From 611de3d79da79766f938e9a940bce9d6e77ffc5d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Mateusz=20Gruszczy=C5=84ski?=
 <mateusz.gruszczynski@firma.interia.pl>
Date: Fri, 24 Oct 2025 09:30:51 +0200
Subject: [PATCH] remove bash -lc

---
 npm_install.py | 38 ++++++++++++++++++++++++++------------
 1 file changed, 26 insertions(+), 12 deletions(-)

diff --git a/npm_install.py b/npm_install.py
index b6fad4b..125e70a 100644
--- a/npm_install.py
+++ b/npm_install.py
@@ -2,6 +2,7 @@
 
 import argparse, os, sys, json, shutil, subprocess, tarfile, tempfile, urllib.request, re, time, threading, signal
 from pathlib import Path
+from glob import glob
 
 DEBUG = False
 
@@ -111,7 +112,7 @@ def apt_try_install(pkgs):
     if not pkgs: return
     avail = []
     for p in pkgs:
-        ok = subprocess.run(["bash","-lc", f"apt-cache show {p} >/dev/null 2>&1"], stdout=_devnull(), stderr=_devnull())
+        ok = subprocess.run(["apt-cache","show", p], stdout=_devnull(), stderr=_devnull())
         if ok.returncode == 0:
             avail.append(p)
         elif DEBUG:
@@ -477,7 +478,8 @@ server {
 def install_certbot_with_dns_plugins():
     with step("Installing certbot + DNS plugins"):
         base = ["certbot"]
-        out = run_out(["bash","-lc","apt-cache search '^python3-certbot-dns-' | awk '{print $1}'"], check=False) or ""
+        _raw = run_out(["apt-cache","search","^python3-certbot-dns-"], check=False) or ""
+        out = "\n".join(l.split()[0] for l in _raw.splitlines() if l.strip())
         dns_pkgs = [p for p in out.splitlines() if p.strip()]
         apt_install(base + dns_pkgs)
 
@@ -509,8 +511,10 @@ def ensure_user_and_dirs():
             run(["id", "-u", "npm"])
         except subprocess.CalledProcessError:
             run(["useradd", "--system", "--home", "/opt/npm", "--create-home", "--shell", "/usr/sbin/nologin", "npm"])
-        run(["bash","-lc","getent group angie >/dev/null 2>&1 || groupadd angie"])
-        run(["bash","-lc","usermod -aG angie npm || true"])
+        rc = subprocess.run(["getent","group","angie"], stdout=_devnull(), stderr=_devnull()).returncode
+        if rc != 0:
+            run(["groupadd","angie"])
+        run(["usermod","-aG","angie","npm"], check=False)
 
         dirs = [
             "/data","/data/nginx","/data/custom_ssl","/data/logs","/data/access",
@@ -521,13 +525,17 @@ def ensure_user_and_dirs():
         ]
         for d in dirs:
             Path(d).mkdir(parents=True, exist_ok=True)
-        run(["bash","-lc","chgrp -h angie /run/angie 2>/dev/null || true"])
+        run(["chgrp","-h","angie","/run/angie"], check=False)
         os.chmod("/run/angie", 0o2775)
         Path("/var/log/angie").mkdir(parents=True, exist_ok=True)
         for f in ["access.log","error.log"]:
             (Path("/var/log/angie")/f).touch(exist_ok=True)
-        run(["bash","-lc","chgrp -h angie /var/log/angie /var/log/angie/*.log 2>/dev/null || true"])
-        run(["bash","-lc","chmod 775 /var/log/angie && chmod 664 /var/log/angie/*.log"])
+        paths = ["/var/log/angie"] + glob("/var/log/angie/*.log")
+        for pth in paths:
+            run(["chgrp","-h","angie", pth], check=False)
+        run(["chmod","775","/var/log/angie"], check=False)
+        for pth in glob("/var/log/angie/*.log"):
+            run(["chmod","664", pth], check=False)
         Path("/var/log/nginx").mkdir(parents=True, exist_ok=True)
         Path("/var/log/nginx/error.log").touch(exist_ok=True)
         os.chmod("/var/log/nginx/error.log", 0o666)
@@ -541,7 +549,8 @@ NPMUSERS ALL=(root) NOPASSWD: /usr/sbin/angie
 """
         path = Path("/etc/sudoers.d/npm")
         write_file(path, content, 0o440)
-        run(["bash","-lc", f"command -v visudo >/dev/null 2>&1 && visudo -cf {path} || true"], check=False)
+        if shutil.which("visudo"):
+            run(["visudo","-cf", str(path)], check=False)
 
 def adjust_nginx_like_paths_in_tree(root: Path):
     for p in root.rglob("*.conf"):
@@ -784,10 +793,15 @@ def create_systemd_units(ipv6_enabled: bool):
         run(["angie","-s","reload"], check=False)
 
 def gather_versions(npm_app_version: str):
-    ip = run_out(["bash","-lc","hostname -I | awk '{print $1}'"]).strip()
-    angie_v = run_out(["bash","-lc","angie -v 2>&1 | awk 'NR==1{print $3}'"], check=False).strip()
-    node_v  = run_out(["bash","-lc","node -v | sed 's/^v//'"], check=False).strip()
-    yarn_v  = run_out(["bash","-lc","yarn -v || yarnpkg -v"], check=False).strip()
+    _ips = run_out(["hostname", "-I"], check=False) or ""
+    ip = (_ips.split() or [""])[0]
+    _angie = run_out(["angie", "-v"], check=False) or ""
+    m = re.search(r"\d+(?:\.\d+)+", _angie)
+    angie_v = m.group(0) if m else _angie.strip()
+    node_v = (run_out(["node", "-v"], check=False) or "").strip().lstrip("v")
+    yarn_v = (run_out(["yarn", "-v"], check=False) or "").strip()
+    if not yarn_v:
+        yarn_v = (run_out(["yarnpkg", "-v"], check=False) or "").strip()
     return ip, angie_v, node_v, yarn_v, npm_app_version
 
 def update_motd(enabled: bool, info, ipv6_enabled: bool):