diff --git a/rpm/postinst b/rpm/postinst index 708fa8fb..d24e1f24 100644 --- a/rpm/postinst +++ b/rpm/postinst @@ -1,41 +1,40 @@ #!/bin/sh set -e +# TODO: make a real RPM spec file and move all of this into the spec file +# + TUWUNEL_DATABASE_PATH=/var/lib/tuwunel TUWUNEL_CONFIG_PATH=/etc/tuwunel -case "$1" in - configure) - # Create the `tuwunel` user if it does not exist yet. - if ! getent passwd tuwunel > /dev/null ; then - echo 'Adding system user for the tuwunel Matrix homeserver' 1>&2 - useradd --system --user-group \ - --create-home --home-dir "$TUWUNEL_DATABASE_PATH" \ - --shell "/usr/sbin/nologin" \ - tuwunel - fi +# Create the `tuwunel` user if it does not exist yet. +if ! getent passwd tuwunel > /dev/null ; then + echo 'Adding system user for the tuwunel Matrix homeserver' 1>&2 + useradd --system --user-group \ + --create-home --home-dir "$TUWUNEL_DATABASE_PATH" \ + --shell "/usr/sbin/nologin" \ + tuwunel +fi - # Create the database path if it does not exist yet and fix up ownership - # and permissions for the config. - mkdir -v -p "$TUWUNEL_DATABASE_PATH" +# Create the database path if it does not exist yet and fix up ownership +# and permissions for the config. +mkdir -v -p "$TUWUNEL_DATABASE_PATH" - # symlink the previous location for compatibility if it does not exist yet. - if ! test -L "/var/lib/matrix-conduit" ; then - ln -s -v "$TUWUNEL_DATABASE_PATH" "/var/lib/matrix-conduit" - fi - if ! test -L "/var/lib/conduwuit" ; then - ln -s -v "$TUWUNEL_DATABASE_PATH" "/var/lib/conduwuit" - fi +# symlink the previous location for compatibility if it does not exist yet. +if ! test -L "/var/lib/matrix-conduit" ; then + ln -s -v "$TUWUNEL_DATABASE_PATH" "/var/lib/matrix-conduit" +fi - chown -v tuwunel:tuwunel -R "$TUWUNEL_DATABASE_PATH" - chown -v tuwunel:tuwunel -R "$TUWUNEL_CONFIG_PATH" +if ! test -L "/var/lib/conduwuit" ; then + ln -s -v "$TUWUNEL_DATABASE_PATH" "/var/lib/conduwuit" +fi - chmod -v 740 "$TUWUNEL_DATABASE_PATH" +chown -v tuwunel:tuwunel -R "$TUWUNEL_DATABASE_PATH" +chown -v tuwunel:tuwunel -R "$TUWUNEL_CONFIG_PATH" - echo '' - echo 'Make sure you edit the example config at /etc/tuwunel/tuwunel.toml before starting!' - echo 'To start the server, run: systemctl start tuwunel.service' - echo '' +chmod -v 740 "$TUWUNEL_DATABASE_PATH" - ;; -esac +echo '' +echo 'Make sure you edit the example config at /etc/tuwunel/tuwunel.toml before starting!' +echo 'To start the server, run: systemctl start tuwunel.service' +echo '' diff --git a/rpm/sysusers b/rpm/sysusers new file mode 100644 index 00000000..4a6ed00e --- /dev/null +++ b/rpm/sysusers @@ -0,0 +1 @@ +u tuwunel - "tuwunel Matrix homeserver" /var/lib/tuwunel /usr/sbin/nologin diff --git a/src/main/Cargo.toml b/src/main/Cargo.toml index aafc5545..76762b8f 100644 --- a/src/main/Cargo.toml +++ b/src/main/Cargo.toml @@ -43,8 +43,9 @@ post_install_script = "rpm/postinst" assets = [ { source = "target/release/tuwunel", dest = "/usr/sbin/tuwunel", mode = "755" }, { source = "README.md", dest = "/usr/share/doc/tuwunel/", mode = "644", doc = true }, - { source = "tuwunel-example.toml", dest = "/etc/tuwunel/tuwunel.toml", mode = "640", config = "noreplace" }, + { source = "tuwunel-example.toml", dest = "/etc/tuwunel/tuwunel.toml", mode = "640", config = "noreplace", user = "tuwunel", group = "tuwunel" }, { source = "rpm/tuwunel.service", dest = "/etc/systemd/system/", mode = "644" }, + { source = "rpm/sysusers", dest = "/usr/lib/sysusers.d/tuwunel.conf", mode = "644" }, ] [package.metadata.arch]