- When creating a symbolic link and the link already exists, do it
atomically. This prevents two problems. 1) If we fail between
deleting the old link and creating the new link, then we have
nothing. 2) If a reader accesses the link between unlinking the
old version and creating the new version, it sees nothing.
- Make sure things work as expected when there are multiple keys
with the same email address.
- Make sure things work as expected when a key has multiple user ids
with the same email address.
- Currently, the file system code writes the data to a temp file,
removes the target file, and then renames the temp file to the
target file.
- This has two problems. 1.) If the rename fails, then the old
version is also gone. 2.) A reader (e.g., NGINX) will return a
404 after the old file has been removed, but before the file has
been renamed.
- Since tmp.persist() atomically replaces the target file, there is
no need to remove the file.
- To address scalability concerns, we put data files into
subdirectories by splitting e.g. the fingerprint into a two
character prefix and the rest, using the prefix as subdirectory
name, and the rest as filename.
- We hide this fact from the user using rewrite rules in nginx.
- Fixes#38.