Not entirely sure who else beside DKG on here might be running Debian for their keyserver or if anyone is making use of SaltStack to manage their servers or not, but I figured I'd put it out there for review if anyone is interested.
I'm still working on the documentation but the logic is sound
enough, in that it's how my current SKS nodes are built out completely
automated. It currently probably only works correctly on Debian, as
that's what I have to work on but I'm sure it could very easily be
modified to work on more.
It can make use of a Salt Reactor to automatically build the DB from
keydump or you can simply fire off the 'sks.build' state manually. This
is done by the 'sks.config' detecting the DB directory doesn't exist and
fires off an event that the reactor triggers the call of the 'sks.build'
state. The keydump is mounted via NFS from sks.srv.dumain.com from the
wiki KeydumpSources page. It runs the md5sum against them prior to
attempting import and then unmounts after it is completed.
Only state needed to be added to the highstate to maintain the
server is the 'sks.config' which I actually have scheduled to run
periodically which picks up any new peers added to the pillar data.
https://github.com/UGNS/sks-formula
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Sks-devel mailing list Sks-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/sks-devel
