[DRE-commits] [gitlab] 15/16: remove hard coded gitlab user
Praveen Arimbrathodiyil
praveen at moszumanska.debian.org
Thu Feb 16 12:09:32 UTC 2017
This is an automated email from the git hooks/post-receive script.
praveen pushed a commit to branch master
in repository gitlab.
commit a93ae2eb508f6abb2c146e8627e674c807c62e09
Author: Praveen Arimbrathodiyil <praveen at debian.org>
Date: Thu Feb 16 17:35:01 2017 +0530
remove hard coded gitlab user
---
debian/conf/gitlab.yml.example | 2 +-
debian/gitlab.gitlab-mailroom.service | 1 -
debian/gitlab.gitlab-sidekiq.service | 1 -
debian/gitlab.gitlab-unicorn.service | 1 -
debian/gitlab.gitlab-workhorse.service | 1 -
debian/postinst | 9 +++++++++
debian/postrm | 27 +++++++++++++++++----------
7 files changed, 27 insertions(+), 15 deletions(-)
diff --git a/debian/conf/gitlab.yml.example b/debian/conf/gitlab.yml.example
index 1991ccc..2a70880 100644
--- a/debian/conf/gitlab.yml.example
+++ b/debian/conf/gitlab.yml.example
@@ -46,7 +46,7 @@ production: &base
# relative_url_root: /gitlab
# Uncomment and customize if you can't use the default user to run GitLab (default: 'git')
- user: gitlab
+ user: GITLAB_USER
user_home: /var/lib/gitlab
## Date & Time settings
diff --git a/debian/gitlab.gitlab-mailroom.service b/debian/gitlab.gitlab-mailroom.service
index 849bc39..50b53f8 100644
--- a/debian/gitlab.gitlab-mailroom.service
+++ b/debian/gitlab.gitlab-mailroom.service
@@ -9,7 +9,6 @@ ReloadPropagatedFrom=gitlab-unicorn.service
[Service]
Type=simple
-User=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/etc/gitlab/gitlab-debian.conf
SyslogIdentifier=gitlab-mailroom
diff --git a/debian/gitlab.gitlab-sidekiq.service b/debian/gitlab.gitlab-sidekiq.service
index 7b5f418..2ac84d9 100644
--- a/debian/gitlab.gitlab-sidekiq.service
+++ b/debian/gitlab.gitlab-sidekiq.service
@@ -9,7 +9,6 @@ ReloadPropagatedFrom=gitlab.service
[Service]
Type=simple
-User=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/etc/gitlab/gitlab-debian.conf
SyslogIdentifier=gitlab-sidekiq
diff --git a/debian/gitlab.gitlab-unicorn.service b/debian/gitlab.gitlab-unicorn.service
index 3349cbf..139cb75 100644
--- a/debian/gitlab.gitlab-unicorn.service
+++ b/debian/gitlab.gitlab-unicorn.service
@@ -9,7 +9,6 @@ ReloadPropagatedFrom=gitlab.service
[Service]
Type=simple
-User=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/etc/gitlab/gitlab-debian.conf
EnvironmentFile=-/etc/default/gitlab
diff --git a/debian/gitlab.gitlab-workhorse.service b/debian/gitlab.gitlab-workhorse.service
index 32827da..e0ea038 100644
--- a/debian/gitlab.gitlab-workhorse.service
+++ b/debian/gitlab.gitlab-workhorse.service
@@ -9,7 +9,6 @@ ReloadPropagatedFrom=gitlab-unicorn.service
[Service]
Type=simple
-User=gitlab
WorkingDirectory=/usr/share/gitlab
EnvironmentFile=/etc/gitlab/gitlab-debian.conf
SyslogIdentifier=gitlab-workhorse
diff --git a/debian/postinst b/debian/postinst
index 0359968..7f588d8 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -143,6 +143,8 @@ EOF
test -f ${gitlab_shell_config_private} || \
cp ${gitlab_shell_config_example} ${gitlab_shell_config_private}
+ sed -i "s/GITLAB_USER/${gitlab_user}/" ${gitlab_yml_private}
+
if [ "${RET}" = "true" ]; then
echo "Configuring nginx with HTTPS..."
if ! grep GITLAB_HTTPS ${gitlab_debian_conf_private}; then
@@ -203,6 +205,13 @@ EOF
ucf --debconf-ok --three-way ${gitlab_tmpfiles_private} ${gitlab_tmpfiles}
ucfr gitlab ${gitlab_tmpfiles}
+ # Override User for systemd services
+ for service in mailroom unicorn sidekiq workhorse; do
+ path=/etc/systemd/system/gitlab-${service}.service.d
+ mkdir -p $path
+ printf "[Service]\nUser=${gitlab_user}\n" > $path/override.conf
+ done
+
# Manage gitlab-shell's config.yml via ucf
mkdir -p /etc/gitlab-shell
echo "Registering ${gitlab_shell_config} via ucf"
diff --git a/debian/postrm b/debian/postrm
index 2b3f3ba..0b9fa5f 100644
--- a/debian/postrm
+++ b/debian/postrm
@@ -44,16 +44,17 @@ case "$1" in
# Check if we should remove data?
db_get gitlab/purge
if [ "${RET}" = "true" ]; then
- rm -rf /var/lib/gitlab/shared
- rm -rf /var/lib/gitlab/public
- rm -rf /var/lib/gitlab/db
- rm -rf /var/lib/gitlab/repositories
- rm -rf /var/lib/gitlab/secrets.yml
- rm -rf /var/lib/gitlab/Gemfile.lock
- rm -rf /var/log/gitlab
- rm -rf /var/cache/gitlab
- rm -rf /run/gitlab
+ rm -rf ${gitlab_data_dir}/shared
+ rm -rf ${gitlab_data_dir}/public
+ rm -rf ${gitlab_data_dir}/db
+ rm -rf ${gitlab_data_dir}/repositories
+ rm -rf ${gitlab_data_dir}/secrets.yml
+ rm -rf ${gitlab_data_dir}/Gemfile.lock
+ rm -rf ${gitlab_log_dir}
+ rm -rf ${gitlab_cache_path}
+ rm -rf ${gitlab_pid_path}
userdel -r ${gitlab_user}
+ rm -rf ${gitlab_data_dir}
su postgres -c "dropdb gitlab_production"
fi
@@ -102,7 +103,7 @@ case "$1" in
fi
# remove generated assets
- rm -rf /var/lib/gitlab/public/assets
+ rm -rf ${gitlab_data_dir}/public/assets
# Remove private copies of configuration files
rm -f ${nginx_site_private}
@@ -111,6 +112,12 @@ case "$1" in
rm -f ${gitlab_tmpfiles_private}
rm -f ${gitlab_shell_config_private}
+ # Remove systemd service overrides
+ for service in mailroom unicorn sidekiq workhorse; do
+ path=/etc/systemd/system/gitlab-${service}.service.d
+ rm -rf $path
+ done
+
# cleanup complete
exit 0
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-ruby-extras/gitlab.git
More information about the Pkg-ruby-extras-commits
mailing list