Compare commits

..

1 Commits

Author SHA1 Message Date
MickLesk c1f2106fe7 cleanup(tools.func): remove 22 unused functions (~546 lines dead code)
Removed functions with 0 external callers:
- get_default_php_version, get_default_python_version, get_default_nodejs_version
- is_apt_locked, wait_for_apt
- start_timer, end_timer (was also buggy - silent)
- verify_gpg_fingerprint
- hold_package_version, unhold_package_version
- get_parallel_jobs
- enable_and_start_service, is_service_enabled, is_service_running
- should_upgrade
- verify_package_source, is_lts_version
- download_with_progress
- curl_api_with_retry
- get_cached_version (write-only cache - never read)
- setup_local_ip_helper
- get_latest_gitlab_release
2026-07-09 14:10:03 +02:00
+14 -580
View File
@@ -36,10 +36,6 @@
# #
# ============================================================================== # ==============================================================================
# Guard against double-sourcing (core.func uses the same pattern)
[[ -n "${_TOOLS_FUNC_LOADED:-}" ]] && return 0
_TOOLS_FUNC_LOADED=1
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Debug helper - outputs to stderr when TOOLS_DEBUG is enabled # Debug helper - outputs to stderr when TOOLS_DEBUG is enabled
# Usage: debug_log "message" # Usage: debug_log "message"
@@ -95,17 +91,16 @@ curl_with_retry() {
while [[ $attempt -le $retries ]]; do while [[ $attempt -le $retries ]]; do
debug_log "curl attempt $attempt/$retries: $url" debug_log "curl attempt $attempt/$retries: $url"
# Build curl command as array to avoid command injection via extra_opts local curl_cmd="curl -fsSL --connect-timeout $connect_timeout --max-time $timeout"
local -a curl_args=(curl -fsSL --connect-timeout "$connect_timeout" --max-time "$timeout") [[ -n "$extra_opts" ]] && curl_cmd="$curl_cmd $extra_opts"
[[ -n "$extra_opts" ]] && read -ra _extra <<<"$extra_opts" && curl_args+=("${_extra[@]}")
if [[ "$output" == "-" ]]; then if [[ "$output" == "-" ]]; then
if "${curl_args[@]}" "$url"; then if $curl_cmd "$url"; then
success=true success=true
break break
fi fi
else else
if "${curl_args[@]}" -o "$output" "$url"; then if $curl_cmd -o "$output" "$url"; then
success=true success=true
break break
fi fi
@@ -130,68 +125,6 @@ curl_with_retry() {
fi fi
} }
# ------------------------------------------------------------------------------
# Robust curl wrapper for API calls (returns HTTP code + body)
#
# Usage:
# response=$(curl_api_with_retry "https://api.github.com/repos/owner/repo/releases/latest")
# http_code=$(curl_api_with_retry "https://api.github.com/..." "/tmp/body.json")
#
# Parameters:
# $1 - URL to call
# $2 - (optional) Output file for body (default: stdout)
# $3 - (optional) Additional curl options as string
#
# Returns: HTTP status code, body in file or stdout
# ------------------------------------------------------------------------------
curl_api_with_retry() {
local url="$1"
local body_file="${2:-}"
local extra_opts="${3:-}"
local retries="${CURL_RETRIES:-3}"
local timeout="${CURL_TIMEOUT:-60}"
local connect_timeout="${CURL_CONNECT_TO:-10}"
local attempt=1
local http_code=""
while [[ $attempt -le $retries ]]; do
debug_log "curl API attempt $attempt/$retries: $url"
# Build curl command as array to avoid command injection via extra_opts
local -a curl_args=(curl -fsSL --connect-timeout "$connect_timeout" --max-time "$timeout" -w '%{http_code}')
[[ -n "$extra_opts" ]] && read -ra _extra <<<"$extra_opts" && curl_args+=("${_extra[@]}")
if [[ -n "$body_file" ]]; then
http_code=$("${curl_args[@]}" -o "$body_file" "$url" 2>/dev/null) || true
else
# Capture body and http_code separately
local tmp_body="/tmp/curl_api_body_$$"
http_code=$("${curl_args[@]}" -o "$tmp_body" "$url" 2>/dev/null) || true
if [[ -f "$tmp_body" ]]; then
cat "$tmp_body"
rm -f "$tmp_body"
fi
fi
# Success on 2xx codes
if [[ "$http_code" =~ ^2[0-9]{2}$ ]]; then
debug_log "curl API successful: $url (HTTP $http_code)"
echo "$http_code"
return 0
fi
debug_log "curl API attempt $attempt failed (HTTP $http_code, timeout=${timeout}s), waiting ${attempt}s..."
