diff options
| author | Rob Austein <sra@hactrn.net> | 2013-04-15 21:09:36 +0000 |
|---|---|---|
| committer | Rob Austein <sra@hactrn.net> | 2013-04-15 21:09:36 +0000 |
| commit | 4e9ce1785929656eeef7eb8af270213c8869a1c6 (patch) | |
| tree | e960129052a92f5e532a5d2a79738ae3ec9248e3 /buildtools | |
| parent | f6eb2fd46232e5b8f681b39e9c5f56e9a67ec979 (diff) | |
Add cronjob to update BPKI files. Fix routeviews cronjob. Clean up
cronjobs on deinstallation.
svn path=/trunk/; revision=5296
Diffstat (limited to 'buildtools')
| -rw-r--r-- | buildtools/debian-skeleton/rpki-ca.postinst | 9 | ||||
| -rw-r--r-- | buildtools/debian-skeleton/rpki-ca.prerm | 21 |
2 files changed, 28 insertions, 2 deletions
diff --git a/buildtools/debian-skeleton/rpki-ca.postinst b/buildtools/debian-skeleton/rpki-ca.postinst index 397b879b..339cadce 100644 --- a/buildtools/debian-skeleton/rpki-ca.postinst +++ b/buildtools/debian-skeleton/rpki-ca.postinst @@ -112,9 +112,16 @@ setup_django() { } setup_cron() { - t=$(hexdump -n 1 -e '"%u"' /dev/urandom) && echo "$(($t % 60)) */2 * * * nobody /usr/share/rpki/routeviews.sh" > /etc/cron.d/rpkigui-routeviews + t=$(hexdump -n 1 -e '"%u"' /dev/urandom) && echo "$(($t % 60)) */2 * * * nobody /usr/lib/rpki/rpkigui-import-routes" > /etc/cron.d/rpkigui-routeviews chmod 644 /etc/cron.d/rpkigui-routeviews ln -sf /usr/lib/rpki/rpkigui-check-expired /etc/cron.daily/rpkigui-check-expired + + # This should be user rpkid, but I don't have permissions set up + # properly for that yet. Arguably this should be integrated with + # rpkigui-check-expired anyway, not there yet either. + + echo "30 3 * * * root /usr/sbin/rpkic update_bpki" >/etc/cron.d/rpki-update-bpki + chmod 644 /etc/cron.d/rpki-update-bpki } # summary of how this script can be called: diff --git a/buildtools/debian-skeleton/rpki-ca.prerm b/buildtools/debian-skeleton/rpki-ca.prerm index 6992153a..152aa3e8 100644 --- a/buildtools/debian-skeleton/rpki-ca.prerm +++ b/buildtools/debian-skeleton/rpki-ca.prerm @@ -19,6 +19,10 @@ set -e case "$1" in remove) + + # Clean up BPKI files. These all come from SQL, so we can + # regenerate them easily if appropriate. + rm -f /usr/share/rpki/ca.cer rm -f /usr/share/rpki/irbe.cer rm -f /usr/share/rpki/irdbd.cer @@ -27,8 +31,21 @@ case "$1" in rm -f /usr/share/rpki/rpkid.cer rm -f /usr/share/rpki/rpkid.key + # Record what will be needed to drop the databases completely, + # while we still have the necessary configuration data, but + # postpone dropping the databases until the postrm script, + # since that's where we find out whether this is a purge. + rpki-sql-setup --mysql_defaults /etc/mysql/debian.cnf --script_purge >/etc/rpki/drop_databases.sql + # Clean up our cron jobs. + + rm -f /etc/cron.d/rpkigui-routeviews + rm -f /etc/cron.daily/rpkigui-check-expired + rm -f /etc/cron.d/rpki-update-bpki + + # Clean up what we did to Apache. + f=/etc/apache2/sites-available/default-ssl awk < $f > ${f}.tmp ' BEGIN { @@ -46,9 +63,11 @@ case "$1" in else mv -f ${f}.tmp $f fi - # At this point we've cleaned up our config mess. + + # At this point we've cleaned up our Apache config mess. # Not sure whether we should do "service apache2 reload" # here, one could make a case either way. Skip for now. + ;; upgrade|deconfigure) |