diff options
| l--------- | config.hs | 2 | ||||
| -rwxr-xr-x | contrib/post-checkout-hook | 28 | ||||
| -rwxr-xr-x | contrib/post-merge-hook | 44 | ||||
| -rw-r--r-- | privdata/.joeyconfig/README | 8 | ||||
| -rw-r--r-- | privdata/.joeyconfig/keyring.gpg (renamed from privdata.joey/keyring.gpg) | bin | 113014 -> 113014 bytes | |||
| -rw-r--r-- | privdata/.joeyconfig/privdata.gpg (renamed from privdata.joey/privdata.gpg) | 0 | ||||
| -rw-r--r-- | privdata/relocate | 1 | ||||
| -rw-r--r-- | src/Propellor/Git/VerifiedBranch.hs | 3 | ||||
| -rw-r--r-- | src/Propellor/Gpg.hs | 56 | ||||
| -rw-r--r-- | src/Propellor/PrivData.hs | 7 | ||||
| -rw-r--r-- | src/Propellor/PrivData/Paths.hs | 20 |
11 files changed, 109 insertions, 60 deletions
@@ -1 +1 @@ -config-simple.hs
\ No newline at end of file +joeyconfig.hs
\ No newline at end of file diff --git a/contrib/post-checkout-hook b/contrib/post-checkout-hook deleted file mode 100755 index 38998398..00000000 --- a/contrib/post-checkout-hook +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/sh -# -# git post-checkout hook, used by propellor's author to maintain a -# joeyconfig branch where config.hs is a symlink to joeyconfig.hs -# -# Each time this hook is run, it checks if it's on a branch with -# name ending in "config". If so, config.hs is pointed at $branch.hs -# Otherwise, config.hs is pointed at config-simple.hs -# - -set -e -prevhead="$1" -newhead="$2" -branchcheckout="$3" -if [ "$branchcheckout" != 0 ]; then - branch="$(git symbolic-ref --short HEAD)" - case "$branch" in - "") - true - ;; - *config) - ln -sf "$branch".hs config.hs - ;; - *) - ln -sf config-simple.hs config.hs - ;; - esac -fi diff --git a/contrib/post-merge-hook b/contrib/post-merge-hook new file mode 100755 index 00000000..fa9ab5b6 --- /dev/null +++ b/contrib/post-merge-hook @@ -0,0 +1,44 @@ +#!/bin/sh +# +# git post-merge hook, used by propellor's author to maintain a +# joeyconfig branch with some changes while being able to merge +# between it and branches without the changes. +# +# Each time this hook is run, it checks if it's on a branch with +# name ending in "config". If so, config.hs is pointed at $branch.hs +# and privdata/relocate is written to make files in privdata/.$branch/ be +# used. +# +# Otherwise, config.hs is pointed at config-simple.hs, and +# privdata/relocate is removed. + +set -e + +commit () { + if [ -n "$(git status --short privdata/relocate config.hs)" ]; then + git commit privdata/relocate config.hs -m "$1" + fi +} + +branch="$(git symbolic-ref --short HEAD)" +case "$branch" in + "") + true + ;; + *config) + ln -sf "$branch".hs config.hs + git add config.hs + echo ".$branch" > privdata/relocate + git add privdata/relocate + commit "setting up $branch after merge" + ;; + *) + ln -sf config-simple.hs config.hs + git add config.hs + if [ -e privdata/relocate ]; then + rm -f privdata/relocate + git rm --quiet privdata/relocate + fi + commit "clean up after merge" + ;; +esac diff --git a/privdata/.joeyconfig/README b/privdata/.joeyconfig/README new file mode 100644 index 00000000..6cc73b89 --- /dev/null +++ b/privdata/.joeyconfig/README @@ -0,0 +1,8 @@ +This is the privdata used by propellor's author, Joey Hess. + +While it has lots of important data in it, it's thankfully encrypted, so +you can't read it. + +If you're bothered by this directory cluttering up your clone of propellor, +feel free to delete it. Just don't expect Joey to merge any branches that +delete it. diff --git a/privdata.joey/keyring.gpg b/privdata/.joeyconfig/keyring.gpg Binary files differindex 01dd24e7..01dd24e7 100644 --- a/privdata.joey/keyring.gpg +++ b/privdata/.joeyconfig/keyring.gpg diff --git a/privdata.joey/privdata.gpg b/privdata/.joeyconfig/privdata.gpg index 027c5972..027c5972 100644 --- a/privdata.joey/privdata.gpg +++ b/privdata/.joeyconfig/privdata.gpg diff --git a/privdata/relocate b/privdata/relocate new file mode 100644 index 00000000..271692d8 --- /dev/null +++ b/privdata/relocate @@ -0,0 +1 @@ +.joeyconfig diff --git a/src/Propellor/Git/VerifiedBranch.hs b/src/Propellor/Git/VerifiedBranch.hs index a39bc7e9..51fcb573 100644 --- a/src/Propellor/Git/VerifiedBranch.hs +++ b/src/Propellor/Git/VerifiedBranch.hs @@ -2,7 +2,6 @@ module Propellor.Git.VerifiedBranch where import Propellor.Base import Propellor.Git -import Propellor.Gpg import Propellor.PrivData.Paths import Utility.FileMode @@ -14,6 +13,7 @@ import Utility.FileMode verifyOriginBranch :: String -> IO Bool verifyOriginBranch originbranch = do let gpgconf = privDataDir </> "gpg.conf" + keyring <- privDataKeyring writeFile gpgconf $ unlines [ " keyring " ++ keyring , "no-auto-check-trustdb" @@ -38,6 +38,7 @@ fetchOrigin = do oldsha <- getCurrentGitSha1 branchref + keyring <- privDataKeyring whenM (doesFileExist keyring) $ ifM (verifyOriginBranch originbranch) ( do diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs index a13734b4..55d89d29 100644 --- a/src/Propellor/Gpg.hs +++ b/src/Propellor/Gpg.hs @@ -1,7 +1,6 @@ module Propellor.Gpg where import System.IO -import System.FilePath import System.Directory import Data.Maybe import Data.List.Utils @@ -30,22 +29,21 @@ getGpgBin = do Nothing -> getEnvDefault "GNUPGBIN" "gpg" Just b -> return b -keyring :: FilePath -keyring = privDataDir </> "keyring.gpg" - -- Lists the keys in propellor's keyring. listPubKeys :: IO [KeyId] listPubKeys = do gpgbin <- getGpgBin - parse . lines <$> readProcess gpgbin listopts + keyring <- privDataKeyring + parse . lines <$> readProcess gpgbin (listopts keyring) where - listopts = useKeyringOpts ++ ["--with-colons", "--list-public-keys"] + listopts keyring = useKeyringOpts keyring ++ + ["--with-colons", "--list-public-keys"] parse = mapMaybe (keyIdField . split ":") keyIdField ("pub":_:_:_:f:_) = Just f keyIdField _ = Nothing -useKeyringOpts :: [String] -useKeyringOpts = +useKeyringOpts :: FilePath -> [String] +useKeyringOpts keyring = [ "--options" , "/dev/null" , "--no-default-keyring" @@ -55,20 +53,21 @@ useKeyringOpts = addKey :: KeyId -> IO () addKey keyid = do gpgbin <- getGpgBin + keyring <- privDataKeyring exitBool =<< allM (uncurry actionMessage) - [ ("adding key to propellor's keyring", addkeyring gpgbin) + [ ("adding key to propellor's keyring", addkeyring keyring gpgbin) , ("staging propellor's keyring", gitAdd keyring) , ("updating encryption of any privdata", reencryptPrivData) , ("configuring git commit signing to use key", gitconfig gpgbin) , ("committing changes", gitCommitKeyRing "add-key") ] where - addkeyring gpgbin' = do + addkeyring keyring' gpgbin' = do createDirectoryIfMissing True privDataDir boolSystem "sh" [ Param "-c" , Param $ gpgbin' ++ " --export " ++ keyid ++ " | gpg " ++ - unwords (useKeyringOpts ++ ["--import"]) + unwords (useKeyringOpts keyring' ++ ["--import"]) ] gitconfig gpgbin' = ifM (snd <$> processTranscript gpgbin' ["--list-secret-keys", keyid] Nothing) @@ -85,16 +84,17 @@ addKey keyid = do rmKey :: KeyId -> IO () rmKey keyid = do gpgbin <- getGpgBin + keyring <- privDataKeyring exitBool =<< allM (uncurry actionMessage) - [ ("removing key from propellor's keyring", rmkeyring gpgbin) + [ ("removing key from propellor's keyring", rmkeyring keyring gpgbin) , ("staging propellor's keyring", gitAdd keyring) , ("updating encryption of any privdata", reencryptPrivData) , ("configuring git commit signing to not use key", gitconfig) , ("committing changes", gitCommitKeyRing "rm-key") ] where - rmkeyring gpgbin' = boolSystem gpgbin' $ - (map Param useKeyringOpts) ++ + rmkeyring keyring' gpgbin' = boolSystem gpgbin' $ + (map Param (useKeyringOpts keyring')) ++ [ Param "--batch" , Param "--yes" , Param "--delete-key", Param keyid @@ -110,12 +110,14 @@ rmKey keyid = do ) reencryptPrivData :: IO Bool -reencryptPrivData = ifM (doesFileExist privDataFile) - ( do - gpgEncrypt privDataFile =<< gpgDecrypt privDataFile - gitAdd privDataFile - , return True - ) +reencryptPrivData = do + f <- privDataFile + ifM (doesFileExist f) + ( do + gpgEncrypt f =<< gpgDecrypt f + gitAdd f + , return True + ) gitAdd :: FilePath -> IO Bool gitAdd f = boolSystem "git" @@ -125,17 +127,21 @@ gitAdd f = boolSystem "git" gitCommitKeyRing :: String -> IO Bool gitCommitKeyRing action = do + keyring <- privDataKeyring + privdata <- privDataFile -- Commit explicitly the keyring and privdata files, as other -- changes may be staged by the user and shouldn't be committed. - tocommit <- filterM doesFileExist [ privDataFile, keyring] + tocommit <- filterM doesFileExist [ privdata, keyring] gitCommit (Just ("propellor " ++ action)) (map File tocommit) -- Adds --gpg-sign if there's a keyring. gpgSignParams :: [CommandParam] -> IO [CommandParam] -gpgSignParams ps = ifM (doesFileExist keyring) - ( return (ps ++ [Param "--gpg-sign"]) - , return ps - ) +gpgSignParams ps = do + keyring <- privDataKeyring + ifM (doesFileExist keyring) + ( return (ps ++ [Param "--gpg-sign"]) + , return ps + ) -- Automatically sign the commit if there'a a keyring. gitCommit :: Maybe String -> [CommandParam] -> IO Bool diff --git a/src/Propellor/PrivData.hs b/src/Propellor/PrivData.hs index ac7b00d3..bc09f0c6 100644 --- a/src/Propellor/PrivData.hs +++ b/src/Propellor/PrivData.hs @@ -251,12 +251,13 @@ modifyPrivData' f = do makePrivDataDir m <- decryptPrivData let (m', r) = f m - gpgEncrypt privDataFile (show m') - void $ boolSystem "git" [Param "add", File privDataFile] + privdata <- privDataFile + gpgEncrypt privdata (show m') + void $ boolSystem "git" [Param "add", File privdata] return r decryptPrivData :: IO PrivMap -decryptPrivData = readPrivData <$> gpgDecrypt privDataFile +decryptPrivData = readPrivData <$> (gpgDecrypt =<< privDataFile) readPrivData :: String -> PrivMap readPrivData = fromMaybe M.empty . readish diff --git a/src/Propellor/PrivData/Paths.hs b/src/Propellor/PrivData/Paths.hs index 3d0d8a58..7410370b 100644 --- a/src/Propellor/PrivData/Paths.hs +++ b/src/Propellor/PrivData/Paths.hs @@ -1,15 +1,31 @@ module Propellor.PrivData.Paths where +import Utility.Exception import System.FilePath +import Control.Applicative +import Prelude privDataDir :: FilePath privDataDir = "privdata" -privDataFile :: FilePath -privDataFile = privDataDir </> "privdata.gpg" +privDataFile :: IO FilePath +privDataFile = allowRelocate $ privDataDir </> "privdata.gpg" + +privDataKeyring :: IO FilePath +privDataKeyring = allowRelocate $ privDataDir </> "keyring.gpg" privDataLocal :: FilePath privDataLocal = privDataDir </> "local" privDataRelay :: String -> FilePath privDataRelay host = privDataDir </> "relay" </> host + +-- Allow relocating files in privdata, by checking for a file +-- privdata/relocate, which contains the path to a subdirectory that +-- contains the files. +allowRelocate :: FilePath -> IO FilePath +allowRelocate f = reloc . lines + <$> catchDefaultIO "" (readFile (privDataDir </> "relocate")) + where + reloc (p:_) | not (null p) = privDataDir </> p </> takeFileName f + reloc _ = f |