summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-09-23 14:26:46 -0400
committerJoey Hess2015-09-23 14:26:46 -0400
commit050137a2694182685cd0c35479476c1cdbe8d699 (patch)
treea64610496c4ae7379eafb5c2430422f381fbfcf7
parent65ef400d40170e8331c6e556d2abb911556f2b5a (diff)
parent4ded5bf3d9cd878d00adc7b9a6063b44d528094c (diff)
Merge branch 'joeyconfig'
-rw-r--r--debian/changelog6
-rw-r--r--doc/security.mdwn2
-rw-r--r--src/Propellor/CmdLine.hs3
-rw-r--r--src/Propellor/Gpg.hs69
-rw-r--r--src/Propellor/Types/CmdLine.hs1
5 files changed, 60 insertions, 21 deletions
diff --git a/debian/changelog b/debian/changelog
index ff634ad6..91f78be7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+propellor (2.8.1) UNRELEASED; urgency=medium
+
+ * Added --rm-key.
+
+ -- Joey Hess <id@joeyh.name> Wed, 23 Sep 2015 13:50:01 -0400
+
propellor (2.8.0) unstable; urgency=medium
* Added Propellor.Property.Rsync.
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 831b2b41..8a23d30c 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -24,7 +24,7 @@ to bootstrap propellor on a new host, it transfers the local git repositry
to the remote host over ssh. After that, the host knows the gpg key, and
will use it to verify git fetches.
-Since the propoellor git repository is public, you can't store
+Since the propellor git repository is public, you can't store
in cleartext private data such as passwords, ssh private keys, etc.
Instead, `propellor --spin $host` looks for a
diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index 95a633ec..0cc8294d 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -26,6 +26,7 @@ usage h = hPutStrLn h $ unlines
, " propellor hostname"
, " propellor --spin targethost [--via relayhost]"
, " propellor --add-key keyid"
+ , " propellor --rm-key keyid"
, " propellor --set field context"
, " propellor --dump field context"
, " propellor --edit field context"
@@ -50,6 +51,7 @@ processCmdLine = go =<< getArgs
<*> pure (Just r)
_ -> Spin <$> mapM hostname ps <*> pure Nothing
go ("--add-key":k:[]) = return $ AddKey k
+ go ("--rm-key":k:[]) = return $ RmKey k
go ("--set":f:c:[]) = withprivfield f c Set
go ("--unset":f:c:[]) = withprivfield f c Unset
go ("--dump":f:c:[]) = withprivfield f c Dump
@@ -100,6 +102,7 @@ defaultMain hostlist = do
go _ (Edit field context) = editPrivData field context
go _ ListFields = listPrivDataFields hostlist
go _ (AddKey keyid) = addKey keyid
+ go _ (RmKey keyid) = rmKey keyid
go _ c@(ChrootChain _ _ _ _) = Chroot.chain hostlist c
go _ (DockerChain hn cid) = Docker.chain hostlist hn cid
go _ (DockerInit hn) = Docker.init hn
diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs
index f2ae8f9a..84f67dc1 100644
--- a/src/Propellor/Gpg.hs
+++ b/src/Propellor/Gpg.hs
@@ -41,10 +41,10 @@ useKeyringOpts =
addKey :: KeyId -> IO ()
addKey keyid = exitBool =<< allM (uncurry actionMessage)
[ ("adding key to propellor's keyring", addkeyring)
- , ("staging propellor's keyring", gitadd keyring)
- , ("updating encryption of any privdata", reencryptprivdata)
- , ("configuring git signing to use key", gitconfig)
- , ("committing changes", gitcommit)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
+ , ("configuring git commit signing to use key", gitconfig)
+ , ("committing changes", gitCommitKeyRing "add-key")
]
where
addkeyring = do
@@ -55,18 +55,6 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage)
unwords (useKeyringOpts ++ ["--import"])
]
- reencryptprivdata = ifM (doesFileExist privDataFile)
- ( do
- gpgEncrypt privDataFile =<< gpgDecrypt privDataFile
- gitadd privDataFile
- , return True
- )
-
- gitadd f = boolSystem "git"
- [ Param "add"
- , File f
- ]
-
gitconfig = ifM (snd <$> processTranscript "gpg" ["--list-secret-keys", keyid] Nothing)
( boolSystem "git"
[ Param "config"
@@ -78,11 +66,52 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage)
return True
)
- gitcommit = gitCommit
- [ File keyring
- , Param "-m"
- , Param "propellor addkey"
+rmKey :: KeyId -> IO ()
+rmKey keyid = exitBool =<< allM (uncurry actionMessage)
+ [ ("removing key from propellor's keyring", rmkeyring)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
+ , ("configuring git commit signing to not use key", gitconfig)
+ , ("committing changes", gitCommitKeyRing "rm-key")
+ ]
+ where
+ rmkeyring = boolSystem "gpg" $
+ (map Param useKeyringOpts) ++
+ [ Param "--batch"
+ , Param "--yes"
+ , Param "--delete-key", Param keyid
]
+
+ gitconfig = ifM ((==) (keyid++"\n", True) <$> processTranscript "git" ["config", "user.signingkey"] Nothing)
+ ( boolSystem "git"
+ [ Param "config"
+ , Param "--unset"
+ , Param "user.signingkey"
+ ]
+ , return True
+ )
+
+reencryptPrivData :: IO Bool
+reencryptPrivData = ifM (doesFileExist privDataFile)
+ ( do
+ gpgEncrypt privDataFile =<< gpgDecrypt privDataFile
+ gitAdd privDataFile
+ , return True
+ )
+
+gitAdd :: FilePath -> IO Bool
+gitAdd f = boolSystem "git"
+ [ Param "add"
+ , File f
+ ]
+
+gitCommitKeyRing :: String -> IO Bool
+gitCommitKeyRing action = gitCommit
+ [ File keyring
+ , File privDataFile
+ , Param "-m"
+ , Param ("propellor " ++ action)
+ ]
-- Adds --gpg-sign if there's a keyring.
gpgSignParams :: [CommandParam] -> IO [CommandParam]
diff --git a/src/Propellor/Types/CmdLine.hs b/src/Propellor/Types/CmdLine.hs
index 96949957..50908514 100644
--- a/src/Propellor/Types/CmdLine.hs
+++ b/src/Propellor/Types/CmdLine.hs
@@ -15,6 +15,7 @@ data CmdLine
| Edit PrivDataField Context
| ListFields
| AddKey String
+ | RmKey String
| Merge
| Serialized CmdLine
| Continue CmdLine