fix: обновить systemd сервис для работы с nvm и qwen

- Добавить пути nvm и node в PATH - Добавить ReadWritePaths для ~/.nvm и ~/.config/nvm - Обновить install-systemd-service.sh для авто-определения путей - Исправляет ошибку 'qwen: command not found' Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>
2026-02-25 15:10:30 +08:00 · 2026-02-25 15:10:30 +08:00 · caf9d70515
parent b8605efaf6
commit caf9d70515
2 changed files with 45 additions and 7 deletions
--- a/install-systemd-service.sh
+++ b/install-systemd-service.sh
@ -41,12 +41,48 @@ if [ ! -f "$BOT_DIR/.env" ]; then
    exit 1
 fi

-# Создаём systemd сервис из шаблона
+# Определяем путь к qwen
+QWEN_PATH=$(su - "$BOT_USER" -c "which qwen" 2>/dev/null || echo "")
+if [ -z "$QWEN_PATH" ]; then
+    echo "⚠️  qwen не найден. Установите: npm install -g @anthropic/qwen-code"
+fi
+
+# Определяем Node.js путь (для nvm)
+NODE_PATH=$(dirname "$(su - "$BOT_USER" -c "which node" 2>/dev/null || echo "")")
+NVM_DIR=$(su - "$BOT_USER" -c "echo \$NVM_DIR" 2>/dev/null || echo "/home/$BOT_USER/.nvm")
+
 echo "📝 Создание systemd сервиса..."
-sed -e "s|%USER%|$BOT_USER|g" \
-    -e "s|%WORKDIR%|$BOT_DIR|g" \
-    -e "s|%VENV_PATH%|$BOT_VENV/bin|g" \
-    "$SERVICE_FILE" > "$SYSTEMD_SERVICE"
+
+# Создаём сервис с подстановкой путей
+cat > "$SYSTEMD_SERVICE" << EOF
+[Unit]
+Description=Telegram CLI Bot
+After=network.target
+
+[Service]
+Type=simple
+User=$BOT_USER
+WorkingDirectory=$BOT_DIR
+Environment="PATH=$BOT_VENV/bin:$NODE_PATH:/usr/local/bin:/usr/bin:/bin"
+Environment="QWEN_CODE_PATH=$BOT_VENV/qwen"
+Environment="NVM_DIR=$NVM_DIR"
+ExecStart=$BOT_VENV/bin/python bot.py
+Restart=always
+RestartSec=10
+StandardOutput=journal
+StandardError=journal
+SyslogIdentifier=telegram-bot
+
+# Security hardening с исключениями для работы бота
+NoNewPrivileges=true
+ProtectSystem=strict
+ProtectHome=read-only
+PrivateTmp=true
+ReadWritePaths=$BOT_DIR $NVM_DIR
+
+[Install]
+WantedBy=multi-user.target
+EOF

 echo "✅ Сервис установлен в $SYSTEMD_SERVICE"

--- a/telegram-bot.service
+++ b/telegram-bot.service
@ -6,7 +6,9 @@ After=network.target
 Type=simple
 User=%USER%
 WorkingDirectory=%WORKDIR%
-Environment="PATH=%VENV_PATH%"
+Environment="PATH=%VENV_PATH%:/home/%USER%/.config/nvm/versions/node/v24.13.1/bin:/usr/local/bin:/usr/bin:/bin"
+Environment="QWEN_CODE_PATH=%VENV_PATH%/qwen"
+Environment="NVM_DIR=/home/%USER%/.nvm"
 ExecStart=%VENV_PATH%/python bot.py
 Restart=always
 RestartSec=10
@ -19,7 +21,7 @@ NoNewPrivileges=true
 ProtectSystem=strict
 ProtectHome=read-only
 PrivateTmp=true
-ReadWritePaths=%WORKDIR%
+ReadWritePaths=%WORKDIR% %HOME%/.npm-global %HOME%/.nvm %HOME%/.config/nvm

 [Install]
 WantedBy=multi-user.target