Commit d2114d1444af7fe87f45bbebebabe76326914618

Authored by MaxAlmeida
1 parent 3f0918d1

Generating secrets in script

kalibro-configurations/kalibro-configurations.spec
... ... @@ -29,6 +29,7 @@ cp -r * %{buildroot}/usr/lib/kalibro-configurations
29 29 rm -rf %{buildroot}/usr/lib/kalibro-configurations/log
30 30 ln -sfT /var/log/kalibro-configurations %{buildroot}/usr/lib/kalibro-configurations/log
31 31 ln -sfT /etc/kalibro-configurations/database.yml %{buildroot}/usr/lib/kalibro-configurations/config/database.yml
  32 +ln -sfT /etc/kalibro-configurations/secrets.yml %{buildroot}/usr/lib/kalibro-configurations/config/secrets.yml
32 33 mkdir -p %{buildroot}/lib/systemd/system
33 34 cat > %{buildroot}/lib/systemd/system/kalibro_configurations.service <<EOF
34 35 [Unit]
... ... @@ -55,6 +56,12 @@ production:
55 56 password:
56 57 EOF
57 58  
  59 +cat > %{buildroot}/etc/kalibro-configurations/secrets.yml << EOF
  60 +# Do not keep production secrets in the repository,
  61 +# instead read values from the environment.
  62 +production:
  63 + secret_key_base: $(bundle exec rake secret)
  64 +EOF
58 65 #FIXME HACK, REMOVE LATER
59 66 sed -i -e "s/require.*database_cleaner/# &/" %{buildroot}/usr/lib/kalibro-configurations/app/controllers/tests_controller.rb
60 67  
... ... @@ -66,13 +73,11 @@ fi
66 73 mkdir -p /var/log/kalibro-configurations
67 74 chown -R kalibro_configurations:kalibro_configurations /var/log/kalibro-configurations
68 75 chown -R kalibro_configurations:kalibro_configurations /usr/lib/kalibro-configurations
69   -
70   -if [ -x /usr/bin/postgres ]; then
  76 +if [ -x /usr/bin/psql ]; then
71 77 if [ `systemctl is-active postgresql`!="active" ]; then
72 78 postgresql-setup initdb || true
73 79 systemctl start postgresql
74 80 fi
75   -
76 81 if [ "$(sudo -u postgres -i psql --quiet --tuples-only -c "select count(*) from pg_user where usename = 'kalibro_configurations';")" -eq 0 ]; then
77 82 # create user
78 83 sudo -u postgres -i createuser kalibro_configurations
... ... @@ -86,13 +91,7 @@ if [ -x /usr/bin/postgres ]; then
86 91 cd /usr/lib/kalibro-configurations/
87 92 su kalibro_configurations -c "RAILS_ENV=production bundle exec rake db:migrate"
88 93 if [ $1 -eq 1 ]; then
89   - echo "========================ENTREIEEEIIII"
90 94 su kalibro_configurations -c "RAILS_ENV=production bundle exec rake db:seed"
91   - cat >> %{buildroot}/etc/profile.d/kalibro_configurations.sh <<EOF
92   - export RAILS_ENV=production
93   -EOF
94   - source %{buildroot}/etc/profile.d/kalibro_configurations.sh
95   - #SECRET="$(RAILS_ENV=production bundle exec rake secret)"
96 95 fi
97 96 fi
98 97  
... ... @@ -111,5 +110,6 @@ rm -rf %{buildroot}
111 110 /usr/lib/kalibro-configurations
112 111 /lib/systemd/system/kalibro_configurations.service
113 112 %config(noreplace) /etc/kalibro-configurations/database.yml
  113 +%config(noreplace) /etc/kalibro-configurations/secrets.yml
114 114  
115 115 %changelog
... ...