Browse Source

server: Fix gpgv script

We do in fact control the upload order, it's in the makefile. So just
upload the zone first then the sig and then only verify and copy on the sig
upload.
master
Daniel Gröber 1 month ago
parent
commit
8823b6238f
  1. 12
      server/knot-gpgv-import

12
server/knot-gpgv-import

@ -5,16 +5,16 @@ set -eu
file="$1"
case "$file" in
# We don't control the order of the zone/sig upload so just try on both
*.zone) ;;
*.zone.sig) ;;
# Ignore everything else
*) exit 0 ;;
esac
zone=${file%*.sig}
[ -f "$file" ] || exit 1
[ -f "$file".sig ] || exit 2
gpgv --keyring $HOME/trustedkeys.kbx "$file".sig "$file" || exit 3
cp -t /var/lib/knot "$file" || exit 4
sudo -u knot knotc zone-reload "$(basename "${file%*.zone*}")"
[ -f "$zone" ] || exit 2
gpgv --keyring $HOME/trustedkeys.kbx "$file" "$zone" || exit 3
cp -t /var/lib/knot "$zone" || exit 4
sudo -u knot knotc zone-reload "$(basename "${zone%*.zone*}")"

Loading…
Cancel
Save