foreman-packaging/debian/bionic/foreman/foreman.postinst @ 29cf2ebd
29cf2ebd | Michael Moll | #!/bin/sh
|
|
# postinst script for foreman
|
|||
#
|
|||
# see: dh_installdeb(1)
|
|||
[ -n "${DEBUG}" ] && set -x
|
|||
set -e
|
|||
. /usr/share/debconf/confmodule
|
|||
LOGFILE='/var/log/foreman-install.log'
|
|||
# if this script aborts with an error dpkg can hang if a debconf can
|
|||
# hang if daemons have been started
|
|||
trap db_stop EXIT
|
|||
# Add the "foreman" user and group
|
|||
getent group foreman >/dev/null || groupadd -r foreman
|
|||
getent passwd foreman >/dev/null || \
|
|||
useradd -r -g foreman -d /usr/share/foreman -s /usr/sbin/nologin -c "Foreman" foreman
|
|||
chown -Rf foreman:foreman '/var/log/foreman'
|
|||
chown -Rf foreman:foreman '/var/cache/foreman'
|
|||
chown -Rf foreman:foreman '/var/lib/foreman'
|
|||
chown -f foreman:foreman '/usr/share/foreman/.ssh'
|
|||
chmod 700 '/usr/share/foreman/.ssh'
|
|||
chmod 755 '/var/lib/foreman'
|
|||
chmod 755 '/var/lib/foreman/db'
|
|||
chmod 755 '/var/lib/foreman/public'
|
|||
chmod 755 '/var/lib/foreman/public/assets'
|
|||
chmod 755 '/var/cache/foreman'
|
|||
BUNDLE=bundle
|
|||
[ -h /usr/bin/foreman-ruby ] && BUNDLE="/usr/bin/foreman-ruby /usr/bin/bundle"
|
|||
# Test for Gemfile.lock to determine the right action.
|
|||
export HOME=/usr/share/foreman
|
|||
cd /usr/share/foreman
|
|||
if [ -f Gemfile.lock ]; then
|
|||
CMD="$BUNDLE update --local"
|
|||
else
|
|||
CMD="$BUNDLE install --path ./vendor/ --local --no-prune"
|
|||
fi
|
|||
if [ ! -z "${DEBUG}" ]; then
|
|||
$CMD
|
|||
else
|
|||
$CMD 2>&1 >> $LOGFILE
|
|||
fi
|
|||
# encryption key used to encrypt DB contents
|
|||
# move the generated key file to /etc/foreman/ so users back it up, symlink to it from ~foreman
|
|||
if [ ! -e config/initializers/encryption_key.rb -a ! -e /etc/foreman/encryption_key.rb ]; then
|
|||
touch config/initializers/encryption_key.rb
|
|||
chmod 0660 config/initializers/encryption_key.rb
|
|||
chgrp foreman config/initializers/encryption_key.rb
|
|||
if [ ! -z "${DEBUG}" ]; then
|
|||
/usr/sbin/foreman-rake security:generate_encryption_key || true
|
|||
else
|
|||
/usr/sbin/foreman-rake security:generate_encryption_key >> $LOGFILE 2>&1 || true
|
|||
fi
|
|||
chmod 0640 config/initializers/encryption_key.rb
|
|||
mv config/initializers/encryption_key.rb /etc/foreman/
|
|||
fi
|
|||
if [ ! -e config/initializers/encryption_key.rb -a -e /etc/foreman/encryption_key.rb ]; then
|
|||
ln -s /etc/foreman/encryption_key.rb config/initializers/
|
|||
fi
|
|||
# Run a db:migrate and db:seed if the user has created a dbfile
|
|||
# always attempt to reencrypt after update in case new fields can be encrypted
|
|||
if [ -f /usr/share/foreman/config/database.yml ]; then
|
|||
if [ ! -z "${DEBUG}" ]; then
|
|||
/usr/sbin/foreman-rake db:migrate db:encrypt_all || true
|
|||
/usr/sbin/foreman-rake db:seed || true
|
|||
else
|
|||
/usr/sbin/foreman-rake db:migrate db:encrypt_all >> $LOGFILE 2>&1 || true
|
|||
/usr/sbin/foreman-rake db:seed >> $LOGFILE 2>&1 || true
|
|||
fi
|
|||
fi
|
|||
# Generate apipie cache
|
|||
if [ ! -z "${DEBUG}" ]; then
|
|||
/usr/sbin/foreman-rake apipie:cache:index || true
|
|||
else
|
|||
/usr/sbin/foreman-rake apipie:cache:index >> $LOGFILE 2>&1 || true
|
|||
fi
|
|||
# Generate a static session token for signing cookies
|
|||
if [ ! -f config/initializers/local_secret_token.rb ]; then
|
|||
touch config/initializers/local_secret_token.rb
|
|||
chmod 0660 config/initializers/local_secret_token.rb
|
|||
chgrp foreman config/initializers/local_secret_token.rb
|
|||
if [ ! -z "${DEBUG}" ]; then
|
|||
/usr/sbin/foreman-rake security:generate_token || true
|
|||
else
|
|||
/usr/sbin/foreman-rake security:generate_token >> $LOGFILE 2>&1 || true
|
|||
fi
|
|||
chmod 0640 config/initializers/local_secret_token.rb
|
|||
fi
|
|||
# Own all the core files
|
|||
chown -Rf foreman:foreman '/usr/share/foreman'
|
|||
#DEBHELPER#
|
|||
exit 0
|