diff options
author | Andrew Cady <d@jerkface.net> | 2020-09-15 21:10:05 -0400 |
---|---|---|
committer | Andrew Cady <d@jerkface.net> | 2020-09-15 21:10:05 -0400 |
commit | 1d03f9a0ebaa36fd5f2c6e46d0b39d5743c50dd5 (patch) | |
tree | d76ba1cf07c24afa9596bc764e49aabbba7637a6 /selfpublish.sh | |
parent | d54822906784f6db8305593da620f930d718858c (diff) |
WKS/WKD support
see https://wiki.gnupg.org/WKS
Diffstat (limited to 'selfpublish.sh')
-rw-r--r-- | selfpublish.sh | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/selfpublish.sh b/selfpublish.sh index c97163f..7d19690 100644 --- a/selfpublish.sh +++ b/selfpublish.sh | |||
@@ -56,6 +56,7 @@ cgit | |||
56 | curl | 56 | curl |
57 | fortune-mod | 57 | fortune-mod |
58 | fortunes-min | 58 | fortunes-min |
59 | gnupg (>= 2.2.14) | ||
59 | libssl1.1 (>= 1.1.1d) | 60 | libssl1.1 (>= 1.1.1d) |
60 | openssl | 61 | openssl |
61 | EOF | 62 | EOF |
@@ -366,12 +367,51 @@ install_tls_public_certificate() | |||
366 | fi | 367 | fi |
367 | } | 368 | } |
368 | 369 | ||
370 | get_home() | ||
371 | { | ||
372 | [ "$1" ] && getent passwd "$1" | (IFS=: read _ _ _ _ _ h _ && echo $h) | ||
373 | } | ||
374 | |||
375 | process_key() | ||
376 | { | ||
377 | local uid="$1" domain="${1#*@}" destdir="$2" tdir | ||
378 | while read keyid some_uid | ||
379 | do | ||
380 | [ "$some_uid" = "$uid" ] || continue | ||
381 | tempdir=$(mktemp -d) | ||
382 | /usr/lib/gnupg/gpg-wks-client --install-key -C "$tempdir" "$keyid" "$uid" 2>/dev/null | ||
383 | mkdir -p "$destdir" | ||
384 | mv "$tempdir"/"$domain"/hu/* -t "$destdir" | ||
385 | rm -rf "$tempdir" | ||
386 | done | ||
387 | } | ||
388 | |||
389 | install_gpg_rings() | ||
390 | { | ||
391 | ( | ||
392 | domain=$DOMAIN | ||
393 | dest=/srv/$domain/public_html/.well-known/openpgpkey/hu | ||
394 | uid=${SUDO_USER:-$(id -un)}@$domain | ||
395 | |||
396 | if [ "$SUDO_USER" -a ! "$GNUPGHOME" ] | ||
397 | then | ||
398 | GNUPGHOME=$(get_home "$SUDO_USER")/.gnupg | ||
399 | export GNUPGHOME | ||
400 | fi | ||
401 | |||
402 | gpg --list-options show-only-fpr-mbox -k "$uid" 2>&- | process_key "$uid" "$dest" | ||
403 | |||
404 | find /srv/"$DOMAIN"/public_html/.well-known/openpgpkey/ -type d -exec chmod 755 '{}' ';' | ||
405 | ) | ||
406 | } | ||
407 | |||
369 | configure_apache_vhost() | 408 | configure_apache_vhost() |
370 | { | 409 | { |
371 | enable_apache_modules | 410 | enable_apache_modules |
372 | install_self_to_site | 411 | install_self_to_site |
373 | install_header_to_site | 412 | install_header_to_site |
374 | install_tls_public_certificate | 413 | install_tls_public_certificate |
414 | install_gpg_rings | ||
375 | write_cgit_config | 415 | write_cgit_config |
376 | } | 416 | } |
377 | 417 | ||