move default keystore location to `keystore.jks`, i.e. in the fdroid repo

This makes `fdroid init` create a complete, self-contained repo in a single
folder.  That makes it easily transferable, backupable, etc.  It also means
that `fdroid update` can add a keystore to an existing unsigned repo
without having to worry about finding the right folder or overwriting any
other existing files.

diff --git a/fdroidserver/common.py b/fdroidserver/common.py
index 9432de3a9b7b902789bb2407665adf63c77c29c7..135e96c822e70dc3ce2f11c279284003086a1c91 100644 (file)
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@@ -63,7 +63,7 @@ default_config = {
     'stats_to_carbon': False,
     'repo_maxage': 0,
     'build_server_always': False,
-    'keystore': os.path.join("$HOME", '.local', 'share', 'fdroidserver', 'keystore.jks'),
+    'keystore': 'keystore.jks',
     'smartcardoptions': [],
     'char_limits': {
         'Summary': 50,
@@ -2038,6 +2038,7 @@ def genkey(keystore, repo_keyalias, password, keydname):
                      '-keypass:file', config['keypassfile'],
                      '-dname', keydname])
     # TODO keypass should be sent via stdin
+    os.chmod(keystore, 0o0600)
     if p.returncode != 0:
         raise BuildException("Failed to generate key", p.output)
     # now show the lovely key that was just generated

diff --git a/fdroidserver/init.py b/fdroidserver/init.py
index 25187a9f9cb1e901bf5c874619fd59745d08a368..200da4df03b9f4a9ec0f1171669ff3706193e615 100644 (file)
--- a/fdroidserver/init.py
+++ b/fdroidserver/init.py
@@ -227,6 +227,8 @@ def main():
     elif not os.path.exists(keystore):
         # no existing or specified keystore, generate the whole thing
         keystoredir = os.path.dirname(keystore)
+        if keystoredir is None or keystoredir == '':
+            keystoredir = os.path.join(os.getcwd(), keystoredir)
         if not os.path.exists(keystoredir):
             os.makedirs(keystoredir, mode=0o700)
         password = common.genpassword()