Verified Commit a6e48f0d authored by georg's avatar georg
Browse files

Provide systemd configs for weekly key maintenance

systemd provides a feature called "timers", which people use as a
replacement for cron.

Closes #422
parent 784d5167
Pipeline #26801 passed with stages
in 6 minutes and 25 seconds
......@@ -13,6 +13,7 @@ This project adheres to [Semantic Versioning](http://semver.org/).
* 'X-STOP': To use any keyword, you *must* now also use the new keyword 'X-STOP' to mark where to stop looking for keywords. This enables looking for keyword arguments in multiple lines, e.g. for X-RESEND with long, wrapped lines.
* Keywords for getting (new) passwords for accounts. 'X-GET-NEW-PASSWORD' sets and sends back a new password for the account of the subscribed email-address. 'X-GET-NEW-PASSWORD-FOR: subscription1@example.org' sets and sends back a new password for the account of the given email-address; this is allowed for admins only and allows to get a password for people that have no key associated with their subscription, yet.
* Provide systemd configs for weekly key maintenance. This relies on a working systemd-timesyncd. (#422)
### Changed
......
[Unit]
Description=Schleuder weekly key maintenance
After=local-fs.target network.target
[Service]
Type=oneshot
ExecStart=/usr/local/bin/schleuder refresh_keys
ExecStart=/usr/local/bin/schleuder check_keys
User=schleuder
[Unit]
Description=Schleuder weekly key maintenance
[Timer]
OnCalendar=weekly
Persistent=true
[Install]
WantedBy=timers.target
......@@ -22,7 +22,7 @@ filters_dir: /usr/local/lib/schleuder/filters
log_level: warn
# Which keyserver to refresh keys from (used by `schleuder refresh_keys`, meant
# to be run from cron weekly).
# to be run from cron or systemd weekly).
# If you have gnupg 2.1, we strongly suggest to use a hkps-keyserver:
#keyserver: hkps://hkps.pool.sks-keyservers.net
# If you have gnupg 2.1 and TOR running locally, use a onion-keyserver:
......
......@@ -58,7 +58,7 @@ module Schleuder
exit 1
end
desc 'check_keys', 'Check all lists for unusable or expiring keys and send the results to the list-admins. (This is supposed to be run from cron weekly.)'
desc 'check_keys', 'Check all lists for unusable or expiring keys and send the results to the list-admins. (This is supposed to be run from cron or systemd weekly.)'
def check_keys
List.all.each do |list|
I18n.locale = list.language
......@@ -73,7 +73,7 @@ module Schleuder
permission_notice
end
desc 'refresh_keys [list1@example.com]', 'Refresh all keys of all list from the keyservers sequentially (one by one or on the passed list). (This is supposed to be run from cron weekly.)'
desc 'refresh_keys [list1@example.com]', 'Refresh all keys of all list from the keyservers sequentially (one by one or on the passed list). (This is supposed to be run from cron or systemd weekly.)'
def refresh_keys(list=nil)
work_on_lists(:refresh_keys, list)
permission_notice
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment