Remove webssh (has its own repo) and add support for root install

README.md

@@ -5,13 +5,12 @@ instance running (for web remote access if need be). We must manually unlock cer
 
 ### Files
 * `lighttpd-webssh.conf` is a sub-conf file for lighttpd, making it serve WebSSH.
-* `etc-letsencrypt.mount` allow to unlock and mount encrypted certificates volume.
+* `etc-letsencrypt.mount` allows to unlock and mount encrypted certificates volume.
   * Relevant information should be added to `/etc/crypttab`.
 * `etc-letsencrypt.timer` is a timer to automatically start previous unit, **but this is currently not used**.
 * `start-lighttpd.conf` is a drop-in Systemd unit file, which starts lighttpd should nginx fail to start.
   * This is not intended for starting process, more in case of failed (remote) restart of nginx.
 * `wait-for-dns.conf` is a drop-in Systemd unit file, which prevents nginx to start before DNS server is operational.
-* `webssh.service` is a service file for WebSSH.
 #### Installation
 * `install.sh` script copies Systemd files to their destination and sets lighttpd conf (and creates a certificate if
 needed).

install.sh

@@ -7,33 +7,38 @@ if [ -f $run_directory/.disabled ]; then
   exit 0
 fi
 
-echo "Copying Systemd units and drop-ins to system directory..."
-sudo cp $run_directory/webssh.service /etc/systemd/system/
-sudo cp $run_directory/etc-letsencrypt.mount /etc/systemd/system/
-if [ ! -d /etc/systemd/system/nginx.service.d ]; then # TODO
-  mkdir /etc/systemd/system/nginx.service.d
+if [[ $user != 'root' ]]; then
+  sudo="sudo"
+else
+  sudo=""
 fi
-sudo cp $run_directory/start-lighttpd.conf /etc/systemd/system/nginx.service.d/
-sudo cp $run_directory/wait-for-dns.conf /etc/systemd/system/nginx.service.d/
+
+echo "Copying Systemd units and drop-ins to system directory..."
+$sudo cp $run_directory/etc-letsencrypt.mount /etc/systemd/system/
+if [ ! -d /etc/systemd/system/nginx.service.d ]; then # TODO
+  $sudo mkdir /etc/systemd/system/nginx.service.d
+fi
+$sudo cp $run_directory/start-lighttpd.conf /etc/systemd/system/nginx.service.d/
+$sudo cp $run_directory/wait-for-dns.conf /etc/systemd/system/nginx.service.d/
 
 echo "Setting up lighttpd..."
-sudo cp $run_directory/lighttpd-webssh.conf /etc/lighttpd/conf-available/99-webssh.conf
-sudo rm /etc/lighttpd/conf-enabled/*
-sudo ln -s /etc/lighttpd/conf-available/10-proxy.conf /etc/lighttpd/conf-enabled/
-sudo ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
-sudo ln -s /etc/lighttpd/conf-available/99-webssh.conf /etc/lighttpd/conf-enabled/
+$sudo cp $run_directory/lighttpd-webssh.conf /etc/lighttpd/conf-available/99-webssh.conf
+$sudo rm /etc/lighttpd/conf-enabled/*
+$sudo ln -s /etc/lighttpd/conf-available/10-proxy.conf /etc/lighttpd/conf-enabled/
+$sudo ln -s /etc/lighttpd/conf-available/10-ssl.conf /etc/lighttpd/conf-enabled/
+$sudo ln -s /etc/lighttpd/conf-available/99-webssh.conf /etc/lighttpd/conf-enabled/
 if [ ! -f /etc/lighttpd/server.pem ]; then # TODO
   echo "Creating an SSL certificate for lighttpd:"
-  openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/lighttpd/server.pem -keyout \
+  $sudo openssl req -newkey rsa:4096 -x509 -sha256 -days 999 -nodes -out /etc/lighttpd/server.pem -keyout \
   /etc/lighttpd/server.pem -subj "/C=/ST=/L=/O=/OU=/CN=" # is it the right way?
-  #chmod o+r /etc/lighttpd/server.pem # needed?
+  #$sudo chmod o+r /etc/lighttpd/server.pem # needed?
 fi
 
 echo "Reloading Systemd..."
-sudo systemctl daemon-reload
+$sudo systemctl daemon-reload
 echo "Disabling nginx and enabling lighttpd..."
-sudo systemctl disable nginx
-sudo systemctl enable lighttpd
+$sudo systemctl disable nginx
+$sudo systemctl enable lighttpd
 
 echo "Finished install. Exiting..."
 echo "NOTE: Neither nginx nor lighttpd were started/stopped."

webssh.service

@@ -1,10 +0,0 @@
-[Unit]
-Description=Run Python webssh website
-After=network.target
-
-[Service]
-User=www-data
-ExecStart=/usr/bin/python3 /srv/http/webssh/run.py --address='127.0.0.1' --port=8000
-
-[Install]
-WantedBy=default.target