Trust signatures

2021-05-18 18:16:25 -06:00 · 2021-05-18 18:16:25 -06:00 · 2279b6aad1
commit 2279b6aad1
parent 8cdabf1c05
2 changed files with 10 additions and 1 deletions
--- a/install.sh
+++ b/install.sh
@ -1,3 +1,3 @@
 #!/bin/ash

-docker build -t lixonet-ee . && docker run -d -e GIT_URL=https://$1:$2@github.com/Manevolent/lixonet-ee.git -v /etc/bird:/etc/bird/ -v /etc/tinc:/etc/tinc -v /etc/bind:/etc/bind -v /etc/lixonet:/etc/lixonet lixonet-ee
+docker build -t lixonet-ee . && docker run -d -e GIT_URL=https://$1:$2@github.com/Manevolent/lixonet-ee.git -v /var/run/docker.sock:/var/run/docker.sock -v /etc/bird:/etc/bird/ -v /etc/tinc:/etc/tinc -v /etc/bind:/etc/bind -v /etc/lixonet:/etc/lixonet lixonet-ee
--- a/run.sh
+++ b/run.sh
@ -6,8 +6,17 @@ do
  (
      set -e
      current_version=`cat $version_file || echo 0`
+	  
+	  gpg --import <trusted_signers
+	  (echo 5; echo y; echo save) | gpg --command-fd 0 --no-tty --no-greeting -q --edit-key "$(gpg --list-packets <trusted_signers | awk '$1=="keyid:"{print$2;exit}')" trust
+	  
 	  git fetch $GIT_URL
 	  latest_commit=`git log "--format=%G? %H" | grep ^G | head -n 1 | cut -d' ' -f2`
+	  if test -z $latest_commit; then
+	    echo "No trusted commits found! Re-checking in 60 seconds..."
+		sleep 60
+		continue
+	  fi
 	  git checkout $latest_commit
 	  checkout_version=`cat version`
 	  if [ "$checkout_version" -gt "$current_version" ]; then