Add gitlab-common binary to handle user creation

This commit is contained in:
Pirate Praveen 2018-06-12 21:00:26 +05:30
parent ce781b2619
commit 6eccbab227
15 changed files with 304 additions and 55 deletions

4
debian/adduser.sh vendored
View file

@ -8,9 +8,7 @@ test -n "${gitlab_user}" || gitlab_user="gitlab"
# Create gitlab user with home in /var/lib
echo "Creating/updating ${gitlab_user} user account..."
adduser --system --home ${gitlab_data_dir} --gecos "${gitlab_user} user" --shell /bin/sh \
adduser --system --home /var/lib/gitlab --gecos "${gitlab_user} user" --shell /bin/sh \
--quiet --disabled-password --group ${gitlab_user} || {
echo "Proceeding with existing ${gitlab_user} user..."
}
echo "Making ${gitlab_user} owner of ${gitlab_data_dir}..."
chown -R ${gitlab_user} ${gitlab_data_dir}

View file

@ -1,3 +1,8 @@
gitlab_common_conf_private=/var/lib/gitlab-common/gitlab-common.conf
gitlab_common_conf=/etc/gitlab-common/gitlab-common.conf
gitlab_debian_conf_example=/usr/lib/gitlab/templates/gitlab-debian.conf.example
gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
gitlab_cache_path=/var/cache/gitlab
gitlab_scripts=/usr/lib/gitlab/scripts
gitlab_yml_example=/usr/lib/gitlab/templates/gitlab.yml.example

15
debian/control vendored
View file

@ -16,6 +16,7 @@ Package: gitlab
Architecture: all
XB-Ruby-Versions: ${ruby:Versions}
Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter,
gitlab-common,
lsb-base (>= 3.0-6),
git (>= 1:2.7.3~),
rake (>= 12.3.0~),
@ -23,7 +24,6 @@ Depends: ${shlibs:Depends}, ${misc:Depends}, ruby | ruby-interpreter,
postgresql-client,
postgresql-contrib,
dbconfig-pgsql | dbconfig-no-thanks,
adduser (>= 3.34~),
bc,
redis-server (>= 2:2.8~),
nodejs (>= 6~),
@ -356,3 +356,16 @@ Description: git powered software platform to collaborate on code (non-omnibus)
.
Note: Currently this package is in contrib because it uses npm to install
front end dependencies.
Package: gitlab-common
Architecture: all
Depends: ${shlibs:Depends}, ${misc:Depends},
adduser (>= 3.34~),
ucf
Description: git powered software platform to collaborate on code (common)
gitlab provides web based interface to host source code and track issues.
It allows anyone for fork a repository and send merge requests. Code review
is possible using merge request workflow. Using groups and roles project
access can be controlled.
.
This package includes configurations common to gitlab and gitaly.

22
debian/gitlab-common.config vendored Executable file
View file

@ -0,0 +1,22 @@
#!/bin/sh
# config maintainer script for gitlab
CONFIGFILE=/etc/gitlab-common/gitlab-common.conf
set -e
# source debconf stuffs
. /usr/share/debconf/confmodule
# Load config file, if it exists.
if [ -e $CONFIGFILE ]; then
. $CONFIGFILE || true
# Store values from config file into
# debconf db.
db_set gitlab-common/user "$gitlab_user"
fi
# Do you want to change gitlab user?
db_input high gitlab-common/user || true
db_go

2
debian/gitlab-common.dirs vendored Normal file
View file

@ -0,0 +1,2 @@
/var/lib/gitlab-common
/etc/gitlab-common

2
debian/gitlab-common.install vendored Normal file
View file

@ -0,0 +1,2 @@
debian/adduser.sh usr/lib/gitlab-common/scripts
debian/conf/gitlab-common.defaults usr/lib/gitlab-common

78
debian/gitlab-common.postinst vendored Executable file
View file

@ -0,0 +1,78 @@
#! /bin/sh
# postinst script for gitlab
# copied from postinst script for hplip
# $Id: hplip.postinst,v 1.1 2005/10/15 21:39:04 hmh Exp $
#
# see: dh_installdeb(1)
set -e
# Show debconf questions
. /usr/share/debconf/confmodule
gitlab_common_defaults=/usr/lib/gitlab-common/gitlab-common.defaults
gitlab_common_defaults_copy=/var/lib/gitlab-common/gitlab-common.defaults
# summary of how this script can be called:
# * <postinst> `configure' <most-recently-configured-version>
# * <old-postinst> `abort-upgrade' <new version>
# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
# <new-version>
# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
# <failed-install-package> <version> `removing'
# <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package
#
# quoting from the policy:
# Any necessary prompting should almost always be confined to the
# post-installation script, and should be protected with a conditional
# so that unnecessary prompting doesn't happen if a package's
# installation fails and the `postinst' is called with `abort-upgrade',
# `abort-remove' or `abort-deconfigure'.
case "$1" in
configure)
# Read default values
. ${gitlab_common_defaults}
# Copy defaults for use with postrm
cp ${gitlab_common_defaults} ${gitlab_common_defaults_copy}
# Read gitlab_user from debconf db
db_get gitlab-common/user
gitlab_user=$RET >/dev/null
# Create gitlab user
. /usr/lib/gitlab-common/scripts/adduser.sh
# Keep config file and debconf db in sync
touch ${gitlab_common_conf_private}
test -z "$gitlab_user" || grep -Eq '^ *gitlab_user=' ${gitlab_common_conf_private} || \
echo "gitlab_user=" >> ${gitlab_common_conf_private}
sed -e "s/^ *gitlab_user=.*/gitlab_user=\"$gitlab_user\"/" \
< ${gitlab_common_conf_private} > ${gitlab_common_conf_private}.tmp
mv -f ${gitlab_common_conf_private}.tmp ${gitlab_common_conf_private}
echo "Registering ${gitlab_common_conf} via ucf"
ucf --debconf-ok --three-way ${gitlab_common_conf_private} ${gitlab_common_conf}
ucfr gitlab-common ${gitlab_common_conf}
;;
triggered)
# Already handled
;;
abort-upgrade|abort-remove|abort-deconfigure)
;;
*)
echo "postinst called with unknown argument \`$1'" >&2
exit 1
;;
esac
db_stop
#DEBHELPER#

136
debian/gitlab-common.postrm vendored Normal file
View file

@ -0,0 +1,136 @@
#! /bin/sh
# postrm.skeleton
# Skeleton maintainer script showing all the possible cases.
# Written by Charles Briscoe-Smith, March-June 1998. Public Domain.
# Abort if any command returns an error value
set -e
# Set variables
gitlab_common_defaults_copy=/var/lib/gitlab-common/gitlab-common.defaults
# This script is called twice during the removal of the package; once
# after the removal of the package's files from the system, and as
# the final step in the removal of this package, after the package's
# conffiles have been removed.
# Ensure the menu system is updated
# Read debian specific configuration
if [ -f ${gitlab_common_defaults_copy} ]; then . ${gitlab_common_defaults_copy}; fi
if [ -f ${gitlab_common_conf} ]; then . ${gitlab_common_conf}; fi
case "$1" in
remove)
# This package is being removed, but its configuration has not yet
# been purged.
:
# Remove diversion
# ldconfig is NOT needed during removal of a library, only during
# installation
;;
purge)
# This package has previously been removed and is now having
# its configuration purged from the system.
:
# purge debconf questions
if [ -e /usr/share/debconf/confmodule ]; then
# Source debconf library.
. /usr/share/debconf/confmodule
if [ ! -z "${gitlab_user}" ]; then
# Do only if gitlab_user is set
echo "Removing user: ${gitlab_user}"
if id -u ${gitlab_user}; then userdel -r ${gitlab_user}; fi
else
echo "gitlab_user not set. Hence not removing user."
fi
# Remove private copies of configuration files
rm -f ${gitlab_common_conf_private}
rm -f ${gitlab_common_defaults_copy}
# Remove my changes to the db.
db_purge
fi
# we mimic dpkg as closely as possible, so we remove configuration
# files with dpkg backup extensions too:
### Some of the following is from Tore Anderson:
for ext in '~' '%' .bak .ucf-new .ucf-old .ucf-dist; do
rm -f ${gitlab_common_conf}$ext
done
# Remove conf file
if which ucf >/dev/null; then
if [ -n "${gitlab_common_conf}" ]; then ucf --purge ${gitlab_common_conf}; fi
fi
if which ucfr >/dev/null; then
if [ -n "${gitlab_common_conf}" ]; then ucfr --purge gitlab-common ${gitlab_common_conf}; fi
fi
rm -f ${gitlab_common_conf}
# cleanup complete
exit 0
;;
disappear)
if test "$2" != overwriter; then
echo "$0: undocumented call to \`postrm $*'" 1>&2
exit 0
fi
# This package has been completely overwritten by package $3
# (version $4). All our files are already gone from the system.
# This is a special case: neither "prerm remove" nor "postrm remove"
# have been called, because dpkg didn't know that this package would
# disappear until this stage.
:
;;
upgrade)
# About to upgrade FROM THIS VERSION to version $2 of this package.
# "prerm upgrade" has been called for this version, and "preinst
# upgrade" has been called for the new version. Last chance to
# clean up.
:
;;
failed-upgrade)
# About to upgrade from version $2 of this package TO THIS VERSION.
# "prerm upgrade" has been called for the old version, and "preinst
# upgrade" has been called for this version. This is only used if
# the previous version's "postrm upgrade" couldn't handle it and
# returned non-zero. (Fix old postrm bugs here.)
:
;;
abort-install)
# Back out of an attempt to install this package. Undo the effects of
# "preinst install...". There are two sub-cases.
:
if test "${2+set}" = set; then
# When the install was attempted, version $2's configuration
# files were still on the system. Undo the effects of "preinst
# install $2".
:
else
# We were being installed from scratch. Undo the effects of
# "preinst install".
:
fi ;;
abort-upgrade)
# Back out of an attempt to upgrade this package from version $2
# TO THIS VERSION. Undo the effects of "preinst upgrade $2".
:
;;
*) echo "$0: didn't understand being called with \`$1'" 1>&2
exit 0;;
esac
#DEBHELPER#
exit 0

