DietPi-Software | Node-RED: Switch to a local service user install (#…

…4124) + DietPi-Software | Node-RED: Switch to a local service user install right into /mnt/dietpi_userdata/node-red/node_modules. This allows Node-RED to control core modules as well. Additionally add a console alias for the admin CLI which invokes the service user instance via sudo. Also do not install Python 2 anymore, everything should now work with Python 3.
MichaIng · Feb 21, 2021 · 27496dc · 27496dc
1 parent 6a62624
commit 27496dc
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 42 deletions.
diff --git a/CHANGELOG.txt b/CHANGELOG.txt
@@ -11,6 +11,7 @@ Changes:
 - DietPi-Software | Unbound: On install in combination with Pi-hole, no additional configuration file will be created anymore but the adjusted interface binding and port will be applied to "/etc/unbound/unbound.conf.d/dietpi.conf". Declaring "interface" in two configuration files do not override each other but lead to two concurrent bindings, which is not intended. The two files, if present, will be merged as well on DietPi update. It is hence intended that admins change "dietpi.conf" directly, if required, and this file won't be overwritten on reinstalls to preserve local changes. Additionally, on new installs, the configuration file will be better sorted and contain comments to explain their purpose.
 - DietPi-Software | Unbound: On new installs, by default access is now granted to all private IPv4 and IPv6 address ranges instead of to the 192.168.0.0/16 subnet only, which includes VPNs, containers and cases of multiple local networks the server is attached to.
 - DietPi-Software | Unbound: A monthly cron job is now created to keep the root hints file updated. Many thanks to @APraxx for doing this suggestion: https://github.com/MichaIng/DietPi/issues/4077
+- DietPi-Software | Node-RED: New installs and reinstalls with setup Node-RED as local module for the "nodered" service user, rather than as global system module/command. This allows upgrading and removing all related Node modules through the web interface, instead of just the ones which were installed via web interface. Additionally a console alias for the "node-red-admin" CLI command has been added so that running this command with any user will call the local Node-RED instance as "nodered" service user.
 - DietPi-Software | Docker: The Docker APT repository is now installed manually instead of using the official Docker installer. This allows us to enable the Docker install option for Debian Bullseye systems, if only to allow widened testing of this upcoming Debian release with DietPi.
 
 Interface Changes:
@@ -43,7 +44,6 @@ As always, many smaller code performance and stability improvements, visual and
 
 Known/Outstanding Issues:
 - DietPi-Config | Enabling WiFi + Ethernet adapters, both on different subnets, breaks WiFi connection in some cases: https://github.com/MichaIng/DietPi/issues/2103
-- DietPi-Software | Node-RED: Pre-installed modules cannot be updated via web UI: https://github.com/MichaIng/DietPi/issues/2073
 - DietPi-Software | MATE desktop: When logging in as root, desktop items and right-click context menu is missing: https://github.com/MichaIng/DietPi/issues/3160
 - DietPi-Software | Sonarr/Radarr/Mono: With current Mono version 6, import to a file system without UNIX permissions support (exFAT, FAT32/vfat, CIFS mounts and NTFS without "permissions" option) fails, regardless of user/umask mount options: https://github.com/MichaIng/DietPi/issues/3179
 

diff --git a/dietpi/dietpi-software b/dietpi/dietpi-software
@@ -4503,16 +4503,44 @@ amvdec_vp9' > /etc/modules-load.d/dietpi-c4-kodi.conf
 		software_id=122 # Node-RED
 		if (( ${aSOFTWARE_INSTALL_STATE[$software_id]} == 1 )); then
 
-			Banner_Installing
+			Banner_Installing # Pre-configure user and data directory to allow a local service user install
+
+			# Data dir
+			G_EXEC mkdir -p /mnt/dietpi_userdata/node-red
+
+			# User
+			Create_User -G gpio,i2c -d /mnt/dietpi_userdata/node-red nodered
+			# - Allow sudo calls
+			echo 'nodered ALL=NOPASSWD: ALL' > /etc/sudoers.d/nodered
+
+			# Permissions
+			G_EXEC chown -R nodered:nodered /mnt/dietpi_userdata/node-red
+
+			# Service
+			cat << '_EOF_' > /etc/systemd/system/node-red.service
+[Unit]
+Description=Node-RED (DietPi)
+
+[Service]
+User=nodered
+ExecStart=/mnt/dietpi_userdata/node-red/node_modules/.bin/node-red -u /mnt/dietpi_userdata/node-red
 
