blob: e543ec5053659d98aeeb79255c9660925cbe652b (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
|
#!/bin/bash
# to be run as root ...
set -e
# check and possibly install root-certificate
if ! curl -o /dev/null "https://jeti100.ioq.uni-jena.de/" 2> /dev/null
then
cert="$(curl -o - "http://jeti100.ioq.uni-jena.de/statisch/ca.crt" 2> /dev/null)"
if ! echo "${cert}" | \
sha512sum | \
grep -q "^c1a9da72183ef6fd87deb506dd93ea3e6247d28ec0720914c97a80369e9e81cb7e9f7ce37fe063756880eb84f402fec20ccb3c2c4fb46f5f707a022f803372be -\$"
then
>&2 echo 'falsches CA-Zertifikat heruntergeladen'
exit 1
fi
echo "${cert}" > /usr/share/ca-certificates/trust-source/anchors/jeti100.crt
trust export-compat
fi
# import keys:
pacman-key --add <(curl -o - "https://arch.eckner.net/archlinuxewe/masterkeys.gpg")
# locally sign package-key
pacman-key --lsign-key 0x43BF68D3
# locally sign repository-key
pacman-key --lsign-key 0x20194BA1
# setup mirror in mirrorlist
if ! grep -q "^Server = https://arch\.eckner\.net" /etc/pacman.d/mirrorlist
then
ml="$(
curl -o - "https://arch.eckner.net/archlinuxewe/os/any/" 2> /dev/null | \
tr "<>" "\n\n" | \
grep "^pacman-mirrorlist-.*\.pkg\.tar\.xz\$" | \
tail -n1
)"
curl -o - "https://arch.eckner.net/archlinuxewe/os/any/${ml}" 2> /dev/null | \
tar -OxJ etc/pacman.d/mirrorlist > \
/etc/pacman.d/mirrorlist
fi
# setup repo in pacman.conf
if grep -q "^\[archlinuxewe\]\$" /etc/pacman.conf
then
tmpFile=$(mktemp)
cat /etc/pacman.conf | \
(
while read s
do
if [[ "$s" = "# The testing repositories"* ]]
then
echo '[archlinuxewe]'
echo 'SigLevel = Required'
echo 'Include = /etc/pacman.d/mirrorlist'
echo ''
fi
echo "${s}"
done
) > "${tmpFile}"
cat "${tmpFile}" > /etc/pacman.conf
rm "${tmpFile}"
fi
|
