buildtools/debian-skeleton/rpki-rp.postinst


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108

#!/bin/sh
# postinst script for rpki-rp
#
# see: dh_installdeb(1)

set -e

setup_user() {
    if ! getent group rpki >/dev/null
    then
	groupadd rpki
    fi
    if ! getent passwd rpki >/dev/null
    then
	useradd -g rpki -M -N -d /var/rcynic -s /sbin/nologin -c "RPKI system software" rpki
    fi
}

setup_directories() {
    install -o rpki -g rpki -d /var/rcynic/data /var/rcynic/rpki-rtr /var/rcynic/rpki-rtr/sockets /var/www/html/rcynic
}

setup_config() {

    rpki-confgen --read-xml /etc/rpki/rpki-confgen.xml		\
	--autoconf						\
	--set myrpki::handle=`hostname -f | sed 's/[.]/_/g'`	\
	--set myrpki::rpkid_server_host=`hostname -f`		\
	--set myrpki::pubd_server_host=`hostname -f`		\
	--set myrpki::shared_sql_engine=postgresql		\
	--set myrpki::rcynic_sql_database=rpki			\
	--set myrpki::rpkid_sql_database=rpki			\
	--set myrpki::irdbd_sql_database=rpki			\
	--set myrpki::pubd_sql_database=rpki			\
	--pwgen myrpki::shared_sql_password			\
	--pwgen web_portal::secret-key				\
	--set myrpki::run_rpkid=no				\
	--set myrpki::run_pubd=no				\
	--write-xml  /etc/rpki/rpki.rp.xml			\
	--write-conf /etc/rpki/rpki.rp.sample.conf

    if test ! -f /etc/rpki.conf
    then
	cp -p /etc/rpki/rpki.rp.sample.conf /etc/rpki.conf
    fi
}

setup_sql() {
    rpki-sql-setup --debug --verbose --postgresql-root-username postgres create
}

# We want to pick a *random* minute for rcynic to run, to spread load
# on repositories, which is why we don't just use a package crontab.

setup_cron() {
    if test "X`crontab -l -u rpki 2>/dev/null`" = "X"
    then
	awk -v t=`hexdump -n 2 -e '"%u\n"' /dev/urandom` '
            BEGIN {printf "MAILTO=root\n%u * * * *\texec /usr/bin/rcynic-cron\n", t % 60}' |
	crontab -u rpki -
    fi
}

setup_xinetd() {
    if test -f /var/run/xinetd.pid
    then
	kill -HUP `cat /var/run/xinetd.pid`
    fi
}

# summary of how this script can be called:
#        * <postinst> `configure' <most-recently-configured-version>
#        * <old-postinst> `abort-upgrade' <new version>
#        * <conflictor's-postinst> `abort-remove' `in-favour' <package>
#          <new-version>
#        * <postinst> `abort-remove'
#        * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
#          <failed-install-package> <version> `removing'
#          <conflicting-package> <version>
# for details, see http://www.debian.org/doc/debian-policy/ or
# the debian-policy package


case "$1" in
    configure)
	setup_user
	setup_directories
	setup_config
	setup_sql
	setup_cron
	setup_xinetd
    ;;

    abort-upgrade|abort-remove|abort-deconfigure)
    ;;

    *)
        echo "postinst called with unknown argument \`$1'" >&2
        exit 1
    ;;
esac

# dh_installdeb will replace this with shell code automatically
# generated by other debhelper scripts.

#DEBHELPER#

exit 0