tga/ignition-pi4
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Adds safe-reboot and safe-shutdown, removes all .sh extensions to scripts

Browse Source
This commit is contained in:
Guillaume Tâche
2026-05-21 21:09:34 +02:00
parent f806bda21b
commit 9929a7055b
38 changed files with 91 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files
files/add-secrets.sh → files/add-secrets
View File
files/backup-postgres.sh → files/backup-postgres
View File
files/copy-music.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Copies the music from Nextcloud to Navidrome
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/root/scripts/copy-music.sh ExecStart=/root/scripts/copy-music
files/move-downloads-nextcloud.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Move the completed torrents and jdownloader downloads to nextcloud
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/root/scripts/move-downloads-nextcloud.sh ExecStart=/root/scripts/move-downloads-nextcloud
files/poweroff
+1 -1
View File
@@ -1 +1 @@
homeassistant ALL=(ALL) NOPASSWD: /sbin/poweroff, /sbin/reboot, /sbin/shutdown homeassistant ALL=(ALL) NOPASSWD: /opt/bin/safe-reboot, /opt/bin/safe-shutdown
files/rclone-parents.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Runs rclone to copy the NAS content to the parents NAS
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/flock -n /run/rclone-parents.lock /root/scripts/rclone-parents.sh ExecStart=/usr/bin/flock -n /run/rclone-parents.lock /root/scripts/rclone-parents
files/rotation.conf
+4
View File
@@ -0,0 +1,4 @@
[Journal]
SystemMaxUse=256M # Maximum total journal size
RuntimeMaxUse=128M # Maximum journal size in temporary storage
MaxFileSec=1month # Maximum time to retain log files
files/safe-reboot
+11
View File
@@ -0,0 +1,11 @@
#!/bin/bash
set -o errexit -o pipefail -o noclobber -o nounset -o errtrace -o functrace
users=(arr gitea homeassistant immich jdownloader kiwix komga navidrome nextcloud nginx pairdrop paperless pihole qbittorrent synapse wallabag)
for user in "${users[@]}"; do
readarray -t units <<< "$(systemctl --user -M "${user}@" list-units | grep container | grep running | grep service | awk '{print $1}')" || true
if [[ "${#units[@]}" -gt 0 && -n "${units[0]:-}" ]]; then
systemctl --user -M "${user}@" stop "${units[@]}"
fi
done
systemctl reboot
files/safe-shutdown
+12
View File
@@ -0,0 +1,12 @@
#!/bin/bash
set -o errexit -o pipefail -o noclobber -o nounset -o errtrace -o functrace
users=(arr gitea homeassistant immich jdownloader kiwix komga navidrome nextcloud nginx pairdrop paperless pihole qbittorrent synapse wallabag)
for user in "${users[@]}"; do
readarray -t units <<< "$(systemctl --user -M "${user}@" list-units | grep container | grep running | grep service | awk '{print $1}')" || true
if [[ "${#units[@]}" -gt 0 && -n "${units[0]:-}" ]]; then
systemctl --user -M "${user}@" stop "${units[@]}"
fi
done
systemctl poweroff
generate-config.sh → generate-config
View File
home/nextcloud/pre-generate-preview.sh → home/nextcloud/pre-generate-preview
View File
home/pihole/update-hints.sh → home/pihole/update-hints
View File
home/pihole/update-root.sh → home/pihole/update-root
View File
home/root/copy-music.sh → home/root/copy-music
View File
home/root/move-downloads-nextcloud.sh → home/root/move-downloads-nextcloud
View File
home/root/rclone-parents.sh → home/root/rclone-parents
View File
home/tga/dyndns.sh → home/tga/dyndns
View File
home/wallabag/custom-entrypoint.sh → home/wallabag/custom-entrypoint
View File
init/configure-firewalld.sh → init/configure-firewalld
View File
init/configure-firewalld.service
+1 -1
View File
@@ -6,7 +6,7 @@ ConditionPathExists=!/var/lib/configure-firewalld
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/configure-firewalld.sh ExecStart=/opt/bin/configure-firewalld
ExecStartPost=/usr/bin/touch /var/lib/configure-firewalld ExecStartPost=/usr/bin/touch /var/lib/configure-firewalld
RemainAfterExit=true RemainAfterExit=true
init/enable-all-quadlets.sh → init/enable-all-quadlets
+2 -2
View File
@@ -11,7 +11,7 @@ for user in "${users[@]}"; do
chown -R "${user}:${user}" "/var/home/${user}" chown -R "${user}:${user}" "/var/home/${user}"
secrets_file="/var/home/${user}/.secrets" secrets_file="/var/home/${user}/.secrets"