8
debian/gitlab-common.templates vendored Normal file
View file

@ -0,0 +1,8 @@
Template: gitlab-common/user
Type: string
Default: gitlab
_Description: Operating System user for this instance of Gitlab:
Please choose the username of the user used to run this instance of Gitlab.
.
This username will also be used in SSH urls of projects hosted with this
instance of Gitlab. For example, git@git.example.com:foo/bar.git

View file

@ -15,7 +15,6 @@ set -e
# Store values from config file into
# debconf db.
db_set gitlab/fqdn "$GITLAB_HOST"
db_set gitlab/user "$gitlab_user"
db_set gitlab/ssl "${GITLAB_HTTPS:-false}"
db_set gitlab/letsencrypt "${gitlab_letsencrypt:-false}"
if [ -n "$gitlab_letsencrypt_email" ]; then
@ -49,10 +48,7 @@ if command -v letsencrypt >/dev/null; then
fi
fi
# Do you want to change gitlab user?
db_input high gitlab/user || true
db_go
db_get gitlab/user
db_get gitlab-common/user
gitlab_user=$RET
# source dbconfig-common shell library, and call the hook function

View file

@ -4,13 +4,11 @@ debian/conf/database.yml etc/gitlab
debian/conf/gitlab.yml.example usr/lib/gitlab/templates
debian/conf/resque.yml etc/gitlab
debian/conf/gitlab-debian.conf.example usr/lib/gitlab/templates
debian/conf/gitlab-debian.defaults usr/lib/gitlab
debian/conf/*.target lib/systemd/system
debian/conf/smtp_settings.rb etc/gitlab/initializers
debian/conf/tmpfiles.d/gitlab.conf.example usr/lib/gitlab/templates/tmpfiles.d
debian/conf/nginx.conf.example usr/lib/gitlab/templates
debian/conf/nginx.ssl.conf.example usr/lib/gitlab/templates
debian/adduser.sh usr/lib/gitlab/scripts
debian/rake-tasks.sh usr/lib/gitlab/scripts
debian/gitlab-check.sh usr/lib/gitlab/scripts
.babelrc usr/share/gitlab

