fix: install chrony for host NTP and enable pic.service on cold install
Unit Tests / test (push) Successful in 12m0s
Unit Tests / test (push) Successful in 12m0s
Root-cause fix for ACME failures caused by clock drift breaking TOTP during DDNS registration: install and start chrony (all supported package managers) before the setup wizard runs, so the host clock is accurate from day one. Also enables and starts the pic systemd unit at the end of a cold install — previously the unit file was written but never activated, so the stack would not survive a reboot without a manual `systemctl enable --now pic`. Makefile uninstall hardened: `disable --now` instead of bare `disable` so the running unit is stopped before the unit file is removed; daemon-reload called afterwards to flush the stale unit; and all lingering cell-* containers (tor/sshuttle/redsocks/store services) are now force-removed so subsequent reinstalls start from a clean Docker state. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
+33
@@ -157,6 +157,17 @@ case "$PKG_MANAGER" in
|
||||
log_warn "docker-compose-plugin not available; falling back to standalone docker-compose"
|
||||
sudo apt-get install -y -qq docker-compose 2>&1 | grep -v "^$" | sed 's/^/ /' || true
|
||||
fi
|
||||
|
||||
# Ensure host clock is synchronised before DDNS/TOTP registration.
|
||||
# chrony is preferred; the service name differs by distro (chrony on Debian, chronyd on some Ubuntu).
|
||||
sudo apt-get install -y -qq chrony 2>&1 | grep -v "^$" | sed 's/^/ /' || true
|
||||
if sudo systemctl enable --now chrony >/dev/null 2>&1; then
|
||||
log_ok "Host NTP (chrony) enabled and started"
|
||||
elif sudo systemctl enable --now chronyd >/dev/null 2>&1; then
|
||||
log_ok "Host NTP (chronyd) enabled and started"
|
||||
else
|
||||
log_warn "Could not start chrony — verify host clock is accurate before running the setup wizard"
|
||||
fi
|
||||
;;
|
||||
|
||||
dnf)
|
||||
@@ -168,6 +179,11 @@ case "$PKG_MANAGER" in
|
||||
log_warn "docker compose plugin not found; installing docker-compose-plugin..."
|
||||
sudo dnf install -y -q docker-compose-plugin 2>&1 | sed 's/^/ /' || true
|
||||
fi
|
||||
|
||||
sudo dnf install -y -q chrony 2>&1 | sed 's/^/ /' || true
|
||||
sudo systemctl enable --now chronyd >/dev/null 2>&1 \
|
||||
&& log_ok "Host NTP (chronyd) enabled and started" \
|
||||
|| log_warn "Could not start chronyd — verify host clock is accurate before running the setup wizard"
|
||||
;;
|
||||
|
||||
apk)
|
||||
@@ -175,6 +191,12 @@ case "$PKG_MANAGER" in
|
||||
|
||||
sudo rc-update add docker default >/dev/null 2>&1 || true
|
||||
sudo service docker start >/dev/null 2>&1 || true
|
||||
|
||||
sudo apk add --quiet chrony 2>&1 | sed 's/^/ /' || true
|
||||
sudo rc-update add chronyd default >/dev/null 2>&1 || true
|
||||
sudo service chronyd start >/dev/null 2>&1 \
|
||||
&& log_ok "Host NTP (chronyd) enabled and started" \
|
||||
|| log_warn "Could not start chronyd — verify host clock is accurate before running the setup wizard"
|
||||
;;
|
||||
|
||||
esac
|
||||
@@ -269,6 +291,17 @@ fi
|
||||
|
||||
log_ok "Core services started"
|
||||
|
||||
# Enable and start the pic systemd unit so the stack survives a reboot.
|
||||
# Skipped on Alpine (OpenRC) and on systems without systemd.
|
||||
if command -v systemctl >/dev/null 2>&1; then
|
||||
sudo systemctl daemon-reload 2>/dev/null || true
|
||||
if sudo systemctl enable --now pic 2>/dev/null; then
|
||||
log_ok "systemd unit pic.service enabled and started"
|
||||
else
|
||||
log_warn "Could not enable pic.service — run: sudo systemctl enable --now pic"
|
||||
fi
|
||||
fi
|
||||
|
||||
# ---------------------------------------------------------------------------
|
||||
# Step 7 — Health check + print wizard URL
|
||||
# ---------------------------------------------------------------------------
|
||||
|
||||
Reference in New Issue
Block a user