Date: Tue, 23 Oct 2012 15:03:54 +0200
Subject: Convert the reprepro class to parametrized format
We remove the deprecated dynamic lookup for variables and now have them as
class parameters.
The reprepro::cron and reprepro::inoticoming classes have been integrated
in the reprepro class as two boolean arguments. As these are not mutually
exclusive, it is cleaner that way.
We add a test manifest for the reprepro class along the way.
---
README | 20 ++++-----
manifests/cron.pp | 8 ----
manifests/init.pp | 99 ++++++++++++++++++++++++++++++---------------
manifests/inotify.pp | 31 --------------
templates/distributions.erb | 30 +++++++-------
templates/index.html.erb | 2 +-
templates/uploaders.erb | 2 +-
tests/init.pp | 5 +++
8 files changed, 98 insertions(+), 99 deletions(-)
delete mode 100644 manifests/cron.pp
delete mode 100644 manifests/inotify.pp
create mode 100644 tests/init.pp
diff --git a/README b/README
index 2114f2d..64f4a90 100644
--- a/README
+++ b/README
@@ -1,8 +1,8 @@
-Variables
-=========
+Parameters
+==========
-$reprepro_manage_distributions_conf, $reprepro_manage_incoming_conf
--------------------------------------------------------------------
+manage_distributions_conf, manage_incoming_conf
+-----------------------------------------------
If true, the content of -respectively- the conf/distributions and
conf/incoming files is managed by this module. Else, only the
@@ -10,18 +10,18 @@ existence, ownership and permissions are.
Default: true.
-$reprepro_basedir_mode
------------------------
+basedir_mode
+------------
This module manages the reprepro base directory and sets its
-permissions to $reprepro_basedir_mode.
+permissions to `basedir_mode`.
Default: 0771
-$reprepro_incoming_mode
------------------------
+incoming_mode
+-------------
This module manages the reprepro incoming directory and sets its
-permissions to $reprepro_incoming_mode.
+permissions to `incoming_mode`.
Default: 1777
diff --git a/manifests/cron.pp b/manifests/cron.pp
deleted file mode 100644
index 1fae59e..0000000
--- a/manifests/cron.pp
+++ /dev/null
@@ -1,8 +0,0 @@
-class reprepro::cron inherits reprepro {
- cron { reprepro:
- command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming",
- user => reprepro,
- minute => '*/5',
- require => [ Package['reprepro'], File["$basedir/conf/distributions"] ]
- }
-}
diff --git a/manifests/init.pp b/manifests/init.pp
index 77a014d..ebf8a91 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,38 +1,20 @@
-class reprepro {
-
- case $reprepro_manage_distributions_conf {
- '': { $reprepro_manage_distributions_conf = true }
- }
-
- case $reprepro_manage_incoming_conf {
- '': { $reprepro_manage_incoming_conf = true }
- }
-
- case $reprepro_origin {
- '': { $reprepro_origin = $domain }
- }
-
- case $reprepro_uploaders {
- '': { fail("You need the repository uploaders! Please set \$reprepro_uploaders in your config") }
- }
-
- $basedir = $reprepro_basedir ? {
- '' => '/srv/reprepro',
- default => $reprepro_basedir,
- }
-
+class reprepro (
+ $uploaders = 'undefined',
+ $basedir = '/srv/reprepro',
+ $origin = $::domain,
+ $basedir_mode = '0771',
+ $incoming_mode = '1777',
+ $manage_distributions_conf = true,
+ $manage_incoming_conf = true,
+ $handle_incoming_with_cron = false,
+ $handle_incoming_with_inotify = false,
+){
package {
"reprepro": ensure => 'installed';
}
- $basedir_mode = $reprepro_basedir_mode ? {
- '' => 0771,
- default => $reprepro_basedir_mode,
- }
-
- $incoming_mode = $reprepro_incoming_mode ? {
- '' => 1777,
- default => $reprepro_incoming_mode,
+ if $uploaders == 'undefined' {
+ fail("The uploaders parameter is required by the reprepro class.")
