free
/
freedombone
Observar 1
Favorito 0
Fork 0
Código Issues 0 Pull Requests 0 Versões 0 Wiki Atividade
Ver código fonte

Simplify keyserver install

Bob Mottram 8 anos atrás
pai
ad4b4c61fd
commit
79b5bd818e
1 arquivos alterados com 11 adições e 128 exclusões
Visão unificada Mostrar estatísticas do Diff
  1. 11
    128
      src/freedombone-app-keyserver

+ 11
- 128
src/freedombone-app-keyserver Ver arquivo

33 
 IN_DEFAULT_INSTALL=0
 33 
 IN_DEFAULT_INSTALL=0
34 
 SHOW_ON_ABOUT=1
 34 
 SHOW_ON_ABOUT=1
35
35
36 
-KEYSERVER_SKS_REPO="https://bitbucket.org/skskeyserver/sks-keyserver"
37 
-KEYSERVER_SKS_COMMIT='0106ba2'
38 
 KEYSERVER_WEB_REPO="https://github.com/mattrude/pgpkeyserver-lite"
 36 
 KEYSERVER_WEB_REPO="https://github.com/mattrude/pgpkeyserver-lite"
39 
 KEYSERVER_WEB_COMMIT='a038cb79b927c99bf7da62f20d2c6a2f20374339'
 37 
 KEYSERVER_WEB_COMMIT='a038cb79b927c99bf7da62f20d2c6a2f20374339'
40 
 KEYSERVER_PORT=11371
 38 
 KEYSERVER_PORT=11371
61 
     echo -n ''
 59 
     echo -n ''
62 
 }
 60 
 }
63
61
64 
-function upgrade_keyserver_sks {
65 
-    CURR_KEYSERVER_SKS_COMMIT=$(get_completion_param "keyserver commit")
66 
-    if [[ "$CURR_KEYSERVER_SKS_COMMIT" == "$KEYSERVER_SKS_COMMIT" ]]; then
67 
-        return
68 
-    fi
69 
-
70 
-    if grep -q "keyserver domain" $COMPLETION_FILE; then
71 
-        KEYSERVER_DOMAIN_NAME=$(get_completion_param "keyserver domain")
72 
-    fi
73 
-
74 
-    # update to the next commit
75 
-    function_check set_repo_commit
76 
-    set_repo_commit $INSTALL_DIR/keyserver "keyserver commit" "$KEYSERVER_SKS_COMMIT" $KEYSERVER_SKS_REPO
77 
-
78 
-    cd $INSTALL_DIR/keyserver
79 
-    make dep
80 
-    make all
81 
-    if [ ! "$?" = "0" ]; then
82 
-        echo $'Unable to build sks-keyserver'
83 
-        exit 836252
84 
-    fi
85 
-    make install
86 
-
87 
-    chown -R keyserver:keyserver /var/lib/sks
88 
-}
89 
-
90 
-function upgrade_keyserver_web {
62 
+function upgrade_keyserver {
91 
     CURR_KEYSERVER_WEB_COMMIT=$(get_completion_param "keyserver web commit")
 63 
     CURR_KEYSERVER_WEB_COMMIT=$(get_completion_param "keyserver web commit")
92 
     if [[ "$CURR_KEYSERVER_WEB_COMMIT" == "$KEYSERVER_WEB_COMMIT" ]]; then
 64 
     if [[ "$CURR_KEYSERVER_WEB_COMMIT" == "$KEYSERVER_WEB_COMMIT" ]]; then
93 
         return
 65 
         return
104 
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
 76 
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
105 
 }
 77 
 }
106
78
107 
-function upgrade_keyserver {
108 
-    upgrade_keyserver_sks
109 
-    upgrade_keyserver_web
110 
-}
111 
-
112 
 function backup_local_keyserver {
 79 
 function backup_local_keyserver {
113 
     echo -n ''
 80 
     echo -n ''
114 
 }
 81 
 }
126 
 }
 93 
 }
127
94
128 
 function remove_keyserver {
 95 
 function remove_keyserver {
129 
-    systemctl stop keyserver
130 
-    systemctl disable keyserver
131 
-    rm /etc/systemd/system/keyserver.service
132 
-    systemctl daemon-reload
96 
+    systemctl stop sks
97 
+    apt-get -qy remove sks
133
98
134 
     read_config_param "KEYSERVER_DOMAIN_NAME"
 99 
     read_config_param "KEYSERVER_DOMAIN_NAME"
135 
     nginx_dissite $KEYSERVER_DOMAIN_NAME
 100 
     nginx_dissite $KEYSERVER_DOMAIN_NAME
150 
     remove_completion_param "install_keyserver"
 115 
     remove_completion_param "install_keyserver"
151
116
152 
     sed -i '/keyserver/d' $COMPLETION_FILE
 117 
     sed -i '/keyserver/d' $COMPLETION_FILE
153 
-    if [ -f /usr/bin/keyserver-start ]; then
154 
-        rm /usr/bin/keyserver-start
155 
-    fi
156 
-    if [ -f /usr/bin/keyserver-stop ]; then
157 
-        rm /usr/bin/keyserver-stop
158 
-    fi
159 
-    cd $INSTALL_DIR/keyserver
160 
-    make uninstall
161 
     if [ -d /var/lib/sks ]; then
 118 
     if [ -d /var/lib/sks ]; then
162 
         rm -rf /var/lib/sks
 119 
         rm -rf /var/lib/sks
163 