View file

@ -8,15 +8,12 @@
set -e
# Setup variables
# Now using gitlab-debian.defaults to override variables used only in
# Now using gitlab-common.defaults to override variables used only in
# maintainer scripts. Earlier versions used gitlab-debian.conf for this.
# Now gitlab-debian.conf will only have user/admin configurable variables
# and variables required by systemd services.
gitlab_debian_conf_example=/usr/lib/gitlab/templates/gitlab-debian.conf.example
gitlab_debian_conf_private=/var/lib/gitlab/gitlab-debian.conf
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
gitlab_debian_defaults=/usr/lib/gitlab/gitlab-debian.defaults
gitlab_debian_defaults_copy=/var/lib/gitlab/gitlab-debian.defaults
gitlab_common_defaults=/usr/lib/gitlab-common/gitlab-common.defaults
test -f ${gitlab_common_defaults} && . ${gitlab_common_defaults}
# Show debconf questions
. /usr/share/debconf/confmodule
@ -44,10 +41,7 @@ gitlab_debian_defaults_copy=/var/lib/gitlab/gitlab-debian.defaults
# Read debian specific configuration
#######################################################################
# Bootstrap config file - first try
. ${gitlab_debian_conf_example}
# second try
cp ${gitlab_debian_conf_example} ${gitlab_debian_conf_private}
test -f ${gitlab_debian_conf_private} || cp ${gitlab_debian_conf_example} ${gitlab_debian_conf_private}
. ${gitlab_debian_conf_private}
# If /etc/gitlab/gitlab-debian.conf is already present, use it
@ -57,17 +51,10 @@ export DB RAILS_ENV
# Read default values (we cannot do this before gitlab-debian.conf is exported
# as we want to override variables set by gitlab-debian.conf in earlier gitlab
# versions with gitlab-debian.defaults)
. ${gitlab_debian_defaults}
. ${gitlab_common_defaults}
# Copy defaults for use with postrm
cp ${gitlab_debian_defaults} ${gitlab_debian_defaults_copy}
# Read gitlab_user from debconf db
db_get gitlab/user
gitlab_user=$RET >/dev/null
# Create gitlab user
. /usr/lib/gitlab/scripts/adduser.sh
# Read gitlab_user from gitlab-common.conf
test -f ${gitlab_common_conf} && . ${gitlab_common_conf}
#######################################################################
# update Gemfile.lock and yarn.lock, always
@ -147,8 +134,6 @@ case "$1" in
GITLAB_EMAIL_FROM="no-reply@$GITLAB_HOST"
GITLAB_EMAIL_DISPLAY_NAME="Gitlab"
GITLAB_EMAIL_REPLY_TO="no-reply@$GITLAB_HOST"
db_get gitlab/user
gitlab_user=$RET
# Check if ssl option is selected
db_get gitlab/ssl
GITLAB_HTTPS=$RET
@ -170,8 +155,6 @@ case "$1" in
echo "GITLAB_EMAIL_DISPLAY_NAME=" >> ${gitlab_debian_conf_private}
test -z "$GITLAB_EMAIL_REPLY_TO" || grep -Eq '^ *GITLAB_EMAIL_REPLY_TO=' ${gitlab_debian_conf_private} || \
echo "GITLAB_EMAIL_REPLY_TO=" >> ${gitlab_debian_conf_private}
test -z "$gitlab_user" || grep -Eq '^ *gitlab_user=' ${gitlab_debian_conf_private} || \
echo "gitlab_user=" >> ${gitlab_debian_conf_private}
test -z "$GITLAB_HTTPS" || grep -Eq '^ *GITLAB_HTTPS=' ${gitlab_debian_conf_private} || \
echo "GITLAB_HTTPS=" >> ${gitlab_debian_conf_private}
test -z "$gitlab_letsencrypt" || grep -Eq '^ *gitlab_letsencrypt=' ${gitlab_debian_conf_private} || \
@ -182,12 +165,11 @@ case "$1" in
-e "s/^ *GITLAB_EMAIL_FROM=.*/GITLAB_EMAIL_FROM=\"$GITLAB_EMAIL_FROM\"/" \
-e "s/^ *GITLAB_EMAIL_DISPLAY_NAME=.*/GITLAB_EMAIL_DISPLAY_NAME=\"$GITLAB_EMAIL_DISPLAY_NAME\"/" \
-e "s/^ *GITLAB_EMAIL_REPLY_TO=.*/GITLAB_EMAIL_REPLY_TO=\"$GITLAB_EMAIL_REPLY_TO\"/" \
-e "s/^ *gitlab_user=.*/gitlab_user=\"$gitlab_user\"/" \
-e "s/^ *GITLAB_HTTPS=.*/GITLAB_HTTPS=\"$GITLAB_HTTPS\"/" \
-e "s/^ *gitlab_letsencrypt=.*/gitlab_letsencrypt=\"$gitlab_letsencrypt\"/" \
-e "s/^ *gitlab_letsencrypt_email=.*/gitlab_letsencrypt_email=\"$gitlab_letsencrypt_email\"/" \
< ${gitlab_debian_conf_private} > ${gitlab_debian_conf_private}.tmp
mv -f ${gitlab_debian_conf_private}.tmp ${gitlab_debian_conf_private}
mv -f ${gitlab_debian_conf_private}.tmp ${gitlab_debian_conf_private}
# Copy example configurations
cp ${gitlab_yml_example} ${gitlab_yml_private}

