Only update files when they change

This commit is contained in:
Bob Mottram 2017-08-05 20:08:57 +01:00
parent 7586c716d4
commit db091e1d72
7 changed files with 67 additions and 13 deletions

View File

@ -66,7 +66,7 @@ function keyserver_watchdog {
read_config_param KEYSERVER_DOMAIN_NAME read_config_param KEYSERVER_DOMAIN_NAME
# check database size hourly # check database size hourly
keyserver_watchdog_script=/etc/cron.hourly/keyserver-watchdog keyserver_watchdog_script=/tmp/keyserver-watchdog
echo '#!/bin/bash' > $keyserver_watchdog_script echo '#!/bin/bash' > $keyserver_watchdog_script
echo "dirsize=\$(du /var/lib/sks/DB | awk -F ' ' '{print \$1}')" >> $keyserver_watchdog_script echo "dirsize=\$(du /var/lib/sks/DB | awk -F ' ' '{print \$1}')" >> $keyserver_watchdog_script
echo 'if [ $dirsize -gt 450000 ]; then' >> $keyserver_watchdog_script echo 'if [ $dirsize -gt 450000 ]; then' >> $keyserver_watchdog_script
@ -80,8 +80,18 @@ function keyserver_watchdog {
echo " echo \"$keyserver_disabled_warning\" | mail -s \"$keyserver_mail_subject_line_disabled\" $ADMIN_EMAIL_ADDRESS" >> $keyserver_watchdog_script echo " echo \"$keyserver_disabled_warning\" | mail -s \"$keyserver_mail_subject_line_disabled\" $ADMIN_EMAIL_ADDRESS" >> $keyserver_watchdog_script
echo ' fi' >> $keyserver_watchdog_script echo ' fi' >> $keyserver_watchdog_script
echo 'fi' >> $keyserver_watchdog_script echo 'fi' >> $keyserver_watchdog_script
chmod +x $keyserver_watchdog_script chmod +x $keyserver_watchdog_script
if [ ! -f /etc/cron.hourly/keyserver-watchdog ]; then
cp $keyserver_watchdog_script /etc/cron.hourly/keyserver-watchdog
else
HASH1=$(sha256sum $keyserver_watchdog_script | awk -F ' ' '{print $1}')
HASH2=$(sha256sum /etc/cron.hourly/keyserver-watchdog | awk -F ' ' '{print $1}')
if [[ "$HASH1" != "$HASH2" ]]; then
cp $keyserver_watchdog_script /etc/cron.hourly/keyserver-watchdog
fi
fi
rm $keyserver_watchdog_script
} }

