view release on metacpan or  search on metacpan

lib/Mail/Run/Crypt.pm  view on Meta::CPAN

        defined $self->{keyid}
          or croak 'Key ID required for signing';
        defined $self->{passphrase}
          or croak 'Passphrase required for signing';
    }

    # Return objectified self
    return bless $self, $class;
}

# Run a given command
sub run {
    my ( $self, @command ) = @_;

    # Run the command and wait for it to finish; keep its exit value for later
    my ( @out, @err );
    eval { run3 \@command, undef, \@out, \@err }
      or warn "Command failed: $EVAL_ERROR\n";
    $self->{exit} = $CHILD_ERROR >> 8;

    # If there was output, mail it
    if (@out) {
        my $command = join q{ }, @command;
        my $subject = "$self->{name} output: $command";
        $self->_mail( $subject, \@out );
    }

    # If there were errors, mail them
    if (@err) {
        my $command = join q{ }, @command;
        my $subject = "$self->{name} errors: $command";
        $self->_mail( $subject, \@err );
    }

    # Return status reflecting the command exit value
    return $self->{exit} == 0;
}

# Return the value of the most recently run command, or 1 otherwise
sub bail {
    my $self = shift;
    my $exit =
      defined $self->{exit}
      ? $self->{exit}
      : $DEFAULT_EXIT;
    return $exit;
}

# Send the message to the address in $ENV{MAILTO}
sub _mail {
    my ( $self, $subject, $content ) = @_;

    # Build MIME object with plaintext message
    my $mime = MIME::Entity->build(
        To      => $self->{mailto},
        Subject => $subject,
        Data    => $content,
    );

    # Encrypt the MIME object
    my $mgpg = Mail::GnuPG->new(
        key        => $self->{keyid},
        passphrase => $self->{passphrase},
    );

    # Sign and/or encrypt as appropriate
    if ( $self->{sign} and $self->{encrypt} ) {
        $mgpg->mime_signencrypt( $mime, $self->{mailto} );
    }
    elsif ( $self->{sign} ) {
        $mgpg->mime_sign( $mime, $self->{mailto} );
    }
    elsif ( $self->{encrypt} ) {
        $mgpg->mime_encrypt( $mime, $self->{mailto} );
    }

    # Send it
    return $mime->send();
}

1;

__END__

=pod

=for stopwords
mailserver decrypt runcrypt GPG OpenPGP tradename licensable MERCHANTABILITY
mailto keyid

=head1 NAME

Mail::Run::Crypt - Encrypt and mail output from command runs

=head1 VERSION

Version 0.12

=head1 DESCRIPTION

This module runs a system command with L<IPC::Run3|IPC::Run3>, and collects any
standard output and standard error it emits. If there is any standard output or
standard error content, it is encrypted and optionally signed with GnuPG, and
then each stream's content is mailed separately to a specified recipient
address.

The idea is to allow you to view the output of automated commands while having
the content encrypted as it passes through to your mailserver, and optionally
to have some assurance that the content was actually generated by the server
concerned. B<cron(8)> scripts are the ideal use case, but this would also work
with B<at(1)>, or anything else that might non-interactively run jobs for which
output is significant.

You will probably want to call this with the L<B<runcrypt(1)>|runcrypt> program
provided by this distribution, which includes a means to set the properties for
the module via environment variables or command line options.

=head1 SYNOPSIS

    use Mail::Run::Crypt;
    ...
    my $mrc = Mail::Run::Crypt->new(
        mailto => 'you@example.net',
    );
    $mrc->run($command, @args);
    ...
    my $mrc = Mail::Run::Crypt->new(
        sign       => 1,
        keyid      => '0x1234DEAD5678BEEF',
        passphrase => 'able was i ere i saw elba',
        mailto     => 'you@example.net',
    );
    $mrc->run($command, @args);