IT-Syndikat/its-zones
Archived
14
0
Fork 0
Code Issues Pull requests Releases Activity

server: Fix gpgv script

Browse source 
We do in fact control the upload order, it's in the makefile. So just
upload the zone first then the sig and then only verify and copy on the sig
upload.
This commit is contained in:
Daniel Gröber 2021-10-28 04:09:19 +02:00
parent cbebe3d1d6
commit 8823b6238f
1 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
server/knot-gpgv-import
View file

@ -5,16 +5,16 @@ set -eu
file="$1"
case "$file" in
# We don't control the order of the zone/sig upload so just try on both
*.zone) ;;
*.zone.sig) ;;
# Ignore everything else
*) exit 0 ;;
esac
zone=${file%*.sig}
[ -f "$file" ] || exit 1
[ -f "$file".sig ] || exit 2
gpgv --keyring $HOME/trustedkeys.kbx "$file".sig "$file" || exit 3
cp -t /var/lib/knot "$file" || exit 4
sudo -u knot knotc zone-reload "$(basename "${file%*.zone*}")"
[ -f "$zone" ] || exit 2
gpgv --keyring $HOME/trustedkeys.kbx "$file" "$zone" || exit 3
cp -t /var/lib/knot "$zone" || exit 4
sudo -u knot knotc zone-reload "$(basename "${zone%*.zone*}")"