#!/bin/sh
set -e

# directory with file fragments for the trusted keys
KEYRINGDIR="/etc/apt/trusted.gpg.d"
KEYRING="${KEYRINGDIR}/pureos-archive-keyring.gpg"

if ! test -d $KEYRINGDIR; then
     mkdir -m 755 -p $KEYRINGDIR
fi

if ! test -f $KEYRING; then
     cp /usr/share/keyrings/pureos-archive-keyring.gpg $KEYRING
     touch $KEYRING
fi

# sensible default permissions if there is no keyring yet
# (gpg will use 0600 otherwise and that will break release-upgrades later)
ETC_KEYRING="/etc/apt/trusted.gpg"
if [ ! -f $ETC_KEYRING ]; then
    touch $ETC_KEYRING
    chmod 0644 $ETC_KEYRING
fi