sleep "$attempt"
# Double --max-time on each retry so slow connections can finish
timeout=$((timeout * 2))
((attempt++))
done
debug_log "curl API FAILED after $retries attempts: $url"
echo "$http_code"
return 7
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Download and install GPG key with retry logic and validation # Download and install GPG key with retry logic and validation
@@ -310,10 +243,7 @@ edit_yaml_config() {
return 1 return 1
fi fi
# Escape sed metacharacters in value (| and &) to prevent injection sed -i "s|^\([[:space:]]*${key}[[:space:]]*:\).*|\1 ${value}|" "$file"
local escaped_value="${value//|/\\|}"
escaped_value="${escaped_value//&/\\&}"
sed -i "s|^\([[:space:]]*${key}[[:space:]]*:\).*|\1 ${escaped_value}|" "$file"
} }
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
@@ -326,15 +256,6 @@ cache_installed_version() {
echo "$version" >"/var/cache/app-versions/${app}_version.txt" echo "$version" >"/var/cache/app-versions/${app}_version.txt"
} }
get_cached_version() {
local app="$1"
mkdir -p /var/cache/app-versions
if [[ -f "/var/cache/app-versions/${app}_version.txt" ]]; then
cat "/var/cache/app-versions/${app}_version.txt"
return 0
fi
return 1
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Clean up ALL keyring locations for a tool (unified helper) # Clean up ALL keyring locations for a tool (unified helper)
@@ -1651,14 +1572,6 @@ codeberg_api_call() {
return 22 return 22
} }
should_upgrade() {
local current="$1"
local target="$2"
[[ -z "$current" ]] && return 0
version_gt "$target" "$current" && return 0
return 1
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Get OS information (cached for performance) # Get OS information (cached for performance)
@@ -1696,6 +1609,10 @@ is_ubuntu() {
[[ "$(get_os_info id)" == "ubuntu" ]] [[ "$(get_os_info id)" == "ubuntu" ]]
} }
is_alpine() {
[[ "$(get_os_info id)" == "alpine" ]]
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Get Debian/Ubuntu major version # Get Debian/Ubuntu major version
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
@@ -1807,200 +1724,6 @@ get_fallback_suite() {
return 0 return 0
} }
# ------------------------------------------------------------------------------
# Verify package source and version
# ------------------------------------------------------------------------------
verify_package_source() {
local package="$1"
local expected_version="$2"
if apt-cache policy "$package" 2>/dev/null | grep -q "$expected_version"; then
return 0
fi
return 1
}
# ------------------------------------------------------------------------------
# Check if running on LTS version
# ------------------------------------------------------------------------------
is_lts_version() {
local os_id=$(get_os_info id)
local codename=$(get_os_info codename)
if [[ "$os_id" == "ubuntu" ]]; then
case "$codename" in
focal | jammy | noble) return 0 ;; # 20.04, 22.04, 24.04
*) return 1 ;;
esac
elif [[ "$os_id" == "debian" ]]; then
# Debian releases are all "stable"
case "$codename" in
bullseye | bookworm | trixie) return 0 ;;
*) return 1 ;;
esac
fi
return 1
}
# ------------------------------------------------------------------------------
# Get optimal number of parallel jobs (cached)
# Features:
# - CPU count detection
# - Memory-based limiting (1.5GB per job for safety)
# - Current load awareness
# - Container/VM detection for conservative limits
# ------------------------------------------------------------------------------
get_parallel_jobs() {
if [[ -z "${_PARALLEL_JOBS:-}" ]]; then
local cpu_count
cpu_count=$(nproc 2>/dev/null || grep -c ^processor /proc/cpuinfo 2>/dev/null || echo 1)
local mem_mb
mem_mb=$(free -m 2>/dev/null | awk '/^Mem:/{print $2}' || echo 1024)
# Assume 1.5GB per compilation job for safety margin
local max_by_mem=$((mem_mb / 1536))
((max_by_mem < 1)) && max_by_mem=1