View File

@ -326,11 +326,10 @@ function encrypt_all_email {
fi fi
if [ -f /usr/local/bin/${PROJECT_NAME}-encrypt-mail ]; then if [ -f /usr/local/bin/${PROJECT_NAME}-encrypt-mail ]; then
cp /usr/local/bin/${PROJECT_NAME}-encrypt-mail /usr/bin/encmaildir cp -u /usr/local/bin/${PROJECT_NAME}-encrypt-mail /usr/bin/encmaildir
else else
cp /usr/bin/${PROJECT_NAME}-encrypt-mail /usr/bin/encmaildir cp -u /usr/bin/${PROJECT_NAME}-encrypt-mail /usr/bin/encmaildir
fi fi
chmod +x /usr/bin/encmaildir
if [[ $(is_completed $FUNCNAME) == "1" ]]; then if [[ $(is_completed $FUNCNAME) == "1" ]]; then
return return
@ -1648,7 +1647,7 @@ function configure_gpg {
} }
function refresh_gpg_keys { function refresh_gpg_keys {
REFRESH_GPG_KEYS_SCRIPT=/usr/bin/update-gpg-keys REFRESH_GPG_KEYS_SCRIPT=/tmp/update-gpg-keys
echo '#!/bin/bash' > $REFRESH_GPG_KEYS_SCRIPT echo '#!/bin/bash' > $REFRESH_GPG_KEYS_SCRIPT
echo "if [ -f /usr/local/bin/${PROJECT_NAME}-sec ]; then" >> $REFRESH_GPG_KEYS_SCRIPT echo "if [ -f /usr/local/bin/${PROJECT_NAME}-sec ]; then" >> $REFRESH_GPG_KEYS_SCRIPT
echo " /usr/bin/timeout 600 /usr/local/bin/${PROJECT_NAME}-sec --refresh yes" >> $REFRESH_GPG_KEYS_SCRIPT echo " /usr/bin/timeout 600 /usr/local/bin/${PROJECT_NAME}-sec --refresh yes" >> $REFRESH_GPG_KEYS_SCRIPT
@ -1658,6 +1657,18 @@ function refresh_gpg_keys {
echo 'exit 0' >> $REFRESH_GPG_KEYS_SCRIPT echo 'exit 0' >> $REFRESH_GPG_KEYS_SCRIPT
chmod +x $REFRESH_GPG_KEYS_SCRIPT chmod +x $REFRESH_GPG_KEYS_SCRIPT
if [ ! -f /usr/bin/update-gpg-keys ]; then
cp $REFRESH_GPG_KEYS_SCRIPT /usr/bin/update-gpg-keys
else
HASH1=$(sha256sum $REFRESH_GPG_KEYS_SCRIPT | awk -F ' ' '{print $1}')
HASH2=$(sha256sum /usr/bin/update-gpg-keys | awk -F ' ' '{print $1}')
if [[ "$HASH1" != "$HASH2" ]]; then
cp $REFRESH_GPG_KEYS_SCRIPT /usr/bin/update-gpg-keys
fi
rm $REFRESH_GPG_KEYS_SCRIPT
fi
REFRESH_GPG_KEYS_SCRIPT=/usr/bin/update-gpg-keys
if grep -q "${PROJECT_NAME}-sec" /etc/crontab; then if grep -q "${PROJECT_NAME}-sec" /etc/crontab; then
sed -i "/${PROJECT_NAME}-sec /d" /etc/crontab sed -i "/${PROJECT_NAME}-sec /d" /etc/crontab
fi fi

View File

@ -96,7 +96,7 @@ function refresh_gpg_keys {
fi fi
sudo cp /etc/crontab ~/temp_crontab sudo cp /etc/crontab ~/temp_crontab
sudo chown $CURR_USER:$CURR_GROUP ~/temp_crontab sudo chown $CURR_USER:$CURR_GROUP ~/temp_crontab
if ! grep -q "gpg --refresh-keys" ~/temp_crontab; then if ! grep -q 'gpg --refresh-keys' ~/temp_crontab; then
echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $CURR_USER /usr/bin/gpg --refresh-keys > /dev/null" >> ~/temp_crontab echo "0 */$REFRESH_GPG_KEYS_HOURS * * * $CURR_USER /usr/bin/gpg --refresh-keys > /dev/null" >> ~/temp_crontab
sudo cp ~/temp_crontab /etc/crontab sudo cp ~/temp_crontab /etc/crontab
sudo chown root:root /etc/crontab sudo chown root:root /etc/crontab

View File

@ -95,10 +95,10 @@ function set_repo_commit {
chown -R www-data:www-data $repo_dir chown -R www-data:www-data $repo_dir
fi fi
if [[ $repo_dir == *"gpgit" ]]; then if [[ $repo_dir == *"gpgit" ]]; then
cp gpgit.pl /usr/bin/gpgit.pl cp -u gpgit.pl /usr/bin/gpgit.pl
fi fi
if [[ $repo_dir == *"cleanup-maildir" ]]; then if [[ $repo_dir == *"cleanup-maildir" ]]; then
cp $INSTALL_DIR/cleanup-maildir/cleanup-maildir /usr/bin cp -u $INSTALL_DIR/cleanup-maildir/cleanup-maildir /usr/bin
fi fi
if [[ $repo_dir == *"nginx_ensite" ]]; then if [[ $repo_dir == *"nginx_ensite" ]]; then
make install make install

View File

@ -145,7 +145,9 @@ function separate_tmp_filesystem {
} }
function proc_filesystem_settings { function proc_filesystem_settings {
sed -i 's|proc /proc proc defaults |proc /proc proc defaults,nodev,nosuid |g' /etc/fstab if ! grep -q "proc proc defaults,nodev,nosuid " /etc/fstab; then
sed -i 's|proc /proc proc defaults |proc /proc proc defaults,nodev,nosuid |g' /etc/fstab
fi
} }
function remove_bluetooth { function remove_bluetooth {

