aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTom Ryder <tom@sanctum.geek.nz>2020-04-22 20:24:22 +1200
committerTom Ryder <tom@sanctum.geek.nz>2020-04-22 20:24:22 +1200
commit6bf53e16ad0e2f6018d73ae2c7199c7bece81a30 (patch)
treec46fefdf4e581522852ab110a0e52a160a75dda9
parentMerge branch 'hotfix/v0.1.1' (diff)
parentBump VERSION (diff)
downloadparcimini-6bf53e16ad0e2f6018d73ae2c7199c7bece81a30.tar.gz
parcimini-6bf53e16ad0e2f6018d73ae2c7199c7bece81a30.zip
Merge branch 'release/v0.2.0'v0.2.0
* release/v0.2.0: Avoid a fork by shuffling list in place Speed up key pulls Update systemd file
-rw-r--r--VERSION2
-rw-r--r--parcimini.bash9
-rw-r--r--parcimini.service7
3 files changed, 9 insertions, 9 deletions
diff --git a/VERSION b/VERSION
index 17e51c3..0ea3a94 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.1.1
+0.2.0
diff --git a/parcimini.bash b/parcimini.bash
index b3a2dc4..016f166 100644
--- a/parcimini.bash
+++ b/parcimini.bash
@@ -1,7 +1,7 @@
self=parcimini
# Base interval between key retrievals from first arg; default 20 mins
-interval=${1:-1200}
+interval=${1:-120}
# Check we have gpg and shuf, neither of which are POSIX
hash gpg || exit
@@ -24,13 +24,12 @@ END { for (key_id in key_ids) print key_id }'
printf >&2 '%s: Started; base interval %u seconds.\n' \
"$self" "$interval"
-# While we're able to write the key list to the file, refresh all of them
-while key_ids > "$list" ; do
+# While we're able to write a shuffled key list to the file, refresh all of them
+while key_ids | shuf > "$list" ; do
printf >&2 '%s: Beginning new round; %u key IDs found.\n' \
"$self" "$(sed '$=;d' "$list")"
# Shuffle list and read each ID
- shuf "$list" |
while read -r key_id ; do
# Sleep for a random interval
@@ -44,5 +43,5 @@ while key_ids > "$list" ; do
"$self" "$key_id"
gpg --batch --no-tty --recv-key "$key_id"
- done
+ done < $list
done
diff --git a/parcimini.service b/parcimini.service
index 3de1530..8e30528 100644
--- a/parcimini.service
+++ b/parcimini.service
@@ -1,8 +1,9 @@
+[Unit]
+Description=GnuPG keychain randomized update
+After=network.target
+
[Service]
ExecStart=/usr/local/bin/parcimini
-Restart=always
-PrivateTmp=true
-NoNewPrivileges=true
[Install]
WantedBy=default.target