Fix sftpgo service

nethesis · Jan 21, 2025 · 8cd8d3d · 8cd8d3d
1 parent 64817e3
commit 8cd8d3d
Show file tree

Hide file tree

Showing 5 changed files with 28 additions and 29 deletions.
diff --git a/Containerfile b/Containerfile
@@ -35,4 +35,5 @@ LABEL org.nethserver.images="${REPOBASE}/nethvoice-mariadb:${IMAGETAG} \
     ${REPOBASE}/nethvoice-phonebook:${IMAGETAG} \
     docker.io/library/redis:7.0.10-alpine \
     ${REPOBASE}/nethvoice-reports-ui:${IMAGETAG} \
-    ${REPOBASE}/nethvoice-reports-api:${IMAGETAG}"
+    ${REPOBASE}/nethvoice-reports-api:${IMAGETAG} \
+    docker.io/drakkan/sftpgo:v2"
diff --git a/imageroot/actions/create-module/05setenvs b/imageroot/actions/create-module/05setenvs
@@ -79,8 +79,6 @@ agent.set_env('NETHCTI_TLS_PORT', port_list[23])
 agent.set_env('ASTERISK_SIP_PORT', port_list[24])
 agent.set_env('ASTERISK_SIPS_PORT', port_list[25])
 agent.set_env('ASTERISK_IAX_PORT', port_list[26])
-agent.set_env('ASTERISK_RECORDING_SFTP_PORT', port_list[27])
-
 
 # Set root password for MariaDB
 # MARIADB_ROOT_PASSWORD written to passwords.env
@@ -146,6 +144,7 @@ agent.set_env('REPORTS_API_PORT', port_list[28])
 # 'REPORTS_API_KEY' written to passwords.env
 # 'REPORTS_SECRET' written to passwords.env
 agent.set_env('REPORTS_UI_PORT', port_list[29])
+agent.set_env('ASTERISK_RECORDING_SFTP_PORT', port_list[30])
 
 # password file
 passwords = {

diff --git a/imageroot/actions/set-nethvoice-admin-password/20set_password b/imageroot/actions/set-nethvoice-admin-password/20set_password
@@ -6,6 +6,7 @@
 #
 
 import json
+import os
 import sys
 import agent
 import subprocess
@@ -14,26 +15,28 @@ mariadb_root_passwd = agent.read_envfile("passwords.env")['MARIADB_ROOT_PASSWORD
 
 request = json.load(sys.stdin)
 
-# change password in asterisk database if it isn't empty
-if request['nethvoice_admin_password']:
+# do nothing if the password is empty
+if not request['nethvoice_admin_password']:
+    sys.exit(0)
 
-	command = [
-    	"/usr/bin/podman", "exec", "-it", "mariadb",
-    	"mysql", "-uroot", f"-p{mariadb_root_passwd}", "asterisk",
-    	"-e",
-    	f"UPDATE ampusers SET password_sha1 = SHA1('{request['nethvoice_admin_password']}') WHERE username = 'admin';"
-	]
+command = [
+    "/usr/bin/podman", "exec", "-it", "mariadb",
+    "mysql", "-uroot", f"-p{mariadb_root_passwd}", "asterisk",
+    "-e",
+    f"UPDATE ampusers SET password_sha1 = SHA1('{request['nethvoice_admin_password']}') WHERE username = 'admin';"
+]
 
-	result = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
+result = subprocess.run(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
+if result.returncode != 0:
+    print(f"Failed to execute command: {result.stderr}")
+    sys.exit(1)
+
+# Restart sftpgo to apply the new password if is active
+active_check = subprocess.run(["systemctl", "--user", "is-active", "sftpgo.service"])
+if active_check.returncode == 0:
+	result = subprocess.run(["systemctl", "--user", "restart", "sftpgo.service"])
 	if result.returncode != 0:
-		print(f"Failed to execute command: {result.stderr}")
+		print(f"Failed to restart sftpgo: {result.stderr}")
 		sys.exit(1)
 
-# change password in sftpgo configuration
-result = subprocess.run(["bin/set-sftp-config"], stdout=subprocess.PIPE, stderr=subprocess.PIPE, text=True)
-if result.returncode != 0:
-	print(f"Failed to execute command: {result.stderr}")
-	sys.exit(1)
-
 sys.exit(0)
-
diff --git a/imageroot/bin/set-sftp-config b/imageroot/bin/set-sftp-config
@@ -13,13 +13,13 @@ with open(sftpgo_config_path, 'r') as file:
 	config = json.load(file)
 
 #update sftp server bind address port
-config['server']['protocols']['sftp']['bind_arrd'] = "0.0.0.0:" + os.environ['ASTERISK_RECORDING_SFTP_PORT']
+config['server']['protocols']['sftp']['bind_addr'] = "0.0.0.0:" + os.environ['ASTERISK_RECORDING_SFTP_PORT']
 
 # get NethVoice password from mariadb
 mariadb_root_passwd = agent.read_envfile("passwords.env")['MARIADB_ROOT_PASSWORD']
 command = [
 	"/usr/bin/podman", "exec", "-it", "mariadb",
-	"mysql", "-uroot", f"-p{mariadb_root_passwd}", "asterisk",
+	"mysql", "-B", "--silent", "-uroot", f"-p{mariadb_root_passwd}", " ",
 	"-e",
 	"SELECT password_sha1 FROM ampusers WHERE username = 'admin';"
 ]

diff --git a/imageroot/systemd/user/sftpgo.service b/imageroot/systemd/user/sftpgo.service
@@ -9,20 +9,16 @@ WorkingDirectory=%S/state
 Restart=always
 TimeoutStopSec=70
 ExecStartPre=/bin/rm -f %t/sftpgo.pid %t/sftpgo.ctr-id
+ExecStartPre=runagent %S/bin/set-sftp-config
 ExecStart=/usr/bin/podman run --conmon-pidfile %t/sftpgo.pid \
     --cidfile %t/sftpgo.ctr-id --cgroups=no-conmon \
     --replace \
     --detach \
     --name sftpgo \
-    --volume moh:/srv/sftpgo/data:z \
+    --volume moh:/srv/sftpgo/moh:z \
     --volume sftpgo_config:/var/lib/sftpgo:Z \
-    --volume %S/state/sftpgo.conf.d/admin.json:/etc/sftpgo/admin.json:Z \
-    --env SFTPGO_LOADDATA_FROM=/etc/sftpgo/admin.json \
-    --env SFTPGO_HTTPD__WEB_ROOT=${TRAEFIK_PATH}\
-	--env-file=%S/state/passwords.env \
-    --user 0:0 \
+    --volume %S/state/sftpgo.conf.d/:/etc/sftpgo/:Z \
     ${SFTPGO_IMAGE}
-ExecStartPost=/usr/bin/bash -c "while [[ $(curl --request GET --url http://localhost:${SFTPGO_TCP_PORT}/healthz --header 'Accept: text/plain; charset=utf-8') != ok ]]; do sleep 3 ; done"
 ExecStop=/usr/bin/podman stop --ignore --cidfile %t/sftpgo.ctr-id -t 10
 ExecStopPost=/usr/bin/podman rm --ignore -f --cidfile %t/sftpgo.ctr-id
 PIDFile=%t/sftpgo.pid