Packaging: Cherry-pick rpm/deb scriptlets from st2-packages #6313
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| shell_sources(skip_shellcheck=True) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,74 @@ | ||
| #!/bin/sh | ||
| # postinst script for st2 | ||
| # | ||
| # see: dh_installdeb(1) | ||
|
|
||
| set -e | ||
|
|
||
| # summary of how this script can be called: | ||
| # * <postinst> `configure' <most-recently-configured-version> | ||
| # * <old-postinst> `abort-upgrade' <new version> | ||
| # * <conflictor's-postinst> `abort-remove' `in-favour' <package> | ||
| # <new-version> | ||
| # * <postinst> `abort-remove' | ||
| # * <deconfigured's-postinst> `abort-deconfigure' `in-favour' | ||
| # <failed-install-package> <version> `removing' | ||
| # <conflicting-package> <version> | ||
| # for details, see http://www.debian.org/doc/debian-policy/ or | ||
| # the debian-policy package | ||
|
|
||
| ST2_USER=st2 | ||
| PACKS_GROUP=st2packs | ||
| ST2_UPGRADESTAMP="/tmp/.stamp-stackstorm-st2-deb-package" | ||
| upgrading=0 | ||
|
|
||
| ## Permissions of files which should be set on install | ||
| SET_PERMS=$(cat <<EHD | sed 's/\s\+/ /g' | ||
| -R ug+rw root:_packsgroup /opt/stackstorm/packs | ||
| -R ug+rw root:_packsgroup /usr/share/doc/st2/examples | ||
| ug+rw root:_packsgroup /opt/stackstorm/virtualenvs | ||
| 755 _st2user:root /opt/stackstorm/configs | ||
| 755 _st2user:root /opt/stackstorm/exports | ||
| 755 _st2user:root /var/log/st2 | ||
| 755 _st2user:root /var/run/st2 | ||
| 600 _st2user:_st2user /etc/st2/htpasswd | ||
| EHD | ||
| ) | ||
|
|
||
| ## Fix directories permissions on install (different across maint scripts!) | ||
| set_permissions() { | ||
| local fileperms="$1" | ||
| fileperms=$(echo "$fileperms" | sed -e "s/_st2user/$ST2_USER/g" -e "s/_packsgroup/$PACKS_GROUP/g") | ||
| # Reqursively chown given destinations! | ||
| echo "$fileperms" | cut -f1,3,4 -d' ' | xargs -L1 chown | ||
| # Set directories mode | ||
| echo "$fileperms" | cut -f1,2,4 -d' ' | xargs -L1 chmod | ||
| } | ||
|
|
||
| # Choose first install or upgrade | ||
| [ -f $ST2_UPGRADESTAMP ] && upgrading=1 || : | ||
|
|
||
| case "$1" in | ||
| configure) | ||
| # Initially set destination files owenership (only on the first install) | ||
| [ "$upgrading" = 1 ] || set_permissions "$SET_PERMS" | ||
| rm -f $ST2_UPGRADESTAMP | ||
|
|
||
| # make sure that our socket generators run | ||
| systemctl daemon-reload >/dev/null 2>&1 || true | ||
| ;; | ||
| abort-upgrade|abort-remove|abort-deconfigure) | ||
| ;; | ||
|
|
||
| *) | ||
| echo "postinst called with unknown argument \`$1'" >&2 | ||
| exit 1 | ||
| ;; | ||
| esac | ||
|
|
||
| # dh_installdeb will replace this with shell code automatically | ||
| # generated by other debhelper scripts. | ||
|
|
||
| #DEBHELPER# | ||
|
|
||
| exit 0 |
|
Member
Author
There was a problem hiding this comment. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,53 @@ | ||
| #!/bin/sh | ||
| # postrm script for st2 | ||
| # | ||
| # see: dh_installdeb(1) | ||
|
|
||
| set -e | ||
|
|
||
| # summary of how this script can be called: | ||
| # * <postrm> `remove' | ||
| # * <postrm> `purge' | ||
| # * <old-postrm> `upgrade' <new-version> | ||
| # * <new-postrm> `failed-upgrade' <old-version> | ||
| # * <new-postrm> `abort-install' | ||
| # * <new-postrm> `abort-install' <old-version> | ||
| # * <new-postrm> `abort-upgrade' <old-version> | ||
| # * <disappearer's-postrm> `disappear' <overwriter> | ||
| # <overwriter-version> | ||
| # for details, see http://www.debian.org/doc/debian-policy/ or | ||
| # the debian-policy package | ||
|
|
||
| ## Save st2 logrotate config on remove, but wipe it out on purge. | ||
| preserve_logrotate() { | ||
| if [ "$1" = remove ]; then | ||
| [ -f /etc/logrotate.d/st2 ] && mv /etc/logrotate.d/st2-pkgsaved.disabled 1>/dev/null 2>&1 || : | ||
| elif [ "$1" = purge ]; then | ||
| rm -f /etc/logrotate.d/st2-pkgsaved.disabled 1>/dev/null 2>&1 || : | ||
