112 lines
2.6 KiB
Bash
Executable File
112 lines
2.6 KiB
Bash
Executable File
#!/bin/sh -e
|
|
|
|
if [ "$(uname -s)" = "Darwin" ]; then
|
|
CUT="gcut"
|
|
if ! command -v "${CUT}" >/dev/null 2>&1; then
|
|
CUT="cut"
|
|
fi
|
|
else
|
|
CUT="cut"
|
|
fi
|
|
|
|
file_changed() {
|
|
if [ ! -f "$1" ]; then
|
|
if [ ! -f "$2" ]; then
|
|
return 0
|
|
else
|
|
return 1
|
|
fi
|
|
fi
|
|
if [ ! -f "$2" ]; then
|
|
return 1
|
|
fi
|
|
oldfilehash="$(sha1sum "$1" | awk '{print $1}')"
|
|
newfilehash="$(sha1sum "$2" | awk '{print $1}')"
|
|
[ "${oldfilehash}" != "${newfilehash}" ]
|
|
}
|
|
|
|
if [ ! -d ~/.local/profile-git ]; then
|
|
mkdir -p ~/.local/profile-git
|
|
(
|
|
cd ~/.local/profile-git
|
|
git init
|
|
git remote add origin https://git.icedream.tech/icedream/profile.git
|
|
)
|
|
fi
|
|
|
|
(
|
|
cd ~/.local/profile-git
|
|
|
|
if [ "${_CHECKOUT_DONE:-0}" -lt 1 ]; then
|
|
echo "Fetching updates for profile..."
|
|
git fetch -p
|
|
|
|
# Synchronizing valid GPG keys
|
|
echo "Preparing for update verification..."
|
|
export GNUPGHOME="$HOME/.local/profile-data/gnupg"
|
|
mkdir -p "${GNUPGHOME}"
|
|
chmod 700 "${GNUPGHOME}"
|
|
for key in \
|
|
B5108C5A158A6608AD3361DA1573F6D8EFE4D0CF \
|
|
04ADEF85EA6AEC6F75941E84468BBEEBB9EC6AEA \
|
|
; do
|
|
if ! gpg --list-keys "${key}" >/dev/null 2>&1; then
|
|
# key does not exist yet
|
|
gpg --recv-keys "${key}"
|
|
fi
|
|
done
|
|
|
|
echo "Verifying updates..."
|
|
ref="origin/master"
|
|
diffref="${ref}"
|
|
if git rev-parse HEAD >/dev/null 2>&1; then
|
|
diffref="HEAD..${diffref}"
|
|
fi
|
|
git rev-list --format=oneline "${diffref}" | while IFS= read -r line; do
|
|
sha="$(echo "$line" | awk '{print $1}')"
|
|
title="$(echo "$line" | "${CUT}" -f 1 -d ' ' --complement)"
|
|
printf " … $title\r "
|
|
if ! git verify-commit "$sha" >/dev/null 2>&1; then
|
|
echo "✘"
|
|
echo "Found incorrectly signed commit, NOT applying. Contact the maintainer on the issue tracker."
|
|
exit 1
|
|
fi
|
|
echo "✔"
|
|
done
|
|
|
|
echo "All commits passed, now applying updates..."
|
|
if git rev-parse HEAD >/dev/null 2>&1; then
|
|
git rebase "${ref}"
|
|
else
|
|
git checkout -f "${ref}"
|
|
fi
|
|
git submodule update --init
|
|
|
|
if file_changed "${HOME}/.local/bin/update-profile" "home/dotfiles/local/bin/update-profile"; then
|
|
# Use new profile update script instead
|
|
# Putting exit 0 on same line here for security since the old script
|
|
# will be deleted.
|
|
echo "Using newer profile update script."
|
|
export _CHECKOUT_DONE=1
|
|
exec home/dotfiles/local/bin/update-profile
|
|
fi
|
|
fi
|
|
|
|
# patch up $PATH for now
|
|
export PATH="$HOME/.local/bin:$PATH"
|
|
|
|
echo "Running package installation..."
|
|
cd packages
|
|
./packages.sh
|
|
|
|
echo "Running profile installation..."
|
|
cd ..
|
|
if [ -f "${HOME}/bin/update-profile" ]; then
|
|
mv "${HOME}/bin/update-profile" "${HOME}/bin/update-profile.old"
|
|
fi
|
|
./install.sh
|
|
|
|
)
|
|
|
|
rm -f "${HOME}/.local/bin/update-profile.old" "${HOME}/bin/update-profile"
|