From cb021c46ddb6616c33fa874a553f555893c8a22b Mon Sep 17 00:00:00 2001 From: Silvio Rhatto Date: Sun, 20 Jun 2010 20:20:16 -0300 Subject: Adding system of preferences --- README | 48 ++++++++++++++++++++++++++++++------------------ keyringer | 43 +++++++++++++++++++++++++++++++++++-------- lib/keyringer/functions | 28 ++++++++++++++++++++++++++++ share/keyringer/newkeys | 1 + 4 files changed, 94 insertions(+), 26 deletions(-) diff --git a/README b/README index 4e6c6bc..0013399 100644 --- a/README +++ b/README @@ -21,7 +21,7 @@ Installation Just clone - git clone git://git.sarava.org/keyringer.git + git clone git://git.sarava.org/keyringer.git And then leave it somewhere, optionally adding it to your $PATH environment variable. You can also package it to your preferred distro. @@ -33,7 +33,7 @@ The first step will would like to take is to setup a keyring. Keyringer suport management of multiple isolated keyrings. To start a new keyring (or register an existing one at your config file), type - keyringer init [remote] + keyringer init [remote] This will @@ -42,7 +42,7 @@ This will For example, - keyringer friends init $HOME/keyrings/friends + keyringer friends init $HOME/keyrings/friends will create an alias "friends" pointing to $HOME/keyrings/friends. Call all other keyring actions using this alias. @@ -50,44 +50,44 @@ other keyring actions using this alias. If there is an existing remote keyring repository and you just want to checkout it, use - keyringer friends init $HOME/keyrings/friends + keyringer friends init $HOME/keyrings/friends Managing recipients ------------------- Your next step is tell keyringer the GPG key ids to encrypt files to: - keyringer recipients edit - keyringer recipients ls + keyringer recipients edit + keyringer recipients ls Encrypting a key ---------------- - keyringer encrypt + keyringer encrypt Decrypting a key (only to stdout) --------------------------------- - keyringer decrypt + keyringer decrypt Re-encrypting a key ------------------- - keyringer recrypt + keyringer recrypt Listing keys ------------ - keyringer ls [arguments] + keyringer ls [arguments] Git wrapper ----------- Keyringer comes with a simple git wrapper to ease common management tasks: - keyringer git remote add keyringer - keyringer git push keyringer master - keyringer git pull + keyringer git remote add keyringer + keyringer git push keyringer master + keyringer git pull Managing puppet node keys ------------------------- @@ -95,13 +95,25 @@ Managing puppet node keys Keyringer is able to manage node keys for puppet nodes. First add the puppet main and key folders into your keyring configuration: - keyringer options add PUPPET=/path/to/puppet/config - keyringer options add PUPPET_KEYS=/path/to/puppet/keys + keyringer preferences add PUPPET=/path/to/puppet/config + keyringer preferences add PUPPET_KEYS=/path/to/puppet/keys Then you just need to issue the following command every time you have to create keys for new nodes: - keyringer newkeys puppet + keyringer newkeys puppet + +Configuration files, preferences and options +-------------------------------------------- + + 1. Main config file: $HOME/.keyringer/config: store the location of + each keyring. + + 2. User preferences per keyring: $HOME/.keyringer/: managed by + "keyringer preferences". + + 3. Custom keyring options: $KEYRING_FOLDER/config/options: managed by + "keyringer options". Notes ----- @@ -165,11 +177,11 @@ Notes: Using with GNU Privacy Guard Exporting public keys: - gpg --armor --export + gpg --armor --export Exporting private keys (take care): - gpg --armor --export-secret-keys + gpg --armor --export-secret-keys TODO ---- diff --git a/keyringer b/keyringer index 2529a85..cbb02a8 100755 --- a/keyringer +++ b/keyringer @@ -95,25 +95,50 @@ function keyringer_dispatch { fi } +function keyringer_preferences { + COMMAND="$3" + + if [ -z "$COMMAND" ]; then + echo "Usage: keyringer `basename $0` [arguments]" + exit 1 + fi + + # Create options file if old repository + if [ ! -e "$PREFERENCES" ]; then + echo "Creating preferences file..." + touch $PREFERENCES + fi + + if [ "$COMMAND" == "ls" ]; then + cat $PREFERENCES + elif [ "$COMMAND" == "edit" ]; then + $EDITOR $PREFERENCES + elif [ "$COMMAND" == "add" ]; then + shift 3 + echo $* >> $PREFERENCES + else + echo "$BASENAME: No such command $COMMAND" + exit 1 + fi +} + # Config NAME="keyringer" -CONFIG="$HOME/.$NAME" +CONFIG="$HOME/.$NAME/config" BASENAME="`basename $0`" KEYRING="$1" ACTION="$2" ACTIONS="`dirname $0`/share/$NAME" +# Export preferences for other scripts +export PREFERENCES="`dirname $CONFIG`/$KEYRING" + # Load functions LIB="`dirname $0`/lib/$NAME/functions" source $LIB -if [ ! -e "$CONFIG" ]; then - echo "Creating $CONFIG..." - touch $CONFIG - chmod 600 $CONFIG - echo "# Keyringer config file." > $CONFIG - echo "" >> $CONFIG -fi +# Setup main configuration and load preferences +keyringer_config_load if [ -z "$ACTION" ]; then echo "Usage: $BASENAME [arguments]" @@ -122,6 +147,8 @@ fi if [ "$ACTION" == "init" ]; then keyringer_init $* +elif [ "$ACTION" == "preferences" ]; then + keyringer_preferences $* elif keyringer_has_action $ACTION; then keyringer_dispatch $* else diff --git a/lib/keyringer/functions b/lib/keyringer/functions index 19d677f..af84212 100644 --- a/lib/keyringer/functions +++ b/lib/keyringer/functions @@ -3,6 +3,34 @@ # Common functions. # +# Setup main configuration and load preferences +function keyringer_config_load { + if [ -f "$HOME/.$NAME" ]; then + echo "Converting legacy configuration scheme..." + mv $HOME/.$NAME $HOME/.$NAME.tmp + mkdir $HOME/.$NAME + mv $HOME/.$NAME.tmp $CONFIG + fi + + if [ ! -e "$CONFIG" ]; then + echo "Creating $CONFIG..." + mkdir `dirname $CONFIG` + touch $CONFIG + chmod 600 $CONFIG + echo "# Keyringer config file." > $CONFIG + echo "" >> $CONFIG + fi + + keyringer_config_load_preferences +} + +function keyringer_config_load_preferences { + # Load custom keyring preferences + if [ ! -z "$PREFERENCES" ] && [ -e "$PREFERENCES" ]; then + source $PREFERENCES + fi +} + # Load a parameter from config function keyringer_config { if [ -z "$CONFIG" ]; then diff --git a/share/keyringer/newkeys b/share/keyringer/newkeys index 16bf218..14fcfd1 100755 --- a/share/keyringer/newkeys +++ b/share/keyringer/newkeys @@ -54,6 +54,7 @@ elif [ ! -f "$OPTIONS" ]; then fi source $OPTIONS +keyringer_config_load_preferences if [ -z "$PUPPET_KEYS" ]; then PUPPET_KEYS="$PUPPET/files/keys" -- cgit v1.2.3