| # Clean up other StackStorm related configs and directories | ||
| rm -rf /etc/st2 1>/dev/null 2>&1 || : | ||
| rm -rf /opt/stackstorm 1>/dev/null 2>&1 || : | ||
| rm -rf /root/.st2 1>/dev/null 2>&1 || : | ||
| rm -rf /var/log/st2 1>/dev/null 2>&1 || : | ||
| rm -f /etc/sudoers.d/st2 1>/dev/null 2>&1 || : | ||
| fi | ||
| } | ||
|
|
||
| case "$1" in | ||
| remove|purge) | ||
| preserve_logrotate "$1" | ||
| ;; | ||
| upgrade|failed-upgrade|abort-install|abort-upgrade|disappear) | ||
| ;; | ||
| *) | ||
| echo "postrm called with unknown argument \`$1'" >&2 | ||
| exit 1 | ||
| ;; | ||
| esac | ||
|
|
||
| # dh_installdeb will replace this with shell code automatically | ||
| # generated by other debhelper scripts. | ||
|
|
||
| #DEBHELPER# | ||
|
|
||
| exit 0 |
|
Member
Author
There was a problem hiding this comment. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,114 @@ | ||
| #!/bin/sh | ||
| # preinst script for st2 | ||
| # | ||
| # see: dh_installdeb(1) | ||
|
|
||
| set -e | ||
|
|
||
| # summary of how this script can be called: | ||
| # * <new-preinst> `install' | ||
| # * <new-preinst> `install' <old-version> | ||
| # * <new-preinst> `upgrade' <old-version> | ||
| # * <old-preinst> `abort-upgrade' <new-version> | ||
| # for details, see http://www.debian.org/doc/debian-policy/ or | ||
| # the debian-policy package | ||
|
|
||
| PACKS_GROUP=st2packs | ||
| SYS_USER=stanley | ||
| ST2_USER=st2 | ||
| ST2_CONFPATH="/etc/st2/st2.conf" | ||
| ST2_UPGRADESTAMP="/tmp/.stamp-stackstorm-st2-deb-package" | ||
|
|
||
| ## Permissions of directories which has to be reset on upgrade | ||
| RESET_PERMS=$(cat <<EHD | sed 's/\s\+/ /g' | ||
| ug+rw root:_packsgroup /opt/stackstorm/packs | ||
| ug+rw root:_packsgroup /usr/share/doc/st2/examples | ||
| ug+rw root:_packsgroup /opt/stackstorm/virtualenvs | ||
| 755 _st2user:root /opt/stackstorm/configs | ||
| 755 _st2user:root /opt/stackstorm/overrides | ||
| 755 _st2user:root /opt/stackstorm/exports | ||
| EHD | ||
| ) | ||
|
|
||
| ## Create stackstorm users and groups | ||
| create_users() { | ||
| # create st2 user (services user) | ||
| (id $ST2_USER 1>/dev/null 2>&1) || | ||
| adduser --group --disabled-password --no-create-home --system $ST2_USER | ||
|
|
||
| # make st2 member of st2packs group | ||
| (getent group $PACKS_GROUP 1>/dev/null 2>&1) || groupadd -r $PACKS_GROUP | ||
| (groups $ST2_USER 2>/dev/null | grep -q "\b${PACKS_GROUP}\b") || | ||
| usermod -a -G $PACKS_GROUP $ST2_USER | ||
|
|
||
| # create stanley user (for actionrunner service) | ||
| if (! id $SYS_USER 1>/dev/null 2>&1); then | ||
| adduser --group $SYS_USER | ||
| adduser --disabled-password --gecos "" --ingroup $SYS_USER $SYS_USER | ||
| fi | ||
| } | ||
|
|
||
| ## [NOT USED!] Get current system user from the st2.conf | ||
| config_sysuser() { | ||
| # exit hooked | ||
| return 0 | ||
| local sysuser= | ||
| if [ -f $ST2_CONFPATH ]; then | ||
| sysuser=$(cat $ST2_CONFPATH | | ||
| sed -n -e '/\[system_user\]/,/\[.*\]\|\$/ { /\[.*\]/d; /user\s*=/ { s/\s*user\s*=\s*//; p } }') | ||
| fi | ||
| echo $sysuser | ||
| } | ||
|
|
||
| ## Update logrotate configuration | ||
| enable_logrotate() { | ||
| [ -f /etc/logrotate.d/st2-pkgsaved.disabled ] && | ||
| mv -f /etc/logrotate.d/st2-pkgsaved.disabled /etc/logrotate.d/st2 || : | ||
| } | ||
|
|
||
| ## Fix directories permissions on upgrade (different across maint scripts!) | ||
| # NB! USED FOR COMPATIBILITY ON UPGRADE FROM PREVIOUS VERSIONS OF PACKAGES. | ||
| # NB! In future package releases reseting permissions SHOULD BE REMOVED. | ||
| # | ||
| set_permissions() { | ||
| local fileperms="$1" mode= ownership= path= current_ownership= user= group= | ||
|
|
||
| echo "$fileperms" | sed -e "s/_packsgroup/$PACKS_GROUP/g" -e "s/_st2user/$ST2_USER/g" | | ||
| while read mode ownership path; do | ||
| user=$(echo $ownership | cut -f1 -d:) | ||
| group=$(echo $ownership | cut -f2 -d:) | ||
