From bbd890bc3f1ae6d9e4b77ada5f76abf9beb13d52 Mon Sep 17 00:00:00 2001 From: "CanbiZ (MickLesk)" <47820557+MickLesk@users.noreply.github.com> Date: Mon, 27 Apr 2026 13:40:30 +0200 Subject: [PATCH] Add telemetry pings & improve container install funcs Bump Fedora template to 43 and enhance container installation tooling. Persist DIAGNOSTICS setting and introduce post_progress_to_api() to send lightweight telemetry pings from inside containers (fire-and-forget, enabled when DIAGNOSTICS=yes and RANDOM_UUID set). Harden package management flows: re-detect PKG_MANAGER when commands are missing, add apt mirror fallback logic (apt_update_safe) and more robust apt-cacher proxy parsing. Fix Debian 13 LXC root ownership bug (chown /) and add additional DNS/Git host checks (including api.github.com). Improve downloading and validation of tools.func, add multiple post_progress_to_api hooks to signal progress, and add two new install entrypoints (misc/main/install.func and misc/main/alpine-install.func) that consolidate network checks, OS updates, MOTD/SSH setup and container customization. --- ct/fedora.sh | 2 +- misc/install.func | 95 ++++++++++++++++++++++++++++++++++++++++++++--- 2 files changed, 91 insertions(+), 6 deletions(-) diff --git a/ct/fedora.sh b/ct/fedora.sh index 5f59e72f..e011ec38 100644 --- a/ct/fedora.sh +++ b/ct/fedora.sh @@ -12,7 +12,7 @@ var_cpu="${var_cpu:-1}" var_ram="${var_ram:-512}" var_disk="${var_disk:-4}" var_os="${var_os:-fedora}" -var_version="${var_version:-42}" +var_version="${var_version:-43}" var_unprivileged="${var_unprivileged:-1}" header_info "$APP" diff --git a/misc/install.func b/misc/install.func index a11ea078..a2bacb4b 100644 --- a/misc/install.func +++ b/misc/install.func @@ -188,6 +188,36 @@ _bootstrap() { _bootstrap detect_os +# Persist diagnostics setting inside container (exported from build.func) +# so addon scripts running later can find the user's choice +if [[ ! -f /usr/local/community-scripts/diagnostics ]]; then + mkdir -p /usr/local/community-scripts + echo "DIAGNOSTICS=${DIAGNOSTICS:-no}" >/usr/local/community-scripts/diagnostics +fi + +# ------------------------------------------------------------------------------ +# post_progress_to_api() +# +# - Lightweight progress ping from inside the container +# - Updates the existing telemetry record status +# - Arguments: +# * $1: status (optional, default: "configuring") +# - Signals that the installation is actively progressing (not stuck) +# - Fire-and-forget: never blocks or fails the script +# - Only executes if DIAGNOSTICS=yes and RANDOM_UUID is set +# ------------------------------------------------------------------------------ +post_progress_to_api() { + command -v curl &>/dev/null || return 0 + [[ "${DIAGNOSTICS:-no}" == "no" ]] && return 0 + [[ -z "${RANDOM_UUID:-}" ]] && return 0 + + local progress_status="${1:-configuring}" + + curl -fsS -m 5 -X POST "https://telemetry.community-scripts.org/telemetry" \ + -H "Content-Type: application/json" \ + -d "{\"random_id\":\"${RANDOM_UUID}\",\"execution_id\":\"${EXECUTION_ID:-${RANDOM_UUID}}\",\"type\":\"lxc\",\"nsapp\":\"${app:-unknown}\",\"status\":\"${progress_status}\"}" &>/dev/null || true +} + # ============================================================================== # SECTION 2: PACKAGE MANAGER ABSTRACTION # ============================================================================== @@ -198,6 +228,16 @@ detect_os # Updates package manager cache/database # ------------------------------------------------------------------------------ pkg_update() { + # Safety: re-detect if PKG_MANAGER doesn't match available commands + if [[ "$PKG_MANAGER" == "apt" ]] && ! command -v apt-get &>/dev/null; then + msg_warn "PKG_MANAGER='apt' but apt-get not found (OS: ${OS_TYPE:-unknown}) — re-detecting" + detect_os + fi + if [[ "$PKG_MANAGER" == "apk" ]] && ! command -v apk &>/dev/null; then + msg_warn "PKG_MANAGER='apk' but apk not found (OS: ${OS_TYPE:-unknown}) — re-detecting" + detect_os + fi + case "$PKG_MANAGER" in apt) if ! $STD apt-get update; then @@ -404,6 +444,12 @@ EOF # Upgrades all installed packages # ------------------------------------------------------------------------------ pkg_upgrade() { + # Safety: re-detect if PKG_MANAGER doesn't match available commands + if [[ "$PKG_MANAGER" == "apt" ]] && ! command -v apt-get &>/dev/null; then + msg_warn "PKG_MANAGER='apt' but apt-get not found (OS: ${OS_TYPE:-unknown}) — re-detecting" + detect_os + fi + case "$PKG_MANAGER" in apt) $STD apt-get -o Dpkg::Options::="--force-confold" -y dist-upgrade @@ -785,6 +831,12 @@ EOF setting_up_container() { msg_info "Setting up Container OS" + # Fix Debian 13 LXC template bug where / is owned by nobody + # Only attempt in privileged containers (unprivileged cannot chown /) + if [[ "$(stat -c '%U' /)" != "root" ]]; then + (chown root:root / 2>/dev/null) || true + fi + # Wait for network local i for ((i = RETRY_NUM; i > 0; i--)); do @@ -813,6 +865,7 @@ setting_up_container() { msg_ok "Set up Container OS" msg_ok "Network Connected: ${BL}$(get_ip)" + post_progress_to_api } # ------------------------------------------------------------------------------ @@ -858,7 +911,7 @@ network_check() { fi # DNS resolution checks - local GIT_HOSTS=("github.com" "raw.githubusercontent.com" "git.community-scripts.org") + local GIT_HOSTS=("github.com" "raw.githubusercontent.com" "api.github.com" "git.community-scripts.org") local GIT_STATUS="Git DNS:" local DNS_FAILED=false @@ -913,10 +966,24 @@ update_os() { # Configure APT cacher proxy if enabled (Debian/Ubuntu only) if [[ "$PKG_MANAGER" == "apt" && "${CACHER:-}" == "yes" ]]; then echo 'Acquire::http::Proxy-Auto-Detect "/usr/local/bin/apt-proxy-detect.sh";' >/etc/apt/apt.conf.d/00aptproxy + local _proxy_raw="${CACHER_IP}" + local _proxy_host _proxy_port _proxy_url + # Parse host and port from URL or plain IP/hostname + _proxy_host=$(echo "$_proxy_raw" | sed -e 's|https\?://||' -e 's|/.*||' | cut -d: -f1) + _proxy_port=$(echo "$_proxy_raw" | sed -e 's|https\?://||' -e 's|/.*||' | cut -s -d: -f2) + if [[ "$_proxy_raw" =~ ^https?:// ]]; then + # Full URL provided — use as-is for proxy output, extract port for nc check + _proxy_url="$_proxy_raw" + _proxy_port="${_proxy_port:-80}" + else + # Legacy: plain IP or hostname — default to http + port 3142 + _proxy_port="${_proxy_port:-3142}" + _proxy_url="http://${_proxy_raw}:${_proxy_port}" + fi cat </usr/local/bin/apt-proxy-detect.sh #!/bin/bash -if nc -w1 -z "${CACHER_IP}" 3142; then - echo -n "http://${CACHER_IP}:3142" +if nc -w1 -z "${_proxy_host}" ${_proxy_port}; then + echo -n "${_proxy_url}" else echo -n "DIRECT" fi @@ -924,6 +991,9 @@ EOF chmod +x /usr/local/bin/apt-proxy-detect.sh fi + # Re-detect OS to ensure PKG_MANAGER is correct (guards against stale env) + detect_os + # Update and upgrade pkg_update pkg_upgrade @@ -932,16 +1002,29 @@ EOF rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED 2>/dev/null || true msg_ok "Updated Container OS" + post_progress_to_api # Source appropriate tools.func based on OS + local tools_content case "$OS_FAMILY" in alpine) - source <(curl -fsSL "$COMMUNITY_SCRIPTS_URL/misc/alpine-tools.func") + tools_content=$(curl -fsSL "$COMMUNITY_SCRIPTS_URL/misc/alpine-tools.func") || { + msg_error "Failed to download alpine-tools.func" + exit 115 + } ;; *) - source <(curl -fsSL "$COMMUNITY_SCRIPTS_URL/misc/tools.func") + tools_content=$(curl -fsSL "$COMMUNITY_SCRIPTS_URL/misc/tools.func") || { + msg_error "Failed to download tools.func" + exit 115 + } ;; esac + source /dev/stdin <<<"$tools_content" + if ! declare -f fetch_and_deploy_gh_release >/dev/null 2>&1; then + msg_error "tools.func loaded but incomplete — missing expected functions" + exit 115 + fi } # ============================================================================== @@ -1027,6 +1110,7 @@ EOF esac fi fi + post_progress_to_api } # ============================================================================== @@ -1143,6 +1227,7 @@ EOF chmod 700 /root/.ssh chmod 600 /root/.ssh/authorized_keys fi + post_progress_to_api } # ==============================================================================