Commit d2114d1444af7fe87f45bbebebabe76326914618
1 parent
3f0918d1
Exists in
kalibro-configurations
Generating secrets in script
Showing
1 changed file
with
9 additions
and
9 deletions
Show diff stats
kalibro-configurations/kalibro-configurations.spec
... | ... | @@ -29,6 +29,7 @@ cp -r * %{buildroot}/usr/lib/kalibro-configurations |
29 | 29 | rm -rf %{buildroot}/usr/lib/kalibro-configurations/log |
30 | 30 | ln -sfT /var/log/kalibro-configurations %{buildroot}/usr/lib/kalibro-configurations/log |
31 | 31 | ln -sfT /etc/kalibro-configurations/database.yml %{buildroot}/usr/lib/kalibro-configurations/config/database.yml |
32 | +ln -sfT /etc/kalibro-configurations/secrets.yml %{buildroot}/usr/lib/kalibro-configurations/config/secrets.yml | |
32 | 33 | mkdir -p %{buildroot}/lib/systemd/system |
33 | 34 | cat > %{buildroot}/lib/systemd/system/kalibro_configurations.service <<EOF |
34 | 35 | [Unit] |
... | ... | @@ -55,6 +56,12 @@ production: |
55 | 56 | password: |
56 | 57 | EOF |
57 | 58 | |
59 | +cat > %{buildroot}/etc/kalibro-configurations/secrets.yml << EOF | |
60 | +# Do not keep production secrets in the repository, | |
61 | +# instead read values from the environment. | |
62 | +production: | |
63 | + secret_key_base: $(bundle exec rake secret) | |
64 | +EOF | |
58 | 65 | #FIXME HACK, REMOVE LATER |
59 | 66 | sed -i -e "s/require.*database_cleaner/# &/" %{buildroot}/usr/lib/kalibro-configurations/app/controllers/tests_controller.rb |
60 | 67 | |
... | ... | @@ -66,13 +73,11 @@ fi |
66 | 73 | mkdir -p /var/log/kalibro-configurations |
67 | 74 | chown -R kalibro_configurations:kalibro_configurations /var/log/kalibro-configurations |
68 | 75 | chown -R kalibro_configurations:kalibro_configurations /usr/lib/kalibro-configurations |
69 | - | |
70 | -if [ -x /usr/bin/postgres ]; then | |
76 | +if [ -x /usr/bin/psql ]; then | |
71 | 77 | if [ `systemctl is-active postgresql`!="active" ]; then |
72 | 78 | postgresql-setup initdb || true |
73 | 79 | systemctl start postgresql |
74 | 80 | fi |
75 | - | |
76 | 81 | if [ "$(sudo -u postgres -i psql --quiet --tuples-only -c "select count(*) from pg_user where usename = 'kalibro_configurations';")" -eq 0 ]; then |
77 | 82 | # create user |
78 | 83 | sudo -u postgres -i createuser kalibro_configurations |
... | ... | @@ -86,13 +91,7 @@ if [ -x /usr/bin/postgres ]; then |
86 | 91 | cd /usr/lib/kalibro-configurations/ |
87 | 92 | su kalibro_configurations -c "RAILS_ENV=production bundle exec rake db:migrate" |
88 | 93 | if [ $1 -eq 1 ]; then |
89 | - echo "========================ENTREIEEEIIII" | |
90 | 94 | su kalibro_configurations -c "RAILS_ENV=production bundle exec rake db:seed" |
91 | - cat >> %{buildroot}/etc/profile.d/kalibro_configurations.sh <<EOF | |
92 | - export RAILS_ENV=production | |
93 | -EOF | |
94 | - source %{buildroot}/etc/profile.d/kalibro_configurations.sh | |
95 | - #SECRET="$(RAILS_ENV=production bundle exec rake secret)" | |
96 | 95 | fi |
97 | 96 | fi |
98 | 97 | |
... | ... | @@ -111,5 +110,6 @@ rm -rf %{buildroot} |
111 | 110 | /usr/lib/kalibro-configurations |
112 | 111 | /lib/systemd/system/kalibro_configurations.service |
113 | 112 | %config(noreplace) /etc/kalibro-configurations/database.yml |
113 | +%config(noreplace) /etc/kalibro-configurations/secrets.yml | |
114 | 114 | |
115 | 115 | %changelog | ... | ... |