Meliurwen 3 years ago
parent 388a21d35d
commit 3712df64d9
Signed by: meliurwen
GPG Key ID: 818A8B35E9F1CE10
  1. 43
      movedebs.sh
  2. 75
      repo-main.sh
  3. 83
      repo-sign.sh
  4. 38
      repo-update.sh

@ -1,43 +0,0 @@
#!/bin/sh
set -e
if [ $# -eq 0 ]; then
echo "No arguments provided. Aborting..."
exit 1
fi
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "usage: ./movedebs.sh [-h] [MAIN_DIR INCOMING_DIR READY_SUFFIX]
Deploys packages for you.
Possible values for the arguments:
MAIN_DIR path of the directory inside the repository where the packages will be storaged
INCOMING_DIR local path of the 'incoming' directory
READY_SUFFIX suffix used to flag a complete transfer of a file
Dependencies: -
"
exit 0
fi
if [ $# -lt 3 ]; then
echo "Mandatory arguments: 'MAIN_DIR', 'INCOMING_DIR', 'INCOMING_DIR'. Aborting..."
exit 1
fi
MAIN_DIR="${1}"
INCOMING_DIR="${2}"
READY_SUFFIX="${3}"
for ENTRY in "${INCOMING_DIR}"/*"${READY_SUFFIX}"; do
# If is not a file skip
if [ -f "${ENTRY}" ]; then
FILENAME_DEB=$(basename --suffix="${READY_SUFFIX}" "${ENTRY}")
BASEDIRPATH=$(dirname "${ENTRY}")
mv "${BASEDIRPATH}/${FILENAME_DEB}" "${MAIN_DIR}/${FILENAME_DEB}"
rm "${ENTRY}"
fi
done

@ -1,75 +0,0 @@
#!/bin/sh
set -e
if [ $# -eq 0 ]; then
echo "No arguments provided. Aborting..."
exit 1
fi
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "usage: ./repo-main.sh [-h] [MAIN_DIR INCOMING_DIR READY_SUFFIX]
Wrapper script for the repository.
Possible values for the arguments:
MAIN_DIR path of the directory inside the repository where the packages will be storaged
INCOMING_DIR local path of the 'incoming' directory
READY_SUFFIX suffix used to flag a complete transfer of a file
Dependencies: -
"
exit 0
fi
if [ $# -lt 3 ]; then
echo "Mandatory arguments: 'MAIN_DIR', 'INCOMING_DIR', 'INCOMING_DIR'. Aborting..."
exit 1
fi
MAIN_DIR="${1}"
INCOMING_DIR="${2}"
READY_SUFFIX="${3}"
echo "Checking if there are packages to add..."
for f in "${INCOMING_DIR}"/*"${READY_SUFFIX}"; do
## From: https://stackoverflow.com/a/6364244
## Check if the glob gets expanded to existing files.
## If not, f here will be exactly the pattern above
## and the exists test will evaluate to false.
if [ -e "$f" ]; then
echo "Found packages to add."
else
echo "Not found packages to add. Exiting..."
exit 0
fi
## This is all we needed to know, so we can break after the first iteration
break
done
echo "Moving package(s) to the repo..."
mkdir -p "${MAIN_DIR}"
./movedebs.sh "${MAIN_DIR}" "${INCOMING_DIR}" "${READY_SUFFIX}"
#echo "Installing repository build dependencies (apt)..."
#apt-get -qq -y --no-install-recommends install apt-utils > /dev/null
echo "Updating the repo..."
REPO_PATH="repo"
TEMP_DIR="$(mktemp -d)"
./repo-update.sh "${REPO_PATH}" "${TEMP_DIR}"
#apt-get -qq -y --no-install-recommends install gpg gpg-agent
echo "Checking if is possible to sign the repo..."
mkdir -p keys
chmod 600 keys
export GNUPGHOME="${PWD}/keys"
./repo-sign.sh "${TEMP_DIR}" "${REPO_PATH}"/key.pub.asc
echo "Committing changes..."
mv "${TEMP_DIR}"/* "${REPO_PATH}"/
echo "Done."
#echo "deb file:/repo /" > /etc/apt/sources.list.d/custom-repo.list

