community-scripts/ProxmoxVED
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enhance cleanup of keyrings and repo configs for tools
Some checks failed
Bump build.func Revision / bump-revision (push) Has been cancelled
Details

Browse Source 
Expanded the removal of GPG keyrings and repository configuration files for MariaDB, MySQL, MongoDB, Node.js, PHP, PostgreSQL, Java (Adoptium), and ClickHouse in both removal and setup functions. This ensures all possible keyring locations are cleaned before new installations, reducing risk of conflicts and improving idempotency. Also improved PHP-FPM service cleanup and added version verification for MongoDB setup.
This commit is contained in:
CanbiZ 2025-11-04 13:24:44 +01:00
parent f55fa4f60e
commit 03bf6dadf1
1 changed files with 128 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

152
misc/tools.func
View File

@ -112,55 +112,101 @@ remove_old_tool_version() {
mariadb) mariadb)
$STD systemctl stop mariadb >/dev/null 2>&1 || true $STD systemctl stop mariadb >/dev/null 2>&1 || true
$STD apt purge -y 'mariadb*' >/dev/null 2>&1 || true $STD apt purge -y 'mariadb*' >/dev/null 2>&1 || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/mariadb*.gpg \
/etc/apt/keyrings/mariadb*.gpg \
/etc/apt/trusted.gpg.d/mariadb*.gpg 2>/dev/null || true
;; ;;
mysql) mysql)
$STD systemctl stop mysql >/dev/null 2>&1 || true $STD systemctl stop mysql >/dev/null 2>&1 || true
$STD apt purge -y 'mysql*' >/dev/null 2>&1 || true $STD apt purge -y 'mysql*' >/dev/null 2>&1 || true
rm -rf /var/lib/mysql >/dev/null 2>&1 || true rm -rf /var/lib/mysql 2>/dev/null || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/mysql*.gpg \
/etc/apt/keyrings/mysql*.gpg \
/etc/apt/trusted.gpg.d/mysql*.gpg 2>/dev/null || true
;; ;;
mongodb) mongodb)
$STD systemctl stop mongod >/dev/null 2>&1 || true $STD systemctl stop mongod >/dev/null 2>&1 || true
$STD apt purge -y 'mongodb*' >/dev/null 2>&1 || true $STD apt purge -y 'mongodb*' >/dev/null 2>&1 || true
rm -rf /var/lib/mongodb >/dev/null 2>&1 || true rm -rf /var/lib/mongodb 2>/dev/null || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/mongodb*.gpg \
/etc/apt/keyrings/mongodb*.gpg \
/etc/apt/trusted.gpg.d/mongodb*.gpg 2>/dev/null || true
;; ;;
node | nodejs) node | nodejs)
$STD apt purge -y nodejs npm >/dev/null 2>&1 || true $STD apt purge -y nodejs npm >/dev/null 2>&1 || true
npm list -g 2>/dev/null | grep -oE '^ \S+' | awk '{print $1}' | while read -r module; do # Clean up npm global modules
npm uninstall -g "$module" >/dev/null 2>&1 || true if command -v npm >/dev/null 2>&1; then
done npm list -g 2>/dev/null | grep -oE '^ \S+' | awk '{print $1}' | while read -r module; do
npm uninstall -g "$module" >/dev/null 2>&1 || true
done
fi
# Clean up nvm installations and npm caches
rm -rf "$HOME/.nvm" "$HOME/.npm" "$HOME/.bower" "$HOME/.config/yarn" 2>/dev/null || true
sed -i '/NVM_DIR/d' "$HOME/.bashrc" "$HOME/.profile" 2>/dev/null || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/nodesource*.gpg \
/etc/apt/keyrings/nodesource*.gpg \
/etc/apt/trusted.gpg.d/nodesource*.gpg 2>/dev/null || true
;; ;;
php) php)
# Disable PHP-FPM if running # Stop and disable ALL PHP-FPM versions
$STD systemctl disable php*-fpm >/dev/null 2>&1 || true for fpm_service in $(systemctl list-units --type=service --all | grep -oE 'php[0-9]+\.[0-9]+-fpm' | sort -u); do