| # set top level permissions whether it's a file or directory | ||
| [ -e $path ] || continue | ||
| chown $ownership $path && chmod $mode $path | ||
|
|
||
| # recursively change permissions of children (since those are directories) | ||
| find $path -mindepth 1 -maxdepth 1 -not \( -user $user -group $group \) | | ||
| xargs -I {} sh -c "echo chown -R $ownership {} && echo chmod -R $mode {}" | ||
| done | ||
| } | ||
|
|
||
| case "$1" in | ||
| install) | ||
| create_users | ||
| enable_logrotate | ||
| ;; | ||
| upgrade) | ||
| create_users | ||
| enable_logrotate | ||
| set_permissions "$RESET_PERMS" | ||
| touch $ST2_UPGRADESTAMP | ||
| ;; | ||
| abort-upgrade) | ||
| ;; | ||
| *) | ||
| echo "preinst called with unknown argument \`$1'" >&2 | ||
| exit 1 | ||
| ;; | ||
| esac | ||
|
|
||
| # dh_installdeb will replace this with shell code automatically | ||
| # generated by other debhelper scripts. | ||
|
|
||
| #DEBHELPER# | ||
|
|
||
| exit 0 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1 @@ | ||
| shell_sources(skip_shellcheck=True) |
|
Member
Author
There was a problem hiding this comment. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,4 @@ | ||
| set -e | ||
|
|
||
| # make sure that our socket generators run | ||
| systemctl daemon-reload >/dev/null 2>&1 || true |
|
Member
Author
There was a problem hiding this comment. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| set -e | ||
|
|
||
| PACKS_GROUP=%{packs_group} | ||
| SYS_USER=%{stanley_user} | ||
| ST2_USER=%{svc_user} | ||
|
|
||
| ## Permissions of directories which has to be reset on upgrade | ||
| RESET_PERMS=$(cat <<EHD | sed 's/\s\+/ /g' | ||
| ug+rw root:_packsgroup /opt/stackstorm/packs | ||
| ug+rw root:_packsgroup /usr/share/doc/st2/examples | ||
| ug+rw root:_packsgroup /opt/stackstorm/virtualenvs | ||
| 755 _st2user:root /opt/stackstorm/configs | ||
| 755 _st2user:root /opt/stackstorm/exports | ||
| 755 _st2user:root /opt/stackstorm/overrides | ||
| EHD | ||
| ) | ||
|
|
||
| ## Create stackstorm users and groups (differs from debian) | ||
| create_users() { | ||
| # create st2 user (services user) | ||
| (id $ST2_USER 1>/dev/null 2>&1) || | ||
| adduser --no-create-home --system --user-group $ST2_USER | ||
|
|
||
| # make st2 member of st2packs group | ||
| (getent group $PACKS_GROUP 1>/dev/null 2>&1) || groupadd -r $PACKS_GROUP | ||
| (groups $ST2_USER 2>/dev/null | grep -q "\b${PACKS_GROUP}\b") || | ||
| usermod -a -G $PACKS_GROUP $ST2_USER | ||
|
|
||
| # create stanley user (unprivileged action user, we don't ship sudoers.d config) | ||
| (id $SYS_USER 1>/dev/null 2>&1) || | ||
| adduser --user-group $SYS_USER | ||
| } | ||
|
|
||
| ## Fix directories permissions on upgrade (different across maint scripts!) | ||
| # NB! USED FOR COMPATIBILITY ON UPGRADE FROM PREVIOUS VERSIONS OF PACKAGES. | ||
| # NB! In future package releases reseting permissions SHOULD BE REMOVED. | ||
| # | ||
| set_permissions() { | ||
| local fileperms="$1" mode= ownership= path= current_ownership= user= group= | ||
|
|
||
| echo "$fileperms" | sed -e "s/_packsgroup/$PACKS_GROUP/g" -e "s/_st2user/$ST2_USER/g" | | ||
| while read mode ownership path; do | ||
| user=$(echo $ownership | cut -f1 -d:) | ||
| group=$(echo $ownership | cut -f2 -d:) | ||
| # set top level permissions whether it's a file or directory | ||
| [ -e $path ] || continue | ||
| chown $ownership $path && chmod $mode $path | ||
|
|
||
| # recursively change permissions of children (since those are directories) | ||
| find $path -mindepth 1 -maxdepth 1 -not \( -user $user -group $group \) | | ||
| xargs -I {} sh -c "chown -R $ownership {} && chmod -R $mode {}" | ||
| done | ||
| } | ||
|
|
||
| create_users | ||
|
|
||
| # We perform upgrade (when install count > 1) | ||
| if [ "$1" -gt 1 ]; then | ||
| set_permissions "$RESET_PERMS" | ||
| fi |
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
same as https://github.com/StackStorm/st2-packages/blob/master/packages/st2/debian/postinst