#!/bin/sh
# Copyright (c) 2021,2023 Job Snijders <job@fastly.com>
#
# Permission to use, copy, modify, and distribute this software for any
# purpose with or without fee is hereby granted, provided that the above
# copyright notice and this permission notice appear in all copies.
#
# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
#
### How it works
# 
# To prevent incoherent RPKI publications, this script moves the rsyncd path.
# Based on excellent suggestions from Tom Harrison <tomh@apnic.net>, who in
# turn credits staff from LACNIC & ARIN. :-)
#
# Rsyncd resolves symlinks only once, at the start of each rsync connection.
# In rsyncd.conf, set the 'path' to point to a symlink, which in turn points
# to the latest publication in the spool directory. 
# Then, existing established sync sessions won't be interrupted by the new
# publication update, thus 'not pulling the rug out from under clients'! :)
# Coherent publications greatly improve the global RPKI's reliability.
#
#     [rpki]
#            path = /home/job/rpki/rsync
#            comment = RPKI Repository
#            read only = true
#
# 0) compile and install rpkitouch https://github.com/job/rpkitouch
# 1) copy the new publication data into /home/job/rpki/spool/staging/
# 2) then execute this script

set -e

TS=$(date +%s)

cd /home/job/rpki
find spool/staging -type f -exec rpkitouch {} \+
mv spool/staging "spool/${TS}"
ln -sf "spool/${TS}" spool/rsync
mv spool/rsync ./

# remove publications 'older than 2 hours'
cd spool/
for p in *; do test "${p}" -lt "$((${TS}-7200))" && rm -r "${p}"; done

# executing the above after having copied files into spool/staging
# will resultin the following example filesystem hierarchy:
#
# $ ls -alhtr rpki/rsync
# lrwxr-xr-x  1 job  job    14B Mar 28 13:33 rpki/rsync -> spool/1616938405
#
# $ ls rpki/spool
# 1616937985  1616938203  1616938384  1616938391  1616938405
#
# $ ls -l rpki/spool/1616937985
# total 20
# drwxr-xr-x  2 job  job  1024 Mar 28 13:23 RIPE-nljobsnijders
# drwxr-xr-x  2 job  job   512 Mar 28 10:23 uplift
#
# $ ls rpki/rsync/uplift
# 7bVnkZL_z_nug3meHLRuEvie6DE.roa            IBfMWA0nPFS6MGTNLNavObgEuIc.mft
# IBfMWA0nPFS6MGTNLNavObgEuIc.crl            NXcXcvufxaz7UKj3TeiTmbAual4.roa