Overview

File gitlab-generate-secrets of Package gitlab-common

#!/usr/bin/ruby

require 'securerandom'
require 'fileutils'
require 'base64'

DEBUG=false
BASEDIR=ARGV.first || '/srv/www/vhosts/gitlab-ce'

def secret_has_correct_length?(secret_file, secret_size)
  return false if File.size?(secret_file).nil?
  puts "Reading file #{secret_file}" if DEBUG
  fc=File.read(secret_file)
  decoded=Base64.decode64(fc)
  ret=decoded.length!=secret_size
  puts "Length of #{secret_file} is #{decoded.length} vs #{secret_size} == #{ret}" if DEBUG
  return ret
end

def write_secret_base64_file(secret_file, secret_size)
  secret_file=File.join(BASEDIR, secret_file)

  if secret_has_correct_length?(secret_file,secret_size)
    puts "need new file #{secret_file}" if DEBUG
    secret_token = SecureRandom.base64(secret_size)
    File.write(secret_file, secret_token)
  end
  FileUtils.chown 'root', 'gitlab', secret_file
end

File.umask(027)

write_secret_base64_file '.gitlab_shell_secret',     32
write_secret_base64_file '.gitlab_pages_secret',     32
write_secret_base64_file '.gitlab_workhorse_secret', 32
openSUSE Build Service is sponsored by
Places