From a7f4bd43b5aed9c1b42aed044d495e8b0d557701 Mon Sep 17 00:00:00 2001
From: intrigeri
Date: Tue, 31 Jan 2012 17:20:29 +0100
Subject: Make distributions template not specific to Koumbit.
---
templates/distributions.erb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
(limited to 'templates')
diff --git a/templates/distributions.erb b/templates/distributions.erb
index e004778..233f2b9 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -29,12 +29,12 @@ Codename: squeeze
Version: 6.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: koumbit specific (or backported) packages
+Description: <%= reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: koumbit
-Label: koumbit
+Origin: <%= reprepro_origin %>
+Label: <%= reprepro_origin %>
Suite: testing
Pull: unstable
Codename: wheezy
--
cgit v1.2.3
From 78ce35ce97ffc887f0786289789bec8f9880ca9c Mon Sep 17 00:00:00 2001
From: intrigeri
Date: Mon, 2 Jul 2012 18:05:04 +0200
Subject: Use a temporary file + atomic move when exporting the repository
public key.
---
templates/reprepro-export-key.sh.erb | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index c99f06b..1afcef8 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,5 +3,7 @@
KEY="`gpg --homedir <%= basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
if [ ! -z "$KEY" ]; then
- gpg --homedir <%= basedir %>/.gnupg --export --armor $KEY > <%= basedir %>/key.asc
+ tempfile=$(mktemp)
+ gpg --homedir <%= basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ mv "$tempfile" <%= basedir %>/key.asc
fi
--
cgit v1.2.3
From 973608ff1999ae385fad392e1344ec57348481be Mon Sep 17 00:00:00 2001
From: intrigeri
Date: Mon, 2 Jul 2012 18:12:28 +0200
Subject: Make sure the exported public key is world-readable.
---
templates/reprepro-export-key.sh.erb | 1 +
1 file changed, 1 insertion(+)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 1afcef8..e619e24 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,4 +6,5 @@ if [ ! -z "$KEY" ]; then
tempfile=$(mktemp)
gpg --homedir <%= basedir %>/.gnupg --export --armor $KEY > "$tempfile"
mv "$tempfile" <%= basedir %>/key.asc
+ chmod 0664 <%= basedir %>/key.asc
fi
--
cgit v1.2.3
From cdb297c003b6b0dcbc7153aa663ebe3bcfd7adee Mon Sep 17 00:00:00 2001
From: intrigeri
Date: Mon, 2 Jul 2012 18:16:25 +0200
Subject: Make sure the exported key is owned by reprepro:reprepro.
---
templates/reprepro-export-key.sh.erb | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index e619e24..2b97585 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -4,7 +4,9 @@ KEY="`gpg --homedir <%= basedir %>/.gnupg --with-colon --list-secret-keys | cut
if [ ! -z "$KEY" ]; then
tempfile=$(mktemp)
+ destfile=<%= basedir %>/key.asc
gpg --homedir <%= basedir %>/.gnupg --export --armor $KEY > "$tempfile"
- mv "$tempfile" <%= basedir %>/key.asc
- chmod 0664 <%= basedir %>/key.asc
+ mv "$tempfile" "$destfile"
+ chown reprepro:reprepro "$destfile"
+ chmod 0664 "$destfile"
fi
--
cgit v1.2.3
From 8bb6499572fd1c1a05c033f85bc36b556d9ba629 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 15:08:45 +0200
Subject: Refer to variables using Ruby instance variables in templates
This is the recommended way, as it prevents clashes with Ruby function names.
---
templates/distributions.erb | 30 +++++++++++++++---------------
templates/index.html.erb | 10 +++++-----
templates/inoticoming.default.erb | 4 ++--
templates/reprepro-export-key.sh.erb | 6 +++---
templates/uploaders.erb | 2 +-
5 files changed, 26 insertions(+), 26 deletions(-)
(limited to 'templates')
diff --git a/templates/distributions.erb b/templates/distributions.erb
index 233f2b9..8ec9883 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -1,55 +1,55 @@
-Origin: <%= reprepro_origin %>
-Label: <%= reprepro_origin %>
+Origin: <%= @reprepro_origin %>
+Label: <%= @reprepro_origin %>
Suite: reallyoldstable
Codename: etch
Version: 3.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= reprepro_origin %> specific (or backported) packages
+Description: <%= @reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= reprepro_origin %>
-Label: <%= reprepro_origin %>
+Origin: <%= @reprepro_origin %>
+Label: <%= @reprepro_origin %>
Suite: oldstable
Pull: stable
Codename: lenny
Version: 5.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= reprepro_origin %> specific (or backported) packages
+Description: <%= @reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= reprepro_origin %>
-Label: <%= reprepro_origin %>
+Origin: <%= @reprepro_origin %>
+Label: <%= @reprepro_origin %>
Suite: stable
Pull: testing
Codename: squeeze
Version: 6.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= reprepro_origin %> specific (or backported) packages
+Description: <%= @reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= reprepro_origin %>
-Label: <%= reprepro_origin %>
+Origin: <%= @reprepro_origin %>
+Label: <%= @reprepro_origin %>
Suite: testing
Pull: unstable
Codename: wheezy
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= reprepro_origin %> specific (or backported) packages
+Description: <%= @reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= reprepro_origin %>
-Label: <%= reprepro_origin %>
+Origin: <%= @reprepro_origin %>
+Label: <%= @reprepro_origin %>
Suite: unstable
Codename: sid
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= reprepro_origin %> specific (or backported) packages
+Description: <%= @reprepro_origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders-sid
diff --git a/templates/index.html.erb b/templates/index.html.erb
index 65ac222..1173021 100644
--- a/templates/index.html.erb
+++ b/templates/index.html.erb
@@ -1,11 +1,11 @@
-<%= domain %> Debian package repository
+<%= @domain %> Debian package repository
Introduction
-This is the Debian package repository of <%= reprepro_origin %>. It is used for internal
+
This is the Debian package repository of <%= @reprepro_origin %>. It is used for internal
distribution of locally built packages not yet part of Debian. Feel free to use
it for yourself, but it comes at no warranty.
@@ -14,8 +14,8 @@ it for yourself, but it comes at no warranty.
In your /etc/apt/source.list:
-deb http://debian.<%= domain %>/debian lenny main
-deb-src http://debian.<%= domain %>/debian lenny main
+deb http://debian.<%= @domain %>/debian lenny main
+deb-src http://debian.<%= @domain %>/debian lenny main
"lenny", of course, can be replaced by your distribution. Know that we usually
@@ -31,7 +31,7 @@ more precise).
The key of the archive is in the key.asc file. You should add the key using something like this:
-wget http://debian.<%= domain %>/debian/key.asc
+wget http://debian.<%= @domain %>/debian/key.asc
apt-key add key.asc
apt-get update
diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb
index b666851..303d9fc 100644
--- a/templates/inoticoming.default.erb
+++ b/templates/inoticoming.default.erb
@@ -14,9 +14,9 @@ LOGFILE="/var/log/incoming.log"
INITIALSEARCH=0
# directory to monitor
-DIR=<%= basedir %>/incoming
+DIR=<%= @basedir %>/incoming
# actions
-BASEDIR=<%= basedir %>
+BASEDIR=<%= @basedir %>
RULENAME=incoming
ACTIONS="--suffix .changes --stderr-to-log reprepro -s -b $BASEDIR --waitforlock 1000 processincoming $RULENAME {} ;"
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 2b97585..eee1731 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -1,11 +1,11 @@
#!/bin/bash
-KEY="`gpg --homedir <%= basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
+KEY="`gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
if [ ! -z "$KEY" ]; then
tempfile=$(mktemp)
- destfile=<%= basedir %>/key.asc
- gpg --homedir <%= basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ destfile=<%= @basedir %>/key.asc
+ gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
mv "$tempfile" "$destfile"
chown reprepro:reprepro "$destfile"
chmod 0664 "$destfile"
diff --git a/templates/uploaders.erb b/templates/uploaders.erb
index ce5897d..d962b55 100644
--- a/templates/uploaders.erb
+++ b/templates/uploaders.erb
@@ -1,4 +1,4 @@
# reprepro uploaders, file managed by puppet
-<% reprepro_uploaders.each do |uploader| -%>
+<% @reprepro_uploaders.each do |uploader| -%>
allow * by key <%= uploader %>
<% end -%>
--
cgit v1.2.3
From 4ed9def99c99a6d5c21af18eb0b73a1d6081cbee Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 15:03:54 +0200
Subject: Convert the reprepro class to parametrized format
We remove the deprecated dynamic lookup for variables and now have them as
class parameters.
The reprepro::cron and reprepro::inoticoming classes have been integrated
in the reprepro class as two boolean arguments. As these are not mutually
exclusive, it is cleaner that way.
We add a test manifest for the reprepro class along the way.
---
templates/distributions.erb | 30 +++++++++++++++---------------
templates/index.html.erb | 2 +-
templates/uploaders.erb | 2 +-
3 files changed, 17 insertions(+), 17 deletions(-)
(limited to 'templates')
diff --git a/templates/distributions.erb b/templates/distributions.erb
index 8ec9883..44ba277 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -1,55 +1,55 @@
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: reallyoldstable
Codename: etch
Version: 3.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: oldstable
Pull: stable
Codename: lenny
Version: 5.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: stable
Pull: testing
Codename: squeeze
Version: 6.0
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: testing
Pull: unstable
Codename: wheezy
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders
-Origin: <%= @reprepro_origin %>
-Label: <%= @reprepro_origin %>
+Origin: <%= @origin %>
+Label: <%= @origin %>
Suite: unstable
Codename: sid
Architectures: i386 amd64 source kfreebsd-amd64 kfreebsd-i386
Components: main non-free contrib
-Description: <%= @reprepro_origin %> specific (or backported) packages
+Description: <%= @origin %> specific (or backported) packages
SignWith: yes
Uploaders: uploaders-sid
diff --git a/templates/index.html.erb b/templates/index.html.erb
index 1173021..acbe2f7 100644
--- a/templates/index.html.erb
+++ b/templates/index.html.erb
@@ -5,7 +5,7 @@
Introduction
-This is the Debian package repository of <%= @reprepro_origin %>. It is used for internal
+
This is the Debian package repository of <%= @origin %>. It is used for internal
distribution of locally built packages not yet part of Debian. Feel free to use
it for yourself, but it comes at no warranty.
diff --git a/templates/uploaders.erb b/templates/uploaders.erb
index d962b55..ea64e1d 100644
--- a/templates/uploaders.erb
+++ b/templates/uploaders.erb
@@ -1,4 +1,4 @@
# reprepro uploaders, file managed by puppet
-<% @reprepro_uploaders.each do |uploader| -%>
+<% @uploaders.each do |uploader| -%>
allow * by key <%= uploader %>
<% end -%>
--
cgit v1.2.3
From d935c2a784c375f32d2238a36f63c74496d5636c Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:37:23 +0200
Subject: Add warnings for file that are managed by Puppet
---
templates/distributions.erb | 2 ++
templates/index.html.erb | 2 +-
templates/inoticoming.default.erb | 2 ++
templates/reprepro-export-key.sh.erb | 3 +++
templates/uploaders.erb | 3 ++-
5 files changed, 10 insertions(+), 2 deletions(-)
(limited to 'templates')
diff --git a/templates/distributions.erb b/templates/distributions.erb
index 44ba277..52533e8 100644
--- a/templates/distributions.erb
+++ b/templates/distributions.erb
@@ -1,3 +1,5 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
Origin: <%= @origin %>
Label: <%= @origin %>
Suite: reallyoldstable
diff --git a/templates/index.html.erb b/templates/index.html.erb
index acbe2f7..ec3a308 100644
--- a/templates/index.html.erb
+++ b/templates/index.html.erb
@@ -1,4 +1,4 @@
-
+
<%= @domain %> Debian package repository
diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb
index 303d9fc..b78a12d 100644
--- a/templates/inoticoming.default.erb
+++ b/templates/inoticoming.default.erb
@@ -1,3 +1,5 @@
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
# /etc/default/inoticoming
#
# for an explanation of options and actions, see inoticoming(1)
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index eee1731..e4759e7 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -1,4 +1,7 @@
#!/bin/bash
+#
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+#
KEY="`gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
diff --git a/templates/uploaders.erb b/templates/uploaders.erb
index ea64e1d..84559a8 100644
--- a/templates/uploaders.erb
+++ b/templates/uploaders.erb
@@ -1,4 +1,5 @@
-# reprepro uploaders, file managed by puppet
+# This file is managed by Puppet. Do not edit, any changes will be overwritten!
+
<% @uploaders.each do |uploader| -%>
allow * by key <%= uploader %>
<% end -%>
--
cgit v1.2.3
From 204da7cc372cc5760316abaef6caa878da658cb2 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Tue, 23 Oct 2012 18:21:36 +0200
Subject: Have inoticoming perform an initial search of the directory
If inoticoming is not started while new packages are added to the incoming
directory, those packages would not have been processed straight away.
So, instead of waiting for a subsequent package upload, let's just have
inoticoming perform an initial run on startup.
---
templates/inoticoming.default.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/inoticoming.default.erb b/templates/inoticoming.default.erb
index b78a12d..a298a16 100644
--- a/templates/inoticoming.default.erb
+++ b/templates/inoticoming.default.erb
@@ -13,7 +13,7 @@ LOGFILE="/var/log/incoming.log"
# first search the directory for files already existing
# 0 for false, 1 for true
-INITIALSEARCH=0
+INITIALSEARCH=1
# directory to monitor
DIR=<%= @basedir %>/incoming
--
cgit v1.2.3
From f4869008cad7acb3ec67ccee309cbad0533045ad Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:23:41 +0100
Subject: Use new-style shell expansion in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index e4759e7..97e111a 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,7 +3,7 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
-KEY="`gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1`"
+KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ ! -z "$KEY" ]; then
tempfile=$(mktemp)
--
cgit v1.2.3
From 255434fbd90c3ba76cbd4fdd8a1288e665344ab0 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:25:01 +0100
Subject: Test for 'something' instead of 'not nothing' in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 97e111a..c11a530 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -5,7 +5,7 @@
KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
-if [ ! -z "$KEY" ]; then
+if [ -n "$KEY" ]; then
tempfile=$(mktemp)
destfile=<%= @basedir %>/key.asc
gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
--
cgit v1.2.3
From 50a7eb8a1994808521e5699ec533628670e73810 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:26:31 +0100
Subject: Use Debian style indentation in export-key
---
templates/reprepro-export-key.sh.erb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index c11a530..dace01e 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,10 +6,10 @@
KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- tempfile=$(mktemp)
- destfile=<%= @basedir %>/key.asc
- gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
- mv "$tempfile" "$destfile"
- chown reprepro:reprepro "$destfile"
- chmod 0664 "$destfile"
+ tempfile=$(mktemp)
+ destfile=<%= @basedir %>/key.asc
+ gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ mv "$tempfile" "$destfile"
+ chown reprepro:reprepro "$destfile"
+ chmod 0664 "$destfile"
fi
--
cgit v1.2.3
From 685c40e7c3afaac3a5ef411816e8b41aa10da19b Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:27:22 +0100
Subject: Properly quote @basedir paths in export-key
---
templates/reprepro-export-key.sh.erb | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index dace01e..eaf9ac2 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,12 +3,12 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
-KEY="$(gpg --homedir <%= @basedir %>/.gnupg --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
+KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
tempfile=$(mktemp)
- destfile=<%= @basedir %>/key.asc
- gpg --homedir <%= @basedir %>/.gnupg --export --armor $KEY > "$tempfile"
+ destfile='<%= @basedir %>/key.asc'
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$tempfile"
mv "$tempfile" "$destfile"
chown reprepro:reprepro "$destfile"
chmod 0664 "$destfile"
--
cgit v1.2.3
From 07d74ec85fd0c7182939742e41f3fc4cb2f283a6 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:28:07 +0100
Subject: Use uppercase for global shell variables
---
templates/reprepro-export-key.sh.erb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index eaf9ac2..1bce93f 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,10 +6,10 @@
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- tempfile=$(mktemp)
- destfile='<%= @basedir %>/key.asc'
- gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$tempfile"
- mv "$tempfile" "$destfile"
- chown reprepro:reprepro "$destfile"
- chmod 0664 "$destfile"
+ TEMPFILE=$(mktemp)
+ DESTFILE='<%= @basedir %>/key.asc'
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
+ mv "$TEMPFILE" "$DESTFILE"
+ chown reprepro:reprepro "$DESTFILE"
+ chmod 0664 "$DESTFILE"
fi
--
cgit v1.2.3
From f0d79d040a5c330bbb766199b800087fc13ab0a2 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:28:43 +0100
Subject: Always remove tempfile if something wrong happen in export-key
---
templates/reprepro-export-key.sh.erb | 1 +
1 file changed, 1 insertion(+)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 1bce93f..253672a 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -7,6 +7,7 @@ KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys |
if [ -n "$KEY" ]; then
TEMPFILE=$(mktemp)
+ trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
mv "$TEMPFILE" "$DESTFILE"
--
cgit v1.2.3
From 657f79d39b5dfc0d01ea3d22a3587c9cc782c16b Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:30:39 +0100
Subject: Fail-close if multiple-keys are present by quoting KEY in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 253672a..2b25df2 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -9,7 +9,7 @@ if [ -n "$KEY" ]; then
TEMPFILE=$(mktemp)
trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
- gpg --homedir '<%= @basedir %>/.gnupg' --export --armor $KEY > "$TEMPFILE"
+ gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE"
mv "$TEMPFILE" "$DESTFILE"
chown reprepro:reprepro "$DESTFILE"
chmod 0664 "$DESTFILE"
--
cgit v1.2.3
From cca11e871c9d1d1a118e688d107cb27e9e197567 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:31:28 +0100
Subject: Create temp file in the same directory as the file it'll replace to
get an atomic update in export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 2b25df2..7b3c2ed 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -6,7 +6,7 @@
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
- TEMPFILE=$(mktemp)
+ TEMPFILE=$(mktemp --tmpdir='<%= @basedir %>')
trap "rm -f '$TEMPFILE'" EXIT
DESTFILE='<%= @basedir %>/key.asc'
gpg --homedir '<%= @basedir %>/.gnupg' --export --armor "$KEY" > "$TEMPFILE"
--
cgit v1.2.3
From 88061c044229cd2a277a7a12487133aeab93ba96 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:34:08 +0100
Subject: Make export-key fail if any command fails
---
templates/reprepro-export-key.sh.erb | 2 ++
1 file changed, 2 insertions(+)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index 7b3c2ed..e629f9d 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -3,6 +3,8 @@
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
+set -e
+
KEY="$(gpg --homedir '<%= @basedir %>/.gnupg' --with-colon --list-secret-keys | cut -d : -f 5 | head -n 1)"
if [ -n "$KEY" ]; then
--
cgit v1.2.3
From 2060c2fd7aae1e377a9d0fcb7da02da64e4f8da5 Mon Sep 17 00:00:00 2001
From: Tails developers
Date: Sat, 3 Nov 2012 18:34:23 +0100
Subject: A POSIX shell is enough to run export-key
---
templates/reprepro-export-key.sh.erb | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
(limited to 'templates')
diff --git a/templates/reprepro-export-key.sh.erb b/templates/reprepro-export-key.sh.erb
index e629f9d..bbc195c 100644
--- a/templates/reprepro-export-key.sh.erb
+++ b/templates/reprepro-export-key.sh.erb
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh
#
# This file is managed by Puppet. Do not edit, any changes will be overwritten!
#
--
cgit v1.2.3