From 22d18ae4dd9e7382e846e745a3f53055dcdc5120 Mon Sep 17 00:00:00 2001
From: Clemens Schwaighofer <clemens.schwaighofer@egplusww.com>
Date: Fri, 4 Jul 2025 10:14:33 +0900
Subject: [PATCH] Add a base setup script, update all other scripts with better
 command run

Commands are set as array and run from them (array unbpack)
---
 bin/base_setup.sh | 56 +++++++++++++++++++++++++++++++++++++++++++++++
 bin/git_pull.sh   | 17 +++++++++-----
 bin/init.sh       | 28 +++++++++++++++---------
 bin/new_clone.sh  | 12 +++++++++-
 4 files changed, 97 insertions(+), 16 deletions(-)
 create mode 100644 bin/base_setup.sh

diff --git a/bin/base_setup.sh b/bin/base_setup.sh
new file mode 100644
index 0000000..44bdc7f
--- /dev/null
+++ b/bin/base_setup.sh
@@ -0,0 +1,56 @@
+#!/usr/bin/env bash
+
+# AUTHOR: Clemens Schwaighofer
+# DATE: 2025/7/4
+# DESC: Initial setup of the webhook clone folder structure
+
+BASE_FOLDER=$(dirname "$(readlink -f "$0")")"/";
+CONFIG_BASE="${BASE_FOLDER}../config/";
+if [ -f "${CONFIG_BASE}webhook.cfg" ]; then
+	# shellcheck source=../config/webhook.cfg"
+	# shellcheck disable=SC1091
+	source <(grep "=" "${CONFIG_BASE}webhook.cfg" | sed 's/ *= */=/g')
+fi;
+
+# Define base folders
+CLONE_BASE="clone-base/"
+LOG_FOLDER="log/"
+SCRIPT_FOLDER="scripts/"
+WWW_WEBHOOK_INCOMING="/www/webhook-incoming";
+WWW_ADMIN="/www/admin";
+
+# add trailing slash if missing
+GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/"
+
+if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then
+	echo "Base folder already exists, update check";
+	exit;
+else
+	echo "=> Create new folder structure";
+	echo "+ Add user ${WWW_GROUP}:${SUDO_USER} with base folder ${GIT_REPOSITORY_FOLDER}";
+	# User for sudo
+	useradd -d "${GIT_REPOSITORY_FOLDER}" -m -s /usr/sbin/nologin -G "${WWW_GROUP}" "${SUDO_USER}"
+	setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}"
+	setfacl -m g:"${WWW_GROUP}":r.x -R "${GIT_REPOSITORY_FOLDER}"
+	# SSH
+	echo "+ Add .ssh folder"
+	sudo -u "${SUDO_USER}" mkdir "${GIT_REPOSITORY_FOLDER}"/.ssh/
+	sudo -u "${SUDO_USER}" touch "${GIT_REPOSITORY_FOLDER}"/.ssh/config
+	sudo -u "${SUDO_USER}" chmod 700 "${GIT_REPOSITORY_FOLDER}"/.ssh/
+	sudo -u "${SUDO_USER}" chmod 600 "${GIT_REPOSITORY_FOLDER}"/.ssh/config
+	# All other FOLDER
+	echo "+ Other folders for clone base: ${CLONE_BASE}, logs, scripts, www/webhook-incoming"
+	sudo -u "${SUDO_USER}" \
+		mkdir -p \
+		"${GIT_REPOSITORY_FOLDER}${CLONE_BASE}" \
+		"${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${SCRIPT_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_WEBHOOK_INCOMING}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_ADMIN}";
+	setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	setfacl -d -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	setfacl -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	setfacl -d -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+fi;
+
+# __END__
diff --git a/bin/git_pull.sh b/bin/git_pull.sh
index 543f858..a6aa533 100755
--- a/bin/git_pull.sh
+++ b/bin/git_pull.sh
@@ -1,6 +1,8 @@
 #!/usr/bin/env bash
 
-# fetch and merge from a remote repositry
+# AUTHOR: Clemens Schwaighofer
+# DATE: 2025/6/27
+# DESC: fetch and merge from a remote repositry
 
 REPOSITORY="$1";
 BRANCH="$2";
@@ -8,7 +10,6 @@ REMOTE="$3";
 if [ -n "${REMOTE}" ]; then
 	REMOTE="origin"
 fi;
-# BASE_FOLDER="${HOME}/tmp/git-clone/";
 BASE_FOLDER=$(dirname "$(readlink -f "$0")")"/";
 # shellcheck source=init.sh
 . "${BASE_FOLDER}init.sh";
@@ -22,11 +23,17 @@ fi;
 LOG_FILE="${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}${REPOSITORY}.log";
 