View File

@ -32,7 +32,16 @@
UPGRADE_SCRIPT_NAME="${PROJECT_NAME}-upgrade" UPGRADE_SCRIPT_NAME="${PROJECT_NAME}-upgrade"
function create_upgrade_script { function create_upgrade_script {
cp $(which ${PROJECT_NAME}-upgrade) /etc/cron.weekly/$UPGRADE_SCRIPT_NAME upgrade_command_file=$(which ${PROJECT_NAME}-upgrade)
if [ ! -f /etc/cron.weekly/$UPGRADE_SCRIPT_NAME ]; then
cp $upgrade_command_file /etc/cron.weekly/$UPGRADE_SCRIPT_NAME
else
HASH1=$(sha256sum $upgrade_command_file | awk -F ' ' '{print $1}')
HASH2=$(sha256sum /etc/cron.weekly/$UPGRADE_SCRIPT_NAME | awk -F ' ' '{print $1}')
if [[ "$HASH1" != "$HASH2" ]]; then
cp $upgrade_command_file /etc/cron.weekly/$UPGRADE_SCRIPT_NAME
fi
fi
if [[ $(is_completed $FUNCNAME) == "1" ]]; then if [[ $(is_completed $FUNCNAME) == "1" ]]; then
return return

View File

@ -318,8 +318,8 @@ function letsencrypt_renewals {
return return
fi fi
renewals_script=/etc/cron.monthly/letsencrypt renewals_script=/tmp/renewals_letsencrypt
renewals_retry_script=/etc/cron.daily/letsencrypt renewals_retry_script=/tmp/renewals_retry_letsencrypt
renewal_failure_msg=$'The certificate for $LETSENCRYPT_DOMAIN could not be renewed' renewal_failure_msg=$'The certificate for $LETSENCRYPT_DOMAIN could not be renewed'
renewal_email_title=$'${PROJECT_NAME} Lets Encrypt certificate renewal' renewal_email_title=$'${PROJECT_NAME} Lets Encrypt certificate renewal'
@ -361,6 +361,17 @@ function letsencrypt_renewals {
echo 'fi' >> $renewals_script echo 'fi' >> $renewals_script
chmod +x $renewals_script chmod +x $renewals_script
if [ ! -f /etc/cron.monthly/letsencrypt ]; then
cp $renewals_script /etc/cron.monthly/letsencrypt
else
HASH1=$(sha256sum $renewals_script | awk -F ' ' '{print $1}')
HASH2=$(sha256sum /etc/cron.monthly/letsencrypt | awk -F ' ' '{print $1}')
if [[ "$HASH1" != "$HASH2" ]]; then
cp $renewals_script /etc/cron.monthly/letsencrypt
fi
fi
rm $renewals_script
# a secondary script keeps trying to renew after a failure # a secondary script keeps trying to renew after a failure
echo '#!/bin/bash' > $renewals_retry_script echo '#!/bin/bash' > $renewals_retry_script
echo '' >> $renewals_retry_script echo '' >> $renewals_retry_script
@ -398,6 +409,17 @@ function letsencrypt_renewals {
echo ' fi' >> $renewals_retry_script echo ' fi' >> $renewals_retry_script
echo 'fi' >> $renewals_retry_script echo 'fi' >> $renewals_retry_script
chmod +x $renewals_retry_script chmod +x $renewals_retry_script
if [ ! -f /etc/cron.daily/letsencrypt ]; then
cp $renewals_retry_script /etc/cron.daily/letsencrypt
else
HASH1=$(sha256sum $renewals_retry_script | awk -F ' ' '{print $1}')
HASH2=$(sha256sum /etc/cron.daily/letsencrypt | awk -F ' ' '{print $1}')
if [[ "$HASH1" != "$HASH2" ]]; then
cp $renewals_retry_script /etc/cron.daily/letsencrypt
fi
fi
rm $renewals_retry_script
} }
function configure_php { function configure_php {