From 21a40b048662d6d6d7a47eef72ce814dadcb11dd Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Mon, 27 Apr 2020 00:29:55 +1200
Subject: Flesh out logging with timestamps and systemd

---
 parcimini.bash    | 30 ++++++++++++++++++++++--------
 parcimini.service |  2 ++
 2 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/parcimini.bash b/parcimini.bash
index 016f166..441f173 100644
--- a/parcimini.bash
+++ b/parcimini.bash
@@ -1,5 +1,11 @@
 self=parcimini
 
+# If systemd made us a logs directory, write to files in there
+if [ -n "$LOGS_DIRECTORY" ] ; then
+    dir=${LOGS_DIRECTORY%%:%}
+    exec >>"$dir"/"$self".log
+fi
+
 # Base interval between key retrievals from first arg; default 20 mins
 interval=${1:-120}
 
@@ -11,6 +17,14 @@ hash shuf || exit
 trap 'rm -f "$list"' EXIT
 list=$(mktemp) || exit
 
+# Define logging function
+logf() {
+    format=$1
+    shift
+    printf "%s: %s: $format" \
+        "$(date +'%FT%T')" "$self" "$@"
+}
+
 # Define a function to retrieve all keychain fingerprints
 key_ids() {
     gpg --batch --no-tty --list-keys --with-colons |
@@ -21,26 +35,26 @@ END { for (key_id in key_ids) print key_id }'
 }
 
 # Log process start
-printf >&2 '%s: Started; base interval %u seconds.\n' \
-    "$self" "$interval"
+logf 'Started; base interval %u seconds.\n' \
+    "$interval"
 
 # While we're able to write a shuffled key list to the file, refresh all of them
 while key_ids | shuf > "$list" ; do
-    printf >&2 '%s: Beginning new round; %u key IDs found.\n' \
-        "$self" "$(sed '$=;d' "$list")"
+    logf 'Beginning new round; %u key IDs found.\n' \
+        "$(sed '$=;d' "$list")"
 
     # Shuffle list and read each ID
     while read -r key_id ; do
 
         # Sleep for a random interval
         spell=$((RANDOM % interval + 1))
-        printf >&2 '%s: Sleeping for %u seconds...\n' \
-            "$self" "$spell"
+        logf 'Sleeping for %u seconds...\n' \
+            "$spell"
         sleep "$spell"
 
         # Retrieve key
-        printf >&2 '%s: Retrieving key %s...\n' \
-            "$self" "$key_id"
+        logf 'Retrieving key %s...\n' \
+            "$key_id"
         gpg --batch --no-tty --recv-key "$key_id"
 
     done < $list
diff --git a/parcimini.service b/parcimini.service
index 8e30528..22e9fb6 100644
--- a/parcimini.service
+++ b/parcimini.service
@@ -3,6 +3,8 @@ Description=GnuPG keychain randomized update
 After=network.target
 
 [Service]
+LogsDirectory=%p
+LogsDirectoryMode=0700
 ExecStart=/usr/local/bin/parcimini
 
 [Install]
-- 
cgit v1.2.3


From 52fa699cc7dd29eaa303490ce566ec3628b1f426 Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Mon, 27 Apr 2020 00:36:17 +1200
Subject: Add UMask setting

---
 parcimini.service | 1 +
 1 file changed, 1 insertion(+)

diff --git a/parcimini.service b/parcimini.service
index 22e9fb6..8250fee 100644
--- a/parcimini.service
+++ b/parcimini.service
@@ -5,6 +5,7 @@ After=network.target
 [Service]
 LogsDirectory=%p
 LogsDirectoryMode=0700
+UMask=0077
 ExecStart=/usr/local/bin/parcimini
 
 [Install]
-- 
cgit v1.2.3


From 4f99633a075a2bbad239fbbc1db335e70b3c433c Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Mon, 27 Apr 2020 00:46:21 +1200
Subject: Send GnuPG diagnostics to stdout for logging

This isn't great.
---
 parcimini.bash | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/parcimini.bash b/parcimini.bash
index 441f173..a38d01a 100644
--- a/parcimini.bash
+++ b/parcimini.bash
@@ -55,7 +55,7 @@ while key_ids | shuf > "$list" ; do
         # Retrieve key
         logf 'Retrieving key %s...\n' \
             "$key_id"
-        gpg --batch --no-tty --recv-key "$key_id"
+        gpg --batch --no-tty --recv-key "$key_id" 2>&1
 
     done < $list
 done
-- 
cgit v1.2.3


From 545cdfce3ea66aeceded3d4dfd12410ad5d2395c Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Mon, 27 Apr 2020 00:52:36 +1200
Subject: Emit log message on exit

---
 parcimini.bash | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/parcimini.bash b/parcimini.bash
index a38d01a..8047a79 100644
--- a/parcimini.bash
+++ b/parcimini.bash
@@ -13,10 +13,6 @@ interval=${1:-120}
 hash gpg || exit
 hash shuf || exit
 
-# Make a temporary file for the key listings, delete on exit
-trap 'rm -f "$list"' EXIT
-list=$(mktemp) || exit
-
 # Define logging function
 logf() {
     format=$1
@@ -25,6 +21,14 @@ logf() {
         "$(date +'%FT%T')" "$self" "$@"
 }
 
+# Make a temporary file for the key listings, delete on exit
+cleanup() {
+    logf 'Stopped\n'
+    rm -f -- "$list"
+}
+trap cleanup EXIT
+list=$(mktemp) || exit
+
 # Define a function to retrieve all keychain fingerprints
 key_ids() {
     gpg --batch --no-tty --list-keys --with-colons |
-- 
cgit v1.2.3


From e89ea53dd788df02554d7c61a8b7f86333cd339e Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Mon, 27 Apr 2020 00:53:30 +1200
Subject: Bump VERSION

---
 VERSION | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/VERSION b/VERSION
index 0ea3a94..0d91a54 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-0.2.0
+0.3.0
-- 
cgit v1.2.3