diff --git a/decnet/cli/init.py b/decnet/cli/init.py index ac96ef73..8389c064 100644 --- a/decnet/cli/init.py +++ b/decnet/cli/init.py @@ -337,13 +337,20 @@ def _install_units( *, install_dir: str, venv_dir: str, + user: str, + group: str, force: bool, dry_run: bool, ) -> str: """Render decnet-*.service.j2 → systemd_dir/decnet-*.service, and copy the static decnet.target (no templating needed — it has no install path references).""" - context = {"install_dir": install_dir, "venv_dir": venv_dir} + context = { + "install_dir": install_dir, + "venv_dir": venv_dir, + "user": user, + "group": group, + } templates = sorted(deploy.glob("decnet-*.service.j2")) static = [deploy / "decnet.target"] @@ -726,6 +733,7 @@ def register(app: typer.Typer) -> None: lambda: _install_units( deploy, systemd_dir, install_dir=install_dir, venv_dir=resolved_venv, + user=user, group=group, force=force, dry_run=dry_run, ), ) diff --git a/deploy/decnet-agent.service.j2 b/deploy/decnet-agent.service.j2 index b09a674c..703c074b 100644 --- a/deploy/decnet-agent.service.j2 +++ b/deploy/decnet-agent.service.j2 @@ -7,8 +7,8 @@ Requires=docker.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} # docker.sock is group-readable by 'docker'; the agent needs it for compose. SupplementaryGroups=docker WorkingDirectory={{ install_dir }} diff --git a/deploy/decnet-api.service.j2 b/deploy/decnet-api.service.j2 index 2f75dcd0..5f0f7a33 100644 --- a/deploy/decnet-api.service.j2 +++ b/deploy/decnet-api.service.j2 @@ -7,8 +7,8 @@ Requires=docker.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} # docker.sock is group-readable by 'docker'; the API ingester tails container logs. SupplementaryGroups=docker WorkingDirectory={{ install_dir }} diff --git a/deploy/decnet-bus.service.j2 b/deploy/decnet-bus.service.j2 index e3301b33..8b6100fe 100644 --- a/deploy/decnet-bus.service.j2 +++ b/deploy/decnet-bus.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local # /run/decnet is created automatically with the RuntimeDirectory= directive diff --git a/deploy/decnet-collector.service.j2 b/deploy/decnet-collector.service.j2 index 35d36452..76cf4fce 100644 --- a/deploy/decnet-collector.service.j2 +++ b/deploy/decnet-collector.service.j2 @@ -7,8 +7,8 @@ Requires=docker.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} # docker.sock is group-readable by 'docker'; the collector tails container logs. SupplementaryGroups=docker WorkingDirectory={{ install_dir }} diff --git a/deploy/decnet-forwarder.service.j2 b/deploy/decnet-forwarder.service.j2 index d0485a20..e8789c6d 100644 --- a/deploy/decnet-forwarder.service.j2 +++ b/deploy/decnet-forwarder.service.j2 @@ -8,8 +8,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local # Replace with the master's LAN address or hostname. The agent diff --git a/deploy/decnet-listener.service.j2 b/deploy/decnet-listener.service.j2 index 031e1fa2..d1739f2e 100644 --- a/deploy/decnet-listener.service.j2 +++ b/deploy/decnet-listener.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local # Binds 0.0.0.0:6514 so workers across the LAN can connect. 6514 is not a diff --git a/deploy/decnet-mutator.service.j2 b/deploy/decnet-mutator.service.j2 index 5ef30e05..c1f648f4 100644 --- a/deploy/decnet-mutator.service.j2 +++ b/deploy/decnet-mutator.service.j2 @@ -7,8 +7,8 @@ Requires=docker.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} # Mutator recomposes decky services via docker compose. SupplementaryGroups=docker WorkingDirectory={{ install_dir }} diff --git a/deploy/decnet-prober.service.j2 b/deploy/decnet-prober.service.j2 index e16c9b24..3deca708 100644 --- a/deploy/decnet-prober.service.j2 +++ b/deploy/decnet-prober.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local ExecStart={{ venv_dir }}/bin/decnet probe diff --git a/deploy/decnet-profiler.service.j2 b/deploy/decnet-profiler.service.j2 index d5abd1e2..bee9a51e 100644 --- a/deploy/decnet-profiler.service.j2 +++ b/deploy/decnet-profiler.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local ExecStart={{ venv_dir }}/bin/decnet profiler diff --git a/deploy/decnet-sniffer.service.j2 b/deploy/decnet-sniffer.service.j2 index 971ae147..cc39b479 100644 --- a/deploy/decnet-sniffer.service.j2 +++ b/deploy/decnet-sniffer.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target decnet-bus.service [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local ExecStart={{ venv_dir }}/bin/decnet sniffer diff --git a/deploy/decnet-swarmctl.service.j2 b/deploy/decnet-swarmctl.service.j2 index 2c0efb4c..8da048b6 100644 --- a/deploy/decnet-swarmctl.service.j2 +++ b/deploy/decnet-swarmctl.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local # Default bind is loopback — the controller is a master-local orchestrator diff --git a/deploy/decnet-updater.service.j2 b/deploy/decnet-updater.service.j2 index 7e06eb0a..bf3244d2 100644 --- a/deploy/decnet-updater.service.j2 +++ b/deploy/decnet-updater.service.j2 @@ -8,8 +8,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local ExecStart={{ venv_dir }}/bin/decnet updater \ diff --git a/deploy/decnet-web.service.j2 b/deploy/decnet-web.service.j2 index 8e852498..8695ffde 100644 --- a/deploy/decnet-web.service.j2 +++ b/deploy/decnet-web.service.j2 @@ -6,8 +6,8 @@ Wants=network-online.target [Service] Type=simple -User=decnet -Group=decnet +User={{ user }} +Group={{ group }} WorkingDirectory={{ install_dir }} EnvironmentFile=-{{ install_dir }}/.env.local ExecStart={{ venv_dir }}/bin/decnet web