#!/bin/sh

# Unset ENV variables that might interfere with
# omnibus-gitlab ruby env (looking at you rvm, and bundler)
for ruby_env_var in RUBYOPT \
                    RUBYLIB \
                    BUNDLE_BIN_PATH \
                    BUNDLE_GEMFILE \
                    GEM_PATH \
                    GEM_HOME
do
  unset $ruby_env_var
done

error_echo()
{
  echo "$1" 2>& 1
}

gitlab_rails_rc='<%= install_dir %>/etc/gitlab-rails-rc'
if ! [ -f ${gitlab_rails_rc} ] ; then
  error_echo "$0 error: could not load ${gitlab_rails_rc}"
  error_echo "Either you are not allowed to read the file, or it does not exist yet."
  error_echo "You can generate it with:   sudo gitlab-ctl reconfigure"
  exit 1
fi

. ${gitlab_rails_rc}

cd <%= install_dir %>/embedded/service/gitlab-rails

if [ -n "$NO_PRIVILEGE_DROP" ]; then
  privilege_drop=''
elif [ "$(id -n -u)" = "${gitlab_user}" ] ; then
  # We are already running at the intended privilege; don't try to drop
  # privileges again because only root can do that (and we are apparently not
  # root!).
  privilege_drop=''
else
  privilege_drop="-u ${gitlab_user}:${gitlab_group}"
fi

# Suppress one-line pattern matching warnings: https://gitlab.com/gitlab-org/gitlab/-/issues/420811
rubyopt="RUBYOPT=-W:no-experimental"

exec <%= install_dir %>/embedded/bin/chpst -e <%= install_dir %>/etc/gitlab-rails/env ${privilege_drop} -U ${gitlab_user}:${gitlab_group} /usr/bin/env ${rubyopt} <%= install_dir %>/embedded/bin/bundle exec <%= command %>