     fi
 120 
     fi
164 
-    rm -rf $INSTALL_DIR/keyserver
165 
-    groupdel -f keyserver
166 
-    userdel -r keyserver
167 
 }
 121 
 }
168
122
169 
 function install_interactive_keyserver {
 123 
 function install_interactive_keyserver {
201
155
202 
     cd /var/lib/sks
 156 
     cd /var/lib/sks
203 
     echo $'Building the keyserver database from the downloaded dump'
 157 
     echo $'Building the keyserver database from the downloaded dump'
204 
-    echo '2' | /usr/local/bin/sks_build.sh
158 
+    sks build
205 
 }
 159 
 }
206
160
207 
 function configure_interactive_keyserver {
 161 
 function configure_interactive_keyserver {
227 
 }
 181 
 }
228
182
229 
 function install_keyserver {
 183 
 function install_keyserver {
230 
-    apt-get -qy install build-essential gcc ocaml libdb-dev wget
184 
+    apt-get -qy install build-essential gcc ocaml libdb-dev wget sks
185 
+    sks build
186 
+    chown -Rc debian-sks: /var/lib/sks/DB
187 
+    sed -i 's|initstart=.*|initstart=yes|g' /etc/default/sks
188 
+    systemctl restart sks
231
189
232 
     if [ ! -d /var/www/$KEYSERVER_DOMAIN_NAME ]; then
 190 
     if [ ! -d /var/www/$KEYSERVER_DOMAIN_NAME ]; then
233 
         mkdir /var/www/$KEYSERVER_DOMAIN_NAME
 191 
         mkdir /var/www/$KEYSERVER_DOMAIN_NAME
234 
     fi
 192 
     fi
235
193
236 
-    if [ ! -d $INSTALL_DIR ]; then
237 
-        mkdir -p $INSTALL_DIR
238 
-    fi
239 
-    cd $INSTALL_DIR
240 
-    if [ -d /repos/keyserver ]; then
241 
-        mkdir $INSTALL_DIR/keyserver
242 
-        cp -r -p /repos/keyserver/. $INSTALL_DIR/keyserver
243 
-        cd $INSTALL_DIR/keyserver
244 
-        git pull
245 
-    else
246 
-        git_clone $KEYSERVER_SKS_REPO keyserver
247 
-    fi
248 
-    if [ ! -d $INSTALL_DIR/keyserver ]; then
249 
-        echo $"$INSTALL_DIR/keyserver not found"
250 
-        exit 835274
251 
-    fi
252 
-
253 
-    cd $INSTALL_DIR/keyserver
254 
-    git checkout $KEYSERVER_SKS_COMMIT -b $KEYSERVER_SKS_COMMIT
255 
-    set_completion_param "keyserver commit" "$KEYSERVER_SKS_COMMIT"
256 
-
257 
     cd /var/www/$KEYSERVER_DOMAIN_NAME
 194 
     cd /var/www/$KEYSERVER_DOMAIN_NAME
258 
     if [ -d /var/www/$KEYSERVER_DOMAIN_NAME/htdocs ]; then
 195 
     if [ -d /var/www/$KEYSERVER_DOMAIN_NAME/htdocs ]; then
259 
         rm -rf /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
 196 
         rm -rf /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
276 
     git checkout $KEYSERVER_WEB_COMMIT -b $KEYSERVER_WEB_COMMIT
 213 
     git checkout $KEYSERVER_WEB_COMMIT -b $KEYSERVER_WEB_COMMIT
277 
     set_completion_param "keyserver web commit" "$KEYSERVER_WEB_COMMIT"
 214 
     set_completion_param "keyserver web commit" "$KEYSERVER_WEB_COMMIT"
278
215
279 
-    cd $INSTALL_DIR/keyserver
280 
-    if [ ! -f Makefile.local.unused ]; then
281 
-        echo $'Unused makefile not found'
282 
-        exit 72398
283 
-    fi
284 
-    cp Makefile.local.unused Makefile.local
285 
-    sed -i 's|LIBDB=.*|LIBDB=-ldb-5.3.1|g' Makefile.local
286 
-
287 
-    make dep
288 
-    make all
289 
-    if [ ! "$?" = "0" ]; then
290 
-        echo $'Unable to build sks-keyserver'
291 
-        exit 8356328
292 
-    fi
293 
-    make install
294 
-
295 
-    if [ ! -f /usr/local/bin/sks_build.sh ]; then
296 
-        echo $'/usr/local/bin/sks_build.sh not found'
297 
-        exit 238460
298 
-    fi
299
216
300 
     USER_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
 217 
     USER_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
301 
     GPG_ID=$(su -m root -c "gpg --list-keys $USER_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//'" - $MY_USERNAME)
 218 
     GPG_ID=$(su -m root -c "gpg --list-keys $USER_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//'" - $MY_USERNAME)
329 
     echo 'stat_hour:                      12' >> $sksconf_file
 246 
     echo 'stat_hour:                      12' >> $sksconf_file
330 
     echo '' >> $sksconf_file
 247 
     echo '' >> $sksconf_file
331 
     echo 'max_matches:                    500' >> $sksconf_file
 248 
     echo 'max_matches:                    500' >> $sksconf_file
249 
+    chown debian-sks: $sksconf_file
332
250
333 
     KEYSERVER_ONION_HOSTNAME=$(add_onion_service keyserver 80 ${KEYSERVER_ONION_PORT})
 251 
     KEYSERVER_ONION_HOSTNAME=$(add_onion_service keyserver 80 ${KEYSERVER_ONION_PORT})
334
252
335 
-    echo '#!/bin/sh' > /usr/bin/keyserver-start
336 
-    echo 'cd /var/lib/sks' >> /usr/bin/keyserver-start
337 
-    echo 'echo -n \ sks_db' >> /usr/bin/keyserver-start
338 
-    echo '$DAEMON db &' >> /usr/bin/keyserver-start
339 
-    echo 'echo -n \ sks_recon' >> /usr/bin/keyserver-start
340 
-    echo '$DAEMON recon &' >> /usr/bin/keyserver-start
341 
-    chmod +x /usr/bin/keyserver-start
342 
-
343 
-    echo '#!/bin/sh' > /usr/bin/keyserver-stop
344 
-    echo 'killall sks' >> /usr/bin/keyserver-stop
345 
-    echo 'sleep 5' >> /usr/bin/keyserver-stop
346 
-    chmod +x /usr/bin/keyserver-stop
347 
-
348 
-    echo '[Unit]' > /etc/systemd/system/keyserver.service
349 
-    echo 'Description=SKS Keyserver' >> /etc/systemd/system/keyserver.service
350 
-    echo 'After=syslog.target network.target nginx.target' >> /etc/systemd/system/keyserver.service
351 
-    echo '' >> /etc/systemd/system/keyserver.service
352 
-    echo '[Service]' >> /etc/systemd/system/keyserver.service
353 
-    echo 'User=keyserver' >> /etc/systemd/system/keyserver.service
354 
-    echo 'Group=keyserver' >> /etc/systemd/system/keyserver.service
355 
-    echo "WorkingDirectory=/var/lib/sks" >> /etc/systemd/system/keyserver.service
356 
-    echo "ExecStart=/usr/bin/keyserver-start" >> /etc/systemd/system/keyserver.service
357 
-    echo "ExecStop=/usr/bin/keyserver-stop" >> /etc/systemd/system/keyserver.service
358 
-    echo 'Restart=always' >> /etc/systemd/system/keyserver.service
359 
-    echo 'RestartSec=10' >> /etc/systemd/system/keyserver.service
360 
-    echo '' >> /etc/systemd/system/keyserver.service
361 
-    echo '[Install]' >> /etc/systemd/system/keyserver.service
362 
-    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/keyserver.service
363 
-    chmod +x /etc/systemd/system/keyserver.service
364 
-
365 
     keyserver_nginx_site=/etc/nginx/sites-available/$KEYSERVER_DOMAIN_NAME
 253 
     keyserver_nginx_site=/etc/nginx/sites-available/$KEYSERVER_DOMAIN_NAME
366 
     if [[ $ONION_ONLY == "no" ]]; then
 254 
     if [[ $ONION_ONLY == "no" ]]; then
367 
         function_check nginx_http_redirect
 255 
         function_check nginx_http_redirect
455 
         chown root:root /etc/ssl/private/${KEYSERVER_DOMAIN_NAME}.key
 343 
         chown root:root /etc/ssl/private/${KEYSERVER_DOMAIN_NAME}.key
456 
     fi
 344 
     fi
457
345
458 
-    groupadd keyserver
459 
-    useradd -c "SKS Keyserver system account" -d /var/lib/sks -m -r -g keyserver keyserver
460 
-    chown -R keyserver:keyserver /var/lib/sks
461 
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
 346 
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
462
347
463 
     function_check nginx_ensite
 348 
     function_check nginx_ensite
464 
     nginx_ensite $KEYSERVER_DOMAIN_NAME
 349 
     nginx_ensite $KEYSERVER_DOMAIN_NAME
465
350
466 
-    systemctl enable keyserver
467 
-    systemctl daemon-reload
468 
-    systemctl start keyserver
469 
     systemctl restart nginx
 351 
     systemctl restart nginx
470
352
471 
     set_completion_param "keyserver domain" "$KEYSERVER_DOMAIN_NAME"
 353 
     set_completion_param "keyserver domain" "$KEYSERVER_DOMAIN_NAME"
354 
+    set_completion_param "keyserver onion domain" "$KEYSERVER_ONION_HOSTNAME"
472
355
473 
     APP_INSTALLED=1
 356 
     APP_INSTALLED=1
474 
 }
 357 
 }