aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--debian/cgit-config.postinst63
1 files changed, 57 insertions, 6 deletions
diff --git a/debian/cgit-config.postinst b/debian/cgit-config.postinst
index 98951d6..0383fae 100644
--- a/debian/cgit-config.postinst
+++ b/debian/cgit-config.postinst
@@ -1,12 +1,63 @@
#!/bin/sh
-#
-# TODO: Handle "$1".
-set -e
+set -eu
#DEBHELPER#
-# TODO: Setup git user and stuff.
+case "$1" in
+ install|upgrade)
-deb-systemd-helper enable fcgiwrap
-deb-systemd-invoke restart fcgiwrap
+ # Sane defaults:
+ git_home="${GIT_HOME:-/var/git}"
+ git_user="${GIT_USER:-git}"
+ git_name="${GIT_NAME:-git}"
+ git_group="${GIT_GROUP:-www-data}"
+
+ # create user to avoid running server as root
+ # 1. create group if not existing
+ if ! getent group | grep -q "^$git_group:" ; then
+ printf 'Adding group %s..\n' "$git_group"
+ addgroup --quiet --system "$git_group" 2>/dev/null
+ printf '..done\n'
+ fi
+
+ # 2. create homedir if not existing
+ if [ -d "$git_home" ]; then
+ # `/var` *must* exist.
+ mkdir -- "$git_home"
+ fi
+
+ # 3. create user if not existing
+ if ! getent passwd "$git_user"; then
+ printf 'Adding system user %s..\n' "$git_user"
+ # XXX: Do I really want a shell here?
+ adduser --quiet \
+ --system \
+ --ingroup "$git_group" \
+ --home "$git_home" \
+ --shell /bin/bash \
+ --disabled-password \
+ "$git_user"
+ printf '..done\n'
+ fi
+
+ # 4. adjust passwd entry
+ usermod \
+ -c "$git_name" \
+ -d "$git_home" \
+ -g "$git_group" \
+ "$git_user"
+
+ # 5. adjust file and directory permissions
+ if ! dpkg-statoverride --list "$git_home" >/dev/null
+ then
+ chown -R "$git_user":"$git_group" "$git_home"
+ chmod u=rwx,g=rxs,o= "$git_home"
+ fi
+
+ deb-systemd-helper enable fcgiwrap
+ deb-systemd-invoke restart fcgiwrap
+ deb-systemd-invoke restart nginx
+ ;;
+ # TODO: Handle remove, not that I need it yet though.
+esac