use gitlab provided code to generate secrets.yml
This commit is contained in:
Praveen Arimbrathodiyil
parent
d51bda25bb
commit
ac32bfc38e
3 changed files with 9 additions and 17 deletions
6
debian/changelog
vendored
6
debian/changelog
vendored
|
|
@ -1,3 +1,9 @@
|
|||
gitlab (8.11.3+dfsg1-2) UNRELEASED; urgency=medium
|
||||
|
||||
* Use config/initializers/secret_token.rb to create secrets.yml
|
||||
|
||||
-- Pirate Praveen <praveen@debian.org> Sat, 17 Sep 2016 14:38:39 +0530
|
||||
|
||||
gitlab (8.11.3+dfsg1-1) unstable; urgency=medium
|
||||
|
||||
* New upstream release
|
||||
|
|
|
|||
1
debian/gitlab.links
vendored
1
debian/gitlab.links
vendored
|
|
@ -2,6 +2,7 @@ var/lib/gitlab/public usr/share/gitlab/public
|
|||
var/lib/gitlab/shared usr/share/gitlab/shared
|
||||
var/lib/gitlab/db usr/share/gitlab/db
|
||||
var/lib/gitlab/.ssh usr/share/gitlab/.ssh
|
||||
var/lib/gitlab/secrets.yml etc/gitlab/secrets.yml
|
||||
var/log/gitlab usr/share/gitlab/log
|
||||
var/log/gitlab/builds usr/share/gitlab/builds
|
||||
run/gitlab usr/share/gitlab/tmp
|
||||
|
|
|
|||
19
debian/rake-tasks.sh
vendored
19
debian/rake-tasks.sh
vendored
|
|
@ -5,18 +5,8 @@ export $(cat /etc/gitlab/gitlab-debian.conf)
|
|||
|
||||
if ! [ -f "${gitlab_app_root}/config/secrets.yml" ]; then
|
||||
echo "Creating secrets.yml..."
|
||||
# Check if .secret file exist already in gitlab_app_root
|
||||
# See if it is an empty file
|
||||
test -e ${gitlab_app_root}/.secret &&\
|
||||
gitlab_app_secret=$(cat ${gitlab_app_root}/.secret);\
|
||||
test -n "${gitlab_app_secret}" ||\
|
||||
{ gitlab_app_secret=$(openssl rand -hex 64)
|
||||
|
||||
cp ${gitlab_app_root}/config/secrets.yml.example ${gitlab_app_root}/config/secrets.yml
|
||||
sed -i "s/# db_key_base:/db_key_base: ${gitlab_app_secret}/" ${gitlab_app_root}/config/secrets.yml
|
||||
echo ${gitlab_app_secret} > ${gitlab_app_root}/.secret
|
||||
}
|
||||
|
||||
cd ${gitlab_app_root}
|
||||
su gitlab -c 'bundle exec rake config/initializers/secret_token.rb'
|
||||
fi
|
||||
|
||||
# Check if the db is already present
|
||||
|
|
@ -31,12 +21,7 @@ else
|
|||
fi
|
||||
|
||||
# Restrict permissions for secret files
|
||||
chown ${gitlab_user}: ${gitlab_data_dir}/.secret
|
||||
chmod 0700 ${gitlab_data_dir}/.secret
|
||||
chmod 0700 ${gitlab_data_dir}/.gitlab_shell_secret
|
||||
chown ${gitlab_user}: ${gitlab_app_root}/config/secrets.yml
|
||||
chmod 0700 ${gitlab_app_root}/config/secrets.yml
|
||||
|
||||
|
||||
echo "Precompiling assets..."
|
||||
su ${gitlab_user} -s /bin/sh -c 'bundle exec rake tmp:cache:clear assets:precompile RAILS_ENV=production'
|
||||
|
|
|
|||
Loading…
Reference in a new issue