Move script bin folder and config to src

ReadMe.md

@@ -1,10 +1,14 @@
 # Github webhook scripts
 
-These are scripts to setup the basic webhook folder for one campaign and a simple crontab script to pull data from the repository
-
-This will not do the basic setup, this only sets up a new folder with a basic clone run
+These are scripts to setup the basic webhook folder structure,
+the clone base for one campaign and a simple crontab script to pull data from the repository
 
 ## Scripts
 
-- git_pull.sh
-- init_new_clone.sh
+- base_setup.sh: setup for the folder structure, users, etc
+- init_new_clone.sh: Basic clone script
+- git_pull.sh: The script to run in crontab
+
+## TODO
+
+Future versions will hold an incoming webhook handler and a polling scripts (systemd based)

bin/base_setup.sh

@@ -1,56 +0,0 @@
-#!/usr/bin/env bash
-
-# AUTHOR: Clemens Schwaighofer
-# DATE: 2025/7/4
-# DESC: Initial setup of the webhook clone folder structure
-
-BASE_FOLDER=$(dirname "$(readlink -f "$0")")"/";
-CONFIG_BASE="${BASE_FOLDER}../config/";
-if [ -f "${CONFIG_BASE}webhook.cfg" ]; then
-	# shellcheck source=../config/webhook.cfg"
-	# shellcheck disable=SC1091
-	source <(grep "=" "${CONFIG_BASE}webhook.cfg" | sed 's/ *= */=/g')
-fi;
-
-# Define base folders
-CLONE_BASE="clone-base/"
-LOG_FOLDER="log/"
-SCRIPT_FOLDER="scripts/"
-WWW_WEBHOOK_INCOMING="/www/webhook-incoming";
-WWW_ADMIN="/www/admin";
-
-# add trailing slash if missing
-GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/"
-
-if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then
-	echo "Base folder already exists, update check";
-	exit;
-else
-	echo "=> Create new folder structure";
-	echo "+ Add user ${WWW_GROUP}:${SUDO_USER} with base folder ${GIT_REPOSITORY_FOLDER}";
-	# User for sudo
-	useradd -d "${GIT_REPOSITORY_FOLDER}" -m -s /usr/sbin/nologin -G "${WWW_GROUP}" "${SUDO_USER}"
-	setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}"
-	setfacl -m g:"${WWW_GROUP}":r.x -R "${GIT_REPOSITORY_FOLDER}"
-	# SSH
-	echo "+ Add .ssh folder"
-	sudo -u "${SUDO_USER}" mkdir "${GIT_REPOSITORY_FOLDER}"/.ssh/
-	sudo -u "${SUDO_USER}" touch "${GIT_REPOSITORY_FOLDER}"/.ssh/config
-	sudo -u "${SUDO_USER}" chmod 700 "${GIT_REPOSITORY_FOLDER}"/.ssh/
-	sudo -u "${SUDO_USER}" chmod 600 "${GIT_REPOSITORY_FOLDER}"/.ssh/config
-	# All other FOLDER
-	echo "+ Other folders for clone base: ${CLONE_BASE}, logs, scripts, www/webhook-incoming"
-	sudo -u "${SUDO_USER}" \
-		mkdir -p \
-		"${GIT_REPOSITORY_FOLDER}${CLONE_BASE}" \
-		"${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}" \
-		"${GIT_REPOSITORY_FOLDER}${SCRIPT_FOLDER}" \
-		"${GIT_REPOSITORY_FOLDER}${WWW_WEBHOOK_INCOMING}" \
-		"${GIT_REPOSITORY_FOLDER}${WWW_ADMIN}";
-	setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
-	setfacl -d -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
-	setfacl -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
-	setfacl -d -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
-fi;
-
-# __END__

