[__opendkim_genkey] add debian support

2024-05-21 15:29:40 +02:00 · 2024-05-21 15:29:40 +02:00 · 40d7b4354e
commit 40d7b4354e
parent d97fb9a434
3 changed files with 37 additions and 30 deletions
--- a/type/__opendkim_genkey/explorer/key-state
+++ b/type/__opendkim_genkey/explorer/key-state
@ -1,12 +1,24 @@
 #!/bin/sh -e
-DIRECTORY="/var/db/dkim/"
+
+os=$( "${__explorer:?}/os" )
+case "$os" in
+'debian')
+	DIRECTORY="/etc/dkimkeys/"
+;;
+'alpine'|'freebsd')
+	DIRECTORY="/var/db/dkim/"
+;;
+*)
+	DIRECTORY="/var/db/dkim/"
+;;
+esac
+
 if [ -f "${__object:?}/parameter/directory" ];
 then
 	# Be forgiving about a lack of trailing slash
 	DIRECTORY="$(sed -E 's!([^/])$!\1/!' < "${__object:?}/parameter/directory")"
 fi

-
 KEY_ID="$(echo "${__object_id:?)}" | tr '/' '_')"
 DEFAULT_PATH="${DIRECTORY:?}${KEY_ID:?}.private"
 if [ -s "${DEFAULT_PATH}" ]; then
--- a/type/__opendkim_genkey/man.rst
+++ b/type/__opendkim_genkey/man.rst
@ -22,7 +22,7 @@ associating any given `sigkey` values to this key.
 Take into account that if you use this type without the `--domain` and
 `--selector` parameters, the `$__object_id` must be in form `$domain/$selector`.

-Currently, this type is only implemented for Alpine Linux and FreeBSD.
+Currently, this type is only implemented for Debian, Alpine Linux and FreeBSD.
 Please contribute an implementation if you can.

 NOTE: the name of the key file under `--directory` will default to
--- a/type/__opendkim_genkey/manifest
+++ b/type/__opendkim_genkey/manifest
@ -21,12 +21,20 @@

 os=$(cat "${__global:?}/explorer/os")

-CFG_DIR="/etc/opendkim"
-user="opendkim"
-group="opendkim"
 case "$os" in
 'alpine')
-	:
+	CFG_DIR="/etc/opendkim"
+	user="opendkim"
+	group="opendkim"
+
+	__package opendkim-utils
+;;
+'debian')
+	CFG_DIR="/etc/dkimkeys"
+	user="opendkim"
+	group="opendkim"
+
+	__package opendkim-tools
 ;;
 'freebsd')
 	CFG_DIR="/usr/local/etc/mail"
@ -35,8 +43,8 @@ case "$os" in
 ;;
 *)
 	cat <<- EOF >&2
-	__opendkim_genkey currently only supports Alpine Linux and FreeBSD.
-	Please contribute an implementation for $os if you can.
+	__opendkim_genkey does not support $os (yet).
+	Please contribute an implementation if you can.
 	EOF
 	exit 1
 ;;
@ -78,13 +86,6 @@ printf '%s' "${group:?}" > "${__object:?}/group"
 printf '%s' "${DOMAIN:?}" > "${__object:?}/domain"
 printf '%s' "${SELECTOR:?}" > "${__object:?}/selector"

-DIRECTORY="/var/db/dkim/"
-if [ -f "${__object:?}/parameter/directory" ];
-then
-	# Be forgiving about a lack of trailing slash
-	DIRECTORY="$(sed -E 's!([^/])$!\1/!' < "${__object:?}/parameter/directory")"
-fi
-
 SIGKEY="${DOMAIN:?}"
 if [ -f "${__object:?}/parameter/sigkey" ];
 then
@ -96,24 +97,18 @@ then
 	SIGDOMAIN="$(cat "${__object:?}/parameter/sigdomain")"
 fi

-# Ensure the key-container directory exists with the proper permissions
-__directory "${DIRECTORY}" \
-	--mode 0750 \
-	--owner "${user}" --group "${group}"
-
-# OS-specific code
-case "$os" in
-'alpine')
-	# This is needed for opendkim-genkey
-	__package opendkim-utils
-;;
-esac
+KEY_STATE="$(cut -f 1 "${__object:?}/explorer/key-state")"
+KEY_LOCATION="$(cut -f 2- "${__object:?}/explorer/key-state")"

+keys_dir=$(dirname "${KEY_LOCATION:?}")
 key_table="${CFG_DIR}/KeyTable"
 signing_table="${CFG_DIR}/SigningTable"

-KEY_STATE="$(cut -f 1 "${__object:?}/explorer/key-state")"
-KEY_LOCATION="$(cut -f 2- "${__object:?}/explorer/key-state")"
+# Ensure the key-container directory exists with the proper permissions
+__directory "${keys_dir}" \
+	--mode 0750 \
+	--owner "${user}" \
+	--group "${group}"

 __line "__opendkim_genkey/${__object_id:?}" \
 	--file "${key_table}" \