aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMohammed Amar-Bensaber <renken@shione.net>2024-10-08 22:53:01 +0200
committerMohammed Amar-Bensaber <renken@shione.net>2024-10-08 22:53:01 +0200
commit207bf43a8bd311262e17203edfff1d4a50149e75 (patch)
tree8d6d3b7fd7dd184489f6aadf799c33c3198bf898
parent394d13aaaad958c990a08cadcdea6eb2d0df729d (diff)
downloadshione-207bf43a8bd311262e17203edfff1d4a50149e75.tar.gz
shione-207bf43a8bd311262e17203edfff1d4a50149e75.zip
cgit: implement initial postinstall logic
Mainly creating `git` user if missing as well as restarting relevant systemd services.
-rw-r--r--debian/cgit-config.postinst63
1 files changed, 57 insertions, 6 deletions
diff --git a/debian/cgit-config.postinst b/debian/cgit-config.postinst
index 98951d6..0383fae 100644
--- a/debian/cgit-config.postinst
+++ b/debian/cgit-config.postinst
@@ -1,12 +1,63 @@
#!/bin/sh
-#
-# TODO: Handle "$1".
-set -e
+set -eu
#DEBHELPER#
-# TODO: Setup git user and stuff.
+case "$1" in
+ install|upgrade)
-deb-systemd-helper enable fcgiwrap
-deb-systemd-invoke restart fcgiwrap
+ # Sane defaults:
+ git_home="${GIT_HOME:-/var/git}"
+ git_user="${GIT_USER:-git}"
+ git_name="${GIT_NAME:-git}"
+ git_group="${GIT_GROUP:-www-data}"
+
+ # create user to avoid running server as root
+ # 1. create group if not existing
+ if ! getent group | grep -q "^$git_group:" ; then
+ printf 'Adding group %s..\n' "$git_group"
+ addgroup --quiet --system "$git_group" 2>/dev/null
+ printf '..done\n'
+ fi
+
+ # 2. create homedir if not existing
+ if [ -d "$git_home" ]; then
+ # `/var` *must* exist.
+ mkdir -- "$git_home"
+ fi
+
+ # 3. create user if not existing
+ if ! getent passwd "$git_user"; then
+ printf 'Adding system user %s..\n' "$git_user"
+ # XXX: Do I really want a shell here?
+ adduser --quiet \
+ --system \
+ --ingroup "$git_group" \
+ --home "$git_home" \
+ --shell /bin/bash \
+ --disabled-password \
+ "$git_user"
+ printf '..done\n'
+ fi
+
+ # 4. adjust passwd entry
+ usermod \
+ -c "$git_name" \
+ -d "$git_home" \
+ -g "$git_group" \
+ "$git_user"
+
+ # 5. adjust file and directory permissions
+ if ! dpkg-statoverride --list "$git_home" >/dev/null
+ then
+ chown -R "$git_user":"$git_group" "$git_home"
+ chmod u=rwx,g=rxs,o= "$git_home"
+ fi
+
+ deb-systemd-helper enable fcgiwrap
+ deb-systemd-invoke restart fcgiwrap
+ deb-systemd-invoke restart nginx
+ ;;
+ # TODO: Handle remove, not that I need it yet though.
+esac