 # fetch to null
-${GIT_COMMAND} -C "${REPOSITORY_PATH}" fetch -q "${REMOTE}" "${BRANCH}";
-changes=$(${GIT_COMMAND} -C "${REPOSITORY_PATH}" diff --stat HEAD "${REMOTE}"/"${BRANCH}");
+# ${GIT_COMMAND} -C "${REPOSITORY_PATH}" fetch -q "${REMOTE}" "${BRANCH}";
+GIT_COMMAND=("${GIT_COMMAND_BASE[@]}" "-C" "${REPOSITORY_PATH}" "fetch" "-q" "${REMOTE}" "${BRANCH}")
+"${GIT_COMMAND[@]}"
+GIT_COMMAND=("${GIT_COMMAND_BASE[@]}" "-C" "${REPOSITORY_PATH}" "diff" "--stat" "HEAD" "${REMOTE}/${BRANCH}")
+# changes=$(${GIT_COMMAND_BASE} -C "${REPOSITORY_PATH}" diff --stat HEAD "${REMOTE}"/"${BRANCH}");
+changes=$("${GIT_COMMAND[@]}")
 if [ -n "${changes}" ]; then
 	echo "[$(date +"%Y-%m-%d %H:%M:%S")] Changes" &>> "$LOG_FILE";
-	${GIT_COMMAND} -C "/${REPOSITORY_PATH}" merge "${REMOTE}"/"${BRANCH}"
+	# ${GIT_COMMAND_BASE} -C "/${REPOSITORY_PATH}" merge "${REMOTE}"/"${BRANCH}"
+	GIT_COMMAND=("${GIT_COMMAND_BASE[@]}" "-C" "${REPOSITORY_PATH}" merge "${REMOTE}/${BRANCH}")
+	"${GIT_COMMAND[@]}" &>> "$LOG_FILE";
 	echo "=[END]===>" &>> "$LOG_FILE";
 fi;
 
diff --git a/bin/init.sh b/bin/init.sh
index ef59e5c..27101ca 100644
--- a/bin/init.sh
+++ b/bin/init.sh
@@ -1,7 +1,10 @@
 #!/usr/bin/env bash
 
+# AUTHOR: Clemens Schwaighofer
+# DATE: 2025/6/27
+# DESC: Setup basic variables
+
 CONFIG_BASE="${BASE_FOLDER}../config/";
-echo "CONFIG: ${CONFIG_BASE} ";
 if [ -f "${CONFIG_BASE}webhook.cfg" ]; then
 	# shellcheck source=../config/webhook.cfg"
 	# shellcheck disable=SC1091
@@ -17,9 +20,20 @@ if [ -z "$(command -v git)" ]; then
 	echo "git is not installed";
 	exit;
 fi;
-GIT_COMMAND="git";
+GIT_COMMAND_BASE=("git");
 if [ -n "${USE_SUDO}" ]; then
-	GIT_COMMAND="sudo -u ${SUDO_USER} git";
+	GIT_COMMAND_BASE=("sudo" "-u" "${SUDO_USER}" "git");.
+fi;
+
+# add trailing slash if not set
+GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/"
+CLONE_BASE="clone-base/"
+LOG_FOLDER="log/"
+
+# base folder does not exist
+if [ ! -d "${GIT_REPOSITORY_FOLDER}" ]; then
+	echo "Base folder: ${GIT_REPOSITORY_FOLDER} not found";
+	exit;
 fi;
 
 # branch name not set
@@ -28,12 +42,6 @@ if [ -n "${BRANCH}" ]; then
 	exit;
 fi;
 
-# base folder does not exist
-if [ ! -d "${GIT_REPOSITORY_FOLDER}" ]; then
-	echo "Base folder: ${GIT_REPOSITORY_FOLDER} not found";
-	exit;
-fi;
-
 # check that log folder exists
 if [ ! -d "${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}" ]; then
 	echo "Log folder does not exist: ${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}";
@@ -46,5 +54,5 @@ if [ ! -d "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}" ]; then
 	exit;
 fi;
 
-export GIT_COMMAND;
+export GIT_COMMAND_BASE;
 
diff --git a/bin/new_clone.sh b/bin/new_clone.sh
index b30d2fa..9c6b6ea 100755
--- a/bin/new_clone.sh
+++ b/bin/new_clone.sh
@@ -1,5 +1,9 @@
 #!/usr/bin/env bash
 
+# AUTHOR: Clemens Schwaighofer
+# DATE: 2025/6/27
+# DESC: create a new basic clone
+
 REPOSITORY="$1";
 BRANCH="$2";
 REMOTE_HOST="$3";
@@ -16,8 +20,14 @@ if [ -z "${REMOTE_HOST}" ]; then
 	exit;
 fi;
 
+echo "* Validate SSH PEM Key exist and SSH config";
+# grep "Host ${REMOTE}"
+# grep "IdentityFile" in this
+
 echo "New clone";
 
-echo ${GIT_COMMAND} clone -b "${BRANCH}" --single-branch --depth 1 --origin "${REMOTE}" "${REMOTE_HOST}:${REPOSITORY}" "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}";
+GIT_COMMAND=("${GIT_COMMAND_BASE[@]}" "clone" "-b" "${BRANCH}" "--single-branch" "--depth" "1" "--origin" "${REMOTE}" "${REMOTE_HOST}:${REPOSITORY}" "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}")
+echo "Command: ${GIT_COMMAND[*]}"
+# echo ${GIT_COMMAND_BASE} clone -b "${BRANCH}" --single-branch --depth 1 --origin "${REMOTE}" "${REMOTE_HOST}:${REPOSITORY}" "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}";
 
 # __END__