Skip to content

Commit 662b3f6

Browse files
SatontSatont
committed
upd
1 parent 2704889 commit 662b3f6

File tree

2 files changed

+50
-61
lines changed

2 files changed

+50
-61
lines changed

apps/api-gql/internal/delivery/gql/resolvers/user.resolver.go

+10-37
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

cli/internal/cmds/proxy/proxy.go

+40-24
Original file line numberDiff line numberDiff line change
@@ -5,6 +5,7 @@ import (
55
"os"
66
"os/exec"
77
"runtime"
8+
"strings"
89

910
"github.com/pterm/pterm"
1011
"github.com/twirapp/twir/cli/internal/shell"
@@ -20,34 +21,49 @@ var Cmd = &cli.Command{
2021
return err
2122
}
2223

24+
caddyFindCmd := exec.Command(
25+
"go",
26+
"tool",
27+
"-n", // -n prints the command without running it, giving us the path
28+
"github.com/caddyserver/caddy/v2/cmd/caddy",
29+
)
30+
caddyFindCmd.Dir = wd
31+
caddyPathBytes, err := caddyFindCmd.Output()
32+
if err != nil {
33+
return fmt.Errorf("failed to find Caddy path: %v", err)
34+
}
35+
caddyPath := strings.TrimSpace(string(caddyPathBytes))
36+
2337
if runtime.GOOS == "linux" {
24-
caddyFindCmd := exec.Command(
25-
"go",
26-
"tool",
27-
"-n",
28-
"github.com/caddyserver/caddy/v2/cmd/caddy",
29-
)
30-
caddyFindCmd.Dir = wd
31-
caddyFindCmdOutPut, err := caddyFindCmd.Output()
38+
// Check if the capability is already set
39+
getcapCmd := exec.Command("getcap", caddyPath)
40+
getcapCmd.Dir = wd
41+
getcapOutput, err := getcapCmd.Output()
3242
if err != nil {
33-
return err
43+
// If getcap fails (e.g., command not found), proceed cautiously
44+
pterm.Warning.Println("Could not check capabilities; assuming they need to be set")
3445
}
3546

36-
pterm.Warning.Println("!!! ATTENTION !!!")
37-
pterm.Info.Println("We need your sudo password to bind web server to port 443")
38-
39-
if err := shell.ExecCommand(
40-
shell.ExecCommandOpts{
41-
Command: fmt.Sprintf(
42-
`sudo setcap 'cap_net_bind_service=+ep' %s`,
43-
string(caddyFindCmdOutPut),
44-
),
45-
Stdout: os.Stdout,
46-
Stderr: os.Stderr,
47-
Pwd: wd,
48-
},
49-
); err != nil {
50-
return err
47+
// Check if cap_net_bind_service is present
48+
if !strings.Contains(string(getcapOutput), "cap_net_bind_service") {
49+
pterm.Warning.Println("!!! ATTENTION !!!")
50+
pterm.Warning.Println("We need your sudo password to bind web server to port 443 (this is a one-time setup)")
51+
52+
// Set the capability if missing
53+
setcapCmd := fmt.Sprintf("sudo setcap 'cap_net_bind_service=+ep' %s", caddyPath)
54+
if err := shell.ExecCommand(
55+
shell.ExecCommandOpts{
56+
Command: setcapCmd,
57+
Stdout: os.Stdout,
58+
Stderr: os.Stderr,
59+
Pwd: wd,
60+
},
61+
); err != nil {
62+
return fmt.Errorf("failed to set capability: %v", err)
63+
}
64+
pterm.Success.Println("Capability set successfully; no further sudo prompts needed unless Caddy binary changes")
65+
} else {
66+
pterm.Info.Println("Caddy already has permission to bind to port 443; no sudo required")
5167
}
5268
}
5369

0 commit comments

Comments
 (0)