if [[ -f "${secrets_file}" ]];then if [[ -f "${secrets_file}" ]];then
sudo -u "${user}" /opt/bin/add-secrets.sh "${secrets_file}" sudo -u "${user}" /opt/bin/add-secrets "${secrets_file}"
fi fi
systemctl --user -M "${user}@" daemon-reload systemctl --user -M "${user}@" daemon-reload
systemctl --user -M "${user}@" enable --now "podman-auto-update.timer" || true systemctl --user -M "${user}@" enable --now "podman-auto-update.timer" || true
@@ -38,6 +38,6 @@ systemctl --user -M "wallabag@" enable "backup-database.timer"
systemctl enable --now "podman-auto-update.timer" || true systemctl enable --now "podman-auto-update.timer" || true
/opt/bin/add-secrets.sh /root/.secrets /opt/bin/add-secrets /root/.secrets
systemctl daemon-reload systemctl daemon-reload
systemctl start samba.service systemctl start samba.service
init/enable-all-quadlets.service
+1 -1
View File
@@ -7,7 +7,7 @@ ConditionPathExists=!/var/lib/quadlets-enabled
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/enable-all-quadlets.sh ExecStart=/opt/bin/enable-all-quadlets
ExecStartPost=/usr/bin/touch /var/lib/quadlets-enabled ExecStartPost=/usr/bin/touch /var/lib/quadlets-enabled
RemainAfterExit=true RemainAfterExit=true
pi4.bu
+34 -14
View File
@@ -30,6 +30,13 @@ passwd:
- wheel - wheel
- name: zero - name: zero
storage: storage:
directories:
- path: /etc/systemd/journald.conf.d
mode: 0755
user:
name: root
group:
name: root
disks: disks:
- device: /dev/disk/by-id/ata-WDC_WD120EFBX-68B0EN0_5QKYB19B - device: /dev/disk/by-id/ata-WDC_WD120EFBX-68B0EN0_5QKYB19B
wipe_table: false wipe_table: false
@@ -62,21 +69,29 @@ storage:
- compress=zstd:3 - compress=zstd:3
with_mount_unit: true with_mount_unit: true
files: files:
- path: /opt/bin/enable-all-quadlets.sh - path: /opt/bin/enable-all-quadlets
contents: contents:
local: init/enable-all-quadlets.sh local: init/enable-all-quadlets
mode: 0755 mode: 0755
- path: /opt/bin/configure-firewalld.sh - path: /opt/bin/configure-firewalld
contents: contents:
local: init/configure-firewalld.sh local: init/configure-firewalld
mode: 0755 mode: 0755
- path: /opt/bin/add-secrets.sh - path: /opt/bin/add-secrets
contents: contents:
local: files/add-secrets.sh local: files/add-secrets
mode: 0755 mode: 0755
- path: /opt/bin/backup-postgres.sh - path: /opt/bin/backup-postgres
contents: contents:
local: files/backup-postgres.sh local: files/backup-postgres
mode: 0755
- path: /opt/bin/safe-reboot
contents:
local: files/safe-reboot
mode: 0755
- path: /opt/bin/safe-shutdown
contents:
local: files/safe-shutdown
mode: 0755 mode: 0755
- path: /etc/containers/systemd/samba.container - path: /etc/containers/systemd/samba.container
contents: contents:
@@ -85,18 +100,18 @@ storage:
mode: 0600 mode: 0600
contents: contents:
local: /home/root/.secrets local: /home/root/.secrets
- path: /root/scripts/move-downloads-nextcloud.sh - path: /root/scripts/move-downloads-nextcloud
mode: 0755 mode: 0755
contents: contents:
local: /home/root/move-downloads-nextcloud.sh local: /home/root/move-downloads-nextcloud
- path: /root/scripts/rclone-parents.sh - path: /root/scripts/rclone-parents
mode: 0755 mode: 0755
contents: contents:
local: /home/root/rclone-parents.sh local: /home/root/rclone-parents
- path: /root/scripts/copy-music.sh - path: /root/scripts/copy-music
mode: 0755 mode: 0755
contents: contents:
local: /home/root/copy-music.sh local: /home/root/copy-music
- path: /etc/ssh/sshd_config.d/99-custom - path: /etc/ssh/sshd_config.d/99-custom
mode: 0644 mode: 0644
contents: contents:
@@ -106,6 +121,11 @@ storage:
overwrite: true overwrite: true
contents: contents:
local: files/smartd.conf local: files/smartd.conf
- path: /etc/systemd/journald.conf.d/rotation.conf
mode: 0644
overwrite: true
contents:
local: files/rotation.conf
- path: /etc/sudoers.d/99-poweroff - path: /etc/sudoers.d/99-poweroff
mode: 0644 mode: 0644
contents: contents:
quadlets/wallabag/wallabag.container
+2 -2
View File
@@ -8,7 +8,7 @@ Requires=wallabag-redis.container
[Container] [Container]
AutoUpdate=registry AutoUpdate=registry
ContainerName=wallabag ContainerName=wallabag
Entrypoint=/custom-entrypoint.sh Entrypoint=/custom-entrypoint
Environment=POSTGRES_DB=wallabag Environment=POSTGRES_DB=wallabag
Environment=POSTGRES_USER=wallabag Environment=POSTGRES_USER=wallabag
