Project

General

Profile

Download (3.36 KB) Statistics
| Branch: | Tag: | Revision:

foreman-packaging/debian/bionic/foreman/foreman.postinst @ 29cf2ebd

#!/bin/sh
# postinst script for foreman
#
# see: dh_installdeb(1)

[ -n "${DEBUG}" ] && set -x
set -e

. /usr/share/debconf/confmodule

LOGFILE='/var/log/foreman-install.log'

# if this script aborts with an error dpkg can hang if a debconf can
# hang if daemons have been started
trap db_stop EXIT

# Add the "foreman" user and group
getent group foreman >/dev/null || groupadd -r foreman
getent passwd foreman >/dev/null || \
useradd -r -g foreman -d /usr/share/foreman -s /usr/sbin/nologin -c "Foreman" foreman

chown -Rf foreman:foreman '/var/log/foreman'
chown -Rf foreman:foreman '/var/cache/foreman'
chown -Rf foreman:foreman '/var/lib/foreman'
chown -f foreman:foreman '/usr/share/foreman/.ssh'
chmod 700 '/usr/share/foreman/.ssh'
chmod 755 '/var/lib/foreman'
chmod 755 '/var/lib/foreman/db'
chmod 755 '/var/lib/foreman/public'
chmod 755 '/var/lib/foreman/public/assets'
chmod 755 '/var/cache/foreman'

BUNDLE=bundle
[ -h /usr/bin/foreman-ruby ] && BUNDLE="/usr/bin/foreman-ruby /usr/bin/bundle"

# Test for Gemfile.lock to determine the right action.
export HOME=/usr/share/foreman
cd /usr/share/foreman
if [ -f Gemfile.lock ]; then
CMD="$BUNDLE update --local"
else
CMD="$BUNDLE install --path ./vendor/ --local --no-prune"
fi

if [ ! -z "${DEBUG}" ]; then
$CMD
else
$CMD 2>&1 >> $LOGFILE
fi

# encryption key used to encrypt DB contents
# move the generated key file to /etc/foreman/ so users back it up, symlink to it from ~foreman
if [ ! -e config/initializers/encryption_key.rb -a ! -e /etc/foreman/encryption_key.rb ]; then
touch config/initializers/encryption_key.rb
chmod 0660 config/initializers/encryption_key.rb
chgrp foreman config/initializers/encryption_key.rb
if [ ! -z "${DEBUG}" ]; then
/usr/sbin/foreman-rake security:generate_encryption_key || true
else
/usr/sbin/foreman-rake security:generate_encryption_key >> $LOGFILE 2>&1 || true
fi
chmod 0640 config/initializers/encryption_key.rb
mv config/initializers/encryption_key.rb /etc/foreman/
fi
if [ ! -e config/initializers/encryption_key.rb -a -e /etc/foreman/encryption_key.rb ]; then
ln -s /etc/foreman/encryption_key.rb config/initializers/
fi

# Run a db:migrate and db:seed if the user has created a dbfile
# always attempt to reencrypt after update in case new fields can be encrypted
if [ -f /usr/share/foreman/config/database.yml ]; then
if [ ! -z "${DEBUG}" ]; then
/usr/sbin/foreman-rake db:migrate db:encrypt_all || true
/usr/sbin/foreman-rake db:seed || true
else
/usr/sbin/foreman-rake db:migrate db:encrypt_all >> $LOGFILE 2>&1 || true
/usr/sbin/foreman-rake db:seed >> $LOGFILE 2>&1 || true
fi
fi

# Generate apipie cache
if [ ! -z "${DEBUG}" ]; then
/usr/sbin/foreman-rake apipie:cache:index || true
else
/usr/sbin/foreman-rake apipie:cache:index >> $LOGFILE 2>&1 || true
fi

# Generate a static session token for signing cookies
if [ ! -f config/initializers/local_secret_token.rb ]; then
touch config/initializers/local_secret_token.rb
chmod 0660 config/initializers/local_secret_token.rb
chgrp foreman config/initializers/local_secret_token.rb
if [ ! -z "${DEBUG}" ]; then
/usr/sbin/foreman-rake security:generate_token || true
else
/usr/sbin/foreman-rake security:generate_token >> $LOGFILE 2>&1 || true
fi
chmod 0640 config/initializers/local_secret_token.rb
fi

# Own all the core files
chown -Rf foreman:foreman '/usr/share/foreman'

#DEBHELPER#

exit 0
(55-55/60)