$STD systemctl stop php*-fpm >/dev/null 2>&1 || true $STD systemctl stop "$fpm_service" >/dev/null 2>&1 || true
$STD systemctl disable "$fpm_service" >/dev/null 2>&1 || true
done
$STD apt purge -y 'php*' >/dev/null 2>&1 || true $STD apt purge -y 'php*' >/dev/null 2>&1 || true
rm -rf /etc/php >/dev/null 2>&1 || true rm -rf /etc/php 2>/dev/null || true
# Clean up ALL keyring locations (Sury PHP)
rm -f /usr/share/keyrings/deb.sury.org-php.gpg \
/usr/share/keyrings/php*.gpg \
/etc/apt/keyrings/php*.gpg \
/etc/apt/trusted.gpg.d/php*.gpg 2>/dev/null || true
;; ;;
postgresql) postgresql)
$STD systemctl stop postgresql >/dev/null 2>&1 || true $STD systemctl stop postgresql >/dev/null 2>&1 || true
$STD apt purge -y 'postgresql*' >/dev/null 2>&1 || true $STD apt purge -y 'postgresql*' >/dev/null 2>&1 || true
rm -rf /var/lib/postgresql >/dev/null 2>&1 || true # Keep data directory for safety (can be removed manually if needed)
# rm -rf /var/lib/postgresql 2>/dev/null || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/postgresql*.gpg \
/usr/share/keyrings/pgdg*.gpg \
/etc/apt/keyrings/postgresql*.gpg \
/etc/apt/keyrings/pgdg*.gpg \
/etc/apt/trusted.gpg.d/postgresql*.gpg \
/etc/apt/trusted.gpg.d/pgdg*.gpg 2>/dev/null || true
;;
java)
$STD apt purge -y 'temurin*' 'adoptium*' 'openjdk*' >/dev/null 2>&1 || true
# Clean up ALL keyring locations (Adoptium)
rm -f /usr/share/keyrings/adoptium*.gpg \
/etc/apt/keyrings/adoptium*.gpg \
/etc/apt/trusted.gpg.d/adoptium*.gpg 2>/dev/null || true
;; ;;
ruby) ruby)
if [[ -d "$HOME/.rbenv" ]]; then rm -rf "$HOME/.rbenv" 2>/dev/null || true
rm -rf "$HOME/.rbenv"
fi
$STD apt purge -y 'ruby*' >/dev/null 2>&1 || true $STD apt purge -y 'ruby*' >/dev/null 2>&1 || true
;; ;;
rust) rust)
rm -rf "$HOME/.cargo" "$HOME/.rustup" >/dev/null 2>&1 || true rm -rf "$HOME/.cargo" "$HOME/.rustup" 2>/dev/null || true
;; ;;
go | golang) go | golang)
rm -rf /usr/local/go >/dev/null 2>&1 || true rm -rf /usr/local/go 2>/dev/null || true
;; ;;
clickhouse) clickhouse)
$STD systemctl stop clickhouse-server >/dev/null 2>&1 || true $STD systemctl stop clickhouse-server >/dev/null 2>&1 || true
$STD apt purge -y 'clickhouse*' >/dev/null 2>&1 || true $STD apt purge -y 'clickhouse*' >/dev/null 2>&1 || true
rm -rf /var/lib/clickhouse >/dev/null 2>&1 || true rm -rf /var/lib/clickhouse 2>/dev/null || true
# Clean up ALL keyring locations
rm -f /usr/share/keyrings/clickhouse*.gpg \
/etc/apt/keyrings/clickhouse*.gpg \
/etc/apt/trusted.gpg.d/clickhouse*.gpg 2>/dev/null || true
;; ;;
esac esac
# Clean up old repositories # Clean up old repository files (both .list and .sources)
cleanup_old_repo_files "$repo_name" cleanup_old_repo_files "$repo_name"
return 0 return 0
@ -2515,9 +2561,14 @@ function setup_java() {
DISTRO_CODENAME=$(awk -F= '/VERSION_CODENAME/ { print $2 }' /etc/os-release) DISTRO_CODENAME=$(awk -F= '/VERSION_CODENAME/ { print $2 }' /etc/os-release)
local DESIRED_PACKAGE="temurin-${JAVA_VERSION}-jdk" local DESIRED_PACKAGE="temurin-${JAVA_VERSION}-jdk"
# Clean up ALL old Adoptium repo configs and keyrings before setup
cleanup_old_repo_files "adoptium"
rm -f /usr/share/keyrings/adoptium*.gpg \
/etc/apt/keyrings/adoptium*.gpg \
/etc/apt/trusted.gpg.d/adoptium*.gpg 2>/dev/null || true
# Add repo if needed # Add repo if needed
if [[ ! -f /etc/apt/sources.list.d/adoptium.sources ]]; then if [[ ! -f /etc/apt/sources.list.d/adoptium.sources ]]; then
