#!/usr/bin/env bash if [[ -f /etc/zsh_files/colors.zsh ]]; then source /etc/zsh_files/colors.zsh else msg() { case "$1" in green|red|blue|yellow|cyan|magenta|purple|bold) shift;; esac case "$1" in green|red|blue|yellow|cyan|magenta|purple|bold) shift;; esac echo -e "$@" } msgerr() { >&2 msg "$@" } fi # directory where the script is located, so we can source files regardless of where PWD is DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" : ${REPO_BASE="$DIR"} : ${GPG_PASS=""} : ${GPG_PASS_FILE=""} : ${GPG_ID="E77AB97B"} if [[ -n "$GPG_PASS_FILE" ]]; then if [[ ! -f "$GPG_PASS_FILE" ]]; then if [[ -z "$GPG_PASS" ]]; then msgerr bold red " [!!!] ERROR: The GPG_PASS_FILE '${GPG_PASS_FILE}' doesn't exist, and GPG_PASS is empty!" msgerr bold red " [!!!] Please check the file path is correct, or set GPG_PASS." exit 2 else msgerr bold yellow " [!!!] WARNING: The GPG_PASS_FILE '${GPG_PASS_FILE}' doesn't exist, but GPG_PASS is non-empty." msgerr bold yellow " [!!!] Falling back to GPG_PASS\n" fi else msgerr cyan " [...] Loading GPG password from file: $GPG_PASS_FILE \n" GPG_PASS="$(cat "$GPG_PASS_FILE")" fi export GPG_PASS fi if [ -z ${REPO_COMPS+x} ]; then REPO_COMPS=( "universal" "bionic" "focal" "hirsute" "buster" "bullseye" ) fi if [ -z ${GPG_ARGS+x} ]; then GPG_ARGS=( "--yes" "--batch" "--pinentry-mode" "loopback" ) fi echo auto-gpg-stdin() { gpg --yes --batch --pinentry-mode loopback --passphrase "$GPG_PASS" "$@" } auto-gpg() { auto-gpg-stdin "$@" < /dev/null } if [[ -z "$GPG_PASS" ]]; then msgerr red " [!!!] The env var GPG_PASS is not set! To auto-sign the release files," \ "we need the GPG key passphrase." msgerr red " [!!!] You'll now be prompted to enter it interactively.\n" read -p " Please enter your GPG key passphrase: " GPG_PASS echo fi if [[ ! -d "$REPO_BASE" ]]; then msgerr bold red " [!!!] CRITICAL ERROR" msgerr bold red " [!!!] The REPO_BASE folder does not exist! REPO_BASE is: ${REPO_BASE}" exit 1 fi msgerr cyan " >> Entering folder: $REPO_BASE" cd "$REPO_BASE" for f in "${REPO_COMPS[@]}"; do msgerr cyan "\n [...] Running ${BOLD}apt-ftparchive generate for ${f}\n" apt-ftparchive generate -c=conf/${f}/aptftp.conf conf/${f}/aptgenerate.conf msgerr yellow "\n ----------------------------------------------------------\n" msgerr cyan "\n [...] [ $f ] Running ${BOLD}apt-ftparchive release\n" apt-ftparchive release -c=conf/${f}/aptftp.conf "dists/$f" > "dists/${f}/Release" msgerr cyan " [...] [ $f ] Signing file with detached sig: ${BOLD}${f}/Release -> ${f}/Release.gpg" if ! auto-gpg -u "$GPG_ID" -bao "dists/${f}/Release.gpg" "dists/${f}/Release"; then msgerr bold red " [!!!] ERROR! Non-zero return code from GPG while detached signing ${f}/Release\n" else msgerr green " [+++] [ $f ] SUCCESS :) Signed file with detached sig: ${BOLD}${f}/Release -> ${f}/Release.gpg\n" fi msgerr cyan " [ $f ] Signing file with clear-sign: ${BOLD}${f}/Release -> ${f}/InRelease" if ! auto-gpg -u "$GPG_ID" --clear-sign -a --output "dists/${f}/InRelease" "dists/${f}/Release"; then msgerr bold red " [!!!] ERROR! Non-zero return code from GPG while clear signing ${f}/Release\n" else msgerr green " [+++] [ $f ] SUCCESS :) Signed file with 'clear-sign': ${BOLD}${f}/Release -> ${f}/InRelease\n" fi done msgerr yellow "\n ----------------------------------------------------------\n" msgerr bold green " [+++] Finished re-generating apt archive metadata\n"