Skip to content
Snippets Groups Projects
Commit 126f1659 authored by Julian's avatar Julian
Browse files

Auto-generate SECRET_KEY in Debian package, minor improvement of uffd-admin

parent e34b87db
No related branches found
No related tags found
No related merge requests found
#!/bin/bash -x
#!/bin/sh
set -e
set -eu
export FLASK_APP=/usr/share/uffd/uffd
export CONFIG_FILENAME=/etc/uffd/uffd.cfg
if [ "$(whoami)" = "uffd" ]; then
flask "$@"
elif command -v sudo &> /dev/null; then
elif command -v sudo > /dev/null 2>&1; then
exec sudo --preserve-env=FLASK_APP,CONFIG_FILENAME -u uffd flask "$@"
elif command -v runuser &> /dev/null; then
elif command -v runuser > /dev/null 2>&1; then
exec runuser --preserve-environment -u uffd -- flask "$@"
else
echo "Could not not become 'uffd' user, exiting"
......
......@@ -10,6 +10,13 @@ case "$1" in
chown -R uffd:uffd /var/lib/uffd
chmod 0770 /var/lib/uffd
python3 <<EOF
import secrets
cfg = open('/etc/uffd/uffd.cfg', 'r').read()
cfg = cfg.replace('\n#SECRET=autogenerated by postinst script\n',
'\nSECRET="'+secrets.token_hex(128)+'"\n', 1)
open('/etc/uffd/uffd.cfg', 'w').write(cfg)
EOF
chown root:uffd /etc/uffd/uffd.cfg
chmod 0640 /etc/uffd/uffd.cfg
......
FLASK_ENV="production"
SQLALCHEMY_DATABASE_URI="sqlite:////var/lib/uffd/db.sqlite"
#SECRET=autogenerated by postinst script
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment