205 lines
4.1 KiB
Bash
Executable File
205 lines
4.1 KiB
Bash
Executable File
#!/bin/sh
|
|
# strap.sh - install and setup CondorCore keyring
|
|
|
|
# mirror file to fetch and write
|
|
MIRROR_F="condorcore-mirrorlist"
|
|
|
|
# simple error message wrapper
|
|
err()
|
|
{
|
|
echo >&2 "$(tput bold; tput setaf 1)[-] ERROR: ${*}$(tput sgr0)"
|
|
exit 1337
|
|
}
|
|
|
|
# simple warning message wrapper
|
|
warn()
|
|
{
|
|
echo >&2 "$(tput bold; tput setaf 1)[!] WARNING: ${*}$(tput sgr0)"
|
|
}
|
|
|
|
# simple echo wrapper
|
|
msg()
|
|
{
|
|
echo "$(tput bold; tput setaf 2)[+] ${*}$(tput sgr0)"
|
|
}
|
|
|
|
# check for root privilege
|
|
check_priv()
|
|
{
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
err "you must be root"
|
|
fi
|
|
}
|
|
|
|
# make a temporary directory and cd into
|
|
make_tmp_dir()
|
|
{
|
|
tmp="$(mktemp -d /tmp/condorcore_strap.XXXXXXXX)"
|
|
trap 'rm -rf $tmp' EXIT
|
|
cd "$tmp" || err "Could not enter directory $tmp"
|
|
}
|
|
|
|
set_umask()
|
|
{
|
|
OLD_UMASK=$(umask)
|
|
umask 0022
|
|
trap 'reset_umask' TERM
|
|
}
|
|
|
|
reset_umask()
|
|
{
|
|
umask $OLD_UMASK
|
|
}
|
|
|
|
check_internet()
|
|
{
|
|
tool='curl'
|
|
tool_opts='-s --connect-timeout 8'
|
|
|
|
if ! $tool $tool_opts https://condorbs.net/ > /dev/null 2>&1; then
|
|
err "You don't have an Internet connection!"
|
|
fi
|
|
|
|
return $SUCCESS
|
|
}
|
|
|
|
# retrieve the CondorCore keyring
|
|
fetch_keyring()
|
|
{
|
|
curl -s -O \
|
|
'https://aur.centauricorex.net/x86_64/condorcore-keyring-20231117-1-any.pkg.tar.zst'
|
|
|
|
curl -s -O \
|
|
'https://aur.centauricorex.net/x86_64/condorcore-keyring-20231117-1-any.pkg.tar.zst.sig'
|
|
}
|
|
|
|
# verify the keyring signature
|
|
# note: this is pointless if you do not verify the key fingerprint
|
|
verify_keyring()
|
|
{
|
|
if ! gpg --keyserver keyserver.ubuntu.com \
|
|
--recv-keys 2B9D22B41F2AF1042BFCE73A3CA0B9DF1BE7CE09 > /dev/null 2>&1
|
|
then
|
|
if ! gpg --keyserver hkps://keyserver.ubuntu.com:443 \
|
|
--recv-keys 2B9D22B41F2AF1042BFCE73A3CA0B9DF1BE7CE09 > /dev/null 2>&1
|
|
then
|
|
if ! gpg --keyserver keys.openpgp.org \
|
|
--recv-keys 2B9D22B41F2AF1042BFCE73A3CA0B9DF1BE7CE09 > /dev/null 2>&1
|
|
then
|
|
err "could not verify the key."
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if ! gpg --keyserver-options no-auto-key-retrieve \
|
|
--with-fingerprint condorcore-keyring-20231117-1-any.pkg.tar.zst.sig > /dev/null 2>&1
|
|
then
|
|
err "invalid keyring signature."
|
|
fi
|
|
}
|
|
|
|
# delete the signature files
|
|
delete_signature()
|
|
{
|
|
if [ -f "condorcore-keyring-20231117-1-any.pkg.tar.zst.sig" ]; then
|
|
rm condorcore-keyring-20231117-1-any.pkg.tar.zst.sig
|
|
fi
|
|
}
|
|
|
|
# make sure /etc/pacman.d/gnupg is usable
|
|
check_pacman_gnupg()
|
|
{
|
|
pacman-key --init
|
|
}
|
|
|
|
# install the keyring
|
|
install_keyring()
|
|
{
|
|
if ! pacman --config /dev/null --noconfirm \
|
|
-U condorcore-keyring-20231117-1-any.pkg.tar.zst ; then
|
|
err 'keyring installation failed'
|
|
fi
|
|
|
|
# just in case
|
|
pacman-key --populate
|
|
}
|
|
|
|
# fetch the CondorCore mirrorlist from the provided URL
|
|
fetch_mirrorlist()
|
|
{
|
|
mirrorlist_url="https://condorcs.net/CondorCORE/condorcore-mirrorlist/raw/branch/master/condorcore-mirrorlist"
|
|
|
|
curl -s "$mirrorlist_url" -o "/etc/pacman.d/$MIRROR_F"
|
|
}
|
|
|
|
# update pacman.conf
|
|
update_pacman_conf()
|
|
{
|
|
# delete CondorCore related entries if existing
|
|
sed -i '/condorcore/{N;d}' /etc/pacman.conf
|
|
|
|
cat >> "/etc/pacman.conf" << EOF
|
|
[condorcore]
|
|
Include = /etc/pacman.d/$MIRROR_F
|
|
EOF
|
|
}
|
|
|
|
# synchronize and update
|
|
pacman_update()
|
|
{
|
|
if pacman -Syy; then
|
|
return $SUCCESS
|
|
fi
|
|
|
|
warn "Synchronizing pacman has failed. Please try manually: pacman -Syy"
|
|
|
|
return $FAILURE
|
|
}
|
|
|
|
# upgrade the system
|
|
pacman_upgrade()
|
|
{
|
|
echo 'perform full system upgrade? (pacman -Su) [Yn]:'
|
|
read conf < /dev/tty
|
|
case "$conf" in
|
|
''|y|Y) pacman -Su ;;
|
|
n|N) warn 'some CondorCore packages may not work without an up-to-date system.' ;;
|
|
esac
|
|
}
|
|
|
|
# setup CondorCore
|
|
condorcore_setup()
|
|
{
|
|
check_priv
|
|
msg 'installing CondorCore keyring...'
|
|
set_umask
|
|
make_tmp_dir
|
|
check_internet
|
|
fetch_keyring
|
|
verify_keyring
|
|
delete_signature
|
|
check_pacman_gnupg
|
|
install_keyring
|
|
echo
|
|
msg 'keyring installed successfully'
|
|
|
|
# fetch the CondorCore mirrorlist
|
|
msg 'fetching CondorCore mirrorlist...'
|
|
fetch_mirrorlist
|
|
|
|
# update pacman.conf
|
|
msg 'updating pacman.conf'
|
|
update_pacman_conf
|
|
|
|
msg 'updating package databases'
|
|
pacman_update
|
|
reset_umask
|
|
msg 'CondorCore repo is ready!'
|
|
|
|
# ask for system upgrade
|
|
pacman_upgrade
|
|
}
|
|
##
|
|
condorcore_setup
|
|
|