From 217ecba0f970b2bd83f9bb3941494889e69c1307 Mon Sep 17 00:00:00 2001 From: Angel-Padilla Date: Tue, 18 Nov 2025 18:20:00 -0600 Subject: [PATCH 1/5] feat: create a service that starts sentry on config-meticulous.sh install the meticulous-sentry.service and set the SENTRY_PATH env variable that points to the root of the project, to make it agnostic to where the project is cloned into --- config-meticulous.sh | 54 ++++++++++++++++++++++++++++++++++----- meticulous-sentry.service | 16 ++++++++++++ 2 files changed, 64 insertions(+), 6 deletions(-) create mode 100644 meticulous-sentry.service diff --git a/config-meticulous.sh b/config-meticulous.sh index ea93df25c10..c339dffaa42 100755 --- a/config-meticulous.sh +++ b/config-meticulous.sh @@ -3,6 +3,7 @@ set -euo pipefail # CSRF_TRUSTED_ORIGIN="http://65.109.232.162:9000" CSRF_TRUSTED_ORIGIN="https://sentry.meticulousespresso.com" +SENTRY_DIR="$(dirname "$0")" # modify generated configuration files @@ -135,10 +136,51 @@ if ((CREATE_SWAP_FILE == 1)); then echo "$SWAPFILE_PATH none swap sw 0 0" | sudo tee -a /etc/fstab fi +SERVICE_NAME="meticulous-sentry.service" +SYSTEMD_SERVICE_DIR="/etc/systemd/system" + +echo " > Setting up $SERVICE_NAME" echo "" -echo "-----------------------------------------------------------------" -echo "" -echo "Now You're all set! Trust me :P" -echo "" -echo "-----------------------------------------------------------------" -echo "" + +systemctl daemon-reexec +systemctl daemon-reload + +systemctl status "$SERVICE_NAME" >/dev/null 2>&1 +# if the file is not present +if [ $? -ne 0 ]; then + echo "Installing service…" + cp -u "$SENTRY_DIR/$SERVICE_NAME" "$SYSTEMD_SERVICE_DIR" + + systemctl daemon-reexec + systemctl daemon-reload +fi + +systemctl status "$SERVICE_NAME" >/dev/null 2>&1 +if [ $? -eq 0 ]; then + echo " $SERVICE_NAME successfully installed" + echo " -> setting \$SENTRY_PATH environment variable to '$SENTRY_DIR'" + + if [ ! -d "/opt/sentrySH" ]; then + mkdir -p "/opt/sentrySH" + fi + + echo "SENTRY_PATH=$SENTRY_DIR" >"/opt/sentrySH/env" + + echo "" + echo " SENTRY_PATH variable successfully saved as $SENTRY_DIR" + + systemd enable "$SERVICE_NAME" + + echo " $SERVICE_NAME is enabled, will start on every boot" + echo "" + echo " You can start the service now using" + echo "" + echo " systemctl start $SERVICE_NAME" + + echo " You can run the service using" + echo " systemctl start $SERVICE_NAME" +else + echo " failed to install $SERVICE_NAME" + echo " You can still run the service manually executing" + echo " docker compose -f $SENTRY_DIR/docker-compose.yml -f $SENTRY_DIR/docker-compose.override.yml --env-file .env --env-file .env.custom up --wait" +fi diff --git a/meticulous-sentry.service b/meticulous-sentry.service new file mode 100644 index 00000000000..7b1caa3c4ae --- /dev/null +++ b/meticulous-sentry.service @@ -0,0 +1,16 @@ +[Unit] +Description=Meticulous Sentry instance +After=nginx.service + +#make sure $SENTRY_PATH is defined (should be done in meticulous-config.sh) +[Service] +EnvironmentFile=/opt/sentrySH/env +ExecStartPre=-/bin/bash -c 'if [[ -z "$SENTRY_PATH" ]] && echo "SENTRY_PATH not found" && exit 10;' +ExecStart=docker compose -f "${SENTRY_PATH}/docker-compose.yml" -f "${SENTRY_PATH}/docker-compose.override.yml" --env-file "${SENTRY_PATH}/.env" --env-file "${SENTRY_PATH}/.env.custom" up +ExecStop=docker compose -f "${SENTRY_PATH}/docker-compose.yml" -f "${SENTRY_PATH}/docker-compose.override.yml" --env-file "${SENTRY_PATH}/.env" --env-file "${SENTRY_PATH}/.env.custom" down +Restart=always +RestartSec=10 +RestartPreventExitStatus=10 + +[Install] +WantedBy=multi-user.target From ec9aea743b609edde7e0fd2150971fd34a083fdc Mon Sep 17 00:00:00 2001 From: Angel-Padilla Date: Tue, 18 Nov 2025 18:48:19 -0600 Subject: [PATCH 2/5] fix: avoid systemctl to exit the program if returns non 0 value non 0 values can be return by systemctl to represent different statuses of the required unit. We are interested only on the value 4 meaning the unit was not found --- config-meticulous.sh | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/config-meticulous.sh b/config-meticulous.sh index c339dffaa42..44b23064707 100755 --- a/config-meticulous.sh +++ b/config-meticulous.sh @@ -145,9 +145,12 @@ echo "" systemctl daemon-reexec systemctl daemon-reload +set +e systemctl status "$SERVICE_NAME" >/dev/null 2>&1 -# if the file is not present -if [ $? -ne 0 ]; then +RESULT=$? +set -e +# if the unit is not found systemctl returns 4 +if [ $RESULT -eq 4 ]; then echo "Installing service…" cp -u "$SENTRY_DIR/$SERVICE_NAME" "$SYSTEMD_SERVICE_DIR" @@ -155,8 +158,12 @@ if [ $? -ne 0 ]; then systemctl daemon-reload fi +set +e systemctl status "$SERVICE_NAME" >/dev/null 2>&1 -if [ $? -eq 0 ]; then +RESULT=$? +set -e +if [ $RESULT -lt 4 ]; then + echo "$RESULT" echo " $SERVICE_NAME successfully installed" echo " -> setting \$SENTRY_PATH environment variable to '$SENTRY_DIR'" @@ -169,7 +176,7 @@ if [ $? -eq 0 ]; then echo "" echo " SENTRY_PATH variable successfully saved as $SENTRY_DIR" - systemd enable "$SERVICE_NAME" + systemctl enable "$SERVICE_NAME" echo " $SERVICE_NAME is enabled, will start on every boot" echo "" From d32731e6228a197a8452f61bddc4cb6ba15b32f0 Mon Sep 17 00:00:00 2001 From: Angel-Padilla Date: Wed, 19 Nov 2025 13:32:49 -0600 Subject: [PATCH 3/5] chore: refactor config-meticulous.sh --- config-meticulous.sh | 330 +++++++++++++++++++++++-------------------- 1 file changed, 174 insertions(+), 156 deletions(-) diff --git a/config-meticulous.sh b/config-meticulous.sh index 44b23064707..dadb4548a20 100755 --- a/config-meticulous.sh +++ b/config-meticulous.sh @@ -1,193 +1,211 @@ #!/usr/bin/env bash set -euo pipefail -# CSRF_TRUSTED_ORIGIN="http://65.109.232.162:9000" CSRF_TRUSTED_ORIGIN="https://sentry.meticulousespresso.com" SENTRY_DIR="$(dirname "$0")" # modify generated configuration files - -ERROR=0 -if [ ! -e "./sentry/config.yml" ]; then - echo "missing file: ./sentry/config.yml" - ERROR=2 -fi - -if [ ! -e "./sentry/sentry.conf.py" ]; then - echo "don't run this script individually, run ./install.sh instead" - ERROR=2 -fi - -if ((ERROR != 0)); then - exit $ERROR -fi - echo "" echo "" -echo " Oops, forgot to check something" +echo "|: Auto-configuration for Meticulous :|" echo "" -echo " > Updating default kafka options" - -sed -i \ - -e 's/\("message\.max\.bytes": \)[0-9]\+/\110000000/' \ - -e 's/\("socket\.timeout\.ms": \)[0-9]\+/\160000/' \ - ./sentry/sentry.conf.py - -echo "" -echo -e " -> message.max.bytes set to 100000000\n -> socket.timeout.ms set to 60000" -echo "" -echo "" -echo " > Updating CSRF trusted origins" -echo "" - -sed -i -E "s|^#?[[:space:]]*CSRF_TRUSTED_ORIGINS = \[.*\]|CSRF_TRUSTED_ORIGINS = [\"https://example.com\", \"http://127.0.0.1:9000\", \"$CSRF_TRUSTED_ORIGIN\"]|" ./sentry/sentry.conf.py +print_header() { + local message=$1 + echo "" + echo " > $message" + echo "" +} -echo " -> added $CSRF_TRUSTED_ORIGIN to the CSRF trusted origins" -echo "" -echo "" -echo " > Updating System URL prefix" -echo "" +print_message() { + local message=$1 + local symbol="->" + if [ $# -ge 2 ]; then + symbol=$2 + fi -sed -i -E "s|^#?[[:space:]]*system.url-prefix:.*|system.url-prefix: $CSRF_TRUSTED_ORIGIN|" ./sentry/config.yml + echo " $symbol $message" +} -echo -e " -> system.url-prefix set to $CSRF_TRUSTED_ORIGIN" -echo "" -echo "" -echo " > Configuring to work behind SSL reverse proxy" -# SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') -sed -i -E "s|^#?[[:space:]]*SECURE_PROXY_SSL_HEADER =.*|SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')|" ./sentry/sentry.conf.py -# USE_X_FORWARDED_HOST = True -sed -i -E "s|^#?[[:space:]]*USE_X_FORWARDED_HOST =.*|USE_X_FORWARDED_HOST = True|" ./sentry/sentry.conf.py -# SESSION_COOKIE_SECURE = True -sed -i -E "s|^#?[[:space:]]*SESSION_COOKIE_SECURE =.*|SESSION_COOKIE_SECURE = True|" ./sentry/sentry.conf.py -# CSRF_COOKIE_SECURE = True -sed -i -E "s|^#?[[:space:]]*CSRF_COOKIE_SECURE =.*|CSRF_COOKIE_SECURE = True|" ./sentry/sentry.conf.py -# SOCIAL_AUTH_REDIRECT_IS_HTTPS = True -sed -i -E "s|^#?[[:space:]]*SOCIAL_AUTH_REDIRECT_IS_HTTPS =.*|SOCIAL_AUTH_REDIRECT_IS_HTTPS = True|" ./sentry/sentry.conf.py +run_after_installation() { + ERROR=0 + if [ ! -e "./sentry/config.yml" ]; then + echo "missing file: ./sentry/config.yml" + ERROR=2 + fi -echo "" -echo "" + if [ ! -e "./sentry/sentry.conf.py" ]; then + echo "missing file: ./sentry/sentry.conf.py" + ERROR=2 + fi -echo " > Checking use of Swap space" -echo "" -# check use of swap space -SWAP_SIZE="$(swapon --show=SIZE | tail -1 | tr -d ' ')" -NEW_SWAPFILE_SIZE=16 -MINIMUM_SPACE_REQUIRED=16 - -available_space=$(df --output=avail -BG / | tail -1 | sed 's/G//' | tr -d ' ') - -CREATE_SWAP_FILE=0 #false - -# This relies that the swapon output resembles -# NAME TYPE SIZE USED PRIO -# /swap.img file 8G 0B -2 -# . -# . -# . - -if [ -n "$SWAP_SIZE" ]; then - PRESENT_SWAP_SPACES=$(swapon | grep -c ^) - TOTAL_SWAP_SPACE=0 - while IFS= read -r line; do - TOTAL_SWAP_SPACE=$((TOTAL_SWAP_SPACE + $(echo "$line" | sed 's/G//' | tr -d ' '))) - done < <(swapon --show=SIZE | tail -n "$((PRESENT_SWAP_SPACES - 1))") - - # SWAP_SIZE=$(echo "$SWAP_SIZE" | sed 's/G//') - # if ((SWAP_SIZE < MINIMUM_SPACE_REQUIRED)); then - if ((TOTAL_SWAP_SPACE < MINIMUM_SPACE_REQUIRED)); then - # echo "insufficient swap space , $MINIMUM_SPACE_REQUIRED G is necessary, resizing" - echo "insufficient swap space ($TOTAL_SWAP_SPACE G) , $MINIMUM_SPACE_REQUIRED G is necessary, resizing" - # if (((available_space + SWAP_SIZE) < MINIMUM_SPACE_REQUIRED)); then - if (((available_space + TOTAL_SWAP_SPACE) < MINIMUM_SPACE_REQUIRED)); then - echo " [x] Less than $MINIMUM_SPACE_REQUIRED G available, cannot set up swap space" - echo " [x] Sentry might run into issues if going forward " + if ((ERROR != 0)); then + echo "don't run this script individually, run ./install.sh instead" + return $ERROR + fi +} + +set_kafka_options() { + print_header "Updating default kafka options" + + sed -i \ + -e 's/\("message\.max\.bytes": \)[0-9]\+/\110000000/' \ + -e 's/\("socket\.timeout\.ms": \)[0-9]\+/\160000/' \ + ./sentry/sentry.conf.py + + print_message "message.max.bytes set to 100000000" + print_message "socket.timeout.ms set to 60000" +} + +set_connection_options() { + + print_header "Updating CSRF trusted origins" + + sed -i -E "s|^#?[[:space:]]*CSRF_TRUSTED_ORIGINS = \[.*\]|CSRF_TRUSTED_ORIGINS = [\"https://example.com\", \"http://127.0.0.1:9000\", \"$CSRF_TRUSTED_ORIGIN\"]|" ./sentry/sentry.conf.py + + print_message "added $CSRF_TRUSTED_ORIGIN to the CSRF trusted origins" + print_header "Updating System URL prefix" + + sed -i -E "s|^#?[[:space:]]*system.url-prefix:.*|system.url-prefix: $CSRF_TRUSTED_ORIGIN|" ./sentry/config.yml + + print_message "system.url-prefix set to $CSRF_TRUSTED_ORIGIN" + print_header "Configuring to work behind SSL reverse proxy" + # SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https') + sed -i -E "s|^#?[[:space:]]*SECURE_PROXY_SSL_HEADER =.*|SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')|" ./sentry/sentry.conf.py + # USE_X_FORWARDED_HOST = True + sed -i -E "s|^#?[[:space:]]*USE_X_FORWARDED_HOST =.*|USE_X_FORWARDED_HOST = True|" ./sentry/sentry.conf.py + # SESSION_COOKIE_SECURE = True + sed -i -E "s|^#?[[:space:]]*SESSION_COOKIE_SECURE =.*|SESSION_COOKIE_SECURE = True|" ./sentry/sentry.conf.py + # CSRF_COOKIE_SECURE = True + sed -i -E "s|^#?[[:space:]]*CSRF_COOKIE_SECURE =.*|CSRF_COOKIE_SECURE = True|" ./sentry/sentry.conf.py + # SOCIAL_AUTH_REDIRECT_IS_HTTPS = True + sed -i -E "s|^#?[[:space:]]*SOCIAL_AUTH_REDIRECT_IS_HTTPS =.*|SOCIAL_AUTH_REDIRECT_IS_HTTPS = True|" ./sentry/sentry.conf.py + +} + +set_swap_space() { + + print_header "Checking use of Swap space" + # check use of swap space + SWAP_SIZE="$(swapon --show=SIZE | tail -1 | tr -d ' ')" + NEW_SWAPFILE_SIZE=16 + MINIMUM_SPACE_REQUIRED=16 + + available_space=$(df --output=avail -BG / | tail -1 | sed 's/G//' | tr -d ' ') + + CREATE_SWAP_FILE=0 #false + + # This relies that the swapon output resembles + # NAME TYPE SIZE USED PRIO + # /swap.img file 8G 0B -2 + # . + # . + # . + + if [ -n "$SWAP_SIZE" ]; then + PRESENT_SWAP_SPACES=$(swapon | grep -c ^) + TOTAL_SWAP_SPACE=0 + while IFS= read -r line; do + TOTAL_SWAP_SPACE=$((TOTAL_SWAP_SPACE + $(echo "$line" | sed 's/G//' | tr -d ' '))) + done < <(swapon --show=SIZE | tail -n "$((PRESENT_SWAP_SPACES - 1))") + + # SWAP_SIZE=$(echo "$SWAP_SIZE" | sed 's/G//') + # if ((SWAP_SIZE < MINIMUM_SPACE_REQUIRED)); then + if ((TOTAL_SWAP_SPACE < MINIMUM_SPACE_REQUIRED)); then + print_message "insufficient swap space ($TOTAL_SWAP_SPACE G) , $MINIMUM_SPACE_REQUIRED G is necessary, resizing" + if (((available_space + TOTAL_SWAP_SPACE) < MINIMUM_SPACE_REQUIRED)); then + print_message "Less than $MINIMUM_SPACE_REQUIRED G available, cannot set up swap space" "[x]" + print_message "Sentry might run into issues if going forward " "[x]" + else + NEW_SWAPFILE_SIZE=$((MINIMUM_SPACE_REQUIRED - TOTAL_SWAP_SPACE)) + CREATE_SWAP_FILE=1 + fi else - # NEW_SWAPFILE_SIZE=$((MINIMUM_SPACE_REQUIRED - SWAP_SIZE)) - NEW_SWAPFILE_SIZE=$((MINIMUM_SPACE_REQUIRED - TOTAL_SWAP_SPACE)) - CREATE_SWAP_FILE=1 + print_message "swap space already configured to $TOTAL_SWAP_SPACE" fi else - # echo " -> swap space already configured to $SWAP_SIZE" - echo " -> swap space already configured to $TOTAL_SWAP_SPACE" - fi -else - if ((available_space < MINIMUM_SPACE_REQUIRED)); then - echo " [x] Less than $MINIMUM_SPACE_REQUIRED G available, cannot set up swap space" - echo " [x] Sentry might run into issues if going forward " - else - CREATE_SWAP_FILE=1 + if ((available_space < MINIMUM_SPACE_REQUIRED)); then + print_message "Less than $MINIMUM_SPACE_REQUIRED G available, cannot set up swap space" "[x]" + print_message "Sentry might run into issues if going forward " "[x]" + else + CREATE_SWAP_FILE=1 + fi fi -fi -if ((CREATE_SWAP_FILE == 1)); then - # set up swapspace + if ((CREATE_SWAP_FILE == 1)); then + # set up swapspace - SWAP_SIZE="${NEW_SWAPFILE_SIZE}G" - SWAPFILE_PATH="/swapfile$NEW_SWAPFILE_SIZE" - fallocate -l "$SWAP_SIZE" "$SWAPFILE_PATH" - chmod 600 "$SWAPFILE_PATH" - mkswap "$SWAPFILE_PATH" - swapon "$SWAPFILE_PATH" + SWAP_SIZE="${NEW_SWAPFILE_SIZE}G" + SWAPFILE_PATH="/swapfile$NEW_SWAPFILE_SIZE" + fallocate -l "$SWAP_SIZE" "$SWAPFILE_PATH" + chmod 600 "$SWAPFILE_PATH" + mkswap "$SWAPFILE_PATH" + swapon "$SWAPFILE_PATH" - #save the swap config - echo " -> Saving Swap space config" - echo "$SWAPFILE_PATH none swap sw 0 0" | sudo tee -a /etc/fstab -fi + #save the swap config + print_message "Saving Swap space config" + print_message "$SWAPFILE_PATH none swap sw 0 0" | sudo tee -a /etc/fstab + fi -SERVICE_NAME="meticulous-sentry.service" -SYSTEMD_SERVICE_DIR="/etc/systemd/system" +} -echo " > Setting up $SERVICE_NAME" -echo "" +install_service() { -systemctl daemon-reexec -systemctl daemon-reload + SERVICE_NAME="meticulous-sentry.service" + SYSTEMD_SERVICE_DIR="/etc/systemd/system" -set +e -systemctl status "$SERVICE_NAME" >/dev/null 2>&1 -RESULT=$? -set -e -# if the unit is not found systemctl returns 4 -if [ $RESULT -eq 4 ]; then - echo "Installing service…" - cp -u "$SENTRY_DIR/$SERVICE_NAME" "$SYSTEMD_SERVICE_DIR" + print_header "Setting up $SERVICE_NAME" systemctl daemon-reexec systemctl daemon-reload -fi -set +e -systemctl status "$SERVICE_NAME" >/dev/null 2>&1 -RESULT=$? -set -e -if [ $RESULT -lt 4 ]; then - echo "$RESULT" - echo " $SERVICE_NAME successfully installed" - echo " -> setting \$SENTRY_PATH environment variable to '$SENTRY_DIR'" - - if [ ! -d "/opt/sentrySH" ]; then - mkdir -p "/opt/sentrySH" + set +e + systemctl status "$SERVICE_NAME" >/dev/null 2>&1 + RESULT=$? + set -e + # if the unit is not found systemctl returns 4 + if [ $RESULT -eq 4 ]; then + print_message "Installing service…" + cp -u "$SENTRY_DIR/$SERVICE_NAME" "$SYSTEMD_SERVICE_DIR" + + systemctl daemon-reexec + systemctl daemon-reload fi - echo "SENTRY_PATH=$SENTRY_DIR" >"/opt/sentrySH/env" + set +e + systemctl status "$SERVICE_NAME" >/dev/null 2>&1 + RESULT=$? + set -e + if [ $RESULT -lt 4 ]; then + print_message "$SERVICE_NAME successfully installed" + print_message "setting \$SENTRY_PATH environment variable to '$SENTRY_DIR'" - echo "" - echo " SENTRY_PATH variable successfully saved as $SENTRY_DIR" + if [ ! -d "/opt/sentrySH" ]; then + mkdir -p "/opt/sentrySH" + fi - systemctl enable "$SERVICE_NAME" + echo "SENTRY_PATH=$SENTRY_DIR" >"/opt/sentrySH/env" - echo " $SERVICE_NAME is enabled, will start on every boot" - echo "" - echo " You can start the service now using" - echo "" - echo " systemctl start $SERVICE_NAME" - - echo " You can run the service using" - echo " systemctl start $SERVICE_NAME" -else - echo " failed to install $SERVICE_NAME" - echo " You can still run the service manually executing" - echo " docker compose -f $SENTRY_DIR/docker-compose.yml -f $SENTRY_DIR/docker-compose.override.yml --env-file .env --env-file .env.custom up --wait" + print_message " SENTRY_PATH variable successfully saved as $SENTRY_DIR" + + systemctl enable "$SERVICE_NAME" + + print_message "$SERVICE_NAME is enabled, will start on every boot" + print_message "You can start the service now using" + print_message "systemctl start $SERVICE_NAME" " >>> " + else + print_message "failed to install $SERVICE_NAME" "[x]" + print_message "You can still run the service manually executing" + print_message "docker compose -f $SENTRY_DIR/docker-compose.yml -f $SENTRY_DIR/docker-compose.override.yml --env-file .env --env-file .env.custom up --wait" " >>> " + fi + +} + +if ! run_after_installation; then + exit 1 fi + +set_kafka_options +set_connection_options +set_swap_space +install_service From 84708572bea696e415149b9faa3472934500bb03 Mon Sep 17 00:00:00 2001 From: Angel-Padilla Date: Wed, 19 Nov 2025 17:32:08 -0600 Subject: [PATCH 4/5] chore: refactor set_swap_space function --- config-meticulous.sh | 50 +++++++++++++++++++------------------------- 1 file changed, 21 insertions(+), 29 deletions(-) diff --git a/config-meticulous.sh b/config-meticulous.sh index dadb4548a20..1b93b0c54d0 100755 --- a/config-meticulous.sh +++ b/config-meticulous.sh @@ -87,41 +87,30 @@ set_swap_space() { print_header "Checking use of Swap space" # check use of swap space - SWAP_SIZE="$(swapon --show=SIZE | tail -1 | tr -d ' ')" - NEW_SWAPFILE_SIZE=16 - MINIMUM_SPACE_REQUIRED=16 - - available_space=$(df --output=avail -BG / | tail -1 | sed 's/G//' | tr -d ' ') + CURRENT_SWAP_SIZE="$(free -m | grep Swap | awk '{print $2}' | tr -d ' ')" #MB + # This relies that the 'free -m' command output resembles + # total used free shared buff/cache available + # Mem: 63434 11130 48407 236 4841 52304 + # Swap: 8191 0 8191 + NEW_SWAPFILE_SIZE=$((16 * 1024)) #MB + MINIMUM_SPACE_REQUIRED=$((16 * 1024)) #MB + available_space=$(df --output=avail -BM / | tail -1 | sed 's/M//' | tr -d ' ') CREATE_SWAP_FILE=0 #false - # This relies that the swapon output resembles - # NAME TYPE SIZE USED PRIO - # /swap.img file 8G 0B -2 - # . - # . - # . - - if [ -n "$SWAP_SIZE" ]; then - PRESENT_SWAP_SPACES=$(swapon | grep -c ^) - TOTAL_SWAP_SPACE=0 - while IFS= read -r line; do - TOTAL_SWAP_SPACE=$((TOTAL_SWAP_SPACE + $(echo "$line" | sed 's/G//' | tr -d ' '))) - done < <(swapon --show=SIZE | tail -n "$((PRESENT_SWAP_SPACES - 1))") - - # SWAP_SIZE=$(echo "$SWAP_SIZE" | sed 's/G//') - # if ((SWAP_SIZE < MINIMUM_SPACE_REQUIRED)); then - if ((TOTAL_SWAP_SPACE < MINIMUM_SPACE_REQUIRED)); then - print_message "insufficient swap space ($TOTAL_SWAP_SPACE G) , $MINIMUM_SPACE_REQUIRED G is necessary, resizing" - if (((available_space + TOTAL_SWAP_SPACE) < MINIMUM_SPACE_REQUIRED)); then + if [ $CURRENT_SWAP_SIZE -ne 0 ]; then + + if ((CURRENT_SWAP_SIZE < MINIMUM_SPACE_REQUIRED)); then + print_message "insufficient swap space ($CURRENT_SWAP_SIZE MB) , $MINIMUM_SPACE_REQUIRED MB is necessary, resizing" + if (((available_space + CURRENT_SWAP_SIZE) < MINIMUM_SPACE_REQUIRED)); then print_message "Less than $MINIMUM_SPACE_REQUIRED G available, cannot set up swap space" "[x]" print_message "Sentry might run into issues if going forward " "[x]" else - NEW_SWAPFILE_SIZE=$((MINIMUM_SPACE_REQUIRED - TOTAL_SWAP_SPACE)) + NEW_SWAPFILE_SIZE=$((MINIMUM_SPACE_REQUIRED - CURRENT_SWAP_SIZE)) CREATE_SWAP_FILE=1 fi else - print_message "swap space already configured to $TOTAL_SWAP_SPACE" + print_message "swap space already configured to $CURRENT_SWAP_SIZE MB" fi else if ((available_space < MINIMUM_SPACE_REQUIRED)); then @@ -135,16 +124,19 @@ set_swap_space() { if ((CREATE_SWAP_FILE == 1)); then # set up swapspace - SWAP_SIZE="${NEW_SWAPFILE_SIZE}G" + CURRENT_SWAP_SIZE="${NEW_SWAPFILE_SIZE}MiB" SWAPFILE_PATH="/swapfile$NEW_SWAPFILE_SIZE" - fallocate -l "$SWAP_SIZE" "$SWAPFILE_PATH" + if [ -f "$SWAPFILE_PATH" ]; then + SWAPFILE_PATH="$SWAPFILE_PATH-1" + fi + fallocate -l "$CURRENT_SWAP_SIZE" "$SWAPFILE_PATH" chmod 600 "$SWAPFILE_PATH" mkswap "$SWAPFILE_PATH" swapon "$SWAPFILE_PATH" #save the swap config print_message "Saving Swap space config" - print_message "$SWAPFILE_PATH none swap sw 0 0" | sudo tee -a /etc/fstab + echo "$SWAPFILE_PATH none swap sw 0 0" | sudo tee -a /etc/fstab fi } From 3433ac4ae98ee8969e3084da7fb3e2a2159a8034 Mon Sep 17 00:00:00 2001 From: Angel-Padilla Date: Wed, 19 Nov 2025 17:52:34 -0600 Subject: [PATCH 5/5] chore: avoid filling up journal with docker logs --- meticulous-sentry.service | 1 + 1 file changed, 1 insertion(+) diff --git a/meticulous-sentry.service b/meticulous-sentry.service index 7b1caa3c4ae..83a2a0dd6da 100644 --- a/meticulous-sentry.service +++ b/meticulous-sentry.service @@ -11,6 +11,7 @@ ExecStop=docker compose -f "${SENTRY_PATH}/docker-compose.yml" -f "${SENTRY_PATH Restart=always RestartSec=10 RestartPreventExitStatus=10 +StandardOutput=null [Install] WantedBy=multi-user.target