parent
388a21d35d
commit
3712df64d9
@ -1,43 +0,0 @@ |
||||
#!/bin/sh |
||||
|
||||
set -e |
||||
|
||||
if [ $# -eq 0 ]; then |
||||
echo "No arguments provided. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then |
||||
echo "usage: ./movedebs.sh [-h] [MAIN_DIR INCOMING_DIR READY_SUFFIX] |
||||
|
||||
Deploys packages for you. |
||||
|
||||
Possible values for the arguments: |
||||
|
||||
MAIN_DIR path of the directory inside the repository where the packages will be storaged |
||||
INCOMING_DIR local path of the 'incoming' directory |
||||
READY_SUFFIX suffix used to flag a complete transfer of a file |
||||
|
||||
Dependencies: - |
||||
" |
||||
exit 0 |
||||
fi |
||||
|
||||
if [ $# -lt 3 ]; then |
||||
echo "Mandatory arguments: 'MAIN_DIR', 'INCOMING_DIR', 'INCOMING_DIR'. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
MAIN_DIR="${1}" |
||||
INCOMING_DIR="${2}" |
||||
READY_SUFFIX="${3}" |
||||
|
||||
for ENTRY in "${INCOMING_DIR}"/*"${READY_SUFFIX}"; do |
||||
# If is not a file skip |
||||
if [ -f "${ENTRY}" ]; then |
||||
FILENAME_DEB=$(basename --suffix="${READY_SUFFIX}" "${ENTRY}") |
||||
BASEDIRPATH=$(dirname "${ENTRY}") |
||||
mv "${BASEDIRPATH}/${FILENAME_DEB}" "${MAIN_DIR}/${FILENAME_DEB}" |
||||
rm "${ENTRY}" |
||||
fi |
||||
done |
@ -1,75 +0,0 @@ |
||||
#!/bin/sh |
||||
|
||||
set -e |
||||
|
||||
if [ $# -eq 0 ]; then |
||||
echo "No arguments provided. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then |
||||
echo "usage: ./repo-main.sh [-h] [MAIN_DIR INCOMING_DIR READY_SUFFIX] |
||||
|
||||
Wrapper script for the repository. |
||||
|
||||
Possible values for the arguments: |
||||
|
||||
MAIN_DIR path of the directory inside the repository where the packages will be storaged |
||||
INCOMING_DIR local path of the 'incoming' directory |
||||
READY_SUFFIX suffix used to flag a complete transfer of a file |
||||
|
||||
Dependencies: - |
||||
" |
||||
exit 0 |
||||
fi |
||||
|
||||
if [ $# -lt 3 ]; then |
||||
echo "Mandatory arguments: 'MAIN_DIR', 'INCOMING_DIR', 'INCOMING_DIR'. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
MAIN_DIR="${1}" |
||||
INCOMING_DIR="${2}" |
||||
READY_SUFFIX="${3}" |
||||
|
||||
echo "Checking if there are packages to add..." |
||||
for f in "${INCOMING_DIR}"/*"${READY_SUFFIX}"; do |
||||
## From: https://stackoverflow.com/a/6364244 |
||||
## Check if the glob gets expanded to existing files. |
||||
## If not, f here will be exactly the pattern above |
||||
## and the exists test will evaluate to false. |
||||
if [ -e "$f" ]; then |
||||
echo "Found packages to add." |
||||
else |
||||
echo "Not found packages to add. Exiting..." |
||||
exit 0 |
||||
fi |
||||
## This is all we needed to know, so we can break after the first iteration |
||||
break |
||||
done |
||||
|
||||
echo "Moving package(s) to the repo..." |
||||
mkdir -p "${MAIN_DIR}" |
||||
./movedebs.sh "${MAIN_DIR}" "${INCOMING_DIR}" "${READY_SUFFIX}" |
||||
|
||||
#echo "Installing repository build dependencies (apt)..." |
||||
#apt-get -qq -y --no-install-recommends install apt-utils > /dev/null |
||||
|
||||
echo "Updating the repo..." |
||||
REPO_PATH="repo" |
||||
TEMP_DIR="$(mktemp -d)" |
||||
./repo-update.sh "${REPO_PATH}" "${TEMP_DIR}" |
||||
|
||||
#apt-get -qq -y --no-install-recommends install gpg gpg-agent |
||||
|
||||
echo "Checking if is possible to sign the repo..." |
||||
mkdir -p keys |
||||
chmod 600 keys |
||||
export GNUPGHOME="${PWD}/keys" |
||||
|
||||
./repo-sign.sh "${TEMP_DIR}" "${REPO_PATH}"/key.pub.asc |
||||
|
||||
echo "Committing changes..." |
||||
mv "${TEMP_DIR}"/* "${REPO_PATH}"/ |
||||
echo "Done." |
||||
#echo "deb file:/repo /" > /etc/apt/sources.list.d/custom-repo.list |
@ -1,83 +0,0 @@ |
||||
#!/bin/sh |
||||
|
||||
set -e |
||||
|
||||
if [ $# -eq 0 ]; then |
||||
echo "No arguments provided. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then |
||||
echo "usage: ./repo-sign.sh [-h] [REPO_PATH PUB_KEY_FULLPATH GPG_SUBKEY_ID] |
||||
|
||||
Deploys packages for you. |
||||
|
||||
