diff options
| author | Joey Hess <joeyh@joeyh.name> | 2015-09-23 14:26:46 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2015-09-23 14:26:46 -0400 |
| commit | 050137a2694182685cd0c35479476c1cdbe8d699 (patch) | |
| tree | a64610496c4ae7379eafb5c2430422f381fbfcf7 /src/Propellor/Gpg.hs | |
| parent | 65ef400d40170e8331c6e556d2abb911556f2b5a (diff) | |
| parent | 4ded5bf3d9cd878d00adc7b9a6063b44d528094c (diff) | |
Merge branch 'joeyconfig'
Diffstat (limited to 'src/Propellor/Gpg.hs')
| -rw-r--r-- | src/Propellor/Gpg.hs | 69 |
1 files changed, 49 insertions, 20 deletions
diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs index f2ae8f9a..84f67dc1 100644 --- a/src/Propellor/Gpg.hs +++ b/src/Propellor/Gpg.hs @@ -41,10 +41,10 @@ useKeyringOpts = addKey :: KeyId -> IO () addKey keyid = exitBool =<< allM (uncurry actionMessage) [ ("adding key to propellor's keyring", addkeyring) - , ("staging propellor's keyring", gitadd keyring) - , ("updating encryption of any privdata", reencryptprivdata) - , ("configuring git signing to use key", gitconfig) - , ("committing changes", gitcommit) + , ("staging propellor's keyring", gitAdd keyring) + , ("updating encryption of any privdata", reencryptPrivData) + , ("configuring git commit signing to use key", gitconfig) + , ("committing changes", gitCommitKeyRing "add-key") ] where addkeyring = do @@ -55,18 +55,6 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage) unwords (useKeyringOpts ++ ["--import"]) ] - reencryptprivdata = ifM (doesFileExist privDataFile) - ( do - gpgEncrypt privDataFile =<< gpgDecrypt privDataFile - gitadd privDataFile - , return True - ) - - gitadd f = boolSystem "git" - [ Param "add" - , File f - ] - gitconfig = ifM (snd <$> processTranscript "gpg" ["--list-secret-keys", keyid] Nothing) ( boolSystem "git" [ Param "config" @@ -78,11 +66,52 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage) return True ) - gitcommit = gitCommit - [ File keyring - , Param "-m" - , Param "propellor addkey" +rmKey :: KeyId -> IO () +rmKey keyid = exitBool =<< allM (uncurry actionMessage) + [ ("removing key from propellor's keyring", rmkeyring) + , ("staging propellor's keyring", gitAdd keyring) + , ("updating encryption of any privdata", reencryptPrivData) + , ("configuring git commit signing to not use key", gitconfig) + , ("committing changes", gitCommitKeyRing "rm-key") + ] + where + rmkeyring = boolSystem "gpg" $ + (map Param useKeyringOpts) ++ + [ Param "--batch" + , Param "--yes" + , Param "--delete-key", Param keyid ] + + gitconfig = ifM ((==) (keyid++"\n", True) <$> processTranscript "git" ["config", "user.signingkey"] Nothing) + ( boolSystem "git" + [ Param "config" + , Param "--unset" + , Param "user.signingkey" + ] + , return True + ) + +reencryptPrivData :: IO Bool +reencryptPrivData = ifM (doesFileExist privDataFile) + ( do + gpgEncrypt privDataFile =<< gpgDecrypt privDataFile + gitAdd privDataFile + , return True + ) + +gitAdd :: FilePath -> IO Bool +gitAdd f = boolSystem "git" + [ Param "add" + , File f + ] + +gitCommitKeyRing :: String -> IO Bool +gitCommitKeyRing action = gitCommit + [ File keyring + , File privDataFile + , Param "-m" + , Param ("propellor " ++ action) + ] -- Adds --gpg-sign if there's a keyring. gpgSignParams :: [CommandParam] -> IO [CommandParam] |