template launcher in node
This commit is contained in:
		
							parent
							
								
									76ae6cc501
								
							
						
					
					
						commit
						054c6a334a
					
				
							
								
								
									
										61
									
								
								usr/share/dist/Library/LaunchDaemons/cloud.telebit.remote.plist.tpl
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										61
									
								
								usr/share/dist/Library/LaunchDaemons/cloud.telebit.remote.plist.tpl
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @ -0,0 +1,61 @@ | ||||
| <?xml version="1.0" encoding="UTF-8"?> | ||||
| <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd"> | ||||
| <plist version="1.0"> | ||||
| <dict> | ||||
| 	<key>Label</key> | ||||
| 	<string>Telebit Remote</string> | ||||
| 	<key>ProgramArguments</key> | ||||
| 	<array> | ||||
| 		<string>{TELEBIT_PATH}/bin/node</string> | ||||
| 		<string>{TELEBIT_PATH}/bin/telebitd.js</string> | ||||
| 		<string>daemon</string> | ||||
| 		<string>--config</string> | ||||
|     <string>{TELEBIT_PATH}/etc/telebitd.yml</string> | ||||
| 	</array> | ||||
| 	<key>EnvironmentVariables</key> | ||||
| 	<dict> | ||||
| 		<key>TELEBIT_PATH</key> | ||||
| 		<string>{TELEBIT_PATH}</string> | ||||
| 		<key>NODE_PATH</key> | ||||
| 		<string>{TELEBIT_PATH}/lib/node_modules</string> | ||||
| 		<key>NPM_CONFIG_PREFIX</key> | ||||
| 		<string>{TELEBIT_PATH}</string> | ||||
| 	</dict> | ||||
| 
 | ||||
| 	<key>UserName</key> | ||||
| 	<string>{TELEBIT_USER}</string> | ||||
| 	<key>GroupName</key> | ||||
| 	<string>{TELEBIT_GROUP}</string> | ||||
| 	<key>InitGroups</key> | ||||
| 	<true/> | ||||
| 
 | ||||
| 	<key>RunAtLoad</key> | ||||
| 	<true/> | ||||
| 	<key>KeepAlive</key> | ||||
| 	<true/> | ||||
| 	<!--dict> | ||||
| 		<key>Crashed</key> | ||||
| 		<true/> | ||||
| 		<key>NetworkState</key> | ||||
| 		<true/> | ||||
| 		<key>SuccessfulExit</key> | ||||
| 		<false/> | ||||
| 	</dict--> | ||||
| 
 | ||||
| 	<key>SoftResourceLimits</key> | ||||
| 	<dict> | ||||
| 		<key>NumberOfFiles</key> | ||||
| 		<integer>8192</integer> | ||||
| 	</dict> | ||||
| 	<key>HardResourceLimits</key> | ||||
| 	<dict/> | ||||
| 
 | ||||
| 	<key>WorkingDirectory</key> | ||||
|   <string>{TELEBIT_PATH}</string> | ||||
| 
 | ||||
| 	<key>StandardErrorPath</key> | ||||
|   <string>{TELEBIT_PATH}/var/log/error.log</string> | ||||
| 	<key>StandardOutPath</key> | ||||
|   <string>{TELEBIT_PATH}/var/log/info.log</string> | ||||
| </dict> | ||||
| </plist> | ||||
							
								
								
									
										64
									
								
								usr/share/dist/etc/systemd/system/telebit.service.tpl
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										64
									