}
user { "reprepro":
@@ -113,7 +95,7 @@ class reprepro {
mode => 755,
}
- if $reprepro_manage_distributions_conf {
+ if $manage_distributions_conf {
File["$basedir/conf/distributions"] {
owner => root,
group => reprepro,
@@ -135,7 +117,7 @@ class reprepro {
}
}
- if $reprepro_manage_incoming_conf {
+ if $manage_incoming_conf {
File["$basedir/conf/incoming"] {
mode => 0664,
owner => root,
@@ -144,6 +126,57 @@ class reprepro {
}
}
+ # Handling of incoming with cron
+
+ $cron_presence = $handle_incoming_with_cron ? {
+ true => present,
+ default => absent,
+ }
+
+ cron { 'reprepro':
+ ensure => $cron_presence,
+ command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming",
+ user => reprepro,
+ minute => '*/5',
+ require => [ Package['reprepro'], File["$basedir/conf/distributions"] ],
+ }
+
+ # Handling of incoming with inoticoming
+
+ $inoticoming_presence = $handle_incoming_with_inotify ? {
+ true => present,
+ default => absent,
+ }
+ $inoticoming_enabled = $handle_incoming_with_inotify ? {
+ true => true,
+ default => false,
+ }
+
+ package { 'inoticoming':
+ ensure => $inoticoming_presence,
+ }
+ file { '/etc/init.d/reprepro':
+ ensure => $inoticoming_presence,
+ owner => root,
+ group => root,
+ mode => 0755,
+ source => "puppet://${server}/modules/reprepro/inoticoming.init",
+ }
+ file { '/etc/default/reprepro':
+ ensure => $inoticoming_presence,
+ owner => root, group => root, mode => 0755,
+ content => template('reprepro/inoticoming.default.erb'),
+ }
+
+ service { 'reprepro':
+ ensure => $inoticoming_enabled,
+ enable => $inoticoming_enabled,
+ pattern => 'inoticoming.*reprepro.*processincoming',
+ hasstatus => false,
+ require => [ Package['inoticoming'],
+ File['/etc/default/reprepro'],
+ File['/etc/init.d/reprepro'] ],
+ }
exec {
"/usr/local/bin/reprepro-export-key":
diff --git a/manifests/inotify.pp b/manifests/inotify.pp
deleted file mode 100644
index 45fcb7e..0000000
--- a/manifests/inotify.pp
+++ /dev/null
@@ -1,31 +0,0 @@
-class reprepro::inotify inherits reprepro {
- case $lsbdistcodename {
- etch: {
- package {
- "inoticoming": ensure => '0.2.0-1~bpo40+1';
- }
- }
- default: {
- package {
- "inoticoming": ensure => 'installed';
- }
- }
- }
- file { "/etc/init.d/reprepro":
- owner => root, group => root, mode => 0755,
- source => "puppet://$server/modules/reprepro/inoticoming.init";
- }
- file { "/etc/default/reprepro":
- ensure => present,
- owner => root, group => root, mode => 0755,
- content => template('reprepro/inoticoming.default.erb'),
- }
-
- service { "reprepro":
- ensure => "running",
- pattern => "inoticoming.*reprepro.*processincoming",
- hasstatus => false,
- require => [File["/etc/default/reprepro"],
- File["/etc/init.d/reprepro"] ],
- }
-}
diff --git a/templates/distributions.erb b/templates/distributions.erb
index 8ec9883..44ba277 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -1,55 +1,55 @@
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: reallyoldstable
Codename: etch
Version: 3.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: oldstable
Pull: stable
Codename: lenny
Version: 5.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: stable
Pull: testing
Codename: squeeze
Version: 6.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: testing
Pull: unstable
Codename: wheezy
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: unstable
Codename: sid
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders-sid
diff --git a/templates/index.html.erb b/templates/index.html.erb
index 1173021..acbe2f7 100644
--- a/templates/index.html.erb
+++ b/templates/index.html.erb
@@ -5,7 +5,7 @@
Introduction
-This is the Debian package repository of <%= @reprepro_origin %>. It is used for internal
+
This is the Debian package repository of <%= @origin %>. It is used for internal
distribution of locally built packages not yet part of Debian. Feel free to use
it for yourself, but it comes at no warranty.
diff --git a/templates/uploaders.erb b/templates/uploaders.erb
index d962b55..ea64e1d 100644
--- a/templates/uploaders.erb
+++ b/templates/uploaders.erb
@@ -1,4 +1,4 @@
# reprepro uploaders, file managed by puppet
-<% @reprepro_uploaders.each do |uploader| -%>
+<% @uploaders.each do |uploader| -%>
allow * by key <%= uploader %>
<% end -%>
diff --git a/tests/init.pp b/tests/init.pp
new file mode 100644
index 0000000..d8d40ed
--- /dev/null
+++ b/tests/init.pp
@@ -0,0 +1,5 @@
+class { 'reprepro':
+ uploaders => ['DEADBEEF'],
+ handle_incoming_with_cron => true,
+ handle_incoming_with_inotify => true,
+}
--
cgit v1.2.3
From 7d8df54c88f2149e0ba47d4d9ca4b85ef0a3a528 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 17:22:24 +0200
Subject: Reduce duplication by using defaults for File resources
---
manifests/init.pp | 31 +++++++++++++++++--------------
1 file changed, 17 insertions(+), 14 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index ebf8a91..f0fdd5c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -32,59 +32,64 @@ class reprepro (
}
}
+ File {
+ owner => reprepro,
+ group => reprepro,
+ }
+
file {
"$basedir":
ensure => directory,
- mode => $basedir_mode, owner => reprepro, group => reprepro;
+ mode => $basedir_mode;
"$basedir/conf":
ensure => directory,
- mode => 0770, owner => root, group => reprepro;
+ mode => 0770;
"$basedir/db":
ensure => directory,
- mode => 0770, owner => reprepro, group => reprepro;
+ mode => 0770;
"$basedir/dists":
ensure => directory,
- mode => 0775, owner => reprepro, group => reprepro;
+ mode => 0775;
"$basedir/pool":
ensure => directory,
- mode => 0775, owner => reprepro, group => reprepro;
+ mode => 0775;
"$basedir/incoming":
ensure => directory,
- mode => $incoming_mode, owner => reprepro, group => reprepro;
+ mode => $incoming_mode;
"$basedir/logs":
ensure => directory,
- mode => 0775, owner => reprepro, group => reprepro;
+ mode => 0775;
"$basedir/tmp":
ensure => directory,
- mode => 0775, owner => reprepro, group => reprepro;
+ mode => 0775;
"$basedir/conf/distributions":
ensure => present;
"$basedir/conf/uploaders":
- mode => 0660, owner => root, group => reprepro,
+ mode => 0660, owner => root,
content => template("reprepro/uploaders.erb");
"$basedir/conf/incoming":
ensure => present;
"$basedir/index.html":
- mode => 0664, owner => root, group => reprepro,
+ mode => 0664, owner => root,
content => template("reprepro/index.html.erb");
"$basedir/.gnupg":
- mode => 700, owner => reprepro, group => reprepro,
+ mode => 700,
ensure => directory;
"$basedir/.gnupg/secring.gpg":
- mode => 600, owner => reprepro, group => reprepro,
+ mode => 600,
ensure => present;
"/usr/local/bin/reprepro-export-key":
@@ -98,7 +103,6 @@ class reprepro (
if $manage_distributions_conf {
File["$basedir/conf/distributions"] {
owner => root,
- group => reprepro,
mode => 0664,
content => template("reprepro/distributions.erb"),
}
@@ -121,7 +125,6 @@ class reprepro (
File["$basedir/conf/incoming"] {
mode => 0664,
owner => root,
- group => reprepro,
source => "puppet://$server/modules/reprepro/incoming"
}
}
--
cgit v1.2.3
From 645cf14059067025c1a5ef391693644c5b6d887d Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:32:47 +0200
Subject: Processing the incoming queue requires the directory to be there
---
manifests/init.pp | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index f0fdd5c..6eac6d5 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -141,7 +141,8 @@ class reprepro (
command => "/usr/bin/reprepro --silent -b $basedir processincoming incoming",
user => reprepro,
minute => '*/5',
- require => [ Package['reprepro'], File["$basedir/conf/distributions"] ],
+ require => [ Package['reprepro'], File["$basedir/conf/distributions"],
+ File["$basedir/incoming"], ],
}
# Handling of incoming with inoticoming
@@ -178,7 +179,8 @@ class reprepro (
hasstatus => false,
require => [ Package['inoticoming'],
File['/etc/default/reprepro'],
- File['/etc/init.d/reprepro'] ],
+ File['/etc/init.d/reprepro'],
+ File["$basedir/incoming"] ],
}
exec {
--
cgit v1.2.3
From d935c2a784c375f32d2238a36f63c74496d5636c Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:37:23 +0200
Subject: Add warnings for file that are managed by Puppet
---
files/incoming | 2 ++
files/inoticoming.init | 3 +++
files/uploaders-sid | 2 ++
templates/distributions.erb | 2 ++
templates/index.html.erb | 2 +-
templates/inoticoming.default.erb | 2 ++
templates/reprepro-export-key.sh.erb | 3 +++
templates/uploaders.erb | 3 ++-
8 files changed, 17 insertions(+), 2 deletions(-)
diff --git a/files/incoming b/files/incoming
index 6825981..57c6a5f 100644
--- a/files/incoming
+++ b/files/incoming
@@ -1,3 +1,5 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
Name: incoming
IncomingDir: incoming
TempDir: tmp
diff --git a/files/inoticoming.init b/files/inoticoming.init
index e16ffd1..3c14d83 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -1,4 +1,7 @@
#! /bin/sh
+#
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+#
### BEGIN INIT INFO
# Provides: reprepro
# Required-Start: $local_fs $syslog
diff --git a/files/uploaders-sid b/files/uploaders-sid
index 48d4a65..825694a 100644
--- a/files/uploaders-sid
+++ b/files/uploaders-sid
@@ -1,2 +1,4 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
allow * by key 7B75921E
allow * by key 6C914A46
diff --git a/templates/distributions.erb b/templates/distributions.erb
index 44ba277..52533e8 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -1,3 +1,5 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
Origin: <%= @origin %>
Label: <%= @origin %>
Suite: reallyoldstable
diff --git a/templates/index.html.erb b/templates/index.html.erb
index acbe2f7..ec3a308 100644
--- a/templates/index.html.erb
+++ b/templates/index.html.erb
@@ -1,4 +1,4 @@
-
+
<%= @domain %> Debian package repository
diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb
index 303d9fc..b78a12d 100644
--- a/templates/inoticoming.default.erb
+++ b/templates/inoticoming.default.erb
@@ -1,3 +1,5 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
# /etc/default/inoticoming
#
# for an explanation of options and actions, see inoticoming(1)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index eee1731..e4759e7 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -1,4 +1,7 @@
#!/bin/bash
+#
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+#
KEY="`gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
diff --git a/templates/uploaders.erb b/templates/uploaders.erb
index ea64e1d..84559a8 100644
--- a/templates/uploaders.erb
+++ b/templates/uploaders.erb
@@ -1,4 +1,5 @@
-# reprepro uploaders, file managed by puppet
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
<% @uploaders.each do |uploader| -%>
allow * by key <%= uploader %>
<% end -%>
--
cgit v1.2.3
From 2544b03095474f956c14e3a19537e4b5c793a402 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:55:12 +0200
Subject: Remove useless $server from file sources
---
manifests/init.pp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 6eac6d5..8ca8c37 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -125,7 +125,7 @@ class reprepro (
File["$basedir/conf/incoming"] {
mode => 0664,
owner => root,
- source => "puppet://$server/modules/reprepro/incoming"
+ source => "puppet:///modules/reprepro/incoming"
}
}
@@ -164,7 +164,7 @@ class reprepro (
owner => root,
group => root,
mode => 0755,
- source => "puppet://${server}/modules/reprepro/inoticoming.init",
+ source => "puppet:///modules/reprepro/inoticoming.init",
}
file { '/etc/default/reprepro':
ensure => $inoticoming_presence,
--
cgit v1.2.3
From 4b32cd454a6b3c6f553763efd764b87a7b1bfe5e Mon Sep 17 00:00:00 2001
From: intrigeri
Date: Sat, 3 Nov 2012 17:53:50 +0100
Subject: Have Puppet check mandatory class parameter is passed, rather than
doing it by hand.
---
manifests/init.pp | 6 +-----
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 8ca8c37..a9b130d 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -1,5 +1,5 @@
class reprepro (
- $uploaders = 'undefined',
+ $uploaders,
$basedir = '/srv/reprepro',
$origin = $::domain,
$basedir_mode = '0771',
@@ -13,10 +13,6 @@ class reprepro (
"reprepro": ensure => 'installed';
}
- if $uploaders == 'undefined' {
- fail("The uploaders parameter is required by the reprepro class.")
- }
-
user { "reprepro":
ensure => "present",
home => "$basedir",
--
cgit v1.2.3
From 6cdbd143859649f016e4ee1092ede43f1e17a357 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 17:23:48 +0200
Subject: Use recommanded style for file modes
See Style Guide:
---
manifests/init.pp | 30 +++++++++++++++---------------
1 file changed, 15 insertions(+), 15 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index a9b130d..3b1effc 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -40,19 +40,19 @@ class reprepro (
"$basedir/conf":
ensure => directory,
- mode => 0770;
+ mode => '0770';
"$basedir/db":
ensure => directory,
- mode => 0770;
+ mode => '0770';
"$basedir/dists":
ensure => directory,
- mode => 0775;
+ mode => '0775';
"$basedir/pool":
ensure => directory,
- mode => 0775;
+ mode => '0775';
"$basedir/incoming":
ensure => directory,
@@ -60,32 +60,32 @@ class reprepro (
"$basedir/logs":
ensure => directory,
- mode => 0775;
+ mode => '0775';
"$basedir/tmp":
ensure => directory,
- mode => 0775;
+ mode => '0775';
"$basedir/conf/distributions":
ensure => present;
"$basedir/conf/uploaders":
- mode => 0660, owner => root,
+ mode => '0660', owner => root,
content => template("reprepro/uploaders.erb");
"$basedir/conf/incoming":
ensure => present;
"$basedir/index.html":
- mode => 0664, owner => root,
+ mode => '0664', owner => root,
content => template("reprepro/index.html.erb");
"$basedir/.gnupg":
- mode => 700,
+ mode => '0700',
ensure => directory;
"$basedir/.gnupg/secring.gpg":
- mode => 600,
+ mode => '0600',
ensure => present;
"/usr/local/bin/reprepro-export-key":
@@ -93,13 +93,13 @@ class reprepro (
content => template('reprepro/reprepro-export-key.sh.erb'),
owner => root,
group => root,
- mode => 755,
+ mode => '0755',
}
if $manage_distributions_conf {
File["$basedir/conf/distributions"] {
owner => root,
- mode => 0664,
+ mode => '0664',
content => template("reprepro/distributions.erb"),
}
@@ -119,7 +119,7 @@ class reprepro (
if $manage_incoming_conf {
File["$basedir/conf/incoming"] {
- mode => 0664,
+ mode => '0664',
owner => root,
source => "puppet:///modules/reprepro/incoming"
}
@@ -159,12 +159,12 @@ class reprepro (
ensure => $inoticoming_presence,
owner => root,
group => root,
- mode => 0755,
+ mode => '0755',
source => "puppet:///modules/reprepro/inoticoming.init",
}
file { '/etc/default/reprepro':
ensure => $inoticoming_presence,
- owner => root, group => root, mode => 0755,
+ owner => root, group => root, mode => '0755',
content => template('reprepro/inoticoming.default.erb'),
}
--
cgit v1.2.3
From 4177f5d276ef8135e51988e7d05a11b8fddf7a68 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 17:58:55 +0200
Subject: Define each file and exec resources separately
See Style Guide:
---
manifests/init.pp | 97 +++++++++++++++++++++++++++----------------------------
1 file changed, 48 insertions(+), 49 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 3b1effc..7c69680 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -33,62 +33,61 @@ class reprepro (
group => reprepro,
}
- file {
- "$basedir":
+ file { "$basedir":
ensure => directory,
- mode => $basedir_mode;
-
- "$basedir/conf":
+ mode => $basedir_mode,
+ }
+ file { "$basedir/conf":
ensure => directory,
- mode => '0770';
-
- "$basedir/db":
+ mode => '0770',
+ }
+ file { "$basedir/db":
ensure => directory,
- mode => '0770';
-
- "$basedir/dists":
+ mode => '0770',
+ }
+ file { "$basedir/dists":
ensure => directory,
- mode => '0775';
-
- "$basedir/pool":
+ mode => '0775',
+ }
+ file { "$basedir/pool":
ensure => directory,
- mode => '0775';
-
- "$basedir/incoming":
+ mode => '0775',
+ }
+ file { "$basedir/incoming":
ensure => directory,
- mode => $incoming_mode;
-
- "$basedir/logs":
+ mode => $incoming_mode,
+ }
+ file { "$basedir/logs":
ensure => directory,
- mode => '0775';
-
- "$basedir/tmp":
+ mode => '0775',
+ }
+ file { "$basedir/tmp":
ensure => directory,
- mode => '0775';
-
- "$basedir/conf/distributions":
- ensure => present;
-
- "$basedir/conf/uploaders":
+ mode => '0775',
+ }
+ file { "$basedir/conf/distributions":
+ ensure => present,
+ }
+ file { "$basedir/conf/uploaders":
mode => '0660', owner => root,
- content => template("reprepro/uploaders.erb");
-
- "$basedir/conf/incoming":
- ensure => present;
-
- "$basedir/index.html":
+ content => template("reprepro/uploaders.erb"),
+ }
+ file { "$basedir/conf/incoming":
+ ensure => present,
+ }
+ file { "$basedir/index.html":
mode => '0664', owner => root,
- content => template("reprepro/index.html.erb");
-
- "$basedir/.gnupg":
+ content => template("reprepro/index.html.erb"),
+ }
+ file { "$basedir/.gnupg":
mode => '0700',
- ensure => directory;
-
- "$basedir/.gnupg/secring.gpg":
+ ensure => directory,
+ }
+ file { "$basedir/.gnupg/secring.gpg":
mode => '0600',
- ensure => present;
-
- "/usr/local/bin/reprepro-export-key":
+ ensure => present,
+ }
+ file { '/usr/local/bin/reprepro-export-key':
ensure => present,
content => template('reprepro/reprepro-export-key.sh.erb'),
owner => root,
@@ -103,17 +102,17 @@ class reprepro (
content => template("reprepro/distributions.erb"),
}
- exec {
- "reprepro -b $basedir createsymlinks":
+ exec { "reprepro -b $basedir createsymlinks":
refreshonly => true,
subscribe => File["$basedir/conf/distributions"],
user => reprepro,
- path => "/usr/bin:/bin";
- "reprepro -b $basedir export":
+ path => "/usr/bin:/bin",
+ }
+ exec { "reprepro -b $basedir export":
refreshonly => true,
user => reprepro,
subscribe => File["$basedir/conf/distributions"],
- path => "/usr/bin:/bin";
+ path => "/usr/bin:/bin",
}
}
--
cgit v1.2.3
From 50bc09183abb733cdf4da04e52340a7f5b11cf46 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:00:04 +0200
Subject: Group related exec and file resources
---
manifests/init.pp | 28 ++++++++++++++--------------
1 file changed, 14 insertions(+), 14 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 7c69680..2fc1bbb 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -65,20 +65,15 @@ class reprepro (
ensure => directory,
mode => '0775',
}
- file { "$basedir/conf/distributions":
- ensure => present,
- }
file { "$basedir/conf/uploaders":
mode => '0660', owner => root,
content => template("reprepro/uploaders.erb"),
}
- file { "$basedir/conf/incoming":
- ensure => present,
- }
file { "$basedir/index.html":
mode => '0664', owner => root,
content => template("reprepro/index.html.erb"),
}
+
file { "$basedir/.gnupg":
mode => '0700',
ensure => directory,
@@ -94,7 +89,17 @@ class reprepro (
group => root,
mode => '0755',
}
+ exec { "/usr/local/bin/reprepro-export-key":
+ creates => "$basedir/key.asc",
+ user => reprepro,
+ subscribe => File["$basedir/.gnupg/secring.gpg"],
+ require => File["/usr/local/bin/reprepro-export-key"],
+ }
+
+ file { "$basedir/conf/distributions":
+ ensure => present,
+ }
if $manage_distributions_conf {
File["$basedir/conf/distributions"] {
owner => root,
@@ -116,6 +121,9 @@ class reprepro (
}
}
+ file { "$basedir/conf/incoming":
+ ensure => present,
+ }
if $manage_incoming_conf {
File["$basedir/conf/incoming"] {
mode => '0664',
@@ -178,14 +186,6 @@ class reprepro (
File["$basedir/incoming"] ],
}
- exec {
- "/usr/local/bin/reprepro-export-key":
- creates => "$basedir/key.asc",
- user => reprepro,
- subscribe => File["$basedir/.gnupg/secring.gpg"],
- require => File["/usr/local/bin/reprepro-export-key"],
- }
-
# TODO: setup needeed lines in apache site config file
}
--
cgit v1.2.3
From 6be8b31c98cbc5a7f63ce6dec831bc0214e2b288 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:06:44 +0100
Subject: Ensure that 'ensure' is the first attribute
See Style Guide:
---
manifests/init.pp | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/manifests/init.pp b/manifests/init.pp
index 2fc1bbb..2092de2 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -75,12 +75,12 @@ class reprepro (
}
file { "$basedir/.gnupg":
- mode => '0700',
ensure => directory,
+ mode => '0700',
}
file { "$basedir/.gnupg/secring.gpg":
- mode => '0600',
ensure => present,
+ mode => '0600',
}
file { '/usr/local/bin/reprepro-export-key':
ensure => present,
--
cgit v1.2.3
From 204da7cc372cc5760316abaef6caa878da658cb2 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:21:36 +0200
Subject: Have inoticoming perform an initial search of the directory
If inoticoming is not started while new packages are added to the incoming
directory, those packages would not have been processed straight away.
So, instead of waiting for a subsequent package upload, let's just have
inoticoming perform an initial run on startup.
---
templates/inoticoming.default.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb
index b78a12d..a298a16 100644
--- a/templates/inoticoming.default.erb
+++ b/templates/inoticoming.default.erb
@@ -13,7 +13,7 @@ LOGFILE="/var/log/incoming.log"
# first search the directory for files already existing
# 0 for false, 1 for true
-INITIALSEARCH=0
+INITIALSEARCH=1
# directory to monitor
DIR=<%= @basedir %>/incoming
--
cgit v1.2.3
From f3dd82b3fa0284435d77587a874f06790aca45e7 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:14:16 +0100
Subject: Fix boot dependencies in initscript
inoticoming lies in /usr/bin so it needs $remote_fs and not $local_fs.
---
files/inoticoming.init | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index 3c14d83..aa5c9bb 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -4,8 +4,8 @@
#
### BEGIN INIT INFO
# Provides: reprepro
-# Required-Start: $local_fs $syslog
-# Required-Stop: $local_fs $syslog
+# Required-Start: $remote_fs $syslog
+# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
# Short-Description: Reprepro startup script for inoticoming support
--
cgit v1.2.3
From d4088ff2df020e4b7136b166d06bb7427aecb183 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:15:08 +0100
Subject: Improve descriptions in initscript
---
files/inoticoming.init | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index aa5c9bb..c1492d5 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -8,8 +8,9 @@
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
-# Short-Description: Reprepro startup script for inoticoming support
-# Description: This script an instance of inoticoming via an initscript.
+# Short-Description: reprepro incoming queue monitor
+# Description: Monitors the incoming queue for the package repository
+# managed by reprepro.
### END INIT INFO
# Copyright (c) 2008 by Tilman Koschnick
--
cgit v1.2.3
From 48c91948481edabecae5fd386c10ebc83a7de0cb Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:15:56 +0100
Subject: Remove useless boilerplate from skeleton initscript
---
files/inoticoming.init | 5 -----
1 file changed, 5 deletions(-)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index c1492d5..d158519 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -13,13 +13,8 @@
# managed by reprepro.
### END INIT INFO
-# Copyright (c) 2008 by Tilman Koschnick
-# Based on /etc/init.d/skeleton from Debian package initscripts
-# Distributed under the GPLv2
-
# Do NOT "set -e"
-# PATH should only include /usr/* if it runs after the mountnfs.sh script
PATH=/sbin:/usr/sbin:/bin:/usr/bin
DESC="reprepro incoming queue monitor"
NAME=reprepro
--
cgit v1.2.3
From a8874b34b39e0f2ce460db0d8acc4e9ef1843027 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:17:47 +0100
Subject: Adjust whitespaces in initscripts
---
files/inoticoming.init | 138 ++++++++++++++++++++++++-------------------------
1 file changed, 69 insertions(+), 69 deletions(-)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index d158519..e66bb94 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -40,31 +40,31 @@ SCRIPTNAME=/etc/init.d/$NAME
#
do_start()
{
- # Return
- # 0 if daemon has been started
- # 1 if daemon was already running
- # 2 if daemon could not be started
+ # Return
+ # 0 if daemon has been started
+ # 1 if daemon was already running
+ # 2 if daemon could not be started
- # make sure inoticoming can write the PID to $PIDFILE
- [ -f $PIDFILE ] || touch $PIDFILE
- chown $USER $PIDFILE
- OPTIONS="--pid-file $PIDFILE"
+ # make sure inoticoming can write the PID to $PIDFILE
+ [ -f $PIDFILE ] || touch $PIDFILE
+ chown $USER $PIDFILE
+ OPTIONS="--pid-file $PIDFILE"
- # make sure inoticoming can write to $LOGFILE
- if [ -n $LOGFILE ] ; then
- [ -f $LOGFILE ] || touch $LOGFILE
- chown $USER $LOGFILE
- OPTIONS="$OPTIONS --logfile $LOGFILE"
- fi
+ # make sure inoticoming can write to $LOGFILE
+ if [ -n $LOGFILE ] ; then
+ [ -f $LOGFILE ] || touch $LOGFILE
+ chown $USER $LOGFILE
+ OPTIONS="$OPTIONS --logfile $LOGFILE"
+ fi
- # should we do an initial search of the directory?
- [ "$INITIALSEARCH" != "0" ] && OPTIONS="$OPTIONS --initialsearch"
+ # should we do an initial search of the directory?
+ [ "$INITIALSEARCH" != "0" ] && OPTIONS="$OPTIONS --initialsearch"
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
- || return 1
- start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --chuid $USER -- \
- $OPTIONS $DIR $ACTIONS \
- || return 2
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --test > /dev/null \
+ || return 1
+ start-stop-daemon --start --quiet --pidfile $PIDFILE --exec $DAEMON --chuid $USER -- \
+ $OPTIONS $DIR $ACTIONS \
+ || return 2
}
#
@@ -72,57 +72,57 @@ do_start()
#
do_stop()
{
- # Return
- # 0 if daemon has been stopped
- # 1 if daemon was already stopped
- # 2 if daemon could not be stopped
- # other if a failure occurred
- start-stop-daemon --stop --quiet --pidfile $PIDFILE
- RETVAL="$?"
- [ "$RETVAL" = 2 ] && return 2
- rm -f $PIDFILE
- return "$RETVAL"
+ # Return
+ # 0 if daemon has been stopped
+ # 1 if daemon was already stopped
+ # 2 if daemon could not be stopped
+ # other if a failure occurred
+ start-stop-daemon --stop --quiet --pidfile $PIDFILE
+ RETVAL="$?"
+ [ "$RETVAL" = 2 ] && return 2
+ rm -f $PIDFILE
+ return "$RETVAL"
}
case "$1" in
- start)
- [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
- do_start
- case "$?" in
- 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
- ;;
- stop)
- [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
- do_stop
- case "$?" in
- 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
- 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
- esac
- ;;
- restart|force-reload)
- log_daemon_msg "Restarting $DESC" "$NAME"
- do_stop
- case "$?" in
- 0|1)
- do_start
- case "$?" in
- 0) log_end_msg 0 ;;
- 1) log_end_msg 1 ;; # Old process is still running
- *) log_end_msg 1 ;; # Failed to start
- esac
- ;;
- *)
- # Failed to stop
- log_end_msg 1
- ;;
- esac
- ;;
- *)
- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
- exit 3
- ;;
+ start)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Starting $DESC" "$NAME"
+ do_start
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ stop)
+ [ "$VERBOSE" != no ] && log_daemon_msg "Stopping $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1) [ "$VERBOSE" != no ] && log_end_msg 0 ;;
+ 2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
+ esac
+ ;;
+ restart|force-reload)
+ log_daemon_msg "Restarting $DESC" "$NAME"
+ do_stop
+ case "$?" in
+ 0|1)
+ do_start
+ case "$?" in
+ 0) log_end_msg 0 ;;
+ 1) log_end_msg 1 ;; # Old process is still running
+ *) log_end_msg 1 ;; # Failed to start
+ esac
+ ;;
+ *)
+ # Failed to stop
+ log_end_msg 1
+ ;;
+ esac
+ ;;
+ *)
+ echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+ exit 3
+ ;;
esac
:
--
cgit v1.2.3
From 63772009a1ef90b4f1173142e4d3b1f5c7c6b332 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:18:45 +0100
Subject: Add a default value for $USER in initscript
Relying on the external shell environment can lead to issue hard to understand.
We explicitly set USER to root by default, and let admins override it in the
default file.
---
files/inoticoming.init | 1 +
1 file changed, 1 insertion(+)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index e66bb94..bc91568 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -21,6 +21,7 @@ NAME=reprepro
DAEMON=/usr/bin/inoticoming
PIDFILE=/var/run/$NAME.pid
SCRIPTNAME=/etc/init.d/$NAME
+USER=root
# Exit if the package is not installed
[ -x "$DAEMON" ] || exit 0
--
cgit v1.2.3
From 8241897c0ccff1bf8d274c3074580e580ad057be Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:21:34 +0100
Subject: Add support for status in initscript
---
files/inoticoming.init | 8 ++++++--
manifests/init.pp | 1 -
2 files changed, 6 insertions(+), 3 deletions(-)
diff --git a/files/inoticoming.init b/files/inoticoming.init
index bc91568..9b658d7 100755
--- a/files/inoticoming.init
+++ b/files/inoticoming.init
@@ -33,7 +33,8 @@ USER=root
. /lib/init/vars.sh
# Define LSB log_* functions.
-# Depend on lsb-base (>= 3.0-6) to ensure that this file is present.
+# Depend on lsb-base (>= 3.2-14) to ensure that this file is present
+# and status_of_proc is working.
. /lib/lsb/init-functions
#
@@ -102,6 +103,9 @@ case "$1" in
2) [ "$VERBOSE" != no ] && log_end_msg 1 ;;
esac
;;
+ status)
+ status_of_proc -p "$PIDFILE" "$DAEMON" "$NAME" && exit 0 || exit $?
+ ;;
restart|force-reload)
log_daemon_msg "Restarting $DESC" "$NAME"
do_stop
@@ -121,7 +125,7 @@ case "$1" in
esac
;;
*)
- echo "Usage: $SCRIPTNAME {start|stop|restart|force-reload}" >&2
+ echo "Usage: $SCRIPTNAME {start|stop|status|restart|force-reload}" >&2
exit 3
;;
esac
diff --git a/manifests/init.pp b/manifests/init.pp
index 2092de2..095ea3c 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -179,7 +179,6 @@ class reprepro (
ensure => $inoticoming_enabled,
enable => $inoticoming_enabled,
pattern => 'inoticoming.*reprepro.*processincoming',
- hasstatus => false,
require => [ Package['inoticoming'],
File['/etc/default/reprepro'],
File['/etc/init.d/reprepro'],
--
cgit v1.2.3
From f4869008cad7acb3ec67ccee309cbad0533045ad Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:23:41 +0100
Subject: Use new-style shell expansion in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index e4759e7..97e111a 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,7 +3,7 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
-KEY="`gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
+KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ ! -z "$KEY" ]; then
tempfile=$(mktemp)
--
cgit v1.2.3
From 255434fbd90c3ba76cbd4fdd8a1288e665344ab0 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:25:01 +0100
Subject: Test for 'something' instead of 'not nothing' in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 97e111a..c11a530 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -5,7 +5,7 @@
KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
-if [ ! -z "$KEY" ]; then
+if [ -n "$KEY" ]; then
tempfile=$(mktemp)
destfile=<%= @basedir %>/key.asc
gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
--
cgit v1.2.3
From 50a7eb8a1994808521e5699ec533628670e73810 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:26:31 +0100
Subject: Use Debian style indentation in export-key
---
templates/reprepro-export-key.sh.erb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index c11a530..dace01e 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,10 +6,10 @@
KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- tempfile=$(mktemp)
- destfile=<%= @basedir %>/key.asc
- gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
- mv "$tempfile" "$destfile"
- chown reprepro:reprepro "$destfile"
- chmod 0664 "$destfile"
+ tempfile=$(mktemp)
+ destfile=<%= @basedir %>/key.asc
+ gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ mv "$tempfile" "$destfile"
+ chown reprepro:reprepro "$destfile"
+ chmod 0664 "$destfile"
fi
--
cgit v1.2.3
From 685c40e7c3afaac3a5ef411816e8b41aa10da19b Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:27:22 +0100
Subject: Properly quote @basedir paths in export-key
---
templates/reprepro-export-key.sh.erb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index dace01e..eaf9ac2 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,12 +3,12 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
-KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
+KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
tempfile=$(mktemp)
- destfile=<%= @basedir %>/key.asc
- gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ destfile='<%= @basedir %>/key.asc'
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$tempfile"
mv "$tempfile" "$destfile"
chown reprepro:reprepro "$destfile"
chmod 0664 "$destfile"
--
cgit v1.2.3
From 07d74ec85fd0c7182939742e41f3fc4cb2f283a6 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:28:07 +0100
Subject: Use uppercase for global shell variables
---
templates/reprepro-export-key.sh.erb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index eaf9ac2..1bce93f 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,10 +6,10 @@
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- tempfile=$(mktemp)
- destfile='<%= @basedir %>/key.asc'
- gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$tempfile"
- mv "$tempfile" "$destfile"
- chown reprepro:reprepro "$destfile"
- chmod 0664 "$destfile"
+ TEMPFILE=$(mktemp)
+ DESTFILE='<%= @basedir %>/key.asc'
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
+ mv "$TEMPFILE" "$DESTFILE"
+ chown reprepro:reprepro "$DESTFILE"
+ chmod 0664 "$DESTFILE"
fi
--
cgit v1.2.3
From f0d79d040a5c330bbb766199b800087fc13ab0a2 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:28:43 +0100
Subject: Always remove tempfile if something wrong happen in export-key
---
templates/reprepro-export-key.sh.erb | 1 +
1 file changed, 1 insertion(+)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 1bce93f..253672a 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -7,6 +7,7 @@ KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys |
if [ -n "$KEY" ]; then
TEMPFILE=$(mktemp)
+ trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
mv "$TEMPFILE" "$DESTFILE"
--
cgit v1.2.3
From 657f79d39b5dfc0d01ea3d22a3587c9cc782c16b Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:30:39 +0100
Subject: Fail-close if multiple-keys are present by quoting KEY in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 253672a..2b25df2 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -9,7 +9,7 @@ if [ -n "$KEY" ]; then
TEMPFILE=$(mktemp)
trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
- gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE"
mv "$TEMPFILE" "$DESTFILE"
chown reprepro:reprepro "$DESTFILE"
chmod 0664 "$DESTFILE"
--
cgit v1.2.3
From cca11e871c9d1d1a118e688d107cb27e9e197567 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:31:28 +0100
Subject: Create temp file in the same directory as the file it'll replace to
get an atomic update in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 2b25df2..7b3c2ed 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,7 +6,7 @@
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- TEMPFILE=$(mktemp)
+ TEMPFILE=$(mktemp --tmpdir='<%= @basedir %>')
trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE"
--
cgit v1.2.3
From 88061c044229cd2a277a7a12487133aeab93ba96 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:34:08 +0100
Subject: Make export-key fail if any command fails
---
templates/reprepro-export-key.sh.erb | 2 ++
1 file changed, 2 insertions(+)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 7b3c2ed..e629f9d 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,6 +3,8 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
+set -e
+
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
--
cgit v1.2.3
From 2060c2fd7aae1e377a9d0fcb7da02da64e4f8da5 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:34:23 +0100
Subject: A POSIX shell is enough to run export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index e629f9d..bbc195c 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
#
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
--
cgit v1.2.3