diff --git a/npm_install.py b/npm_install.py index 1b7776c..b93f87c 100644 --- a/npm_install.py +++ b/npm_install.py @@ -215,11 +215,10 @@ def setup_certbot_venv(venv_dir: Path = Path("/opt/certbot")): PYENV_ROOT = Path("/opt/npm/.pyenv") PYENV_OWNER = "npm" PYTHON_VERSION = "3.11.11" - PYENV_BIN_CANDIDATES = ["pyenv", "/usr/bin/pyenv", "/usr/lib/pyenv/bin/pyenv"] try: apt_try_install([ - "pyenv", "build-essential", "gcc", "make", "pkg-config", + "git", "build-essential", "gcc", "make", "pkg-config", "libssl-dev", "zlib1g-dev", "libbz2-dev", "libreadline-dev", "libsqlite3-dev", "tk-dev", "libncursesw5-dev", "libgdbm-dev", "libffi-dev", "uuid-dev", "liblzma-dev", "ca-certificates", "curl" @@ -227,7 +226,7 @@ def setup_certbot_venv(venv_dir: Path = Path("/opt/certbot")): except Exception: run(["apt-get", "update"], check=False) run(["apt-get", "install", "-y", - "pyenv", "build-essential", "gcc", "make", "pkg-config", + "git", "build-essential", "gcc", "make", "pkg-config", "libssl-dev", "zlib1g-dev", "libbz2-dev", "libreadline-dev", "libsqlite3-dev", "tk-dev", "libncursesw5-dev", "libgdbm-dev", "libffi-dev", "uuid-dev", "liblzma-dev", "ca-certificates", "curl" @@ -237,42 +236,43 @@ def setup_certbot_venv(venv_dir: Path = Path("/opt/certbot")): PYENV_ROOT.mkdir(parents=True, exist_ok=True) run(["chown", "-R", f"{PYENV_OWNER}:{PYENV_OWNER}", "/opt/npm"], check=False) - pyenv_bin = next((c for c in PYENV_BIN_CANDIDATES if shutil.which(c)), None) - if not pyenv_bin: - raise RuntimeError("Nie znaleziono 'pyenv' (spróbuj /usr/bin/pyenv lub /usr/lib/pyenv/bin/pyenv).") + upstream_pyenv_bin = PYENV_ROOT / "bin" / "pyenv" + if not upstream_pyenv_bin.exists(): + with step(f"Cloning upstream pyenv into {PYENV_ROOT}"): + run([ + "sudo", "-u", PYENV_OWNER, "-H", + "env", f"HOME=/opt/npm", f"PYENV_ROOT={PYENV_ROOT}", + "bash", "-lc", + f'git clone --depth=1 https://github.com/pyenv/pyenv.git "{PYENV_ROOT}"' + ]) + run(["chown", "-R", f"{PYENV_OWNER}:{PYENV_OWNER}", str(PYENV_ROOT)], check=False) env_pyenv = os.environ.copy() env_pyenv.update({ - "HOME": "/opt/npm", # ważne: wrapper pyenv robi cd $HOME + "HOME": "/opt/npm", "PYENV_ROOT": str(PYENV_ROOT), - "PATH": "/usr/lib/pyenv/bin:/usr/bin:/bin" # pluginy pyenv (install) + system + "PATH": f"{PYENV_ROOT}/bin:/usr/bin:/bin" }) - with step(f"Installing Python {PYTHON_VERSION} via pyenv into {PYENV_ROOT}"): + with step(f"Installing Python {PYTHON_VERSION} via upstream pyenv into {PYENV_ROOT}"): run([ - "sudo", "-u", PYENV_OWNER, "-s", + "sudo", "-u", PYENV_OWNER, "-H", "env", f"HOME={env_pyenv['HOME']}", f"PYENV_ROOT={env_pyenv['PYENV_ROOT']}", f"PATH={env_pyenv['PATH']}", "bash", "-lc", - f'cd /opt/npm && "{pyenv_bin}" install -s {PYTHON_VERSION}' + f'"{upstream_pyenv_bin}" install -s {PYTHON_VERSION}' ], env=env_pyenv) profile_snippet = f"""# Auto-generated by setup_certbot_venv # Ustawienia pyenv dla uzytkownika '{PYENV_OWNER}' if [ -d "{PYENV_ROOT}" ]; then export PYENV_ROOT="{PYENV_ROOT}" - # Dopnij lokalne binarki pyenv (git-install) idempotentnie case ":$PATH:" in *":$PYENV_ROOT/bin:"*) ;; *) PATH="$PYENV_ROOT/bin:$PATH";; esac - # Dopnij systemowe binarki pyenv z pakietu Debiana idempotentnie - case ":$PATH:" in *":/usr/lib/pyenv/bin:"*) ;; *) PATH="/usr/lib/pyenv/bin:$PATH";; esac export PATH - # Inicjalizacja tylko dla interaktywnych powlok uzytkownika '{PYENV_OWNER}' case "$-" in *i*) _interactive=1 ;; *) _interactive=0 ;; esac if [ "$_interactive" = 1 ] && {{ [ "${{USER:-}}" = "{PYENV_OWNER}" ] || [ "${{SUDO_USER:-}}" = "{PYENV_OWNER}" ]; }}; then - if command -v pyenv >/dev/null 2>&1; then - eval "$(pyenv init -)" - elif [ -x "{PYENV_ROOT}/bin/pyenv" ]; then + if [ -x "{PYENV_ROOT}/bin/pyenv" ]; then eval "$("{PYENV_ROOT}/bin/pyenv" init -)" fi fi @@ -318,7 +318,6 @@ fi run(["chown", "-R", f"{PYENV_OWNER}:{PYENV_OWNER}", str(PYENV_ROOT)], check=False) - def configure_letsencrypt(): with step("configure letsencrypt"): run(["chown", "-R", "npm:npm", "/opt/certbot"], check=False)