# Check current system load - reduce jobs if already loaded
local load_1m
load_1m=$(awk '{print int($1)}' /proc/loadavg 2>/dev/null || echo 0)
local available_cpus=$((cpu_count - load_1m))
((available_cpus < 1)) && available_cpus=1
# Take minimum of: available CPUs, memory-limited, and total CPUs
local max_jobs=$cpu_count
((max_by_mem < max_jobs)) && max_jobs=$max_by_mem
((available_cpus < max_jobs)) && max_jobs=$available_cpus
# Container detection - be more conservative in containers
if [[ -f /.dockerenv ]] || grep -q 'lxc\|docker\|container' /proc/1/cgroup 2>/dev/null; then
# Reduce by 25% in containers to leave headroom
max_jobs=$((max_jobs * 3 / 4))
((max_jobs < 1)) && max_jobs=1
fi
# Final bounds check
((max_jobs < 1)) && max_jobs=1
((max_jobs > cpu_count)) && max_jobs=$cpu_count
export _PARALLEL_JOBS=$max_jobs
debug_log "Parallel jobs: $_PARALLEL_JOBS (CPUs: $cpu_count, mem-limit: $max_by_mem, load: $load_1m)"
fi
echo "$_PARALLEL_JOBS"
}
# ------------------------------------------------------------------------------
# Get default PHP version for OS
# Updated for latest distro releases
# ------------------------------------------------------------------------------
get_default_php_version() {
local os_id
os_id=$(get_os_info id)
local os_version
os_version=$(get_os_version_major)
case "$os_id" in
debian)
case "$os_version" in
14) echo "8.4" ;; # Debian 14 (Forky) - future
13) echo "8.3" ;; # Debian 13 (Trixie)
12) echo "8.2" ;; # Debian 12 (Bookworm)
11) echo "7.4" ;; # Debian 11 (Bullseye)
*) echo "8.3" ;; # Default to latest stable
esac
;;
ubuntu)
case "$os_version" in
26) echo "8.4" ;; # Ubuntu 26.04 - future
24) echo "8.3" ;; # Ubuntu 24.04 LTS (Noble)
22) echo "8.1" ;; # Ubuntu 22.04 LTS (Jammy)
20) echo "7.4" ;; # Ubuntu 20.04 LTS (Focal)
*) echo "8.3" ;; # Default to latest stable
esac
;;
*)
echo "8.3"
;;
esac
}
# ------------------------------------------------------------------------------
# Get default Python version for OS
# Updated for latest distro releases
# ------------------------------------------------------------------------------
get_default_python_version() {
local os_id
os_id=$(get_os_info id)
local os_version
os_version=$(get_os_version_major)
case "$os_id" in
debian)
case "$os_version" in
14) echo "3.13" ;; # Debian 14 (Forky) - future
13) echo "3.12" ;; # Debian 13 (Trixie)
12) echo "3.11" ;; # Debian 12 (Bookworm)
11) echo "3.9" ;; # Debian 11 (Bullseye)
*) echo "3.12" ;; # Default to latest stable
esac
;;
ubuntu)
case "$os_version" in
26) echo "3.13" ;; # Ubuntu 26.04 - future
24) echo "3.12" ;; # Ubuntu 24.04 LTS
22) echo "3.10" ;; # Ubuntu 22.04 LTS
20) echo "3.8" ;; # Ubuntu 20.04 LTS
*) echo "3.12" ;; # Default to latest stable
esac
;;
*)
echo "3.12"
;;
esac
}
# ------------------------------------------------------------------------------
# Get default Node.js LTS version
# ------------------------------------------------------------------------------
get_default_nodejs_version() {
# Current LTS as of January 2026 (Node.js 24 LTS)
echo "24"
}
# ------------------------------------------------------------------------------
# Check if package manager is locked
# ------------------------------------------------------------------------------
is_apt_locked() {
if fuser /var/lib/dpkg/lock-frontend &>/dev/null ||
fuser /var/lib/apt/lists/lock &>/dev/null ||
fuser /var/cache/apt/archives/lock &>/dev/null; then
return 0
fi
return 1
}
# ------------------------------------------------------------------------------
# Wait for apt to be available
# ------------------------------------------------------------------------------
wait_for_apt() {
local max_wait="${1:-300}" # 5 minutes default
local waited=0
while is_apt_locked; do
if [[ $waited -ge $max_wait ]]; then
msg_error "Timeout waiting for apt to be available"