cleanup_old_repo_files "adoptium"
local SUITE local SUITE
SUITE=$(get_fallback_suite "$DISTRO_ID" "$DISTRO_CODENAME" "https://packages.adoptium.net/artifactory/deb") SUITE=$(get_fallback_suite "$DISTRO_ID" "$DISTRO_CODENAME" "https://packages.adoptium.net/artifactory/deb")
setup_deb822_repo \ setup_deb822_repo \
@ -2761,6 +2812,12 @@ setup_mariadb() {
# Scenario 3: Fresh install or version change # Scenario 3: Fresh install or version change
msg_info "Setup MariaDB $MARIADB_VERSION" msg_info "Setup MariaDB $MARIADB_VERSION"
# Clean up ALL old MariaDB repo configs and keyrings before setup
cleanup_old_repo_files "mariadb"
rm -f /usr/share/keyrings/mariadb*.gpg \
/etc/apt/keyrings/mariadb*.gpg \
/etc/apt/trusted.gpg.d/mariadb*.gpg 2>/dev/null || true
# Ensure APT is working before proceeding # Ensure APT is working before proceeding
ensure_apt_working || return 1 ensure_apt_working || return 1
@ -2877,6 +2934,12 @@ function setup_mongodb() {
cleanup_orphaned_sources cleanup_orphaned_sources
# Clean up ALL old MongoDB repo configs and keyrings before setup
cleanup_old_repo_files "mongodb"
rm -f /usr/share/keyrings/mongodb*.gpg \
/etc/apt/keyrings/mongodb*.gpg \
/etc/apt/trusted.gpg.d/mongodb*.gpg 2>/dev/null || true
# Setup repository # Setup repository
manage_tool_repository "mongodb" "$MONGO_VERSION" "$MONGO_BASE_URL" \ manage_tool_repository "mongodb" "$MONGO_VERSION" "$MONGO_BASE_URL" \
"https://www.mongodb.org/static/pgp/server-${MONGO_VERSION}.asc" || { "https://www.mongodb.org/static/pgp/server-${MONGO_VERSION}.asc" || {
@ -2896,6 +2959,12 @@ function setup_mongodb() {
return 1 return 1
} }
# Verify MongoDB was installed correctly
if ! command -v mongod >/dev/null 2>&1; then
msg_error "MongoDB binary not found after installation"
return 1
fi
mkdir -p /var/lib/mongodb mkdir -p /var/lib/mongodb
chown -R mongodb:mongodb /var/lib/mongodb chown -R mongodb:mongodb /var/lib/mongodb
@ -2903,8 +2972,15 @@ function setup_mongodb() {
msg_warn "Failed to enable mongod service" msg_warn "Failed to enable mongod service"
} }
safe_service_restart mongod safe_service_restart mongod
cache_installed_version "mongodb" "$MONGO_VERSION"
# Verify MongoDB version
local INSTALLED_VERSION
INSTALLED_VERSION=$(mongod --version 2>/dev/null | grep -oP 'db version v\K[0-9]+\.[0-9]+' | head -n1 || echo "0.0")
if [[ "${INSTALLED_VERSION%%.*}" != "${MONGO_VERSION%%.*}" ]]; then
msg_warn "MongoDB version mismatch: expected $MONGO_VERSION, got $INSTALLED_VERSION"
fi
cache_installed_version "mongodb" "$MONGO_VERSION"
msg_ok "Setup MongoDB $MONGO_VERSION" msg_ok "Setup MongoDB $MONGO_VERSION"
} }
@ -2952,12 +3028,16 @@ function setup_mysql() {
msg_info "Setup MySQL $MYSQL_VERSION" msg_info "Setup MySQL $MYSQL_VERSION"
fi fi
# Clean up ALL old MySQL repo configs and keyrings before setup
cleanup_old_repo_files "mysql"
rm -f /usr/share/keyrings/mysql*.gpg \
/etc/apt/keyrings/mysql*.gpg \
/etc/apt/trusted.gpg.d/mysql*.gpg 2>/dev/null || true
# Debian 13+ Fix: MySQL 8.0 incompatible with libaio1t64, use 8.4 LTS # Debian 13+ Fix: MySQL 8.0 incompatible with libaio1t64, use 8.4 LTS
if [[ "$DISTRO_ID" == "debian" && "$DISTRO_CODENAME" =~ ^(trixie|forky|sid)$ ]]; then if [[ "$DISTRO_ID" == "debian" && "$DISTRO_CODENAME" =~ ^(trixie|forky|sid)$ ]]; then
msg_info "Debian ${DISTRO_CODENAME} detected → using MySQL 8.4 LTS (libaio1t64 compatible)" msg_info "Debian ${DISTRO_CODENAME} detected → using MySQL 8.4 LTS (libaio1t64 compatible)"
