BE: ensure /db - better error #1327

Signed-off-by: jokob-sk <jokob.sk@gmail.com>
BE: ensure /db - reorder scripts #1327
2025-12-07 09:36:05 -08:00 · 2025-12-04 10:22:34 +11:00 · 2025-12-04 09:57:46 +11:00
3 changed files with 86 additions and 96 deletions
--- a/install/production-filesystem/entrypoint.d/0-ensure-dir-structure.sh
+++ b/install/production-filesystem/entrypoint.d/0-ensure-dir-structure.sh
@@ -1,35 +0,0 @@
-#!/bin/sh
-# 02-ensure-folders.sh - ensure /config and /db exist under /data
-
-set -eu
-
-YELLOW=$(printf '\033[1;33m')
-CYAN=$(printf '\033[1;36m')
-RED=$(printf '\033[1;31m')
-RESET=$(printf '\033[0m')
-
-DATA_DIR=${NETALERTX_DATA:-/data}
-TARGET_CONFIG=${NETALERTX_CONFIG:-${DATA_DIR}/config}
-TARGET_DB=${NETALERTX_DB:-${DATA_DIR}/db}
-
-ensure_folder() {
-    my_path="$1"
-    if [ ! -d "${my_path}" ]; then
-        >&2 printf "%s" "${CYAN}"
-        >&2 echo "Creating missing folder: ${my_path}"
-        >&2 printf "%s" "${RESET}"
-        mkdir -p "${my_path}" || {
-            >&2 printf "%s" "${RED}"
-            >&2 echo "❌ Failed to create folder: ${my_path}"
-            >&2 printf "%s" "${RESET}"
-            exit 1
-        }
-        chmod 700 "${my_path}" 2>/dev/null || true
-    fi
-}
-
-# Ensure subfolders exist
-ensure_folder "${TARGET_CONFIG}"
-ensure_folder "${TARGET_DB}"
-
-exit 0
--- a/install/production-filesystem/entrypoint.d/00-storage-permission.sh
+++ b/install/production-filesystem/entrypoint.d/00-storage-permission.sh
--- a/install/production-filesystem/entrypoint.d/20-first-run-db.sh
+++ b/install/production-filesystem/entrypoint.d/20-first-run-db.sh
@@ -1,32 +1,57 @@
 #!/bin/sh
-# This script checks if the database file exists, and if not, creates it with the initial schema.
-# It is intended to be run at the first start of the application.
+# Ensures the database exists, or creates a new one on first run.
+# Intended to run only at initial startup.

-# If ALWAYS_FRESH_INSTALL is true, remove the database to force a rebuild.
-if [ "${ALWAYS_FRESH_INSTALL}" = "true" ]; then
-    if [ -f "${NETALERTX_DB_FILE}" ]; then
-        # Provide feedback to the user.
-        >&2 echo "INFO: ALWAYS_FRESH_INSTALL is true. Removing existing database to force a fresh installation."
-        rm -f "${NETALERTX_DB_FILE}" "${NETALERTX_DB_FILE}-shm" "${NETALERTX_DB_FILE}-wal"
+set -eu
+
+YELLOW=$(printf '\033[1;33m')
+CYAN=$(printf '\033[1;36m')
+RED=$(printf '\033[1;31m')
+RESET=$(printf '\033[0m')
+
+# Ensure DB folder exists
+if [ ! -d "${NETALERTX_DB}" ]; then
+    if ! mkdir -p "${NETALERTX_DB}"; then
+        >&2 printf "%s" "${RED}"
+        >&2 cat <<EOF
+══════════════════════════════════════════════════════════════════════════════
+❌  Error creating DB folder in: ${NETALERTX_DB}
+
+A database directory is required for proper operation, however there appear to be
+insufficient permissions on this mount or it is otherwise inaccessible.
+
+More info: https://github.com/jokob-sk/NetAlertX/blob/main/docs/FILE_PERMISSIONS.md
+══════════════════════════════════════════════════════════════════════════════
+EOF
+        >&2 printf "%s" "${RESET}"
+        exit 1
    fi
-# Otherwise, if the db exists, exit.
-elif [ -f "${NETALERTX_DB_FILE}" ]; then
+    chmod 700 "${NETALERTX_DB}" 2>/dev/null || true
+fi
+
+# Fresh rebuild requested
+if [ "${ALWAYS_FRESH_INSTALL:-false}" = "true" ] && [ -f "${NETALERTX_DB_FILE}" ]; then
+    >&2 echo "INFO: ALWAYS_FRESH_INSTALL enabled — removing existing database."
+    rm -f "${NETALERTX_DB_FILE}" "${NETALERTX_DB_FILE}-shm" "${NETALERTX_DB_FILE}-wal"
+fi
+
+# If file exists now, nothing to do
+if [ -f "${NETALERTX_DB_FILE}" ]; then
    exit 0
 fi

-CYAN=$(printf '\033[1;36m')
-RESET=$(printf '\033[0m')
 >&2 printf "%s" "${CYAN}"
 >&2 cat <<EOF
 ══════════════════════════════════════════════════════════════════════════════
-🆕  First run detected. Building initial database schema in ${NETALERTX_DB_FILE}.
+🆕  First run detected — building initial database at: ${NETALERTX_DB_FILE}

-    Do not interrupt this step. Once complete, consider backing up the fresh
-    database before onboarding sensitive networks.
+    Do not interrupt this step. When complete, consider backing up the fresh
+    DB before onboarding sensitive or critical networks.
 ══════════════════════════════════════════════════════════════════════════════
 EOF
 >&2 printf "%s" "${RESET}"

+
 # Write all text to db file until we see "end-of-database-schema"
 sqlite3 "${NETALERTX_DB_FILE}" <<'end-of-database-schema'
 CREATE TABLE Events (eve_MAC STRING (50) NOT NULL COLLATE NOCASE, eve_IP STRING (50) NOT NULL COLLATE NOCASE, eve_DateTime DATETIME NOT NULL, eve_EventType STRING (30) NOT NULL COLLATE NOCASE, eve_AdditionalInfo STRING (250) DEFAULT (''), eve_PendingAlertEmail BOOLEAN NOT NULL CHECK (eve_PendingAlertEmail IN (0, 1)) DEFAULT (1), eve_PairEventRowid INTEGER);
Author	SHA1	Message	Date
jokob-sk	3d17dc47b5	BE: ensure /db - better error #1327 Some checks failed Code checks / check-url-paths (push) Has been cancelled Details Code checks / lint (push) Has been cancelled Details Code checks / docker-tests (push) Has been cancelled Details docker / docker_dev (push) Has been cancelled Details Deploy MkDocs / deploy (push) Has been cancelled Details Signed-off-by: jokob-sk <jokob.sk@gmail.com>	2025-12-04 10:22:34 +11:00
jokob-sk	ef2e7886c4	BE: ensure /db - reorder scripts #1327 Signed-off-by: jokob-sk <jokob.sk@gmail.com>	2025-12-04 09:57:46 +11:00