3 files changed, 21 insertions, 16 deletions

diff --git a/myrpki.rototill/examples/myrpki.conf b/myrpki.rototill/examples/myrpki.conf
index 71813949..d54889fd 100644
--- a/myrpki.rototill/examples/myrpki.conf
+++ b/myrpki.rototill/examples/myrpki.conf
@@ -48,7 +48,7 @@ parents_csv			= parents.csv
 prefix_csv			= prefixes.csv
 asn_csv				= asns.csv
 xml_filename			= myrpki.xml
-bpki_directory			= bpki.myrpki
+bpki_directory			= bpki/myrpki
 
 #################################################################
 
@@ -68,7 +68,12 @@ pubd_base			= https://${pubd::server-host}:${pubd::server-port}/
 #
 # You need to configure this.
 
-rpkid_base			= https://rpkid.example.org:4404
+rpkid_base			= https://${rpkid::server-host}:${rpkid::server-port}
+
+# Whether you want to run your own copy of rpkid (and irdbd).  In
+# general, if you're running myirbe.py at all, you want this on.
+
+want_rpkid			= true
 
 # Whether you want myirbe.py to attempt to configure your own copy of
 # pubd.  In general, it's best to use your parent's pubd if you can,
@@ -91,7 +96,7 @@ want_rootd			= false
 # Where to put BPKI stuff for the IRBE operator (entity that operates
 # rpkid etc).  Don't change this without a reason.
 
-bpki_directory			= bpki.myirbe
+bpki_directory			= bpki/myirbe
 
 #################################################################
 
diff --git a/myrpki.rototill/examples/pubclients.csv b/myrpki.rototill/examples/pubclients.csv
index 6336a1a6..190cf0a3 100644
--- a/myrpki.rototill/examples/pubclients.csv
+++ b/myrpki.rototill/examples/pubclients.csv
@@ -5,6 +5,6 @@
 # NB: Comment lines are not allowed in these files, this one is only
 # present to explain the example
 #
-Me	bpki.myrpki/ca.cer	rsync://rpki.example.org/Me/
+Me	bpki/myrpki/ca.cer	rsync://rpki.example.org/Me/
 Me/Alice	pubd-client-certs/Alice.cer	rsync://rpki.example.org/Me/Alice/
 Me/Bob	pubd-client-certs/Bob.cer	rsync://rpki.example.org/Me/Bob/
diff --git a/myrpki.rototill/yamltest.py b/myrpki.rototill/yamltest.py
index 6c4f83da..25381ff4 100644
--- a/myrpki.rototill/yamltest.py
+++ b/myrpki.rototill/yamltest.py
@@ -160,7 +160,7 @@ class allocation_db(list):
     this for the root node.
     """
     env = { "PATH"           : os.environ["PATH"],
-            "BPKI_DIRECTORY" : self.root.path("bpki.myirbe"),
+            "BPKI_DIRECTORY" : self.root.path("bpki/myirbe"),
             "OPENSSL_CONF"   : "/dev/null",
             "RANDFILE"       : ".OpenSSL.whines.unless.I.set.this" }
     cwd = self.root.path()
@@ -325,7 +325,7 @@ class allocation(object):
     """
     Write children CSV file.
     """
-    self.csvout(fn).writerows((k.name, k.resources.valid_until, k.path("bpki.myrpki/ca.cer"))
+    self.csvout(fn).writerows((k.name, k.resources.valid_until, k.path("bpki/myrpki/ca.cer"))
                               for k in self.kids)
 
   def dump_parents(self, fn):
@@ -335,16 +335,16 @@ class allocation(object):
     if self.is_root():
       self.csvout(fn).writerow(("rootd",
                                 "https://localhost:%d/" % self.rootd_port,
-                                self.path("bpki.myirbe/ca.cer"),
-                                self.path("bpki.myirbe/ca.cer"),
+                                self.path("bpki/myirbe/ca.cer"),
+                                self.path("bpki/myirbe/ca.cer"),
                                 self.name,
                                 self.sia_base))
     else:
       parent_host = self.parent.hosted_by if self.parent.is_hosted() else self.parent
       self.csvout(fn).writerow((self.parent.name,
                                 self.up_down_url(),
-                                self.parent.path("bpki.myrpki/ca.cer"),
-                                parent_host.path("bpki.myirbe/ca.cer"),
+                                self.parent.path("bpki/myrpki/ca.cer"),
+                                parent_host.path("bpki/myirbe/ca.cer"),
                                 self.name,
                                 self.sia_base))
 
@@ -372,7 +372,7 @@ class allocation(object):
     """
     if self.runs_pubd():
       f = self.csvout(fn)
-      f.writerows((s.client_handle, s.path("bpki.myrpki/ca.cer"), s.sia_base)
+      f.writerows((s.client_handle, s.path("bpki/myrpki/ca.cer"), s.sia_base)
                   for s in (db if only_one_pubd else [self] + self.kids))
 
   def dump_conf(self, fn):
@@ -417,7 +417,7 @@ class allocation(object):
       s = s.parent
     r["myirbe", "pubd_base"]  = "https://localhost:%d/" % s.pubd_port
     r["myirbe", "rsync_base"] = "rsync://localhost:%d/" % s.rsync_port
-    r["myrpki", "repository_bpki_certificate"] = s.path("bpki.myirbe/ca.cer")
+    r["myrpki", "repository_bpki_certificate"] = s.path("bpki/myirbe/ca.cer")
     r["myrpki", "repository_handle"] = self.client_handle
 
     if self.is_root():
@@ -632,16 +632,16 @@ rootd_openssl = db.make_rootd_openssl()
 print "Creating rootd BPKI cross-certificate for its child"
 rootd_openssl("ca", "-notext", "-batch",
               "-config",  "myrpki.conf",
-              "-ss_cert", "bpki.myrpki/ca.cer",
-              "-out",     "bpki.myirbe/child.cer",
+              "-ss_cert", "bpki/myrpki/ca.cer",
+              "-out",     "bpki/myirbe/child.cer",
               "-extensions", "ca_x509_ext_xcert0")
 
 os.makedirs(db.root.path("publication"))
 
 print "Creating rootd RPKI root certificate"
 rootd_openssl("x509", "-req", "-sha256", "-outform", "DER",
-              "-signkey", "bpki.myirbe/ca.key",
-              "-in",      "bpki.myirbe/ca.req",
+              "-signkey", "bpki/myirbe/ca.key",
+              "-in",      "bpki/myirbe/ca.req",
               "-out",     "publication/root.cer",
               "-extfile", "myrpki.conf",
               "-extensions", "rootd_x509_extensions")