Possible values for the arguments: |
||||
|
||||
REPO_PATH path of the repositpry |
||||
GPG_SUBKEY_ID fingerprint of the (sub)key to use to sign |
||||
|
||||
Dependencies: - |
||||
" |
||||
exit 0 |
||||
fi |
||||
|
||||
if [ $# -lt 2 ]; then |
||||
echo "Mandatory arguments: 'REPO_PATH', 'PUB_KEY_FULLPATH'. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
REPO_PATH="${1}" |
||||
PUB_KEY_FULLPATH="${1}" |
||||
[ -n "${3+x}" ] && GPG_SUBKEY_ID="${3}" |
||||
|
||||
if [ ! -f "${GNUPGHOME}/pubring.kbx" ]; then |
||||
echo "The file 'pubring.kbx' file has not been found. Generating automatically a new one with a new set of keys..." |
||||
KEY_NAME="Joe Tester" |
||||
KEY_PASSPHRASE="over-the-lazy-dog" |
||||
cat >foo_keys <<EOF |
||||
%echo Generating a basic OpenPGP key |
||||
Key-Type: RSA |
||||
Key-Usage: sign |
||||
Key-Length: 4096 |
||||
Subkey-Type: RSA |
||||
Subkey-Usage: sign |
||||
Subkey-Length: 4096 |
||||
Name-Real: ${KEY_NAME} |
||||
Name-Comment: with stupid passphrase |
||||
Name-Email: joe@foo.bar |
||||
Expire-Date: 0 |
||||
Passphrase: ${KEY_PASSPHRASE} |
||||
# Do a commit here, so that we can later print "done" :-) |
||||
%commit |
||||
%echo done |
||||
EOF |
||||
gpg --batch --generate-key foo_keys |
||||
echo "${KEY_PASSPHRASE}" > "${GNUPGHOME}/passphrase" |
||||
fi |
||||
|
||||
if [ -z "${GPG_SUBKEY_ID+x}" ]; then |
||||
echo "A GPG key id has not been defined. Automatically selecting a fingerprint..." |
||||
# List key and its subkey with their respective fingerprints | filter fingerprints of both keys | pick fingerprint of the second row |
||||
# (the subkey seems to be listed always after its respective subkey) |
||||
GPG_SUBKEY_ID="$(gpg --list-secret-key --with-subkey-fingerprint --with-colons | awk -F: '$1 == "fpr" {print $10;}' | sed -n '2 p')" |
||||
fi |
||||
|
||||
# - Generate the armored pub key (NEW_KEY) that has to be published; |
||||
# - If the key does not exists in PUB_KEY_FULLPATH, place NEW_KEY; |
||||
# - If PUB_KEY_FULLPATH exixts but is not identical to NEW_KEY, then backup |
||||
# the old key (PUB_KEY_FULLPATH) and replace it with the new one (NEW_KEY). |
||||
# - Else do nothing. |
||||
NEW_KEY="$(mktemp)" |
||||
gpg --armor --export "${GPG_SUBKEY_ID}" > "${NEW_KEY}" |
||||
if [ ! -f "${PUB_KEY_FULLPATH}" ];then |
||||
echo "Public key not published. Generating and publishing it..." |
||||
mv "${NEW_KEY}" "${PUB_KEY_FULLPATH}" |
||||
elif [ -f "${PUB_KEY_FULLPATH}" ] && ! cmp --silent "${PUB_KEY_FULLPATH}" "${NEW_KEY}"; then |
||||
mv "${PUB_KEY_FULLPATH}" "${PUB_KEY_FULLPATH}".bak |
||||
mv "${NEW_KEY}" "${PUB_KEY_FULLPATH}" |
||||
fi |
||||
|
||||
echo "Signing the repo..." |
||||
gpg --passphrase-file "${GNUPGHOME}/passphrase" --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" -abs -o - "${REPO_PATH}/Release" > "${REPO_PATH}/Release.gpg" |
||||
gpg --passphrase-file "${GNUPGHOME}/passphrase" --pinentry-mode loopback --default-key "${GPG_SUBKEY_ID}" --clearsign -o - "${REPO_PATH}/Release" > "${REPO_PATH}/InRelease" |
@ -1,38 +0,0 @@ |
||||
#!/bin/sh |
||||
|
||||
set -e |
||||
|
||||
if [ $# -eq 0 ]; then |
||||
echo "No arguments provided. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then |
||||
echo "usage: ./repo-update.sh [-h] [REPO_PATH TEMP_DIR] |
||||
|
||||
Deploys packages for you. |
||||
|
||||
Possible values for the arguments: |
||||
|
||||
REPO_PATH path of the repositpry |
||||
TEMP_DIR path of the temporary folder |
||||
|
||||
Dependencies: - |
||||
" |
||||
exit 0 |
||||
fi |
||||
|
||||
if [ $# -lt 2 ]; then |
||||
echo "Mandatory arguments: 'REPO_PATH', 'TEMP_DIR'. Aborting..." |
||||
exit 1 |
||||
fi |
||||
|
||||
REPO_PATH="${1}" |
||||
TEMP_DIR="${2}" |
||||
|
||||
initial_position="$(pwd)" |
||||
cd "${REPO_PATH}" |
||||
apt-ftparchive packages . > "${TEMP_DIR}/Packages" |
||||
cd "${initial_position}" |
||||
gzip -k -f "${TEMP_DIR}/Packages" --to-stdout > "${TEMP_DIR}/Packages.gz" |
||||
apt-ftparchive release "${TEMP_DIR}" > "${TEMP_DIR}/Release" |
Loading…
Reference in new issue