From c9879a60e2c2dded5dbc3a88ef5771d84442cac4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Greg=20Kar=C3=A9kinian?= <greg@karekinian.com>
Date: Fri, 28 Apr 2017 12:01:07 +0200
Subject: [PATCH] Run sockethub as its own user

---
 site-cookbooks/sockethub/recipes/default.rb | 29 ++++++++++++++++-----
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/site-cookbooks/sockethub/recipes/default.rb b/site-cookbooks/sockethub/recipes/default.rb
index daa6b63..4c7d4c6 100644
--- a/site-cookbooks/sockethub/recipes/default.rb
+++ b/site-cookbooks/sockethub/recipes/default.rb
@@ -2,26 +2,41 @@
 # Cookbook Name:: sockethub
 # Recipe:: default
 #
-# Copyright 2015, Kosmos
+# Copyright 2015-2017, Kosmos
 #
 # All rights reserved - Do Not Redistribute
 #
 
 include_recipe 'kosmos-nodejs'
 include_recipe 'kosmos-redis'
-package "git"
+
+group "sockethub" do
+  gid 7625
+end
+
+user "sockethub" do
+  comment     "sockethub user"
+  uid         7625
+  gid         7625
+  manage_home true
+  shell       "/bin/bash"
+end
 
 path_to_deploy = "/opt/sockethub"
 application path_to_deploy do
-  owner "www-data"
-  group "www-data"
+  owner "sockethub"
+  group "sockethub"
 
   git do
+    user  "sockethub"
+    group "sockethub"
     repository 'https://github.com/sockethub/sockethub.git'
     revision   'v1.0.5'
   end
 
-  npm_install
+  npm_install do
+    user  "sockethub"
+  end
 
   execute "systemctl daemon-reload" do
     command "systemctl daemon-reload"
@@ -34,8 +49,8 @@ application path_to_deploy do
     group 'root'
     mode '0644'
     variables(
-      :user => owner,
-      :group => group,
+      :user => "sockethub",
+      :group => "sockethub",
       :app_dir => path_to_deploy,
       :entry => "/usr/local/bin/node /usr/local/bin/npm start",
       :environment => { 'DEBUG' => '*',