@ -1,83 +0,0 @@
#!/bin/sh
set -e
if [ $# -eq 0 ]; then
echo "No arguments provided. Aborting..."
exit 1
fi
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "usage: ./repo-sign.sh [-h] [REPO_PATH PUB_KEY_FULLPATH GPG_SUBKEY_ID]
Deploys packages for you.
Possible values for the arguments:
REPO_PATH path of the repositpry
GPG_SUBKEY_ID fingerprint of the (sub)key to use to sign
Dependencies: -
"
exit 0
fi
if [ $# -lt 2 ]; then
echo "Mandatory arguments: 'REPO_PATH', 'PUB_KEY_FULLPATH'. Aborting..."
exit 1
fi
REPO_PATH="${1}"
PUB_KEY_FULLPATH="${1}"
[ -n "${3+x}" ] && GPG_SUBKEY_ID="${3}"
if [ ! -f "${GNUPGHOME}/pubring.kbx" ]; then
echo "The file 'pubring.kbx' file has not been found. Generating automatically a new one with a new set of keys..."
KEY_NAME="Joe Tester"
KEY_PASSPHRASE="over-the-lazy-dog"
cat >foo_keys <<EOF
%echo Generating a basic OpenPGP key
Key-Type: RSA
Key-Usage: sign
Key-Length: 4096
Subkey-Type: RSA
Subkey-Usage: sign
Subkey-Length: 4096
Name-Real: ${KEY_NAME}
Name-Comment: with stupid passphrase
Name-Email: joe@foo.bar
Expire-Date: 0
Passphrase: ${KEY_PASSPHRASE}
# Do a commit here, so that we can later print "done" :-)
%commit
%echo done
EOF
gpg --batch --generate-key foo_keys
echo "${KEY_PASSPHRASE}" > "${GNUPGHOME}/passphrase"
fi
if [ -z "${GPG_SUBKEY_ID+x}" ]; then
echo "A GPG key id has not been defined. Automatically selecting a fingerprint..."
# List key and its subkey with their respective fingerprints | filter fingerprints of both keys | pick fingerprint of the second row
# (the subkey seems to be listed always after its respective subkey)
GPG_SUBKEY_ID="$(gpg --list-secret-key --with-subkey-fingerprint --with-colons | awk -F: '$1 == "fpr" {print $10;}' | sed -n '2 p')"
fi
# - Generate the armored pub key (NEW_KEY) that has to be published;
# - If the key does not exists in PUB_KEY_FULLPATH, place NEW_KEY;
# - If PUB_KEY_FULLPATH exixts but is not identical to NEW_KEY, then backup
# the old key (PUB_KEY_FULLPATH) and replace it with the new one (NEW_KEY).
# - Else do nothing.
NEW_KEY="$(mktemp)"
gpg --armor --export "${GPG_SUBKEY_ID}" > "${NEW_KEY}"
if [ ! -f "${PUB_KEY_FULLPATH}" ];then
echo "Public key not published. Generating and publishing it..."
mv "${NEW_KEY}" "${PUB_KEY_FULLPATH}"
elif [ -f "${PUB_KEY_FULLPATH}" ] && ! cmp --silent "${PUB_KEY_FULLPATH}" "${NEW_KEY}"; then
mv "${PUB_KEY_FULLPATH}" "${PUB_KEY_FULLPATH}".bak
mv "${NEW_KEY}" "${PUB_KEY_FULLPATH}"
fi
echo "Signing the repo..."
gpg --passphrase-file "${GNUPGHOME}/passphrase" --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" -abs -o - "${REPO_PATH}/Release" > "${REPO_PATH}/Release.gpg"
gpg --passphrase-file "${GNUPGHOME}/passphrase" --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" --clearsign -o - "${REPO_PATH}/Release" > "${REPO_PATH}/InRelease"

@ -1,38 +0,0 @@
#!/bin/sh
set -e
if [ $# -eq 0 ]; then
echo "No arguments provided. Aborting..."
exit 1
fi
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
echo "usage: ./repo-update.sh [-h] [REPO_PATH TEMP_DIR]
Deploys packages for you.
Possible values for the arguments:
REPO_PATH path of the repositpry
TEMP_DIR path of the temporary folder
Dependencies: -
"
exit 0
fi
if [ $# -lt 2 ]; then
echo "Mandatory arguments: 'REPO_PATH', 'TEMP_DIR'. Aborting..."
exit 1
fi
REPO_PATH="${1}"
TEMP_DIR="${2}"
initial_position="$(pwd)"
cd "${REPO_PATH}"
apt-ftparchive packages . > "${TEMP_DIR}/Packages"
cd "${initial_position}"
gzip -k -f "${TEMP_DIR}/Packages" --to-stdout > "${TEMP_DIR}/Packages.gz"
apt-ftparchive release "${TEMP_DIR}" > "${TEMP_DIR}/Release"
Loading…
Cancel
Save