run.sh: using inotifywait to automagically reload kuvert when gpg keyring changes; also, by default running kuvert with the debug mode on
parent
c9fe1b6f43
commit
fd0e74813e
10
Dockerfile
10
Dockerfile
|
@ -8,6 +8,14 @@ ENV KUVERT_UID 1000
|
|||
ENV KUVERT_GID 1000
|
||||
ENV KUVERT_HOME /home/kuvert
|
||||
|
||||
# install inotify-tools
|
||||
RUN DEBIAN_FRONTEND=noninteractive apt-get -q update && \
|
||||
apt-get -q -y --no-install-recommends install \
|
||||
inotify-tools && \
|
||||
apt-get -q clean && \
|
||||
apt-get -q -y autoremove && \
|
||||
rm -rf /var/lib/apt/lists/*
|
||||
|
||||
# install the needed CPAN modules
|
||||
# divided into separate RUN commands for easier debugging
|
||||
# (cpan's output does not lend itself to debugging very well...)
|
||||
|
@ -33,4 +41,4 @@ RUN cd /usr/local/src/kuvert/ && \
|
|||
RUN chmod a+x /usr/local/src/kuvert/run.sh
|
||||
|
||||
ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
|
||||
CMD ["kuvert"]
|
||||
CMD ["kuvert", "-d"]
|
23
run.sh
23
run.sh
|
@ -175,7 +175,6 @@ Name-Real: $KUVERT_USER
|
|||
Name-Comment: Auto-generated for kuvert testing, change as soon as possible
|
||||
Name-Email: $KUVERT_USER@localhost
|
||||
Expire-Date: 0
|
||||
# Do a commit here, so that we can later print "done" :-)
|
||||
%commit
|
||||
EOT
|
||||
echo " +-- done."
|
||||
|
@ -184,6 +183,28 @@ else
|
|||
echo "$SECRET_KEYS" | wc -l
|
||||
fi
|
||||
|
||||
# this watches the $KUVERT_GNUPG_DIR files for changes
|
||||
# and re-loads kuvert's config and keychain when they're detected
|
||||
function watch_pubkeys {
|
||||
echo "+-- watching for changes in $KUVERT_GNUPG_DIR"
|
||||
# FIXME we need to handle SIGHUP/SIGTERM/SIGKILL nicely some day
|
||||
while true; do
|
||||
# wait for events
|
||||
inotifywait -r -e modify -e move -e create -e delete -qq "$KUVERT_GNUPG_DIR"
|
||||
# if a watched event occured, redo authorized_keys
|
||||
if [ $? -eq 0 ]; then
|
||||
echo " +-- files in $KUVERT_GNUPG_DIR changed"
|
||||
echo " reloading kuvert config and keuring..."
|
||||
su -p -c "env PATH=\"$PATH\" kuvert -r" "$KUVERT_USER"
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
# watch for changes with the keyring in the background
|
||||
# when changes are detected, kuvert gets reloaded
|
||||
watch_pubkeys &
|
||||
sleep 1
|
||||
|
||||
# inform
|
||||
echo "========================================================================"
|
||||
echo "== Starting kuvert =="
|
||||
|
|
Loading…
Reference in New Issue