firewall: Add a custom script that run-parts the hooks instead of cal…

…ling yunohost hook that takes lock
YunoHost · Dec 20, 2024 · 6802b91 · 6802b91
1 parent 7bb4779
commit 6802b91
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 5 deletions.
diff --git a/conf/yunohost/yunohost-nftables-hooks-override.conf b/conf/yunohost/yunohost-nftables-hooks-override.conf
@@ -1,8 +1,4 @@
 # This override config calls yunohost hooks when nftables is started/reloaded
 
 [Service]
-ExecStart=yunohost hook callback post_nftables
-ExecReload=yunohost hook callback post_nftables
-# This one is legacy, apps should use the new post_nftables hook
-ExecStart=yunohost hook callback post_iptable_rules
-ExecReload=yunohost hook callback post_iptable_rules
+ExecStart=/usr/share/yunohost/yunohost-nftables-hooks
diff --git a/share/yunohost-nftables-hooks b/share/yunohost-nftables-hooks
@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+HOOK_FOLDER="/usr/share/yunohost/hooks/"
+CUSTOM_HOOK_FOLDER="/etc/yunohost/hooks.d/"
+
+run_parts() {
+    dir="$1"
+    if [ -d "$dir" ]; then
+        run-parts "$dir"
+    fi
+}
+
+run_parts "$HOOK_FOLDER/post_nftables"
+run_parts "$CUSTOM_HOOK_FOLDER/post_nftables"
+
+# This one is legacy, apps should use the new post_nftables hook
+run_parts "$HOOK_FOLDER/post_iptable_rules"
+run_parts "$CUSTOM_HOOK_FOLDER/post_iptable_rules"