mirror of
https://gitlab.archlinux.org/tpowa/archboot.git
synced 2024-09-20 03:50:37 +02:00
123 lines
4.9 KiB
Bash
123 lines
4.9 KiB
Bash
#!/usr/bin/env bash
|
|
# SPDX-License-Identifier: GPL-3.0-or-later
|
|
# created by Tobias Powalowski <tpowa@archlinux.org>
|
|
. /etc/archboot/defaults
|
|
. /usr/lib/archboot/container.sh
|
|
_ISO_BUILD_DIR="$(mktemp -d "${_ISO_HOME_ARCH}"/server-release.XXX)"
|
|
|
|
_update_pacman_chroot() {
|
|
if [[ "${_ARCH}" == "aarch64" ]]; then
|
|
_ARCH_DIR="${_PACMAN_AARCH64}"
|
|
_ARCH_CHROOT_PUBLIC="${_ARCHBOOT_AARCH64_CHROOT_PUBLIC}"
|
|
_PACMAN_CHROOT="${_PACMAN_AARCH64_CHROOT}"
|
|
_SERVER_PACMAN="${_SERVER_PACMAN_AARCH64}"
|
|
elif [[ "${_ARCH}" == "riscv64" ]]; then
|
|
_ARCH_DIR="${_PACMAN_RISCV64}"
|
|
_ARCH_CHROOT_PUBLIC="${_ARCHBOOT_RISCV64_CHROOT_PUBLIC}"
|
|
_PACMAN_CHROOT="${_PACMAN_RISCV64_CHROOT}"
|
|
_SERVER_PACMAN="${_SERVER_PACMAN_RISCV64}"
|
|
fi
|
|
# update pacman chroot
|
|
cd "${_ISO_HOME}" || exit 1
|
|
[[ -d "${_ARCH_DIR}" ]] || mkdir "${_ARCH_DIR}"
|
|
echo "Downloading pacman ${_ARCH} chroot..."
|
|
[[ -f pacman-${_ARCH}-chroot-latest.tar.zst ]] && rm pacman-"${_ARCH}"-chroot-latest.tar.zst{,.sig} 2>"${_NO_LOG}"
|
|
${_DLPROG} -O "${_ARCH_CHROOT_PUBLIC}"/"${_PACMAN_CHROOT}"
|
|
${_DLPROG} -O "${_ARCH_CHROOT_PUBLIC}"/"${_PACMAN_CHROOT}".sig
|
|
# verify download
|
|
#shellcheck disable=SC2024
|
|
sudo -u "${_USER}" gpg --verify "${_PACMAN_CHROOT}.sig" &>"${_NO_LOG}" || exit 1
|
|
bsdtar -C "${_ARCH_DIR}" -xf "${_PACMAN_CHROOT}" &>"${_NO_LOG}"
|
|
echo "Removing installation tarball..."
|
|
rm "${_PACMAN_CHROOT}"{,.sig} &>"${_NO_LOG}"
|
|
# update container to latest packages
|
|
echo "Updating container to latest packages..."
|
|
# fix mirrorlist
|
|
[[ "${_ARCH}" == "riscv64" ]] && sed -i -e 's|^#Server = https://riscv|Server = https://riscv|g' \
|
|
"${_ARCH_DIR}"/etc/pacman.d/mirrorlist
|
|
${_NSPAWN} "${_ARCH_DIR}" pacman -Syu --noconfirm &>"${_NO_LOG}" || exit 1
|
|
_fix_network "${_ARCH_DIR}"
|
|
_CLEANUP_CONTAINER="1" _clean_container "${_ARCH_DIR}" &>"${_NO_LOG}"
|
|
_CLEANUP_CACHE="1" _clean_cache "${_ARCH_DIR}" &>"${_NO_LOG}"
|
|
echo "Generating tarball..."
|
|
tar -acf "${_PACMAN_CHROOT}" -C "${_ARCH_DIR}" .
|
|
echo "Removing ${_ARCH_DIR}..."
|
|
rm -r "${_ARCH_DIR}"
|
|
echo "Finished container tarball."
|
|
echo "Sign tarball..."
|
|
#shellcheck disable=SC2086
|
|
sudo -u "${_USER}" gpg ${_GPG} "${_PACMAN_CHROOT}" || exit 1
|
|
chown "${_USER}:${_GROUP}" "${_PACMAN_CHROOT}"{,.sig} || exit 1
|
|
echo "Syncing files to ${_SERVER}:${_PUB}/.${_SERVER_PACMAN}..."
