path: root/configuration/debian/tedge/postinst

#!/bin/sh
set -e

### Create groups
# thin-edge.io compoments run within their own groups and users the following steps add new groups if they don't exist.
if ! getent group tedge-users >/dev/null; then
    addgroup --quiet tedge-users
fi

if ! getent group tedge >/dev/null; then
    addgroup --quiet --system tedge
fi

### Create users
# Create user tedge with no additional info(--gecos "") no home(--no-create-home), no login(--shell) and in group tedge(--ingroup)
if ! getent passwd tedge >/dev/null; then
    adduser --quiet --system --gecos "" --no-create-home --disabled-login --shell /sbin/nologin --ingroup tedge tedge
fi

### Create directories
# thin-edge.io uses `/etc/tedge` directory as its main configuration directory.
# This directory contains mqtt bus configuration directory under `mosquitto-conf`
# and device certificates under `device-certs` so both have to be created in the directory structure.
install -g tedge -o tedge -m 755 -d /etc/tedge
install -g tedge -o tedge -m 755 -d /etc/tedge/mosquitto-conf
install -g mosquitto -o mosquitto -m 755 -d /etc/tedge/device-certs

# Create directory for logs
install -g tedge -o tedge -m 755 -d /var/log/tedge

### Add include to mosquitto.conf so tedge specific conf will be loaded
if ! grep -q "/etc/tedge/mosquitto-conf" "/etc/mosquitto/mosquitto.conf"; then
    echo "include_dir /etc/tedge/mosquitto-conf" >>/etc/mosquitto/mosquitto.conf
fi

### Create file in /etc/sudoers.d directory. With this configuration, all users in the group tedge-users have the right to call the tedge command with sudo rights, which is required for system-wide configuration in "/etc/tedge"
echo "%tedge-users   ALL = (ALL) /usr/bin/tedge" >/etc/sudoers.d/tedge-users

if [ -f "/etc/sudoers.d/010_pi-nopasswd" ]; then
    echo "%tedge-users   ALL = (ALL) NOPASSWD: /usr/bin/tedge" >/etc/sudoers.d/tedge-users-nopasswd
fi

### Below are automatically created script parts by cargo deb (Search for cargo deb DEBHELPER)
#DEBHELPER#