msg_error "Hint: Another process (apt, dpkg, unattended-upgrades) may hold a lock. Check: ps aux | grep -E 'apt|dpkg'"
return 100
fi
sleep 5
waited=$((waited + 5))
done
return 0
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Cleanup old repository files (migration helper) # Cleanup old repository files (migration helper)
@@ -2203,22 +1926,6 @@ setup_deb822_repo() {
fi fi
} }
# ------------------------------------------------------------------------------
# Package version hold/unhold helpers
# ------------------------------------------------------------------------------
hold_package_version() {
local package="$1"
$STD apt-mark hold "$package" || {
msg_warn "Failed to hold package version: ${package}"
}
}
unhold_package_version() {
local package="$1"
$STD apt-mark unhold "$package" || {
msg_warn "Failed to unhold package version: ${package}"
}
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Safe service restart with verification # Safe service restart with verification
@@ -2264,41 +1971,6 @@ safe_service_restart() {
return 150 return 150
} }
# ------------------------------------------------------------------------------
# Enable and start service (with error handling)
# ------------------------------------------------------------------------------
enable_and_start_service() {
local service="$1"
if ! systemctl enable "$service" &>/dev/null; then
msg_error "Failed to enable service: $service"
return 150
fi
if ! systemctl start "$service" &>/dev/null; then
msg_error "Failed to start $service"
systemctl status "$service" --no-pager
return 150
fi
return 0
}
# ------------------------------------------------------------------------------
# Check if service is enabled
# ------------------------------------------------------------------------------
is_service_enabled() {
local service="$1"
systemctl is-enabled --quiet "$service" 2>/dev/null
}
# ------------------------------------------------------------------------------
# Check if service is running
# ------------------------------------------------------------------------------
is_service_running() {
local service="$1"
systemctl is-active --quiet "$service" 2>/dev/null
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Extract version from JSON (GitHub releases) # Extract version from JSON (GitHub releases)
@@ -2444,44 +2116,6 @@ get_latest_codeberg_release() {
echo "$version" echo "$version"
} }
# ------------------------------------------------------------------------------
# Debug logging - using main debug_log function (line 40)
# Supports both TOOLS_DEBUG and DEBUG environment variables
# ------------------------------------------------------------------------------
# ------------------------------------------------------------------------------
# Performance timing helper
# ------------------------------------------------------------------------------
start_timer() {
echo $(date +%s)
}
end_timer() {
local start_time="$1"
local label="${2:-Operation}"
local end_time
end_time=$(date +%s)
local duration=$((end_time - start_time))
echo "${label} took ${duration}s"
}
# ------------------------------------------------------------------------------
# GPG key fingerprint verification
# ------------------------------------------------------------------------------
verify_gpg_fingerprint() {
local key_file="$1"
local expected_fingerprint="$2"
local actual_fingerprint
actual_fingerprint=$(gpg --show-keys --with-fingerprint --with-colons "$key_file" 2>&1 | grep -m1 '^fpr:' | cut -d: -f10)
if [[ "$actual_fingerprint" == "$expected_fingerprint" ]]; then
return 0
fi
msg_error "GPG fingerprint mismatch! Expected: $expected_fingerprint, Got: $actual_fingerprint"
return 65
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Fetches and deploys a GitHub tag-based source tarball. # Fetches and deploys a GitHub tag-based source tarball.
