From 1537b23aa4d50198b6b87e8db20d455574d809b3 Mon Sep 17 00:00:00 2001 From: Tecnotel Date: Mon, 20 Apr 2026 17:18:55 +0200 Subject: [PATCH] refactor(wizard): service gira da -pkg + auto-cleanup fine install Architettura precedente: - first-setup.sh copiava setup_server.py/setup.html/gen_config.py da /opt/argos-setup-pkg/ verso /opt/argos/setup/ - Service girava da /opt/argos/setup/ - Doppia cartella: git pull su -pkg non aggiornava il service Architettura nuova: - Service gira direttamente da /opt/argos-setup-pkg/ (nessuna copia) - A fine install _schedule_cleanup() lancia systemd-run --scope che: 1. attende 5s (permette risposta HTTP al browser) 2. stop+disable+rm argos-setup.service 3. chiude porta 8888 nel firewall 4. rm -rf /opt/argos-setup-pkg/ - Cartella /opt/argos/setup/ non viene piu' creata (rimossa da mkdir glob) --- first-setup.sh | 7 ++++--- setup_server.py | 53 +++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 57 insertions(+), 3 deletions(-) diff --git a/first-setup.sh b/first-setup.sh index 77bbb42..138bea9 100755 --- a/first-setup.sh +++ b/first-setup.sh @@ -80,10 +80,11 @@ success "Sudoers per restart servizi configurato" # ══════════════════════════════════════════════════════════════════════════════ section "4. Struttura cartelle" # ══════════════════════════════════════════════════════════════════════════════ -mkdir -p /opt/argos/{app,config,data,feeds,logs,certs,backups,setup} +mkdir -p /opt/argos/{app,config,data,feeds,logs,certs,backups} mkdir -p /opt/argos/config/assets mkdir -p /opt/argos/data/{reports,models} chown -R argos:argos /opt/argos +chown -R argos:argos /opt/argos-setup-pkg chmod -R 750 /opt/argos # /opt/argos/feeds: pubblicamente leggibili (FortiGate ETF via nginx/www-data) chmod 755 /opt/argos/feeds @@ -147,8 +148,8 @@ After=network.target [Service] Type=simple User=root -WorkingDirectory=/opt/argos/setup -ExecStart=/usr/bin/python3 /opt/argos/setup/setup_server.py +WorkingDirectory=/opt/argos-setup-pkg +ExecStart=/usr/bin/python3 /opt/argos-setup-pkg/setup_server.py Restart=on-failure RestartSec=3 StandardOutput=journal diff --git a/setup_server.py b/setup_server.py index a95c913..6e9f41c 100644 --- a/setup_server.py +++ b/setup_server.py @@ -448,6 +448,7 @@ def install(data): log("Porta 8888 chiusa — web installer disabilitato") log("=== INSTALLAZIONE COMPLETATA ===") + _schedule_cleanup() install_done = True # Spegni il processo dopo 8s (tempo per inviare la risposta al browser) @@ -668,6 +669,58 @@ class SetupHandler(BaseHTTPRequestHandler): self.wfile.write(body) + + +def _schedule_cleanup(): + """Schedula disabilitazione service argos-setup + rimozione /opt/argos-setup-pkg/. + + Usa systemd-run --scope per lanciare in background con delay, cosi' + questa funzione puo' ritornare prima che il cleanup inizi (altrimenti + il processo cancellerebbe se stesso sotto i piedi). + """ + import subprocess, shlex + script = r"""#!/bin/bash +# Attendi 5 secondi per permettere al service padre di rispondere all'ultima +# richiesta HTTP di stato e chiudere pulito. +sleep 5 + +# Disabilita e ferma il service argos-setup +systemctl stop argos-setup.service 2>/dev/null || true +systemctl disable argos-setup.service 2>/dev/null || true +rm -f /etc/systemd/system/argos-setup.service +systemctl daemon-reload + +# Chiudi porta 8888 nel firewall +ufw delete allow 8888/tcp 2>/dev/null || true + +# Rimuovi la cartella del pacchetto (auto-delete del codice corrente) +rm -rf /opt/argos-setup-pkg + +# Log +echo "argos-setup cleanup completato $(date -Iseconds)" >> /var/log/argos-setup-cleanup.log +""" + # Scrivi lo script in /tmp e lanciato via systemd-run detached + script_path = "/tmp/argos-setup-cleanup.sh" + try: + with open(script_path, "w") as f: + f.write(script) + import os + os.chmod(script_path, 0o755) + + # systemd-run lancia in uno scope separato: sopravvive al termine di questo processo + subprocess.Popen( + ["systemd-run", "--no-block", "--unit", "argos-setup-cleanup", + "--scope", "/bin/bash", script_path], + stdin=subprocess.DEVNULL, + stdout=subprocess.DEVNULL, + stderr=subprocess.DEVNULL, + start_new_session=True, + ) + log("Cleanup schedulato via systemd-run (delay 5s)") + except Exception as e: + log(f"Errore schedulazione cleanup: {e}") + + if __name__ == "__main__": print(f"\n{'='*55}") print(f" ARGOS SOC — Web Installer")