use cryptonomic-gpg instead of redundant implementation

author: Andrew Cady <d@jerkface.net> 2021-09-28 18:36:24 -0400
committer: Andrew Cady <d@jerkface.net> 2021-09-28 18:36:24 -0400
commit: 491c9207526c0e934518e9aebfdf53bd663f7329 (patch)
tree: f95a52d54c9e37f24d4b1abab9094ed187004ec1
parent: 827db94875107b8272dcbb5b551b10d83b725657 (diff)
1 files changed, 3 insertions, 39 deletions
diff --git a/selfpublish.sh b/selfpublish.sh
index 2f6caae..47adb59 100644
--- a/selfpublish.sh
+++ b/selfpublish.sh
@@ -311,12 +311,13 @@ make_directories_maybe_become_root()
            [ -w "$hu_dir" ] || exec sudo -- "$0" "$@" || die "failed to exec sudo"
        else
            [ -w "$html_dir" ] || exec sudo -- "$0" "$@" || die "failed to exec sudo"
-            mkdir -p "$hu_dir"
+            mkdir -m0755 -p "$hu_dir"
        fi
    else
        die "Directory not found: '$html_dir' -- you probably need to run selfpublish.sh"
        # TODO: just run selfpublish here
    fi
+    find "$html_dir"/.well-known/openpgpkey/ -xdev -type d -exec chmod 755 '{}' ';'
 }
 process_key()
@@ -711,46 +712,9 @@ install_tls_public_certificate()
    fi
 }
-get_home()
-{
-    [ "$1" ] && getent passwd "$1" | (IFS=: read _ _ _ _ _ h _ && echo $h)
-}
-process_key()
-{
-    local uid="$1" domain="${1#*@}" destdir="$2" tdir
-    while read keyid some_uid
-    do
-        [ "$some_uid" = "$uid" ] || continue
-        tempdir=$(mktemp -d)
-        /usr/lib/gnupg/gpg-wks-client --install-key -C "$tempdir" "$keyid" "$uid" 2>/dev/null
-        mkdir -p "$destdir"
-        mv "$tempdir"/"$domain"/hu/* -t "$destdir"
-        rm -rf "$tempdir"
-    done
-}
 install_gpg_rings()
 {
-    (
+    cryptonomic gpg
-        domain=$DOMAIN
-        dest=/srv/$domain/public_html/.well-known/openpgpkey/hu
-        uid=${SUDO_USER:-$(id -un)}@$domain
-        if [ "$SUDO_USER" -a ! "$GNUPGHOME" ]
-        then
-            GNUPGHOME=$(get_home "$SUDO_USER")/.gnupg
-            export GNUPGHOME
-        fi
-        [ -d "$dest" ] || mkdir -p "$dest"
-        gpg --list-options show-only-fpr-mbox -k "$uid" 2>&- | process_key "$uid" "$dest"
-        find /srv/"$DOMAIN"/public_html/.well-known/openpgpkey/ -type d -exec chmod 755 '{}' ';'
-        ln -sfT .well-known/openpgpkey/hu /srv/"$domain"/public_html/openpgpkey
-    )
 }
 configure_apache_vhost()
author	Andrew Cady <d@jerkface.net>	2021-09-28 18:36:24 -0400
committer	Andrew Cady <d@jerkface.net>	2021-09-28 18:36:24 -0400
commit	491c9207526c0e934518e9aebfdf53bd663f7329 (patch)
tree	f95a52d54c9e37f24d4b1abab9094ed187004ec1
parent	827db94875107b8272dcbb5b551b10d83b725657 (diff)

diff --git a/selfpublish.sh b/selfpublish.sh index 2f6caae..47adb59 100644 --- a/selfpublish.sh +++ b/selfpublish.sh
@@ -311,12 +311,13 @@ make_directories_maybe_become_root()
311	[ -w "$hu_dir" ] \|\| exec sudo -- "$0" "$@" \|\| die "failed to exec sudo"	311	[ -w "$hu_dir" ] \|\| exec sudo -- "$0" "$@" \|\| die "failed to exec sudo"
312	else	312	else
313	[ -w "$html_dir" ] \|\| exec sudo -- "$0" "$@" \|\| die "failed to exec sudo"	313	[ -w "$html_dir" ] \|\| exec sudo -- "$0" "$@" \|\| die "failed to exec sudo"
314	mkdir -p "$hu_dir"	314	mkdir -m0755 -p "$hu_dir"
315	fi	315	fi
316	else	316	else
317	die "Directory not found: '$html_dir' -- you probably need to run selfpublish.sh"	317	die "Directory not found: '$html_dir' -- you probably need to run selfpublish.sh"
318	# TODO: just run selfpublish here	318	# TODO: just run selfpublish here
319	fi	319	fi
		320	find "$html_dir"/.well-known/openpgpkey/ -xdev -type d -exec chmod 755 '{}' ';'
320	}	321	}
321		322
322	process_key()	323	process_key()
@@ -711,46 +712,9 @@ install_tls_public_certificate()
711	fi	712	fi
712	}	713	}
713		714
714	get_home()
715	{
716	[ "$1" ] && getent passwd "$1" \| (IFS=: read _ _ _ _ _ h _ && echo $h)
717	}
718
719	process_key()
720	{
721	local uid="$1" domain="${1#*@}" destdir="$2" tdir
722	while read keyid some_uid
723	do
724	[ "$some_uid" = "$uid" ] \|\| continue
725	tempdir=$(mktemp -d)
726	/usr/lib/gnupg/gpg-wks-client --install-key -C "$tempdir" "$keyid" "$uid" 2>/dev/null
727	mkdir -p "$destdir"
728	mv "$tempdir"/"$domain"/hu/* -t "$destdir"
729	rm -rf "$tempdir"
730	done
731	}
732
733	install_gpg_rings()	715	install_gpg_rings()
734	{	716	{
735	(	717	cryptonomic gpg
736	domain=$DOMAIN
737	dest=/srv/$domain/public_html/.well-known/openpgpkey/hu
738	uid=${SUDO_USER:-$(id -un)}@$domain
739
740	if [ "$SUDO_USER" -a ! "$GNUPGHOME" ]
741	then
742	GNUPGHOME=$(get_home "$SUDO_USER")/.gnupg
743	export GNUPGHOME
744	fi
745
746	[ -d "$dest" ] \|\| mkdir -p "$dest"
747
748	gpg --list-options show-only-fpr-mbox -k "$uid" 2>&- \| process_key "$uid" "$dest"
749
750	find /srv/"$DOMAIN"/public_html/.well-known/openpgpkey/ -type d -exec chmod 755 '{}' ';'
751
752	ln -sfT .well-known/openpgpkey/hu /srv/"$domain"/public_html/openpgpkey
753	)
754	}	718	}
755		719
756	configure_apache_vhost()	720	configure_apache_vhost()