diff options
| author | Mohammed Amar-Bensaber <renken@shione.net> | 2024-10-08 22:53:01 +0200 |
|---|---|---|
| committer | Mohammed Amar-Bensaber <renken@shione.net> | 2024-10-08 22:53:01 +0200 |
| commit | 207bf43a8bd311262e17203edfff1d4a50149e75 (patch) | |
| tree | 8d6d3b7fd7dd184489f6aadf799c33c3198bf898 | |
| parent | 394d13aaaad958c990a08cadcdea6eb2d0df729d (diff) | |
| download | shione-207bf43a8bd311262e17203edfff1d4a50149e75.tar.gz shione-207bf43a8bd311262e17203edfff1d4a50149e75.zip | |
cgit: implement initial postinstall logic
Mainly creating `git` user if missing as well as restarting relevant
systemd services.
| -rw-r--r-- | debian/cgit-config.postinst | 63 |
1 files changed, 57 insertions, 6 deletions
diff --git a/debian/cgit-config.postinst b/debian/cgit-config.postinst index 98951d6..0383fae 100644 --- a/debian/cgit-config.postinst +++ b/debian/cgit-config.postinst @@ -1,12 +1,63 @@ #!/bin/sh -# -# TODO: Handle "$1". -set -e +set -eu #DEBHELPER# -# TODO: Setup git user and stuff. +case "$1" in + install|upgrade) -deb-systemd-helper enable fcgiwrap -deb-systemd-invoke restart fcgiwrap + # Sane defaults: + git_home="${GIT_HOME:-/var/git}" + git_user="${GIT_USER:-git}" + git_name="${GIT_NAME:-git}" + git_group="${GIT_GROUP:-www-data}" + + # create user to avoid running server as root + # 1. create group if not existing + if ! getent group | grep -q "^$git_group:" ; then + printf 'Adding group %s..\n' "$git_group" + addgroup --quiet --system "$git_group" 2>/dev/null + printf '..done\n' + fi + + # 2. create homedir if not existing + if [ -d "$git_home" ]; then + # `/var` *must* exist. + mkdir -- "$git_home" + fi + + # 3. create user if not existing + if ! getent passwd "$git_user"; then + printf 'Adding system user %s..\n' "$git_user" + # XXX: Do I really want a shell here? + adduser --quiet \ + --system \ + --ingroup "$git_group" \ + --home "$git_home" \ + --shell /bin/bash \ + --disabled-password \ + "$git_user" + printf '..done\n' + fi + + # 4. adjust passwd entry + usermod \ + -c "$git_name" \ + -d "$git_home" \ + -g "$git_group" \ + "$git_user" + + # 5. adjust file and directory permissions + if ! dpkg-statoverride --list "$git_home" >/dev/null + then + chown -R "$git_user":"$git_group" "$git_home" + chmod u=rwx,g=rxs,o= "$git_home" + fi + + deb-systemd-helper enable fcgiwrap + deb-systemd-invoke restart fcgiwrap + deb-systemd-invoke restart nginx + ;; + # TODO: Handle remove, not that I need it yet though. +esac |