2014-11-14 17:05:10 +00:00 · 2014-11-14 17:05:10 +00:00 · d65d4832f1
parent 70c9a6e00b b6fc9143c8
commit d65d4832f1
3 changed files with 20 additions and 0 deletions
--- a/files/gitlab-cookbooks/gitlab/libraries/gitlab.rb
+++ b/files/gitlab-cookbooks/gitlab/libraries/gitlab.rb
@ -76,6 +76,7 @@ module Gitlab
        end
      end

+      Gitlab['gitlab_shell']['secret_token'] ||= generate_hex(64)
      Gitlab['gitlab_rails']['secret_token'] ||= generate_hex(64)
      Gitlab['gitlab_ci']['secret_token'] ||= generate_hex(64)

@ -83,6 +84,9 @@ module Gitlab
        File.open("/etc/gitlab/gitlab-secrets.json", "w") do |f|
          f.puts(
            Chef::JSONCompat.to_json_pretty({
+              'gitlab_shell' => {
+                'secret_token' => Gitlab['gitlab_shell']['secret_token'],
+              },
              'gitlab_rails' => {
                'secret_token' => Gitlab['gitlab_rails']['secret_token'],
              },
--- a/files/gitlab-cookbooks/gitlab/recipes/gitlab-rails.rb
+++ b/files/gitlab-cookbooks/gitlab/recipes/gitlab-rails.rb
@ -25,6 +25,9 @@ gitlab_rails_tmp_dir = File.join(gitlab_rails_dir, "tmp")
 gitlab_rails_public_uploads_dir = node['gitlab']['gitlab-rails']['uploads_directory']
 gitlab_rails_log_dir = node['gitlab']['gitlab-rails']['log_directory']

+# Needed for .gitlab_shell_secret
+gitlab_shell_var_dir = "/var/opt/gitlab/gitlab-shell"
+
 [
  gitlab_rails_etc_dir,
  gitlab_rails_static_etc_dir,
@ -160,6 +163,10 @@ template_symlink File.join(gitlab_rails_etc_dir, "rack_attack.rb") do
  restarts dependent_services
 end

+link File.join(gitlab_rails_source_dir, ".gitlab_shell_secret") do
+  to File.join(gitlab_shell_var_dir, "gitlab_shell_secret")
+end
+
 directory node['gitlab']['gitlab-rails']['satellites_path'] do
  owner node['gitlab']['user']['username']
  group node['gitlab']['user']['group']
--- a/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
+++ b/files/gitlab-cookbooks/gitlab/recipes/gitlab-shell.rb
@ -97,3 +97,12 @@ template_symlink File.join(gitlab_shell_var_dir, "config.yml") do
    :log_file => File.join(log_directory, "gitlab-shell.log")
  )
 end
+
+template_symlink File.join(gitlab_shell_var_dir, "gitlab_shell_secret") do
+  link_from File.join(gitlab_shell_dir, ".gitlab_shell_secret")
+  source "secret_token.erb"
+  owner "root"
+  group "root"
+  mode "0644"
+  variables(node['gitlab']['gitlab-shell'].to_hash)
+end