cleanup_old_repo_files "mysql"
if ! curl -fsSL https://repo.mysql.com/RPM-GPG-KEY-mysql-2023 | gpg --dearmor -o /etc/apt/keyrings/mysql.gpg 2>/dev/null; then if ! curl -fsSL https://repo.mysql.com/RPM-GPG-KEY-mysql-2023 | gpg --dearmor -o /etc/apt/keyrings/mysql.gpg 2>/dev/null; then
msg_error "Failed to import MySQL GPG key" msg_error "Failed to import MySQL GPG key"
return 1 return 1
@ -3300,14 +3380,23 @@ function setup_php() {
# Scenario 2: Different version installed - clean upgrade # Scenario 2: Different version installed - clean upgrade
if [[ -n "$CURRENT_PHP" && "$CURRENT_PHP" != "$PHP_VERSION" ]]; then if [[ -n "$CURRENT_PHP" && "$CURRENT_PHP" != "$PHP_VERSION" ]]; then
msg_info "Upgrade PHP from $CURRENT_PHP to $PHP_VERSION" msg_info "Upgrade PHP from $CURRENT_PHP to $PHP_VERSION"
# Stop old PHP-FPM if running # Stop and disable ALL PHP-FPM versions (not just current one)
$STD systemctl stop "php${CURRENT_PHP}-fpm" >/dev/null 2>&1 || true for fpm_service in $(systemctl list-units --type=service --all 2>/dev/null | grep -oE 'php[0-9]+\.[0-9]+-fpm' | sort -u); do
$STD systemctl disable "php${CURRENT_PHP}-fpm" >/dev/null 2>&1 || true $STD systemctl stop "$fpm_service" >/dev/null 2>&1 || true
$STD systemctl disable "$fpm_service" >/dev/null 2>&1 || true
done
remove_old_tool_version "php" remove_old_tool_version "php"
else else
msg_info "Setup PHP $PHP_VERSION" msg_info "Setup PHP $PHP_VERSION"
fi fi
# Clean up ALL old PHP repo configs and keyrings before setup
cleanup_old_repo_files "php"
rm -f /usr/share/keyrings/deb.sury.org-php.gpg \
/usr/share/keyrings/php*.gpg \
/etc/apt/keyrings/php*.gpg \
/etc/apt/trusted.gpg.d/php*.gpg 2>/dev/null || true
# Setup Sury repository # Setup Sury repository
manage_tool_repository "php" "$PHP_VERSION" "" "https://packages.sury.org/debsuryorg-archive-keyring.deb" || { manage_tool_repository "php" "$PHP_VERSION" "" "https://packages.sury.org/debsuryorg-archive-keyring.deb" || {
msg_error "Failed to setup PHP repository" msg_error "Failed to setup PHP repository"
@ -3441,6 +3530,15 @@ function setup_postgresql() {
# Scenario 3: Fresh install or after removal - setup repo and install # Scenario 3: Fresh install or after removal - setup repo and install
cleanup_old_repo_files "pgdg" cleanup_old_repo_files "pgdg"
cleanup_old_repo_files "postgresql"
# Clean up ALL old PostgreSQL repo configs and keyrings before setup
rm -f /usr/share/keyrings/postgresql*.gpg \
/usr/share/keyrings/pgdg*.gpg \
/etc/apt/keyrings/postgresql*.gpg \
/etc/apt/keyrings/pgdg*.gpg \
/etc/apt/trusted.gpg.d/postgresql*.gpg \
/etc/apt/trusted.gpg.d/pgdg*.gpg 2>/dev/null || true
local SUITE local SUITE
case "$DISTRO_CODENAME" in case "$DISTRO_CODENAME" in
@ -3798,6 +3896,12 @@ function setup_clickhouse() {
ensure_dependencies apt-transport-https ca-certificates dirmngr gnupg ensure_dependencies apt-transport-https ca-certificates dirmngr gnupg
# Clean up ALL old ClickHouse repo configs and keyrings before setup
cleanup_old_repo_files "clickhouse"
rm -f /usr/share/keyrings/clickhouse*.gpg \
/etc/apt/keyrings/clickhouse*.gpg \
/etc/apt/trusted.gpg.d/clickhouse*.gpg 2>/dev/null || true
# Setup repository (ClickHouse uses 'stable' suite) # Setup repository (ClickHouse uses 'stable' suite)
setup_deb822_repo \ setup_deb822_repo \
"clickhouse" \ "clickhouse" \