From 99bd1a795a6d8b82ef60f8ca080777c53b73ed7a Mon Sep 17 00:00:00 2001
From: Jamil Bou Kheir <jamil@elbii.com>
Date: Wed, 4 Aug 2021 07:39:36 -0700
Subject: [PATCH] Checkpoint before move to Omnibus

---
 .github/workflows/build_base_images.yml | 38 ----------------------
 scripts/install.sh                      | 42 +++++++++++++++++++++++--
 2 files changed, 39 insertions(+), 41 deletions(-)
 delete mode 100644 .github/workflows/build_base_images.yml

diff --git a/.github/workflows/build_base_images.yml b/.github/workflows/build_base_images.yml
deleted file mode 100644
index ccca6b1fb..000000000
--- a/.github/workflows/build_base_images.yml
+++ /dev/null
@@ -1,38 +0,0 @@
-name: Build base images
-on:
-  workflow_dispatch:
-  schedule:
-    - cron: '0 10 * * *' # 10am UTC
-
-jobs:
-  build-and-push:
-    env:
-      MATRIX_IMAGE: ${{ matrix.image }}
-      MATRIX_PLATFORM: ${{ matrix.platform }}
-    strategy:
-      matrix:
-        image:
-          - centos:7
-          - centos:8
-          - fedora:33
-          - fedora:34
-          - debian:10
-          - ubuntu:18.04
-          - ubuntu:20.04
-        platform:
-          - linux/amd64
-    runs-on: ubuntu-20.04
-    steps:
-      - uses: docker/login-action@v1
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-      - uses: actions/checkout@v2
-      - run: |
-          # Required due to a buildx bug.
-          # See https://github.com/docker/buildx/issues/495#issuecomment-761562905
-          docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
-          docker buildx create --name multiarch --driver docker-container --use
-          docker buildx inspect --bootstrap
-          .ci/build_base.sh
diff --git a/scripts/install.sh b/scripts/install.sh
index 5a8b29139..0344039f1 100755
--- a/scripts/install.sh
+++ b/scripts/install.sh
@@ -34,7 +34,43 @@ else
   download_release
 fi
 
-echo "Extracting package to /opt/firezone..."
-tar -zxf $file -C /opt/
+echo "Setting up FireZone..."
+echo
 
-echo "FireZone installed!"
+if id firezone &>/dev/null; then
+  echo "firezone user exists... not creating."
+else
+  echo "Creating system user firezone"
+  useradd --system firezone
+fi
+
+echo "Extracting package to /opt/firezone..."
+echo
+tar -zxf $file -C /opt/
+chmod -R firezone:firezone /opt/firezone
+
+# Create DB user
+echo "Creating DB user..."
+hostname=$(hostname)
+db_user=firezone
+db_password="$(openssl rand -hex 16)"
+res=$(su postgres -c "psql -c \"SELECT 1 FROM pg_roles WHERE rolname = '${db_user}';\"")
+if [[ $res == *"0 rows"* ]]; then
+  su postgres -c "psql -c \"CREATE ROLE ${db_user} WITH LOGIN PASSWORD '${db_password}';\""
+else
+  echo "${db_user} role found in DB"
+fi
+
+# Create DB if not exists
+db_name=firezone
+res=$(su postgres -c "psql -c \"SELECT 1 FROM pg_database WHERE datname = '${db_name}';\"")
+if [[ $res == *"0 rows"* ]]; then
+  su postgres -c "psql -c \"CREATE DATABASE firezone;\" || true"
+else
+  echo "${db_name} exists; not creating"
+fi
+
+
+
+
+echo "FireZone installed successfully!"