+[Install]
+WantedBy=multi-user.target
+_EOF_
 			# Pre-reqs
-			local apackages=('python' 'python3')
+			local apackages=('python3')
 			# - RPi: GPIO control for Node-RED
-			(( $G_HW_MODEL > 9 )) || apackages+=('python-rpi.gpio')
+			(( $G_HW_MODEL > 9 )) || apackages+=('python3-rpi.gpio')
 			G_AGI "${apackages[@]}"
 
-			# Serialport fails to build unless below flags are provided
-			G_EXEC_OUTPUT=1 G_EXEC npm i -g --unsafe-perm node-red
+			# Install as local instance for "nodered" user
+			G_EXEC cd /mnt/dietpi_userdata/node-red
+			G_EXEC_OUTPUT=1 G_EXEC sudo -u nodered npm i node-red
+			G_EXEC cd /tmp/$G_PROGRAM_NAME
+
+			# CLI alias
+			echo "alias node-red-admin='sudo -u nodered /mnt/dietpi_userdata/node-red/node_modules/.bin/node-red-admin'" > /etc/bashrc.d/dietpi-node-red.sh
 
 		fi
 
@@ -8991,36 +9019,6 @@ _EOF_
 
 		fi
 
-		software_id=122 # Node-RED
-		if (( ${aSOFTWARE_INSTALL_STATE[$software_id]} == 1 )); then
-
-			Banner_Configuration
-
-			# Data dir
-			mkdir -p /mnt/dietpi_userdata/node-red
-
-			# User
-			Create_User -G gpio,i2c -d /mnt/dietpi_userdata/node-red nodered
-			# - Allow sudo calls
-			echo 'nodered ALL=NOPASSWD: ALL' > /etc/sudoers.d/nodered
-
-			# Service
-			cat << _EOF_ > /etc/systemd/system/node-red.service
-[Unit]
-Description=Node-RED (DietPi)
-
-[Service]
-User=nodered
-ExecStart=$(command -v node-red) -u /mnt/dietpi_userdata/node-red
-
-[Install]
-WantedBy=multi-user.target
-_EOF_
-			# Permissions
-			chown -R nodered:nodered /mnt/dietpi_userdata/node-red
-
-		fi
-
 		software_id=125 # Tomcat8
 		if (( ${aSOFTWARE_INSTALL_STATE[$software_id]} == 1 )); then
 
@@ -13748,21 +13746,32 @@ _EOF_
 		if (( ${aSOFTWARE_INSTALL_STATE[$software_id]} == -1 )); then
 
 			Banner_Uninstalling
+
+			# Service
 			if [[ -f '/etc/systemd/system/node-red.service' ]]; then
 
 				systemctl disable --now node-red
 				rm -R /etc/systemd/system/node-red.service*
 
 			fi
 			[[ -d '/etc/systemd/system/node-red.service.d' ]] && rm -R /etc/systemd/system/node-red.service.d
-			npm r -g --unsafe-perm node-red
+
+			# User
 			getent passwd nodered > /dev/null && userdel nodered
 			getent group nodered > /dev/null && groupdel nodered
-			[[ -f '/etc/sudoers.d/nodered' ]] && rm /etc/sudoers.d/nodered
-			[[ -d '/mnt/dietpi_userdata/node-red' ]] && rm -R /mnt/dietpi_userdata/node-red
-			[[ -f '/usr/local/bin/node-red' ]] && rm /usr/local/bin/node-red
-			[[ -f '/usr/local/bin/node-red-pi' ]] && rm /usr/local/bin/node-red-pi
-			rm -Rf /{root,home/*}/.node-red # Pre-v6.25
+
+			# Configs
+			[[ -f '/etc/sudoers.d/nodered' ]] && G_EXEC_NOEXIT=1 G_EXEC rm /etc/sudoers.d/nodered
+			[[ -f '/etc/bashrc.d/dietpi-node-red.sh' ]] && G_EXEC_NOEXIT=1 G_EXEC rm /etc/bashrc.d/dietpi-node-red.sh
+
+			# Data
+			[[ -d '/mnt/dietpi_userdata/node-red' ]] && G_EXEC_NOEXIT=1 G_EXEC rm -R /mnt/dietpi_userdata/node-red
+			G_EXEC_NOEXIT=1 G_EXEC rm -Rf /{root,home/*}/.node-red # Pre-v6.25
+
+			# Pre-v7.0
+			npm r -g --unsafe-perm node-red
+			[[ -f '/usr/local/bin/node-red' ]] && G_EXEC_NOEXIT=1 G_EXEC rm /usr/local/bin/node-red
+			[[ -f '/usr/local/bin/node-red-pi' ]] && G_EXEC_NOEXIT=1 G_EXEC rm /usr/local/bin/node-red-pi
 
 		fi