Daniel Gröber
8823b6238f
We do in fact control the upload order, it's in the makefile. So just upload the zone first then the sig and then only verify and copy on the sig upload.
21 lines
344 B
Bash
21 lines
344 B
Bash
#!/bin/sh
|
|
|
|
set -eu
|
|
|
|
file="$1"
|
|
|
|
case "$file" in
|
|
*.zone.sig) ;;
|
|
|
|
# Ignore everything else
|
|
*) exit 0 ;;
|
|
esac
|
|
|
|
zone=${file%*.sig}
|
|
|
|
[ -f "$file" ] || exit 1
|
|
[ -f "$zone" ] || exit 2
|
|
gpgv --keyring $HOME/trustedkeys.kbx "$file" "$zone" || exit 3
|
|
cp -t /var/lib/knot "$zone" || exit 4
|
|
sudo -u knot knotc zone-reload "$(basename "${zone%*.zone*}")"
|