Add unit tests and updated messages

install/production-filesystem/entrypoint.sh

@@ -53,14 +53,33 @@ printf '
 
 set -u
 
+NETALERTX_DOCKER_ERROR_CHECK=0
+
+
 # Run all pre-startup checks to validate container environment and dependencies
+echo "Startup pre-checks"
 for script in ${SYSTEM_SERVICES_SCRIPTS}/check-*.sh; do
+	script_name=$(basename "$script" | sed 's/^check-//;s/\.sh$//;s/-/ /g')
+	echo " --> ${script_name}"
+	
 	sh "$script"
+	NETALERTX_DOCKER_ERROR_CHECK=$?
+	
+	if [ ${NETALERTX_DOCKER_ERROR_CHECK} -ne 0 ]; then
+	     
+	    echo exit code ${NETALERTX_DOCKER_ERROR_CHECK} from ${script}
+		exit ${NETALERTX_DOCKER_ERROR_CHECK}
+	fi
 done
 
+# Exit after checks if in check-only mode (for testing)
+if [ "${NETALERTX_CHECK_ONLY:-0}" -eq 1 ]; then
+	exit 0
+fi
+
 # Update vendor data (MAC address OUI database) in the background
 # This happens concurrently with service startup to avoid blocking container readiness
-${SYSTEM_SERVICES_SCRIPTS}/update_vendors.sh &
+bash ${SYSTEM_SERVICES_SCRIPTS}/update_vendors.sh &
 
 
 

install/production-filesystem/services/scripts/check-app-permissions.sh

@@ -105,6 +105,5 @@ if [ "$failures" -ne 0 ]; then
     exit 1
 fi
 
-echo "Permission checks passed successfully."
 
 

install/production-filesystem/services/scripts/check-cap.sh

@@ -27,5 +27,6 @@ then
 ══════════════════════════════════════════════════════════════════════════════
 EOF
     >&2 printf "%s" "${RESET}"
-    exit 1
-fi
+    exit 0
+fi
+exit 0

install/production-filesystem/services/scripts/check-first-run-config.sh

@@ -5,16 +5,14 @@
 if [ ! -f ${NETALERTX_CONFIG}/app.conf ]; then
     mkdir -p "${NETALERTX_CONFIG}" || {
         >&2 echo "ERROR: Failed to create config directory ${NETALERTX_CONFIG}"
-        exit 1
+        exit 0
     }
     cp /app/back/app.conf "${NETALERTX_CONFIG}/app.conf" || {
         >&2 echo "ERROR: Failed to copy default config to ${NETALERTX_CONFIG}/app.conf"
-        exit 1
+        exit 0
     }
-    CYAN='\033[1;36m'
     RESET='\033[0m'
-    >&2 printf "%s" "${CYAN}"
-    >&2 cat <<EOF
+    >&2 cat <<'EOF'
 ══════════════════════════════════════════════════════════════════════════════
 🆕  First run detected. Default configuration written to ${NETALERTX_CONFIG}/app.conf.
 
@@ -22,6 +20,7 @@ if [ ! -f ${NETALERTX_CONFIG}/app.conf ]; then
     this instance in production.
 ══════════════════════════════════════════════════════════════════════════════
 EOF
-    >&2 printf "%s" "${RESET}"
+
+	>&2 printf "%s" "${RESET}"
 fi
 

install/production-filesystem/services/scripts/check-first-run-db.sh

@@ -41,7 +41,6 @@ CREATE TABLE IF NOT EXISTS "Online_History" (
             "Offline_Devices" INTEGER,
             PRIMARY KEY("Index" AUTOINCREMENT)
           );
-CREATE TABLE sqlite_sequence(name,seq);
 CREATE TABLE Devices (
               devMac STRING (50) PRIMARY KEY NOT NULL COLLATE NOCASE,
               devName STRING (50) NOT NULL DEFAULT "(unknown)",