								
								usr/share/dist/etc/systemd/system/telebit.service.tpl
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @ -0,0 +1,64 @@ | ||||
| # Pre-req | ||||
| # sudo adduser telebit --home {TELEBIT_PATH} | ||||
| # sudo mkdir -p {TELEBIT_PATH}/ | ||||
| # sudo chown -R {TELEBIT_USER}:{TELEBIT_GROUP} {TELEBIT_PATH}/ | ||||
| 
 | ||||
| [Unit] | ||||
| Description=Telebit Remote | ||||
| Documentation=https://git.coolaj86.com/coolaj86/telebit.js/ | ||||
| After=network-online.target | ||||
| Wants=network-online.target systemd-networkd-wait-online.service | ||||
| 
 | ||||
| [Service] | ||||
| # Restart on crash (bad signal), and also on 'clean' failure (error exit code) | ||||
| # Allow up to 3 restarts within 10 seconds | ||||
| # (it's unlikely that a user or properly-running script will do this) | ||||
| Restart=always | ||||
| StartLimitInterval=10 | ||||
| StartLimitBurst=3 | ||||
| 
 | ||||
| # User and group the process will run as | ||||
| User={TELEBIT_USER} | ||||
| Group={TELEBIT_GROUP} | ||||
| 
 | ||||
| WorkingDirectory={TELEBIT_PATH} | ||||
| # custom directory cannot be set and will be the place where this exists, not the working directory | ||||
| ExecStart={TELEBIT_PATH}/bin/node {TELEBIT_PATH}/bin/telebitd.js daemon --config {TELEBIT_PATH}/etc/telebitd.yml | ||||
| ExecReload=/bin/kill -USR1 $MAINPID | ||||
| 
 | ||||
| # Limit the number of file descriptors and processes; see `man systemd.exec` for more limit settings. | ||||
| # Unmodified, this is not expected to use more than this. | ||||
| LimitNOFILE=1048576 | ||||
| LimitNPROC=64 | ||||
| 
 | ||||
| # Use private /tmp and /var/tmp, which are discarded after this stops. | ||||
| PrivateTmp=true | ||||
| # Use a minimal /dev | ||||
| PrivateDevices=true | ||||
| # Hide /home, /root, and /run/user. Nobody will steal your SSH-keys. | ||||
| ProtectHome=true | ||||
| # Make /usr, /boot, /etc and possibly some more folders read-only. | ||||
| ProtectSystem=full | ||||
| # ... except for a few because we want a place for config, logs, etc | ||||
| # This merely retains r/w access rights, it does not add any new. | ||||
| # Must still be writable on the host! | ||||
| ReadWriteDirectories={TELEBIT_RW_DIRS} | ||||
| 
 | ||||
| # Note: in v231 and above ReadWritePaths has been renamed to ReadWriteDirectories | ||||
| ; ReadWritePaths={TELEBIT_RW_DIRS} | ||||
| 
 | ||||
| # The following additional security directives only work with systemd v229 or later. | ||||
| # They further retrict privileges that can be gained. | ||||
| # Note that you may have to add capabilities required by any plugins in use. | ||||
| CapabilityBoundingSet=CAP_NET_BIND_SERVICE | ||||
| AmbientCapabilities=CAP_NET_BIND_SERVICE | ||||
| NoNewPrivileges=true | ||||
| 
 | ||||
| # Caveat: Some features may need additional capabilities. | ||||
| # For example an "upload" may need CAP_LEASE | ||||
| ; CapabilityBoundingSet=CAP_NET_BIND_SERVICE CAP_LEASE | ||||
| ; AmbientCapabilities=CAP_NET_BIND_SERVICE CAP_LEASE | ||||
| ; NoNewPrivileges=true | ||||
| 
 | ||||
| [Install] | ||||
| WantedBy=multi-user.target | ||||
							
								
								
									
										33
									
								
								usr/share/template-launcher.js
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										33
									
								
								usr/share/template-launcher.js
									
									
									
									
									
										Normal file
									
								
							| @ -0,0 +1,33 @@ | ||||
| 'use strict'; | ||||
| 
 | ||||
| var path = require('path'); | ||||
| var fs = require('fs'); | ||||
| var os = require('os'); | ||||
| 
 | ||||
| var files = [ | ||||
|   [ (process.env.TELEBIT_SERVICE_TPL || path.join(__dirname, 'dist/etc/systemd/system/telebit.service.tpl')) | ||||
|   , (process.env.TELEBIT_SERVICE || path.join(__dirname, 'dist/etc/systemd/system/telebit.service')) | ||||
|   ] | ||||
| , [ (process.env.TELEBIT_PLIST_TPL || path.join(__dirname, 'dist/Library/LaunchDaemons/cloud.telebit.remote.plist.tpl')) | ||||
|   ,(process.env.TELEBIT_PLIST || path.join(__dirname, 'dist/Library/LaunchDaemons/cloud.telebit.remote.plist')) | ||||
|   ] | ||||
| ]; | ||||
| var vars = { | ||||
|   telebitPath: process.env.TELEBIT_PATH || path.resolve(__dirname, '../..') | ||||
| , telebitRwDirs: [ | ||||
|     (process.env.TELEBIT_PATH || path.resolve(__dirname, '../..')) | ||||
|   , path.join(os.homedir(), '.config/telebit') | ||||
|   , path.join(os.homedir(), '.local/share/telebit') | ||||
|   , ].join(' ') | ||||
| , telebitUser: process.env.TELEBIT_USER || os.userInfo().username | ||||
| , telebitGroup: process.env.TELEBIT_GROUP || ('darwin' === os.platform() ? 'staff' : os.userInfo().username) | ||||
| }; | ||||
| files.forEach(function (f) { | ||||
|   var text = fs.readFileSync(f[0], 'utf8') | ||||
|     .replace(/{TELEBIT_PATH}/g, vars.telebitPath) | ||||
|     .replace(/{TELEBIT_USER}/g, vars.telebitUser) | ||||
|     .replace(/{TELEBIT_GROUP}/g, vars.telebitGroup) | ||||
|     .replace(/{TELEBIT_RW_DIRS}/g, vars.telebitRwDirs) | ||||
|     ; | ||||
|   fs.writeFileSync(f[1], text, 'utf8'); | ||||
| }); | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user