#!/sbin/openrc-run
# Copyright 1999-2017 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2

pidfile="/run/${RC_SVCNAME}.pid"
command="/usr/bin/couchdb"

# CouchDB can't drop privileges on its own, so it's not possible to
# run it as a restricted user and still make use of the PID file that
# it creates. Instead, we run the daemon in the foreground, and let
# OpenRC background it and manage its PID file.
command_args="-o ${COUCHDB_STDOUT_FILE}
	-e ${COUCHDB_STDERR_FILE}
	${COUCHDB_OPTIONS}"
command_user="${COUCHDB_USER}"
command_background="true"

start_pre() {
	# While the PID file is stored directly in /run, the default.init
	# file that we ship specifies another setting,
	#
	#   uri_file = /var/run/couchdb/couch.uri
	#
	# that requires this directory to be writable by the CouchDB user.
	#
	# WARNING: that default.ini file is writable by $COUCHDB_USER, so
	# it is NOT safe to parse the setting out of it and then call
	# "checkpath" on what we find as root. The $COUCHDB_USER could
	# trick us into giving away ownership of an arbitrary directory
	# that way.
	checkpath --directory \
			  --mode 0755 \
			  --owner "${COUCHDB_USER}" \
			  /var/run/couchdb
}