commit 309d2c88123200a10b40ff335efc8416764c599a
parent 315fb2e8e36e973f547ec6a5a2883569f12193c5
Author: Hayden Hamilton <hayden@hhvn.uk>
Date: Sun, 24 May 2026 21:10:40 +0100
dkim/mkcert: better descript + list files on stdout
Diffstat:
1 file changed, 26 insertions(+), 5 deletions(-)
diff --git a/dkim/mkcert b/dkim/mkcert
@@ -1,6 +1,17 @@
#!/bin/rc
# This script generates and stores DKIM keypair, using the correct user
+# It outputs all paths generated in the following order:
+# - privkey
+# - pubkey
+# - txt record to be used in dns
+#
+# Example/intended usage:
+# dkimfiles = `$nl{dkim/mkcert <selector>}
+# privkey = $dkimfiles(1)
+# txtfile = $dkimfiles(2)
+#
+# There is no real need for the pubkey to be stored as its own file.
dir = /etc/mail/dkim
user =_dkimsign_
@@ -9,19 +20,18 @@ privkey = $dir/$selector.priv.key
pubkey = $dir/$selector.pub.key
txt = $dir/$selector.txt
-if (!~ $#* 1) {
- echo 'usage: mkcert <selector>'
- exit 2
+fn err {
+ echo $* >[1=2]
}
fn die {
- echo fatal error: $* >[1=2]
+ err fatal error: $*
exit 1
}
fn mustsucceed {
if (!$*) {
- echo fatal error: essential command failed >[1=2]
+ err fatal error: essential command failed
cleanupfailed
exit 1
}
@@ -37,6 +47,12 @@ fn as {
doas -u _dkimsign $*
}
+if (!~ $#* 1) {
+ err 'usage: mkcert <selector>'
+ exit 2
+}
+
+
as test -e $privkey && die $privkey already exists
as test -e $pubkey && die $pubkey already exists
as test -e $txt && die $txt already exists
@@ -49,3 +65,8 @@ mustsucceed as openssl rsa -in $privkey -pubout | \
mustsucceed as cat $pubkey | \
mustsucceed as sed '1s/.*/v=DKIM1;p=/;:nl;${s/-----.*//;q;};N;s/\n//g;b nl;' | \
mustsucceed as tee $txt >/dev/null
+
+err 'Paths generated (privkey, pubkey, txt dns record):'
+echo $privkey
+echo $pubkey
+echo $txt