config/.gitignore

@@ -1,2 +0,0 @@
-*
-!.gitignore

src/bin/base_setup.sh

@@ -0,0 +1,107 @@
+#!/usr/bin/env bash
+
+# AUTHOR: Clemens Schwaighofer
+# DATE: 2025/7/4
+# DESC: Initial setup of the webhook clone folder structure
+
+BASE_FOLDER=$(dirname "$(readlink -f "$0")")"/";
+CONFIG_BASE="${BASE_FOLDER}../config/";
+if [ -f "${CONFIG_BASE}webhook.cfg" ]; then
+	# shellcheck source=../config/webhook.cfg"
+	# shellcheck disable=SC1091
+	source <(grep "=" "${CONFIG_BASE}webhook.cfg" | sed 's/ *= */=/g')
+fi;
+
+# abort on not set
+
+error=0;
+if [ -z "${GIT_REPOSITORY_FOLDER}" ]; then
+	echo "Missing GIT_REPOSITORY_FOLDER entry";
+	error=1;
+fi;
+if [ -z "${WWW_GROUP}" ]; then
+	echo "Missing WWW_GROUP entry";
+	error=1;
+else
+	# check that this group exists, we do not create this, this is the apache group
+	echo "";
+fi;
+if [ -z "${SUDO_USER}" ]; then
+	echo "Missing SUDO_USER entry";
+	error=1;
+elif [ "${USE_SUDO}" = "0" ] && ! id "${SUDO_USER}" &>/dev/null; then
+	echo "SUDO is off, user must exist in system";
+	error=1;
+fi;
+
+if [ $error -eq 1 ]; then
+	exit;
+fi;
+
+# Define base folders
+CLONE_BASE="clone-base/"
+LOG_FOLDER="log/"
+SCRIPT_FOLDER="scripts/"
+CONFIG_FOLDER="config/"
+WWW_WEBHOOK_INCOMING="/www/webhook-incoming";
+WWW_ADMIN="/www/admin";
+
+# add trailing slash if missing
+GIT_REPOSITORY_FOLDER="${GIT_REPOSITORY_FOLDER%/}/"
+
+if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then
+	echo "Base folder already exists, update check";
+	echo "[TODO] -> Not implemented exit";
+	exit;
+else
+	echo "=> Create new folder structure";
+	# User for sudo, but only if SUDO is enabled
+	if [ "${USE_SUDO}" != "0" ]; then
+		echo "+ Add user ${WWW_GROUP}:${SUDO_USER} with base folder ${GIT_REPOSITORY_FOLDER}";
+		useradd -d "${GIT_REPOSITORY_FOLDER}" -m -s /usr/sbin/nologin "${SUDO_USER}"
+	fi;
+	if [ -d "${GIT_REPOSITORY_FOLDER}" ]; then
+		echo "+ Create Folder: ${GIT_REPOSITORY_FOLDER}";
+		mkdir "${GIT_REPOSITORY_FOLDER}";
+	fi;
+	echo "+ Set folder user/group";
+	# user is not mandatory, but we need to set the group
+	setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}"
+	setfacl -m -d u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}"
+	setfacl -m g:"${WWW_GROUP}":rx -R "${GIT_REPOSITORY_FOLDER}"
+	# SSH
+	echo "+ Add .ssh folder"
+	sudo -u "${SUDO_USER}" mkdir "${GIT_REPOSITORY_FOLDER}"/.ssh/
+	sudo -u "${SUDO_USER}" touch "${GIT_REPOSITORY_FOLDER}"/.ssh/config
+	sudo -u "${SUDO_USER}" chmod 700 "${GIT_REPOSITORY_FOLDER}"/.ssh/
+	sudo -u "${SUDO_USER}" chmod 600 "${GIT_REPOSITORY_FOLDER}"/.ssh/config
+	# All other FOLDER
+	echo "+ Other folders for clone base: ${CLONE_BASE}, logs, scripts, www/webhook-incoming"
+	sudo -u "${SUDO_USER}" \
+		mkdir -p \
+		"${GIT_REPOSITORY_FOLDER}${CLONE_BASE}" \
+		"${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${SCRIPT_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${CONFIG_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_WEBHOOK_INCOMING}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_ADMIN}";
+	# set basic folder rights, clone folder is excluded
+	chmod 700 \
+		"${GIT_REPOSITORY_FOLDER}${LOG_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${SCRIPT_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${CONFIG_FOLDER}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_WEBHOOK_INCOMING}" \
+		"${GIT_REPOSITORY_FOLDER}${WWW_ADMIN}";
+	# setfacl -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	# setfacl -d -m u:"${SUDO_USER}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	# web user must have access to the clone folder, RWX
+	setfacl -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	setfacl -d -m g:"${WWW_GROUP}":rwx -R "${GIT_REPOSITORY_FOLDER}${CLONE_BASE}"
+	# Copy files
+	echo "+ Copy basic script and config files";
+	# git_pull.sh, init.sh, new_clone.sh, webhook.default.cfg
+	cp "${BASE_FOLDER}new_clone.sh" "${BASE_FOLDER}init.sh" "${BASE_FOLDER}git_clone.sh" "${GIT_REPOSITORY_FOLDER}${SCRIPT_FOLDER}";
+	cp "${CONFIG_BASE}/webhook.default.cfg" "${GIT_REPOSITORY_FOLDER}${CONFIG_FOLDER}";
+fi;
+
+# __END__

src/config/.gitignore

@@ -0,0 +1,3 @@
+*.cfg
+!*.default.cfg
+!.gitignore

src/config/webhook.default.cfg

@@ -0,0 +1,4 @@
+GIT_REPOSITORY_FOLDER=""
+WWW_GROUP=""
+SUDO_USER=""
+USE_SUDO=0