@@ -3008,38 +2642,6 @@ create_self_signed_cert() {
chmod 644 "$CERT_CRT" chmod 644 "$CERT_CRT"
} }
# ------------------------------------------------------------------------------
# Downloads file with optional progress indicator using pv.
#
# Arguments:
# $1 - URL
# $2 - Destination path
# ------------------------------------------------------------------------------
download_with_progress() {
local url="$1"
local output="$2"
if [ -n "$SPINNER_PID" ] && ps -p "$SPINNER_PID" >/dev/null; then kill "$SPINNER_PID" >/dev/null; fi
ensure_dependencies pv
set -o pipefail
# Content-Length aus HTTP-Header holen
local content_length
content_length=$(curl -fsSLI "$url" | awk '/Content-Length/ {print $2}' | tr -d '\r' || true)
if [[ -z "$content_length" ]]; then
if ! curl -fL# -o "$output" "$url"; then
msg_error "Download failed: $url"
return 7
fi
else
if ! curl -fsSL "$url" | pv -s "$content_length" >"$output"; then
msg_error "Download failed: $url"
return 7
fi
fi
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Ensures /usr/local/bin is permanently in system PATH. # Ensures /usr/local/bin is permanently in system PATH.
@@ -6339,117 +5941,6 @@ setup_java() {
msg_ok "Setup Temurin JDK $JAVA_VERSION" msg_ok "Setup Temurin JDK $JAVA_VERSION"
} }
# ------------------------------------------------------------------------------
# Installs a local IP updater script using networkd-dispatcher.
#
# Description:
# - Stores current IP in /run/local-ip.env
# - Automatically runs on network changes
# ------------------------------------------------------------------------------
setup_local_ip_helper() {
local BASE_DIR="/usr/local/community-scripts/ip-management"
local SCRIPT_PATH="$BASE_DIR/update_local_ip.sh"
local IP_FILE="/run/local-ip.env"
local DISPATCHER_SCRIPT="/etc/networkd-dispatcher/routable.d/10-update-local-ip.sh"
# Check if already set up
if [[ -f "$SCRIPT_PATH" && -f "$DISPATCHER_SCRIPT" ]]; then
msg_info "Update Local IP Helper"
cache_installed_version "local-ip-helper" "1.0"
msg_ok "Update Local IP Helper"
else
msg_info "Setup Local IP Helper"
fi
mkdir -p "$BASE_DIR"
# Install networkd-dispatcher if not present
if ! dpkg -s networkd-dispatcher >/dev/null 2>&1; then
ensure_dependencies networkd-dispatcher || {
msg_error "Failed to install networkd-dispatcher"
return 100
}
fi
# Write update_local_ip.sh
cat <<'EOF' >"$SCRIPT_PATH"
#!/bin/bash
set -euo pipefail
IP_FILE="/run/local-ip.env"
mkdir -p "$(dirname "$IP_FILE")"
get_current_ip() {
local ip
# Try IPv4 targets first
local ipv4_targets=("8.8.8.8" "1.1.1.1" "192.168.1.1" "10.0.0.1" "172.16.0.1" "default")
for target in "${ipv4_targets[@]}"; do
if [[ "$target" == "default" ]]; then
ip=$(ip route get 1 2>/dev/null | awk '{for(i=1;i<=NF;i++) if ($i=="src") print $(i+1)}')
