don't try to get DKIM keys from pass; don't recreate DKIM keys if already existing

2026-05-14 18:04:38 +00:00 · 2023-10-12 15:27:26 +02:00
parent 96ff282382
commit 0cad23885d
2 changed files with 4 additions and 25 deletions
--- a/hpk-inv.py
+++ b/hpk-inv.py
@@ -1,11 +1,6 @@
 import subprocess


-def get_pass(filename: str) -> str:
-    """Get the data from the password manager."""
-    r = subprocess.run(["pass", "show", filename], capture_output=True, check=True)
-    return r.stdout.decode("utf-8")
-
 chatmail = [
    (
        "c1.testrun.org",
@@ -13,8 +8,6 @@ chatmail = [
            "ssh_user": "root",
            "domain": "c1.testrun.org",
            "dkim_selector": "2023",
-            "dkim_key": get_pass("delta/c1.testrun.org/dkim_key"),
-            "dkim_txt": get_pass("delta/c1.testrun.org/dkim_txt"),
        },
    ),
 ]
--- a/src/chatmail/init.py
+++ b/src/chatmail/init.py
@@ -6,6 +6,7 @@ from io import StringIO

 from pyinfra import host, logger
 from pyinfra.operations import apt, files, server, systemd, python
+from pyinfra.facts.files import File
 from .acmetool import deploy_acmetool


@@ -23,7 +24,7 @@ def _install_chatctl() -> None:


 def _configure_opendkim(
-    domain: str, dkim_selector: str, dkim_key: str, dkim_txt: str
+    domain: str, dkim_selector: str
 ) -> bool:
    """Configures OpenDKIM"""
    need_restart = False
@@ -46,20 +47,7 @@ def _configure_opendkim(
        present=True,
    )

-    if dkim_key:
-        files.put(
-            name="Put the DKIM key",
-            src=StringIO(dkim_key),
-            dest=f"/etc/dkimkeys/{dkim_selector}.private",
-            mode="600",
-        )
-        files.put(
-            name="Put the DKIM DNS textfile",
-            src=StringIO(dkim_txt),
-            dest=f"/etc/dkimkeys/{dkim_selector}.txt",
-            mode="600",
-        )
-    else:
+    if not host.get_fact(File, f"/etc/dkimkeys/{dkim_selector}.private"):
        server.shell(
            name="Generate OpenDKIM domain keys",
            commands=[
@@ -132,8 +120,6 @@ def _configure_dovecot(domain: str) -> bool:
 def deploy_chatmail() -> None:
    domain = host.data.domain
    dkim_selector = host.data.dkim_selector
-    dkim_key = host.data.dkim_key
-    dkim_txt = host.data.dkim_txt

    apt.update(name="apt update")
    server.group(name="Create vmail group", group="vmail", system=True)
@@ -176,7 +162,7 @@ def deploy_chatmail() -> None:
    dovecot_need_restart = _configure_dovecot(domain)
    postfix_need_restart = _configure_postfix(domain)
    opendkim_need_restart = _configure_opendkim(
-        domain, dkim_selector, dkim_key, dkim_txt
+        domain, dkim_selector
    )

    systemd.service(