From fd0e74813e45a6a8ab04718cb476f668b1761a36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C5=82=20=27rysiek=27=20Wo=C5=BAniak?=
 <rysiek@hackerspace.pl>
Date: Fri, 24 Feb 2017 12:41:23 +0100
Subject: [PATCH] run.sh: using inotifywait to automagically reload kuvert when
 gpg keyring changes; also, by default running kuvert with the debug mode on

---
 Dockerfile | 10 +++++++++-
 run.sh     | 23 ++++++++++++++++++++++-
 2 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 48053c6..473a163 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,6 +8,14 @@ ENV KUVERT_UID 1000
 ENV KUVERT_GID 1000
 ENV KUVERT_HOME /home/kuvert
 
+# install inotify-tools
+RUN DEBIAN_FRONTEND=noninteractive apt-get -q update && \
+    apt-get -q -y --no-install-recommends install \
+        inotify-tools && \
+    apt-get -q clean && \
+    apt-get -q -y autoremove && \
+    rm -rf /var/lib/apt/lists/*
+
 # install the needed CPAN modules
 # divided into separate RUN commands for easier debugging
 # (cpan's output does not lend itself to debugging very well...)
@@ -33,4 +41,4 @@ RUN cd /usr/local/src/kuvert/ && \
 RUN chmod a+x /usr/local/src/kuvert/run.sh
 
 ENTRYPOINT ["/usr/local/src/kuvert/run.sh"]
-CMD ["kuvert"]
\ No newline at end of file
+CMD ["kuvert", "-d"]
\ No newline at end of file
diff --git a/run.sh b/run.sh
index 33a4f93..183bcef 100644
--- a/run.sh
+++ b/run.sh
@@ -175,7 +175,6 @@ Name-Real: $KUVERT_USER
 Name-Comment: Auto-generated for kuvert testing, change as soon as possible
 Name-Email: $KUVERT_USER@localhost
 Expire-Date: 0
-# Do a commit here, so that we can later print "done" :-)
 %commit
 EOT
     echo "    +-- done."
@@ -184,6 +183,28 @@ else
     echo "$SECRET_KEYS" | wc -l
 fi
 
+# this watches the $KUVERT_GNUPG_DIR files for changes
+# and re-loads kuvert's config and keychain when they're detected
+function watch_pubkeys {
+    echo "+-- watching for changes in $KUVERT_GNUPG_DIR"
+    # FIXME we need to handle SIGHUP/SIGTERM/SIGKILL nicely some day
+    while true; do
+        # wait for events
+        inotifywait -r -e modify -e move -e create -e delete -qq "$KUVERT_GNUPG_DIR"
+        # if a watched event occured, redo authorized_keys
+        if [ $? -eq 0 ]; then
+            echo "    +-- files in $KUVERT_GNUPG_DIR changed"
+            echo "        reloading kuvert config and keuring..."
+            su -p -c "env PATH=\"$PATH\" kuvert -r" "$KUVERT_USER"
+        fi
+    done
+}
+
+# watch for changes with the keyring in the background
+# when changes are detected, kuvert gets reloaded
+watch_pubkeys &
+sleep 1
+
 # inform
 echo "========================================================================"
 echo "== Starting kuvert                                                    =="