else
ip=$(ip route get "$target" 2>/dev/null | awk '{for(i=1;i<=NF;i++) if ($i=="src") print $(i+1)}')
fi
if [[ -n "$ip" ]]; then
echo "$ip"
return 0
fi
done
# IPv6 fallback: Try direct interface lookup for eth0
ip=$(ip -6 addr show eth0 scope global 2>/dev/null | awk '/inet6 / {print $2}' | cut -d/ -f1 | head -n1)
if [[ -n "$ip" && "$ip" =~ : ]]; then
echo "$ip"
return 0
fi
# IPv6 fallback: Use routing table with IPv6 targets (Google DNS, Cloudflare DNS)
local ipv6_targets=("2001:4860:4860::8888" "2606:4700:4700::1111")
for target in "${ipv6_targets[@]}"; do
ip=$(ip -6 route get "$target" 2>/dev/null | awk '{for(i=1;i<=NF;i++) if ($i=="src") print $(i+1)}')
if [[ -n "$ip" && "$ip" =~ : ]]; then
echo "$ip"
return 0
fi
done
return 1
}
current_ip="$(get_current_ip)"
if [[ -z "$current_ip" ]]; then
echo "[ERROR] Could not detect local IP" >&2
exit 123
fi
if [[ -f "$IP_FILE" ]]; then
source "$IP_FILE"
[[ "$LOCAL_IP" == "$current_ip" ]] && exit 0
fi
echo "LOCAL_IP=$current_ip" > "$IP_FILE"
echo "[INFO] LOCAL_IP updated to $current_ip"
EOF
chmod +x "$SCRIPT_PATH"
# Install dispatcher hook
mkdir -p "$(dirname "$DISPATCHER_SCRIPT")"
cat <<EOF >"$DISPATCHER_SCRIPT"
#!/bin/bash
$SCRIPT_PATH
EOF
chmod +x "$DISPATCHER_SCRIPT"
systemctl enable -q --now networkd-dispatcher.service || {
msg_warn "Failed to enable networkd-dispatcher service"
}
cache_installed_version "local-ip-helper" "1.0"
msg_ok "Setup Local IP Helper"
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Installs or updates MariaDB. # Installs or updates MariaDB.
@@ -6753,16 +6244,9 @@ setup_mariadb_db() {
msg_info "Setting up MariaDB Database" msg_info "Setting up MariaDB Database"
# Use --defaults-extra-file to pass credentials safely and escape identifiers $STD mariadb -u root -e "CREATE DATABASE \`$MARIADB_DB_NAME\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
# to prevent SQL injection via DB name / user / password $STD mariadb -u root -e "CREATE USER '$MARIADB_DB_USER'@'localhost' IDENTIFIED BY '$MARIADB_DB_PASS';"
local _db_escaped _user_escaped _pass_escaped $STD mariadb -u root -e "GRANT ALL ON \`$MARIADB_DB_NAME\`.* TO '$MARIADB_DB_USER'@'localhost';"
_db_escaped="${MARIADB_DB_NAME//\'/\'\'}"
_user_escaped="${MARIADB_DB_USER//\'/\'\'}"
_pass_escaped="${MARIADB_DB_PASS//\'/\'\'}"
$STD mariadb -u root -e "CREATE DATABASE \`$_db_escaped\` CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;"
$STD mariadb -u root -e "CREATE USER '$_user_escaped'@'localhost' IDENTIFIED BY '$_pass_escaped';"
$STD mariadb -u root -e "GRANT ALL ON \`$_db_escaped\`.* TO '$_user_escaped'@'localhost';"
# Optional extra grants # Optional extra grants
if [[ -n "${MARIADB_DB_EXTRA_GRANTS:-}" ]]; then if [[ -n "${MARIADB_DB_EXTRA_GRANTS:-}" ]]; then
