diff options
Diffstat (limited to 'debian/open-infrastructure-dehydrated-tools.postinst')
-rwxr-xr-x | debian/open-infrastructure-dehydrated-tools.postinst | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/debian/open-infrastructure-dehydrated-tools.postinst b/debian/open-infrastructure-dehydrated-tools.postinst index f6c71c7..083c2ac 100755 --- a/debian/open-infrastructure-dehydrated-tools.postinst +++ b/debian/open-infrastructure-dehydrated-tools.postinst @@ -81,6 +81,9 @@ case "${1}" in db_get open-infrastructure-dehydrated-tools/ocsp-must-staple OCSP_MUST_STAPLE="${RET}" # boolean + db_get open-infrastructure-dehydrated-tools/tsig + TSIG="${RET}" # string (w/ empty) + db_stop case "${AUTO_CLEANUP}" in @@ -230,6 +233,58 @@ EOF dehydrated --register --accept-terms ;; esac + + if [ -n "${TSIG}" ] + then + case "${TSIG}" in + *:*) + # tsig is a string + echo "${TSIG}" > /etc/dehydrated/tsig.key + chmod 0600 /etc/dehydrated/tsig.key + + TSIG_FILE="/etc/dehydrated/tsig.key" + ;; + + */*) + # tsig is a path + TSIG_FILE="${TSIG}" + ;; + + *) + echo "'${TSIG}' is neither a valid tsig nor a path to an existing file - ignoring" + ;; + esac + fi + + if [ -n "${TSIG_FILE}" ] + then + DEFAULT_FILE="/etc/default/dehydrated-nsupdate" + + if [ ! -e "${DEFAULT_FILE}" ] + then + +cat > "${DEFAULT_FILE}" << EOF +# ${DEFAULT_FILE} + +TSIG_KEYFILE="${TSIG_FILE}" +EOF + + fi + + cp -a -f "${DEFAULT_FILE}" "${DEFAULT_FILE}.tmp" + + # If the admin deleted or commented some variables but then set + # them via debconf, (re-)add them to the config file. + + test -z "${TSIG_FILE}" || \ + grep -Eq '^ *TSIG_KEYFILE=' "${DEFAULT_FILE}" || \ + echo "TSIG_KEYFILE=" >> "${DEFAULT_FILE}" + + sed -e "s|^ *TSIG_KEYFILE=.*|TSIG_KEYFILE=\"${TSIG_FILE}\"|" \ + < "${DEFAULT_FILE}" > "${DEFAULT_FILE}.tmp" + + mv -f "${DEFAULT_FILE}.tmp" "${DEFAULT_FILE}" + fi ;; abort-upgrade|abort-remove|abort-deconfigure) |