mirror/fosrl.pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2025-08-31 06:59:33 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Merge pull request #796 from socheatsok78/non-root-installer

Browse source 
Allow installer to run without requires `sudo`
This commit is contained in:
Owen Schwartz 2025-05-31 10:48:47 -04:00 committed by GitHub
commit c92069a1f4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
2 changed files with 43 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

2
README.md
View file

@ -83,7 +83,7 @@ _Resources page of Pangolin dashboard (dark mode) showing multiple resources ava
### Modular Design ### Modular Design
- Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](github.com/PascalMinder/geoblock). - Extend functionality with existing [Traefik](https://github.com/traefik/traefik) plugins, such as [CrowdSec](https://plugins.traefik.io/plugins/6335346ca4caa9ddeffda116/crowdsec-bouncer-traefik-plugin) and [Geoblock](https://github.com/PascalMinder/geoblock).
- **Automatically install and configure Crowdsec via Pangolin's installer script.** - **Automatically install and configure Crowdsec via Pangolin's installer script.**
- Attach as many sites to the central server as you wish. - Attach as many sites to the central server as you wish.

46
install/main.go
View file

@ -9,6 +9,7 @@ import (
"io/fs" "io/fs"
"os" "os"
"os/exec" "os/exec"
"os/user"
"path/filepath" "path/filepath"
"runtime" "runtime"
"strings" "strings"
@ -58,9 +59,18 @@ type Config struct {
func main() { func main() {
reader := bufio.NewReader(os.Stdin) reader := bufio.NewReader(os.Stdin)
// check if the user is root // check if docker is not installed and the user is root
if os.Geteuid() != 0 { if !isDockerInstalled() {
fmt.Println("This script must be run as root") if os.Geteuid() != 0 {
fmt.Println("Docker is not installed. Please install Docker manually or run this installer as root.")
os.Exit(1)
}
}
// check if the user is in the docker group (linux only)
if !isUserInDockerGroup() {
fmt.Println("You are not in the docker group.")
fmt.Println("The installer will not be able to run docker commands without running it as root.")
os.Exit(1) os.Exit(1)
} }
@ -501,6 +511,34 @@ func isDockerInstalled() bool {
return true return true
} }
func isUserInDockerGroup() bool {
if runtime.GOOS == "darwin" {
// Docker group is not applicable on macOS
// So we assume that the user can run Docker commands
return true
}
if os.Geteuid() == 0 {
return true // Root user can run Docker commands anyway
}
// Check if the current user is in the docker group
if dockerGroup, err := user.LookupGroup("docker"); err == nil {
if currentUser, err := user.Current(); err == nil {
if currentUserGroupIds, err := currentUser.GroupIds(); err == nil {
for _, groupId := range currentUserGroupIds {
if groupId == dockerGroup.Gid {
return true
}
}
}
}
}
// Eventually, if any of the checks fail, we assume the user cannot run Docker commands
return false
}
// executeDockerComposeCommandWithArgs executes the appropriate docker command with arguments supplied // executeDockerComposeCommandWithArgs executes the appropriate docker command with arguments supplied
func executeDockerComposeCommandWithArgs(args ...string) error { func executeDockerComposeCommandWithArgs(args ...string) error {
var cmd *exec.Cmd var cmd *exec.Cmd
@ -641,4 +679,4 @@ func generateRandomSecretKey() string {
b[i] = charset[seededRand.Intn(len(charset))] b[i] = charset[seededRand.Intn(len(charset))]
} }
return string(b) return string(b)
} }