Environment=SYMFONY__ENV__DATABASE_DRIVER=pdo_pgsql Environment=SYMFONY__ENV__DATABASE_DRIVER=pdo_pgsql
@@ -35,7 +35,7 @@ StartWithPod=true
Timezone=Europe/Zurich Timezone=Europe/Zurich
Volume=wallabag-data.volume:/var/www/wallabag/data Volume=wallabag-data.volume:/var/www/wallabag/data
Volume=wallabag-images.volume:/var/www/wallabag/web/assets/images Volume=wallabag-images.volume:/var/www/wallabag/web/assets/images
Volume=/var/mnt/nas/containers/wallabag/storage/custom-entrypoint.sh:/custom-entrypoint.sh Volume=/var/mnt/nas/containers/wallabag/storage/custom-entrypoint:/custom-entrypoint
[Service] [Service]
Restart=always Restart=always
services/gitea/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the Gitea database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
services/immich/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the Immich database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
services/nextcloud/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the Nextcloud database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
services/nextcloud/pre-generate-preview.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Pre-generates previews for Nextcloud
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/var/home/nextcloud/pre-generate-preview.sh ExecStart=/var/home/nextcloud/pre-generate-preview
services/paperless/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the paperless database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
services/pihole/update-hints.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Update the unbound root hints
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/var/home/pihole/update-hints.sh ExecStart=/var/home/pihole/update-hints
services/pihole/update-root.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Update the unbound root entries
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/var/home/pihole/update-root.sh ExecStart=/var/home/pihole/update-root
services/synapse/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the Synapse database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
services/tga/update-dyndns.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Update the DynDns entries
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/var/home/tga/dyndns.sh ExecStart=/var/home/tga/dyndns
services/wallabag/backup-database.service
+1 -1
View File
@@ -3,4 +3,4 @@ Description=Backups the Wallabag database
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/opt/bin/backup-postgres.sh ExecStart=/opt/bin/backup-postgres
users/nextcloud.bu
+2 -2
View File
@@ -183,10 +183,10 @@ storage:
name: nextcloud name: nextcloud
group: group:
name: nextcloud name: nextcloud
- path: /var/home/nextcloud/pre-generate-preview.sh - path: /var/home/nextcloud/pre-generate-preview
mode: 0755 mode: 0755
contents: contents:
local: home/nextcloud/pre-generate-preview.sh local: home/nextcloud/pre-generate-preview
user: user:
name: nextcloud name: nextcloud
group: group:
users/pihole.bu
+4 -4
View File
@@ -205,18 +205,18 @@ storage:
name: pihole name: pihole
group: group:
name: pihole name: pihole
- path: /var/home/pihole/update-hints.sh - path: /var/home/pihole/update-hints
mode: 0755 mode: 0755
contents: contents:
local: home/pihole/update-hints.sh local: home/pihole/update-hints
user: user:
name: pihole name: pihole
group: group:
name: pihole name: pihole
- path: /var/home/pihole/update-root.sh - path: /var/home/pihole/update-root
mode: 0755 mode: 0755
contents: contents:
local: home/pihole/update-root.sh local: home/pihole/update-root
user: user:
name: pihole name: pihole
group: group:
users/tga.bu
+2 -2
View File
@@ -29,10 +29,10 @@ storage:
name: tga name: tga
group: group:
name: tga name: tga
- path: /var/home/tga/dyndns.sh - path: /var/home/tga/dyndns
mode: 0755 mode: 0755
contents: contents:
local: home/tga/dyndns.sh local: home/tga/dyndns
user: user:
name: tga name: tga
group: group:
users/wallabag.bu
+2 -2
View File
@@ -89,10 +89,10 @@ storage:
name: wallabag name: wallabag
group: group:
name: wallabag name: wallabag
- path: /var/home/wallabag/custom-entrypoint.sh - path: /var/home/wallabag/custom-entrypoint
mode: 0755 mode: 0755
contents: contents:
local: home/wallabag/custom-entrypoint.sh local: home/wallabag/custom-entrypoint
user: user:
name: wallabag name: wallabag
group: group: