Merge branch 'stretch' of https://github.com/bashrc/freedombone

src/freedombone-app-keyserver

 IN_DEFAULT_INSTALL=0
 SHOW_ON_ABOUT=1
 
-KEYSERVER_SKS_REPO="https://bitbucket.org/skskeyserver/sks-keyserver"
-KEYSERVER_SKS_COMMIT='0106ba2'
 KEYSERVER_WEB_REPO="https://github.com/mattrude/pgpkeyserver-lite"
 KEYSERVER_WEB_COMMIT='a038cb79b927c99bf7da62f20d2c6a2f20374339'
 KEYSERVER_PORT=11371
 KEYSERVER_ONION_PORT=8122
 KEYSERVER_DOMAIN_NAME=
 KEYSERVER_CODE=
-KEYSERVER_DUMP_URL="https://keyserver.mattrude.com/dump/current/"
 
 keyserver_variables=(ONION_ONLY
                      MY_USERNAME
     echo -n ''
 }
 
-function upgrade_keyserver_sks {
-    CURR_KEYSERVER_SKS_COMMIT=$(get_completion_param "keyserver commit")
-    if [[ "$CURR_KEYSERVER_SKS_COMMIT" == "$KEYSERVER_SKS_COMMIT" ]]; then
-        return
-    fi
-
-    if grep -q "keyserver domain" $COMPLETION_FILE; then
-        KEYSERVER_DOMAIN_NAME=$(get_completion_param "keyserver domain")
-    fi
-
-    # update to the next commit
-    function_check set_repo_commit
-    set_repo_commit $INSTALL_DIR/keyserver "keyserver commit" "$KEYSERVER_SKS_COMMIT" $KEYSERVER_SKS_REPO
-
-    cd $INSTALL_DIR/keyserver
-    make dep
-    make all
-    if [ ! "$?" = "0" ]; then
-        echo $'Unable to build sks-keyserver'
-        exit 836252
-    fi
-    make install
-
-    chown -R keyserver:keyserver /var/lib/sks
-}
-
-function upgrade_keyserver_web {
+function upgrade_keyserver {
     CURR_KEYSERVER_WEB_COMMIT=$(get_completion_param "keyserver web commit")
     if [[ "$CURR_KEYSERVER_WEB_COMMIT" == "$KEYSERVER_WEB_COMMIT" ]]; then
         return
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
 }
 
-function upgrade_keyserver {
-    upgrade_keyserver_sks
-    upgrade_keyserver_web
-}
-
 function backup_local_keyserver {
     echo -n ''
 }
 }
 
 function remove_keyserver {
-    systemctl stop keyserver
-    systemctl disable keyserver
-    rm /etc/systemd/system/keyserver.service
-    systemctl daemon-reload
+    systemctl stop sks
+    apt-get -qy remove sks
 
     read_config_param "KEYSERVER_DOMAIN_NAME"
     nginx_dissite $KEYSERVER_DOMAIN_NAME
     function_check remove_ddns_domain
     remove_ddns_domain $KEYSERVER_DOMAIN_NAME
 
-    groupdel -f keyserver
-    userdel -r keyserver
-
     remove_config_param KEYSERVER_DOMAIN_NAME
     remove_config_param KEYSERVER_CODE
     function_check remove_onion_service
     remove_completion_param "install_keyserver"
 
     sed -i '/keyserver/d' $COMPLETION_FILE
-    if [ -f /usr/bin/keyserver-start ]; then
-        rm /usr/bin/keyserver-start
+    if [ -d /var/lib/sks ]; then
+        rm -rf /var/lib/sks
     fi
-    if [ -f /usr/bin/keyserver-stop ]; then
-        rm /usr/bin/keyserver-stop
-    fi
-    groupdel -f keyserver
-    userdel -r keyserver
 }
 
 function install_interactive_keyserver {
     APP_INSTALLED=1
 }
 
+function keyserver_import_keys {
+    dialog --title $"Import public keys database" \
+           --backtitle $"Freedombone Control Panel" \
+           --defaultno \
+           --yesno $"\nThis will download many gigabytes of data and so depending on your bandwidth it could take several days.\n\nContinue?" 10 60
+    sel=$?
+    case $sel in
+        1) return;;
+        255) return;;
+    esac
+    if [ ! -d /var/lib/sks/dump ]; then
+        mkdir -p /var/lib/sks/dump
+    fi
+    cd /var/lib/sks/dump
+    echo $'Getting keyserver dump. This may take a few days or longer, so be patient.'
+    rm -rf cd /var/lib/sks/dump/*
+    KEYSERVER_DUMP_URL="https://keyserver.mattrude.com/dump/$(date +%F)/"
+    wget -crp -e robots=off --level=1 --cut-dirs=3 -nH \
+         -A pgp,txt $KEYSERVER_DUMP_URL
+
+    cd /var/lib/sks
+    echo $'Building the keyserver database from the downloaded dump'
+    sks build
+}
+
+function configure_interactive_keyserver {
+    while true
+    do
+        data=$(tempfile 2>/dev/null)
+        trap "rm -f $data" 0 1 2 5 15
+        dialog --backtitle $"Freedombone Control Panel" \
+               --title $"SKS Keyserver" \
+               --radiolist $"Choose an operation:" 10 70 2 \
+               1 $"Import public keys database" off \
+               2 $"Exit" on 2> $data
+        sel=$?
+        case $sel in
+            1) return;;
+            255) return;;
+        esac
+        case $(cat $data) in
+            1) keyserver_import_keys;;
+            2) break;;
+        esac
+    done
+}
+
 function install_keyserver {
-    apt-get -qy install build-essential gcc ocaml libdb-dev wget
+    apt-get -qy install build-essential gcc ocaml libdb-dev wget sks
+    sks build
+    chown -Rc debian-sks: /var/lib/sks/DB
+    sed -i 's|initstart=.*|initstart=yes|g' /etc/default/sks
+    systemctl restart sks
 
     if [ ! -d /var/www/$KEYSERVER_DOMAIN_NAME ]; then
         mkdir /var/www/$KEYSERVER_DOMAIN_NAME
     fi
 
-    if [ ! -d $INSTALL_DIR ]; then
-        mkdir -p $INSTALL_DIR
-    fi
-    cd $INSTALL_DIR
-    if [ -d /repos/keyserver ]; then
-        mkdir $INSTALL_DIR/keyserver
-        cp -r -p /repos/keyserver/. $INSTALL_DIR/keyserver
-        cd $INSTALL_DIR/keyserver
-        git pull
-    else
-        if [ -d $INSTALL_DIR/keyserver ]; then
-            cd $INSTALL_DIR/keyserver
-            pull
-        else
-            git_clone $KEYSERVER_SKS_REPO $INSTALL_DIR/keyserver
-        fi
-    fi
-
-    cd $INSTALL_DIR/keyserver
-    git checkout $KEYSERVER_SKS_COMMIT -b $KEYSERVER_SKS_COMMIT
-    set_completion_param "keyserver commit" "$KEYSERVER_SKS_COMMIT"
-
     cd /var/www/$KEYSERVER_DOMAIN_NAME
     if [ -d /var/www/$KEYSERVER_DOMAIN_NAME/htdocs ]; then
         rm -rf /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
     else
         git_clone $KEYSERVER_WEB_REPO htdocs
     fi
+    if [ ! -d /var/www/$KEYSERVER_DOMAIN_NAME/htdocs ]; then
+        echo $"/var/www/$KEYSERVER_DOMAIN_NAME/htdocs not found"
+        exit 6539230
+    fi
 
     cd /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
     git checkout $KEYSERVER_WEB_COMMIT -b $KEYSERVER_WEB_COMMIT
     set_completion_param "keyserver web commit" "$KEYSERVER_WEB_COMMIT"
 
-    cd $INSTALL_DIR/keyserver
-    if [ ! -f Makefile.local.unused ]; then
-        echo $'Unused makefile not found'
-        exit 72398
-    fi
-    cp Makefile.local.unused Makefile.local
-    sed -i 's|LIBDB=.*|LIBDB=-ldb-5.3.1|g' Makefile.local
-
-    make dep
-    make all
-    if [ ! "$?" = "0" ]; then
-        echo $'Unable to build sks-keyserver'
-        exit 8356328
-    fi
-    make install
-
-    if [ ! -f /usr/local/bin/sks_build.sh ]; then
-        echo $'/usr/local/bin/sks_build.sh not found'
-        exit 238460
-    fi
 
     USER_EMAIL_ADDRESS=$MY_USERNAME@$HOSTNAME
     GPG_ID=$(su -m root -c "gpg --list-keys $USER_EMAIL_ADDRESS | sed -n '2p' | sed 's/^[ \t]*//'" - $MY_USERNAME)
     echo 'stat_hour:                      12' >> $sksconf_file
     echo '' >> $sksconf_file
     echo 'max_matches:                    500' >> $sksconf_file
-
-    if [ ! -d /var/lib/sks/dump ]; then
-        mkdir -p /var/lib/sks/dump
-    fi
-    cd /var/lib/sks/dump
-    echo $'Getting keyserver dump. This may take a few hours, so be patient.'
-    wget -crp -e robots=off --level=1 --cut-dirs=3 -nH \
-         -A pgp,txt $KEYSERVER_DUMP_URL
-
-    cd /var/lib/sks
-    echo $'Building the keyserver database from the downloaded dump'
-    echo '2' | /usr/local/bin/sks_build.sh
+    chown debian-sks: $sksconf_file
 
     KEYSERVER_ONION_HOSTNAME=$(add_onion_service keyserver 80 ${KEYSERVER_ONION_PORT})
 
-    echo '#!/bin/sh' > /usr/bin/keyserver-start
-    echo 'cd /var/lib/sks' >> /usr/bin/keyserver-start
-    echo 'echo -n \ sks_db' >> /usr/bin/keyserver-start
-    echo '$DAEMON db &' >> /usr/bin/keyserver-start
-    echo 'echo -n \ sks_recon' >> /usr/bin/keyserver-start
-    echo '$DAEMON recon &' >> /usr/bin/keyserver-start
-    chmod +x /usr/bin/keyserver-start
-
-    echo '#!/bin/sh' > /usr/bin/keyserver-stop
-    echo 'killall sks' >> /usr/bin/keyserver-stop
-    echo 'sleep 5' >> /usr/bin/keyserver-stop
-    chmod +x /usr/bin/keyserver-stop
-
-    echo '[Unit]' > /etc/systemd/system/keyserver.service
-    echo 'Description=SKS Keyserver' >> /etc/systemd/system/keyserver.service
-    echo 'After=syslog.target network.target nginx.target' >> /etc/systemd/system/keyserver.service
-    echo '' >> /etc/systemd/system/keyserver.service
-    echo '[Service]' >> /etc/systemd/system/keyserver.service
-    echo 'User=keyserver' >> /etc/systemd/system/keyserver.service
-    echo 'Group=keyserver' >> /etc/systemd/system/keyserver.service
-    echo "WorkingDirectory=/var/lib/sks" >> /etc/systemd/system/keyserver.service
-    echo "ExecStart=/usr/bin/keyserver-start" >> /etc/systemd/system/keyserver.service
-    echo "ExecStop=/usr/bin/keyserver-stop" >> /etc/systemd/system/keyserver.service
-    echo 'Restart=always' >> /etc/systemd/system/keyserver.service
-    echo 'RestartSec=10' >> /etc/systemd/system/keyserver.service
-    echo '' >> /etc/systemd/system/keyserver.service
-    echo '[Install]' >> /etc/systemd/system/keyserver.service
-    echo 'WantedBy=multi-user.target' >> /etc/systemd/system/keyserver.service
-    chmod +x /etc/systemd/system/keyserver.service
-
     keyserver_nginx_site=/etc/nginx/sites-available/$KEYSERVER_DOMAIN_NAME
     if [[ $ONION_ONLY == "no" ]]; then
         function_check nginx_http_redirect
         chown root:root /etc/ssl/private/${KEYSERVER_DOMAIN_NAME}.key
     fi
 
-    groupadd keyserver
-    useradd -c "SKS Keyserver system account" -d /var/lib/sks -m -r -g keyserver keyserver
-    chown -R keyserver:keyserver /var/lib/sks
     chown -R www-data:www-data /var/www/$KEYSERVER_DOMAIN_NAME/htdocs
 
     function_check nginx_ensite
     nginx_ensite $KEYSERVER_DOMAIN_NAME
 
-    systemctl enable keyserver
-    systemctl daemon-reload
-    systemctl start keyserver
     systemctl restart nginx
 
     set_completion_param "keyserver domain" "$KEYSERVER_DOMAIN_NAME"
+    set_completion_param "keyserver onion domain" "$KEYSERVER_ONION_HOSTNAME"
 
     APP_INSTALLED=1
 }