summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJoey Hess2015-09-23 13:59:59 -0400
committerJoey Hess2015-09-23 14:00:42 -0400
commit72713cadcc4ff1b6594f2e648e5672764326cdd7 (patch)
treebbc54ade33aec69cc83b50abcf39e5b127247cbc
parent96047530cac80061156776af613d60ea02dbb0e6 (diff)
Added --rm-key.
-rw-r--r--debian/changelog6
-rw-r--r--src/Propellor/CmdLine.hs3
-rw-r--r--src/Propellor/Gpg.hs56
-rw-r--r--src/Propellor/Types/CmdLine.hs1
4 files changed, 46 insertions, 20 deletions
diff --git a/debian/changelog b/debian/changelog
index ff634ad6..91f78be7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+propellor (2.8.1) UNRELEASED; urgency=medium
+
+ * Added --rm-key.
+
+ -- Joey Hess <id@joeyh.name> Wed, 23 Sep 2015 13:50:01 -0400
+
propellor (2.8.0) unstable; urgency=medium
* Added Propellor.Property.Rsync.
diff --git a/src/Propellor/CmdLine.hs b/src/Propellor/CmdLine.hs
index 95a633ec..0cc8294d 100644
--- a/src/Propellor/CmdLine.hs
+++ b/src/Propellor/CmdLine.hs
@@ -26,6 +26,7 @@ usage h = hPutStrLn h $ unlines
, " propellor hostname"
, " propellor --spin targethost [--via relayhost]"
, " propellor --add-key keyid"
+ , " propellor --rm-key keyid"
, " propellor --set field context"
, " propellor --dump field context"
, " propellor --edit field context"
@@ -50,6 +51,7 @@ processCmdLine = go =<< getArgs
<*> pure (Just r)
_ -> Spin <$> mapM hostname ps <*> pure Nothing
go ("--add-key":k:[]) = return $ AddKey k
+ go ("--rm-key":k:[]) = return $ RmKey k
go ("--set":f:c:[]) = withprivfield f c Set
go ("--unset":f:c:[]) = withprivfield f c Unset
go ("--dump":f:c:[]) = withprivfield f c Dump
@@ -100,6 +102,7 @@ defaultMain hostlist = do
go _ (Edit field context) = editPrivData field context
go _ ListFields = listPrivDataFields hostlist
go _ (AddKey keyid) = addKey keyid
+ go _ (RmKey keyid) = rmKey keyid
go _ c@(ChrootChain _ _ _ _) = Chroot.chain hostlist c
go _ (DockerChain hn cid) = Docker.chain hostlist hn cid
go _ (DockerInit hn) = Docker.init hn
diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs
index f2ae8f9a..46f2c7d9 100644
--- a/src/Propellor/Gpg.hs
+++ b/src/Propellor/Gpg.hs
@@ -41,10 +41,10 @@ useKeyringOpts =
addKey :: KeyId -> IO ()
addKey keyid = exitBool =<< allM (uncurry actionMessage)
[ ("adding key to propellor's keyring", addkeyring)
- , ("staging propellor's keyring", gitadd keyring)
- , ("updating encryption of any privdata", reencryptprivdata)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
, ("configuring git signing to use key", gitconfig)
- , ("committing changes", gitcommit)
+ , ("committing changes", gitCommitKeyRing "add-key")
]
where
addkeyring = do
@@ -55,18 +55,6 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage)
unwords (useKeyringOpts ++ ["--import"])
]
- reencryptprivdata = ifM (doesFileExist privDataFile)
- ( do
- gpgEncrypt privDataFile =<< gpgDecrypt privDataFile
- gitadd privDataFile
- , return True
- )
-
- gitadd f = boolSystem "git"
- [ Param "add"
- , File f
- ]
-
gitconfig = ifM (snd <$> processTranscript "gpg" ["--list-secret-keys", keyid] Nothing)
( boolSystem "git"
[ Param "config"
@@ -78,11 +66,39 @@ addKey keyid = exitBool =<< allM (uncurry actionMessage)
return True
)
- gitcommit = gitCommit
- [ File keyring
- , Param "-m"
- , Param "propellor addkey"
- ]
+rmKey :: KeyId -> IO ()
+rmKey keyid = exitBool =<< allM (uncurry actionMessage)
+ [ ("removing key from propellor's keyring", rmkeyring)
+ , ("staging propellor's keyring", gitAdd keyring)
+ , ("updating encryption of any privdata", reencryptPrivData)
+ , ("committing changes", gitCommitKeyRing "rm-key")
+ ]
+ where
+ rmkeyring = boolSystem "gpg" $
+ (map Param useKeyringOpts) ++
+ [Param "--delete-key", Param keyid]
+
+reencryptPrivData :: IO Bool
+reencryptPrivData = ifM (doesFileExist privDataFile)
+ ( do
+ gpgEncrypt privDataFile =<< gpgDecrypt privDataFile
+ gitAdd privDataFile
+ , return True
+ )
+
+gitAdd :: FilePath -> IO Bool
+gitAdd f = boolSystem "git"
+ [ Param "add"
+ , File f
+ ]
+
+gitCommitKeyRing :: String -> IO Bool
+gitCommitKeyRing action = gitCommit
+ [ File keyring
+ , File privDataFile
+ , Param "-m"
+ , Param ("propellor " ++ action)
+ ]
-- Adds --gpg-sign if there's a keyring.
gpgSignParams :: [CommandParam] -> IO [CommandParam]
diff --git a/src/Propellor/Types/CmdLine.hs b/src/Propellor/Types/CmdLine.hs
index 96949957..50908514 100644
--- a/src/Propellor/Types/CmdLine.hs
+++ b/src/Propellor/Types/CmdLine.hs
@@ -15,6 +15,7 @@ data CmdLine
| Edit PrivDataField Context
| ListFields
| AddKey String
+ | RmKey String
| Merge
| Serialized CmdLine
| Continue CmdLine