32
debian/gitlab.postrm vendored
View file

@ -7,8 +7,7 @@
set -e
# Set variables
gitlab_debian_conf=/etc/gitlab/gitlab-debian.conf
gitlab_debian_defaults=/var/lib/gitlab/gitlab-debian.defaults
gitlab_common_defaults=/var/lib/gitlab-common/gitlab-common.defaults
# This script is called twice during the removal of the package; once
# after the removal of the package's files from the system, and as
@ -18,8 +17,29 @@ gitlab_debian_defaults=/var/lib/gitlab/gitlab-debian.defaults
# Ensure the menu system is updated
# Read debian specific configuration
if [ -f ${gitlab_debian_conf} ]; then . ${gitlab_debian_conf}; fi
if [ -f ${gitlab_debian_defaults} ]; then . ${gitlab_debian_defaults}; fi
if [ -f ${gitlab_common_defaults} ]
then
. ${gitlab_common_defaults}
else
echo "${gitlab_common_defaults} not found. Not removing anything."
exit 0
fi
if [ -f ${gitlab_debian_conf} ]
then
. ${gitlab_debian_conf}
else
echo "${gitlab_debian_conf} not found. Not removing anything."
exit 0
fi
if [ -f ${gitlab_common_conf} ]
then
. ${gitlab_common_conf}
else
echo "${gitlab_common_conf} not found. Not removing anything."
exit 0
fi
safely_remove() {
CANDIDATE_DIR=$1
@ -82,8 +102,6 @@ ${gitlab_data_dir}; do
else
echo "dropdb command not found. Hence not removing database."
fi
echo "Removing user: ${gitlab_user}"
if id -u ${gitlab_user}; then userdel -r ${gitlab_user}; fi
else
echo "gitlab_user not set. Hence not removing user."
fi
@ -115,7 +133,7 @@ ${gitlab_data_dir}; do
for i in ${nginx_site} ${gitlab_debian_conf} ${gitlab_yml} \
${gitlab_tmpfiles} ${gitlab_shell_config} ${dbconfig_config}; do
# remove the configuration file itself
safely_remove $i
if [ -f $i ] ; then rm -f $i; fi
# and finally clear it out from the ucf database
if which ucf >/dev/null; then
if [ -n "$i" ]; then ucf --purge $i; fi

View file

@ -11,15 +11,6 @@ _Description: Fully qualified domain name for this instance of Gitlab:
If a reverse proxy is used, give the hostname that the proxy server
responds to.
Template: gitlab/user
Type: string
Default: gitlab
_Description: Operating System user for this instance of Gitlab:
Please choose the username of the user used to run this instance of Gitlab.
.
This username will also be used in SSH urls of projects hosted with this
instance of Gitlab. For example, git@git.example.com:foo/bar.git
Template: gitlab/ssl
Type: boolean
Default: false

View file

@ -1,9 +1,9 @@
ucount=$(ls -1a |grep -vx .git | wc -l)
dcount=$(cat debian/install |cut -d' ' -f1|grep -v debian |wc -l)
dcount=$(cat debian/gitlab.install |cut -d' ' -f1|grep -v debian |wc -l)
ignored=32
if ! [ $(echo "$ucount" - "$dcount"|bc) -eq $ignored ]; then
echo "Found new files added by upstream and not added to debian/install"
echo "Add them to debian/install or adjust 'ignored=${ignored}'"
echo "Add them to debian/gitlab.install or adjust 'ignored=${ignored}'"
echo "in debian/upstream-file-count-check.sh as required"
exit 1
fi