#!/bin/bash interactive=$(if test -t 0; then echo true; else echo false; fi) set -eux -o pipefail ${EXTRA_SHELL_OPTS-} IFS=$'\n\t' export JAVA_HOME=$(find /usr/lib/jvm -mindepth 1 -maxdepth 1 -type d) # Configure Java unlimited strength cryptography if [ "${CRYPTO_POLICY}" = "unlimited" ]; then echo "Configuring Java unlimited strength cryptography policy..." sed -i 's/^crypto.policy=limited/crypto.policy=unlimited/' "${JAVA_HOME}/conf/security/java.security" fi # Set capabilities when available for add-ons using Pcap4J if capsh --print | grep -E 'Current:.+,cap_net_admin,cap_net_raw,.+' >/dev/null; then setcap cap_net_raw,cap_net_admin=eip "${JAVA_HOME}/bin/java" cat >> "/etc/ld-musl-$(arch).path" <<-EOI /lib /usr/lib ${JAVA_HOME}/lib ${JAVA_HOME}/lib/jli ${JAVA_HOME}/lib/security ${JAVA_HOME}/lib/server EOI fi # Delete stale nrjavaserial lock files and Karaf instance.properties to avoid PID conflicts on restarts rm -f /var/lock/LCK..* rm -f "${OPENHAB_USERDATA}/tmp/instances/instance.properties" # Add openhab user and add user to groups for different host distros # Alpine: audio=18, dialout=20, uucp=14 # CentOS/RedHat: audio=63, dialout=18, uucp=14 # Debian/Ubuntu: audio=29, dialout=20, uucp=10 # Linux from Scratch: audio=11, dialout=10, uucp=32 # openSUSE (old): audio=17, dialout=16, uucp=14 # openSUSE (new): audio=492, dialout=490 # Raspberry Pi OS: audio=29, dialout=20, uucp=10, gpio=997 NEW_USER_ID=${USER_ID:-9001} NEW_GROUP_ID=${GROUP_ID:-$NEW_USER_ID} echo "Starting with openhab user id: $NEW_USER_ID and group id: $NEW_GROUP_ID" if ! id -u openhab >/dev/null 2>&1; then if [ -z "$(getent group $NEW_GROUP_ID)" ]; then echo "Create group openhab with id ${NEW_GROUP_ID}" groupadd -g $NEW_GROUP_ID openhab else group_name=$(getent group $NEW_GROUP_ID | cut -d: -f1) echo "Rename group $group_name to openhab" groupmod --new-name openhab $group_name fi echo "Create user openhab with id ${NEW_USER_ID}" adduser -u $NEW_USER_ID -D -g '' -h ${OPENHAB_HOME} -G openhab openhab groupadd -g 29 audio2 groupadd -g 32 uucp2 groupadd -g 63 audio3 groupadd -g 490 dialout2 groupadd -g 492 audio4 groupadd -g 997 gpio adduser openhab audio adduser openhab audio2 adduser openhab audio3 adduser openhab audio4 adduser openhab dialout adduser openhab dialout2 adduser openhab gpio adduser openhab uucp adduser openhab uucp2 chown root:uucp /var/lock chmod g+w /var/lock fi initialize_volume() { volume="$1" source="$2" if [ -z "$(ls -A "$volume")" ]; then echo "Initializing empty volume ${volume} ..." cp -av "${source}/." "${volume}/" fi } # Initialize empty volumes and update userdata initialize_volume "${OPENHAB_CONF}" "${OPENHAB_HOME}/dist/conf" initialize_volume "${OPENHAB_USERDATA}" "${OPENHAB_HOME}/dist/userdata" # Update userdata if versions do not match if [ ! -z $(cmp "${OPENHAB_USERDATA}/etc/version.properties" "${OPENHAB_HOME}/dist/userdata/etc/version.properties") ]; then echo "Image and userdata versions differ! Starting an upgrade." | tee "${OPENHAB_LOGDIR}/update.log" # Make a backup of userdata backup_file=userdata-$(date +"%FT%H-%M-%S").tar if [ ! -d "${OPENHAB_BACKUPS}" ]; then mkdir "${OPENHAB_BACKUPS}" fi tar -c -f "${OPENHAB_BACKUPS}/${backup_file}" --exclude "backup/*" "${OPENHAB_USERDATA}" echo "You can find backup of userdata in ${OPENHAB_BACKUPS}/${backup_file}" | tee -a "${OPENHAB_LOGDIR}/update.log" exec "${OPENHAB_HOME}/runtime/bin/update" 2>&1 | tee -a "${OPENHAB_LOGDIR}/update.log" fi # Set openhab folder permission chown -R openhab:openhab "${OPENHAB_HOME}" sync # Run s6-style init continuation scripts if dir exists and s6 is not installed if [ -d /etc/cont-init.d ] && [ $(ls /bin/s6-* 2>/dev/null | wc -l) == 0 ]; then for script in $(find /etc/cont-init.d -type f | grep -v \~ | sort); do . "${script}" done fi # sync again after continuation scripts have been run sync # Use server mode with the default command when there is no pseudo-TTY if [ "$interactive" == "false" ] && [ "$(IFS=" "; echo "$@")" == "su-exec openhab tini -s ./start.sh" ]; then command=($@ server) exec "${command[@]}" else exec "$@" fi