From a6a7c7d1913a41c91931501a4f05902758d23fa9 Mon Sep 17 00:00:00 2001 From: Tai Kedzierski Date: Sun, 19 Mar 2017 09:21:29 +0000 Subject: [PATCH 1/3] lxc-download.in / allow setting keyserver from env Checks if DOWNLOAD_KEYSERVER has already been set in the environment before setting a value Signed-off-by: Tai Kedzierski --- templates/lxc-download.in | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/templates/lxc-download.in b/templates/lxc-download.in index e74947378..5716ad95b 100644 --- a/templates/lxc-download.in +++ b/templates/lxc-download.in @@ -34,7 +34,6 @@ DOWNLOAD_FLUSH_CACHE="false" DOWNLOAD_FORCE_CACHE="false" DOWNLOAD_INTERACTIVE="false" DOWNLOAD_KEYID="0xE7FB0CAEC8173D669066514CBAEFF88C22F6E216" -DOWNLOAD_KEYSERVER="hkp://pool.sks-keyservers.net" DOWNLOAD_LIST_IMAGES="false" DOWNLOAD_MODE="system" DOWNLOAD_READY_GPG="false" @@ -54,9 +53,13 @@ LXC_NAME= LXC_PATH= LXC_ROOTFS= -# Deal with GPG over http proxy -if [ -n "${http_proxy:-}" ]; then - DOWNLOAD_KEYSERVER="hkp://p80.pool.sks-keyservers.net:80" +if [ -z "${DOWNLOAD_KEYSERVER+x}" ]; then + DOWNLOAD_KEYSERVER="hkp://pool.sks-keyservers.net" + + # Deal with GPG over http proxy + if [ -n "${http_proxy:-}" ]; then + DOWNLOAD_KEYSERVER="hkp://p80.pool.sks-keyservers.net:80" + fi fi # Make sure the usual locations are in PATH From d2e5c5d18ff1142c374cf5d58c24510550f8000a Mon Sep 17 00:00:00 2001 From: Tai Kedzierski Date: Sun, 19 Mar 2017 09:27:42 +0000 Subject: [PATCH 2/3] lxc-download.in / Document keyserver change in help Signed-off-by: Tai Kedzierski --- templates/lxc-download.in | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/templates/lxc-download.in b/templates/lxc-download.in index 5716ad95b..5c17785cb 100644 --- a/templates/lxc-download.in +++ b/templates/lxc-download.in @@ -204,7 +204,7 @@ Optional arguments: [ --variant ]: Variant of the image (default: "default") [ --server ]: Image server (default: "images.linuxcontainers.org") [ --keyid ]: GPG keyid (default: 0x...) -[ --keyserver ]: GPG keyserver to use +[ --keyserver ]: GPG keyserver to use. Environment variable: DOWNLOAD_KEYSERVER [ --no-validate ]: Disable GPG validation (not recommended) [ --flush-cache ]: Flush the local copy (if present) [ --force-cache ]: Force the use of the local copy even if expired @@ -215,6 +215,11 @@ LXC internal arguments (do not pass manually!): [ --rootfs ]: The path to the container's rootfs [ --mapped-uid ]: A uid map (user namespaces) [ --mapped-gid ]: A gid map (user namespaces) + +Environment Variables: +DOWNLOAD_KEYSERVER : The URL of the key server to use, instead of the default. + Can be further overridden by using optional argument --keyserver + EOF return 0 } From a9a53b507015b079c6b1952137981d3a99aa3b6d Mon Sep 17 00:00:00 2001 From: Tai Kedzierski Date: Sun, 19 Mar 2017 17:28:26 +0000 Subject: [PATCH 3/3] Change variable check to match existing style Signed-off-by: Tai Kedzierski --- templates/lxc-download.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/lxc-download.in b/templates/lxc-download.in index 5c17785cb..029830017 100644 --- a/templates/lxc-download.in +++ b/templates/lxc-download.in @@ -53,7 +53,7 @@ LXC_NAME= LXC_PATH= LXC_ROOTFS= -if [ -z "${DOWNLOAD_KEYSERVER+x}" ]; then +if [ -z "${DOWNLOAD_KEYSERVER:-}" ]; then DOWNLOAD_KEYSERVER="hkp://pool.sks-keyservers.net" # Deal with GPG over http proxy