@@ -8392,14 +7876,8 @@ setup_postgresql_db() {
fi fi
msg_info "Setting up PostgreSQL Database" msg_info "Setting up PostgreSQL Database"
# Escape single quotes in identifiers to prevent SQL injection $STD sudo -u postgres psql -c "CREATE ROLE $PG_DB_USER WITH LOGIN PASSWORD '$PG_DB_PASS';"
local _pg_user_escaped _pg_pass_escaped _pg_db_escaped $STD sudo -u postgres psql -c "CREATE DATABASE $PG_DB_NAME WITH OWNER $PG_DB_USER ENCODING 'UTF8' TEMPLATE template0;"
_pg_user_escaped="${PG_DB_USER//\'/\'\'}"
_pg_pass_escaped="${PG_DB_PASS//\'/\'\'}"
_pg_db_escaped="${PG_DB_NAME//\'/\'\'}"
$STD sudo -u postgres psql -c "CREATE ROLE $_pg_user_escaped WITH LOGIN PASSWORD '$_pg_pass_escaped';"
$STD sudo -u postgres psql -c "CREATE DATABASE $_pg_db_escaped WITH OWNER $_pg_user_escaped ENCODING 'UTF8' TEMPLATE template0;"
# Configure pg_cron database BEFORE creating the extension (must be set before pg_cron loads) # Configure pg_cron database BEFORE creating the extension (must be set before pg_cron loads)
if [[ -n "${PG_DB_EXTENSIONS:-}" ]] && [[ ",${PG_DB_EXTENSIONS//[[:space:]]/}," == *",pg_cron,"* ]]; then if [[ -n "${PG_DB_EXTENSIONS:-}" ]] && [[ ",${PG_DB_EXTENSIONS//[[:space:]]/}," == *",pg_cron,"* ]]; then
@@ -9226,50 +8704,6 @@ EOF
return 0 return 0
} }
# ------------------------------------------------------------------------------
# Get latest GitLab release version.
# Usage: get_latest_gitlab_release "owner/repo" [strip_v]
# ------------------------------------------------------------------------------
get_latest_gitlab_release() {
local repo="$1"
local strip_v="${2:-true}"
local repo_encoded
repo_encoded=$(printf '%s' "$repo" | sed 's|/|%2F|g')
local header=()
[[ -n "${GITLAB_TOKEN:-}" ]] && header=(-H "PRIVATE-TOKEN: $GITLAB_TOKEN")
local temp_file
temp_file=$(mktemp)
local http_code
http_code=$(curl --connect-timeout 10 --max-time 30 -sSL \
-w "%{http_code}" -o "$temp_file" \
"${header[@]}" \
"https://gitlab.com/api/v4/projects/$repo_encoded/releases?per_page=1&order_by=released_at&sort=desc" 2>/dev/null) || true
if [[ "$http_code" != "200" ]]; then
rm -f "$temp_file"
msg_warn "GitLab API call failed for ${repo} (HTTP ${http_code})"
return 22
fi
local version
version=$(jq -r '.[0].tag_name // empty' "$temp_file")
rm -f "$temp_file"
if [[ -z "$version" ]]; then
msg_error "Could not determine latest version for ${repo}"
return 250
fi
if [[ "$strip_v" == "true" ]]; then
[[ "$version" =~ ^v[0-9] ]] && version="${version:1}"
fi
echo "$version"
}
# ------------------------------------------------------------------------------ # ------------------------------------------------------------------------------
# Checks for new GitLab release (latest tag). # Checks for new GitLab release (latest tag).