install/production-filesystem/services/scripts/check-mandatory-folders.sh

@@ -1,9 +1,53 @@
 #!/bin/sh
 # Initialize required directories and log files
 # These must exist before services start to avoid permission/write errors
-# TODO - improve with per-directory warning if creation fails
-[ ! -d "${NETALERTX_PLUGINS_LOG}" ] && mkdir -p "${NETALERTX_PLUGINS_LOG}"
-[ ! -d "${SYSTEM_SERVICES_RUN_LOG}" ] && mkdir -p "${SYSTEM_SERVICES_RUN_LOG}"
-[ ! -d "${SYSTEM_SERVICES_RUN_TMP}" ] && mkdir -p "${SYSTEM_SERVICES_RUN_TMP}"
-[ ! -f "${LOG_DB_IS_LOCKED}" ] && touch "${LOG_DB_IS_LOCKED}"
-[ ! -f "${LOG_EXECUTION_QUEUE}" ] && touch "${LOG_EXECUTION_QUEUE}"
+
+check_mandatory_folders() {
+    # Check and create plugins log directory
+    if [ ! -d "${NETALERTX_PLUGINS_LOG}" ]; then
+        echo "Warning: Plugins log directory missing, creating..."
+        if ! mkdir -p "${NETALERTX_PLUGINS_LOG}"; then
+            echo "Error: Failed to create plugins log directory: ${NETALERTX_PLUGINS_LOG}"
+            return 1
+        fi
+    fi
+
+    # Check and create system services run log directory
+    if [ ! -d "${SYSTEM_SERVICES_RUN_LOG}" ]; then
+        echo "Warning: System services run log directory missing, creating..."
+        if ! mkdir -p "${SYSTEM_SERVICES_RUN_LOG}"; then
+            echo "Error: Failed to create system services run log directory: ${SYSTEM_SERVICES_RUN_LOG}"
+            return 1
+        fi
+    fi
+
+    # Check and create system services run tmp directory
+    if [ ! -d "${SYSTEM_SERVICES_RUN_TMP}" ]; then
+        echo "Warning: System services run tmp directory missing, creating..."
+        if ! mkdir -p "${SYSTEM_SERVICES_RUN_TMP}"; then
+            echo "Error: Failed to create system services run tmp directory: ${SYSTEM_SERVICES_RUN_TMP}"
+            return 1
+        fi
+    fi
+
+    # Check and create DB locked log file
+    if [ ! -f "${LOG_DB_IS_LOCKED}" ]; then
+        echo "Warning: DB locked log file missing, creating..."
+        if ! touch "${LOG_DB_IS_LOCKED}"; then
+            echo "Error: Failed to create DB locked log file: ${LOG_DB_IS_LOCKED}"
+            return 1
+        fi
+    fi
+
+    # Check and create execution queue log file
+    if [ ! -f "${LOG_EXECUTION_QUEUE}" ]; then
+        echo "Warning: Execution queue log file missing, creating..."
+        if ! touch "${LOG_EXECUTION_QUEUE}"; then
+            echo "Error: Failed to create execution queue log file: ${LOG_EXECUTION_QUEUE}"
+            return 1
+        fi
+    fi
+}
+
+# Run the function
+check_mandatory_folders

install/production-filesystem/services/scripts/check-network-mode.sh

@@ -1,12 +1,19 @@
 #!/bin/sh
 # check-network-mode.sh - detect when the container is not using host networking.
 
+# Exit if NETALERTX_DEBUG=1
+if [ "${NETALERTX_DEBUG}" = "1" ]; then
+    exit 0
+fi
+
+# Get the default network interface
 DEFAULT_IF="$(ip route show default 0.0.0.0/0 2>/dev/null | awk 'NR==1 {print $5}')"
 if [ -z "${DEFAULT_IF}" ]; then
     # No default route; nothing to validate.
     exit 0
 fi
 
+
 IF_LINK_INFO="$(ip link show "${DEFAULT_IF}" 2>/dev/null)"
 IF_IP="$(ip -4 addr show "${DEFAULT_IF}" 2>/dev/null | awk '/inet / {print $2}' | head -n1)"
 IF_MAC=""
@@ -16,12 +23,14 @@ fi
 
 looks_like_bridge="0"
 
+# Check for common bridge MAC and IP patterns
 case "${IF_MAC}" in
     02:42:*) looks_like_bridge="1" ;;
     00:00:00:00:00:00) looks_like_bridge="1" ;;
     "") ;; # leave as is
 esac
 
+# Check for common bridge IP ranges
 case "${IF_IP}" in
     172.1[6-9].*|172.2[0-9].*|172.3[0-1].*) looks_like_bridge="1" ;;
     192.168.65.*) looks_like_bridge="1" ;;
@@ -52,4 +61,4 @@ RESET=$(printf '\033[0m')
 ══════════════════════════════════════════════════════════════════════════════
 EOF
 >&2 printf "%s" "${RESET}"
-exit 1
+exit 0

install/production-filesystem/services/scripts/check-ramdisk.sh

@@ -42,7 +42,7 @@ warn_if_not_dedicated_mount "${NETALERTX_API}"
 warn_if_not_dedicated_mount "${NETALERTX_LOG}"
 
 if [ "${failures}" -ne 0 ]; then
-    exit 1
+    exit 0
 fi
 
 if [ ! -f "${SYSTEM_NGINX_CONFIG}/conf.active" ]; then

install/production-filesystem/services/scripts/check-root.sh

@@ -20,11 +20,16 @@ if [ "${CURRENT_UID}" -eq 0 ]; then
       * Keep the default USER in the image (20211:20211), or
       * In docker-compose.yml, remove any 'user:' override that sets UID 0.
 
+	Note: As a courtesy, this special mode is only used to set the permissions
+	of /app/db and /app/config to be owned by the netalertx user so future 
+	runs work correctly.
+
     Bottom line: never run security tooling as root unless you are actively
     trying to get pwned.
 ══════════════════════════════════════════════════════════════════════════════
 EOF
     >&2 printf "%s" "${RESET}"
+	sleep 5 # Give user time to read the message
     exit 1
 fi
 

install/production-filesystem/services/scripts/check-user-netalertx.sh

@@ -39,4 +39,5 @@ RESET=$(printf '\033[0m')
 ══════════════════════════════════════════════════════════════════════════════
 EOF
 >&2 printf "%s" "${RESET}"
-exit 1
+sleep 5 # Give user time to read the message
+exit 0