From 23051b30e6b2d1f47ff0246c5719171430383b42 Mon Sep 17 00:00:00 2001
From: Alex Boden <alex.boden@uwaterloo.ca>
Date: Fri, 20 Dec 2024 21:14:44 -0500
Subject: [PATCH] Add automatic whitelist re-signing

Related to #9

---

For more details, open the [Copilot Workspace session](https://copilot-workspace.githubnext.com/WATonomous/cvmfs-ephemeral/issues/9?shareId=XXXX-XXXX-XXXX-XXXX).
---
 README.md                | 2 +-
 server/src/entrypoint.sh | 6 ++++++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 1954356..bc23008 100644
--- a/README.md
+++ b/README.md
@@ -12,7 +12,7 @@ Coming soon:
     - When using the custom FastAPI upload server, speeds reach over 400MiB/s easily. We'll adopt this approach.
 - [x] Garbage collection
 - [ ] Better documentation
-- [ ] Automatic [whitelist re-signing](https://cvmfs.readthedocs.io/en/stable/apx-security.html#signature-details)
+- [x] Automatic [whitelist re-signing](https://cvmfs.readthedocs.io/en/stable/apx-security.html#signature-details)
 
 ### Manual Testing
 
diff --git a/server/src/entrypoint.sh b/server/src/entrypoint.sh
index 349260a..8af04cb 100644
--- a/server/src/entrypoint.sh
+++ b/server/src/entrypoint.sh
@@ -7,3 +7,9 @@ ln -s /srv/cvmfs /var/www/cvmfs
 a2enmod headers expires proxy proxy_http
 service apache2 start
 
+# Add cvmfs_server resign command
+cvmfs_server resign
+
+# Schedule cvmfs_server resign command to run daily using a cron job
+echo "0 0 * * * root cvmfs_server resign" > /etc/cron.d/cvmfs_resign
+cron