,29 @@ if ! snapctl is-connected raw-usb; then
     exit 1
 fi
 
-export USB_PATH=$(snapctl get usb-path)
+export NETWORK_KEY=$(snapctl get network.key)
+
+if [ -f "${SNAP_DATA}/settings.json" ]; then
+    SETTINGS_KEY=$(jq '.zwave.networkKey' -r ${SNAP_DATA}/settings.json)
+    if [ "${SETTINGS_KEY}" != "" ] && [ "${NETWORK_KEY}" != "${SETTINGS_KEY}" ]; then
+        snapctl set network.key="${SETTINGS_KEY}"
+        export NETWORK_KEY="${SETTINGS_KEY}"
+    fi
+fi
+
 export SERVER_SSL=$(snapctl get server.ssl)
 export SERVER_HOST=$(snapctl get server.host)
 export SERVER_PORT=$(snapctl get server.port)
-
 export SERVER_URL=$(snapctl get server.url)
-export SERVER_WS_URL=$(snapctl get server.url)
+export SERVER_WS_URL=$(snapctl get server.ws-url)
 
 OPT_HELP=false
 
-if [ $(snapctl services "${SNAP_NAME}" | grep inactive | wc -l) -eq 0 -a ${OPT_HELP} = false ]; then
-    echo ""
-    for ARG in "${ARGV[@]}"; do
-        shift
-        if [ "${ARG}" = "--exec" ]; then
-            lprint "Service already running, showing help text."
-            lprint "Use: 'snap stop ${SNAP_NAME}' to stop the service and'"
-            lprint "to execute the ${SNAP_NAME} manually"
-            OPT_HELP=true
-            continue
-        fi
-        set -- "$@" "${ARG}"
-    done
+if [ "${1}" = "--help" ]; then
+    OPT_HELP=true
 fi
 
-
-if [ ${OPT_HELP} = false ]; then
-    if [ ! -c "${USB_PATH}" ]; then 
-        lprint "usb-path (${USB_PATH}) does not exist, or is not a Character Device."
-        lprint "See: snap get ${SNAP_NAME} -d usb-path"
-        exit 1
-    fi
-else
+if [ ${OPT_HELP} = true ]; then
     echo "Zwavejs2mqtt ($ ($ 1 --version))"
     echo ""
     echo "IMPORTANT! The DAEMON/SERVICE is disabled by default after installation." 
@@ -63,7 +53,7 @@ else
     echo "But first set your configuration as descrived below"
     echo ""
     echo "Base configuration values:"
-    echo "- usb-path:               $(snapctl get "usb-path")"
+    echo "- network.key:               $(snapctl get network.key)"
     echo "Server configuration values: $(snapctl get server -d)"
     echo ""
     echo "- server.ssl: Use secure communication"
@@ -75,7 +65,7 @@ else
     echo "Set options with:         $ snap set ${SNAP_NAME} param=key"
     echo "For example:              $ snap set ${SNAP_NAME} server.host=0.0.0.0"
     echo ""
-    echo "Also see 'snap info ${SNAP_NAME}' for information about secure devices."
+    echo "Also see 'snap info ${SNAP_NAME}'."
     echo ""
     echo "Follow the log with"
     echo "$ snap logs ${SNAP_NAME} -f"

+ 6 - 0
src/bin/restart

@@ -1,3 +1,9 @@
 #!/usr/bin/env bash
 set -e
+
+if [ $(id -u) -ne 0 ]; then
+    echo "Run as root!" >&2
+    exit 1
+fi
+
 snapctl restart "${SNAP_NAME}.${SNAP_NAME}"

+ 24 - 0
src/hooks/configure

@@ -3,7 +3,31 @@
 set -e
 # silence is golden.
 
+SERVER_SSL=$(snapctl get server.ssl)
+SERVER_PORT=$(snapctl get server.port)
+
+if [ $(echo "${SERVER_PORT}" | grep -E "^\-?[0-9]+$") = "" ]; then
+    echo "Port must be numeric, got ${SERVER_PORT}" >&2
+    exit 1
+fi
+
+if [ ${SERVER_SSL} != true -a ${SERVER_SSL} != false ]; then
+    echo "server.ssl must be boolean value" >&2
+    exit 1
+fi
+
+NETWORK_KEY=$(snapctl get network.key)
+
+if [ ! -f "${SNAP_DATA}/settings.json" ]; then
+    echo "{}" > ${SNAP_DATA}/settings.json
+fi
+
+jq --arg networkKey "${NETWORK_KEY}" '.zwave.networkKey = $networkKey' $SNAP_DATA/settings.json > $SNAP_DATA/tmp.json
+cat ${SNAP_DATA}/tmp.json > ${SNAP_DATA}/settings.json
+rm ${SNAP_DATA}/tmp.json
+
 RUNNING=$(snapctl services | grep "${SNAP_NAME}" | grep inactive | wc -l)
 if [ ${RUNNING} -eq 0 ]; then
+    echo "Restarting ${SNAP_NAME}"
     snapctl restart "${SNAP_NAME}"
 fi

+ 1 - 1
src/hooks/install

@@ -2,7 +2,7 @@
 
 set -e
 
-snapctl set usb-path="/dev/ttyACM0"
+snapctl set network.key="$(cat /dev/urandom | LC_ALL=C tr -dc '0-9A-F' | fold -w 32 | head -n 1)"
 snapctl set server.ssl=false
 snapctl set server.host="localhost"
 snapctl set server.port="8091"