|
|
#shellcheck disable=SC2086
|
|
sudo -u "${_USER}" ${_RSYNC} "${_PACMAN_CHROOT}"{,.sig} "${_SERVER}:${_PUB}/.${_SERVER_PACMAN}/" || exit 1
|
|
}
|
|
|
|
_server_upload() {
|
|
# copy files to server
|
|
echo "Syncing files to ${_SERVER}:${_PUB}/.${1}/${_ARCH}..."
|
|
#shellcheck disable=SC2086
|
|
sudo -u "${_USER}" ssh "${_SERVER}" [[ -d "${_PUB}/.${1}/${_ARCH}" ]] || mkdir -p "${_PUB}/.${1}/${_ARCH}"
|
|
#shellcheck disable=SC2086
|
|
sudo -u "${_USER}" ${_RSYNC} "${_DIR}" "${_SERVER}":"${_PUB}/.${1}/${_ARCH}/" || exit 1
|
|
# move files on server, create symlink and removing ${_PURGE_DATE} old release
|
|
sudo -u "${_USER}" ssh "${_SERVER}" <<EOF
|
|
echo "Removing old purge date reached ${_PUB}/.${1}/${_ARCH}/$(date -d "$(date +) - ${_PURGE_DATE}" +%Y.%m) directory..."
|
|
rm -r ${_PUB}/".${1}"/"${_ARCH}"/"$(date -d "$(date +) - ${_PURGE_DATE}" +%Y.%m)" 2>"${_NO_LOG}"
|
|
cd ${_PUB}/".${1}"/"${_ARCH}"
|
|
echo "Creating new latest symlink in ${_PUB}/.${1}/${_ARCH}..."
|
|
rm latest
|
|
ln -s "${_DIR}" latest
|
|
EOF
|
|
# create autoindex HEADER.html
|
|
sudo -u "${_USER}" ssh "${_SERVER}" "[[ -e "lsws-autoindex.sh" ]] && ./lsws-autoindex.sh"
|
|
}
|
|
|
|
_create_archive() {
|
|
[[ -d "archive" ]] || mkdir archive
|
|
[[ -d "archive/${_DIR}" ]] && rm -r "archive/${_DIR}"
|
|
[[ -d "${_DIR}" ]] && mv "${_DIR}" archive/
|
|
}
|
|
|
|
# sign files and create new b2sum.txt
|
|
_sign_b2sum() {
|
|
for i in $1; do
|
|
#shellcheck disable=SC2086
|
|
if [[ -f "${i}" ]]; then
|
|
sudo -u "${_USER}" gpg ${_GPG} "${i}"
|
|
cksum -a blake2b "${i}" >> b2sum.txt
|
|
fi
|
|
if [[ -f "${i}.sig" ]]; then
|
|
cksum -a blake2b "${i}.sig" >> b2sum.txt
|
|
fi
|
|
done
|
|
}
|
|
|
|
_update_source() {
|
|
cd "${_ISO_HOME_SOURCE}" || exit 1
|
|
_create_archive
|
|
echo "Creating ${_ARCH} archboot repository..."
|
|
"archboot-${_ARCH}-create-repository.sh" "${_DIR}" || exit 1
|
|
chown -R "${_USER}:${_GROUP}" "${_DIR}"
|
|
_server_upload "${_SERVER_SOURCE_DIR}"
|
|
}
|
|
|
|
_server_release() {
|
|
cd "${_ISO_HOME_ARCH}" || exit 1
|
|
"archboot-${_ARCH}-release.sh" "${_ISO_BUILD_DIR}" "${_ARCHBOOT_SOURCE}/${_ARCH}/${_DIR}" || exit 1
|
|
# set user rights on files
|
|
[[ -d "${_ISO_BUILD_DIR}" ]] || exit 1
|
|
chmod 755 "${_ISO_BUILD_DIR}"
|
|
chown -R "${_USER}:${_GROUP}" "${_ISO_BUILD_DIR}"
|
|
cd "${_ISO_BUILD_DIR}" || exit 1
|
|
# removing b2sum
|
|
rm b2sum.txt
|
|
_sign_b2sum "*"
|
|
_sign_b2sum "boot/*"
|
|
chown -R "${_USER}:${_GROUP}" ./*
|
|
cd ..
|
|
_create_archive
|
|
mv "${_ISO_BUILD_DIR}" "${_DIR}"
|
|
_server_upload "${_SERVER_IMAGE_DIR}"
|
|
}
|
|
# vim: set ft=sh ts=4 sw=4 et:
|