Walkthrough

Tmpfs creation and initialization for log and api were removed from install.sh and moved into a new pre-start.sh. The systemd unit now runs this pre-start script via ExecStartPre to prepare directories, mounts, permissions, and required files before service start.

Changes

Sequence Diagram(s)

sequenceDiagram
  autonumber
  actor systemd
  participant unit as netalertx.service
  participant pre as pre-start.sh
  participant fs as Filesystem
  participant app as NetAlertX

  systemd->>unit: Start unit
  Note over unit: ExecStartPre (new) runs before ExecStart
  unit->>pre: /usr/bin/bash ${INSTALLER_DIR}/pre-start.sh
  pre->>fs: Unmount previous mounts (if any)
  pre->>fs: Create dirs/files (INSTALL_DIR/log, INSTALL_DIR/api, logs, plugins, user_notifications.json)
  pre->>fs: Mount tmpfs for log and api
  pre->>fs: chown/chmod (www-data, perms)
  pre-->>unit: exit 0
  unit->>app: ExecStart (unchanged) -> run server
  app-->>unit: Running
  unit-->>systemd: Active

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~25 minutes

Possibly related PRs

• Ubuntu 24 Installer rewrite #1201 — Touches Ubuntu24 installer/service flow and tmpfs handling; directly overlaps service/unit changes.
• Installer rework #1174 — Refactors log/api mount and initialization logic similar to this PR’s relocation to a pre-start script.
• Ubuntu installer #1166 — Adjusts installer/startup tmpfs management for log/api; conceptually linked to moving mounts into ExecStartPre.

Poem

I thump my paws: pre-start trims the heap,
Mounts neat clouds where logs and APIs sleep.
Directories ready, permissions in line,
I twitch my nose — the service will shine.
Hoppity-hop, clean start every time. 🥕

Pre-merge checks and finishing touches

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Hello @ingoratsdorf . I've noticed lot of commits from you on the hardware installers. I'm watching and worried because I'm in the middle of a month's long revamp of the main docker container, docker compose, and devcontainer, working toward a new and more secure, reliable, unified user/developer experience.

I'd like it if you could please try to focus on making this a single script which deploys everything required with a single copy-paste operation. The hardware installers are not officially supported due to lack of ability to cleanly uninstall/reinstall on a hardware installation. They will be moving into docs only soon. Combining the installer into a document will make your work live longer eg cat << EOF > file.txt .

Currently the hardware installers all download the code directly from the github repository making them entirely separate from the code, and not actually needing to be located within the code. Because they aren't actually part of the repo, they can't be tested with the repo. The upcoming changes will likely break a lot of things and I'd like you to be prepared for these changes.

@ingoratsdorf I think we should combine the best of both scripts and just have one, non docker, installer.

The one I did for proxmox will work on ubuntu as well, but I do have to address an issue with the tmps file mount strategy.
Since it's a temp filesystem, it's not there if the server reboots so the service fails to restart. 🤦‍♂️🤷‍♀️

I haven't had the chance to mess with that, I need to finish a server upgrade so I can use this with multiple VLAN's.

@JVKeller yes, I noticed that, after restart of the server / container, the tmpfs is gone.
Hence I updated the systemd unit to create those on start. That was part of this PR.

The bare metal installer have to change significantly now that we have a production file system.
I just glanced over the dockerfile but did not have an in-depth look.
It is so haevily geared towards docker now that it seems very complicated to mimic what the dockerfile does and keep up with changes tro it - and the security and hardening aspects.

I think I'll drop work on the bare metal installer and use an Alpine docker LXC again ;-)

The proxmox should really be called debian 13 not proxmox. It's designed to support Debian 13. A proper proxmox script would setup an environment within proxmox and then install.

After you're done with the code base overhaul, we'll revisit this and maybe make it a full fledged Proxmox installer and add it to the proxmox helper scripts repo.

I never even fully got NetAlertx working for my network. It wasn't picking up devices on other VLAN's, and adding additional eth devices wasn't working for me either so I have to look at my network config but haven't had the time.

Layer 2 scanners don't cross network boundaries. You'll need to use one of the higher layer scanners.

If someone can have a look that would be great - we are not planning to touch the file structure for a while. One proxmox related issue reported here as well #1336