From dd3fccdc76cc6db525c006bdf7f0a8aba30f5b09 Mon Sep 17 00:00:00 2001 From: Daniel Kukula Date: Sun, 17 Aug 2025 10:52:58 +0200 Subject: [PATCH] run as livebook user --- ct/livebook.sh | 11 +++-------- install/livebook-install.sh | 26 ++++++++++++++++++-------- misc/build.func | 3 ++- misc/install.func | 2 +- 4 files changed, 24 insertions(+), 18 deletions(-) diff --git a/ct/livebook.sh b/ct/livebook.sh index 3ed7697d..fa936b00 100755 --- a/ct/livebook.sh +++ b/ct/livebook.sh @@ -1,11 +1,11 @@ #!/usr/bin/env bash -source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/refs/heads/main/misc/build.func) +# source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/refs/heads/main/misc/build.func) +source <(curl -fsSL https://raw.githubusercontent.com/dkuku/ProxmoxVED/refs/heads/livebook/misc/build.func) # Copyright (c) 2021-2025 community-scripts ORG # Author: dkuku # License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE # Source: https://github.com/livebook-dev/livebook -echo -e "Loading..." APP="Livebook" var_tags="${var_tags:-development}" var_disk="${var_disk:-4}" @@ -33,11 +33,6 @@ function update_script() { msg_info "Checking for updates..." RELEASE=$(curl -fsSL https://api.github.com/repos/livebook-dev/livebook/releases/latest | grep "tag_name" | awk -F'"' '{print $4}') - if [[ -z "$RELEASE" ]]; then - msg_error "Failed to fetch latest version information" - exit 1 - fi - if [[ "${RELEASE}" != "$(cat /opt/${APP}_version.txt 2>/dev/null)" ]]; then msg_info "Updating ${APP} LXC" $STD apt-get update @@ -47,10 +42,10 @@ function update_script() { msg_info "Updating ${APP} to ${RELEASE}" source /opt/.env cd /opt || exit 1 - rm /opt/.mix/escripts/livebook mix escript.install hex livebook --force echo "$RELEASE" | $STD tee /opt/${APP}_version.txt >/dev/null + chown -R livebook:livebook /opt /data msg_ok "Successfully updated to ${RELEASE}" else diff --git a/install/livebook-install.sh b/install/livebook-install.sh index 7db27a3f..0ff20ee6 100644 --- a/install/livebook-install.sh +++ b/install/livebook-install.sh @@ -23,6 +23,10 @@ $STD apt-get install -y \ curl msg_ok "Installed Dependencies" +msg_info "Creating livebook user" +adduser --system --group --home /opt --shell /bin/bash livebook +msg_ok "Created livebook user" + msg_info "Installing Erlang and Elixir" mkdir -p /opt /data @@ -33,13 +37,9 @@ curl -fsSO https://elixir-lang.org/install.sh $STD sh install.sh elixir@latest otp@latest RELEASE=$(curl -fsSL https://api.github.com/repos/livebook-dev/livebook/releases/latest | grep "tag_name" | awk -F'"' '{print $4}') -# Get the actual installed versions from directory names ERLANG_VERSION=$(ls /opt/.elixir-install/installs/otp/ | head -n1) ELIXIR_VERSION=$(ls /opt/.elixir-install/installs/elixir/ | head -n1) -# TODO remove -echo "Found Erlang version: $ERLANG_VERSION" -echo "Found Elixir version: $ELIXIR_VERSION" export ERLANG_BIN="/opt/.elixir-install/installs/otp/$ERLANG_VERSION/bin" export ELIXIR_BIN="/opt/.elixir-install/installs/elixir/$ELIXIR_VERSION/bin" export PATH="$ERLANG_BIN:$ELIXIR_BIN:$PATH" @@ -48,7 +48,13 @@ $STD mix local.hex --force $STD mix local.rebar --force $STD mix escript.install hex livebook --force -# Create .env file with all environment variables +LIVEBOOK_PASSWORD=$(openssl rand -base64 18 | tr -dc 'a-zA-Z0-9' | head -c16) + +cat < /opt/livebook.creds +Livebook-Credentials +Livebook Password: $LIVEBOOK_PASSWORD +EOF + cat < /opt/.env export HOME=/opt export LIVEBOOK_VERSION=$RELEASE @@ -57,7 +63,7 @@ export ELIXIR_VERSION=$ELIXIR_VERSION export LIVEBOOK_PORT=8080 export LIVEBOOK_IP="::" export LIVEBOOK_HOME=/data -export LIVEBOOK_TOKEN_ENABLED=false +export LIVEBOOK_PASSWORD="$LIVEBOOK_PASSWORD" export ESCRIPTS_BIN=/opt/.mix/escripts export ERLANG_BIN="/opt/.elixir-install/installs/otp/\${ERLANG_VERSION}/bin" export ELIXIR_BIN="/opt/.elixir-install/installs/elixir/\${ELIXIR_VERSION}/bin" @@ -74,8 +80,8 @@ After=network.target [Service] Type=exec -User=root -Group=root +User=livebook +Group=livebook WorkingDirectory=/data EnvironmentFile=-/opt/.env ExecStart=/bin/bash -c 'source /opt/.env && cd /opt && livebook server' @@ -86,6 +92,10 @@ RestartSec=5 WantedBy=multi-user.target EOF +msg_info "Setting ownership and permissions" +chown -R livebook:livebook /opt /data +msg_ok "Set ownership and permissions" + systemctl enable -q --now livebook msg_ok "Installed Livebook" diff --git a/misc/build.func b/misc/build.func index c40a57bd..f72fb518 100644 --- a/misc/build.func +++ b/misc/build.func @@ -1438,7 +1438,8 @@ EOF' fi msg_ok "Customized LXC Container" - lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVED/main/install/${var_install}.sh)" + lxc-attach -n "$CTID" -- bash -c "$(curl -fsSL https://raw.githubusercontent.com/dkuku/ProxmoxVED/refs/heads/livebook/install/${var_install}.sh)" + } destroy_lxc() { diff --git a/misc/install.func b/misc/install.func index e3751c29..a75297aa 100644 --- a/misc/install.func +++ b/misc/install.func @@ -196,7 +196,7 @@ EOF systemctl restart $(basename $(dirname $GETTY_OVERRIDE) | sed 's/\.d//') msg_ok "Customized Container" fi - echo "bash -c \"\$(curl -fsSL https://github.com/community-scripts/ProxmoxVED/raw/main/ct/${app}.sh)\"" >/usr/bin/update + echo "bash -c \"\$(curl -fsSL https://github.com/dkuku/ProxmoxVED/refs/heads/livebook/ct/${app}.sh)\"" >/usr/bin/update chmod +x /usr/bin/update if [[ -n "${SSH_AUTHORIZED_KEY}" ]]; then mkdir -p /root/.ssh