|
| 1 | +#!/usr/bin/env bash |
| 2 | + |
| 3 | +set -Eeuo pipefail |
| 4 | + |
| 5 | +config_path="/etc/pacman.conf" |
| 6 | +tmp_dir="$(mktemp -d /tmp/alteriso_setup_3rd_repo.XXXXXXXX)" |
| 7 | +keyrings_dir="$tmp_dir/keyrings" |
| 8 | +target_repo="all" # all|blackarch|archlinuxcn |
| 9 | +log_level="info" # info|quiet |
| 10 | + |
| 11 | +trap _cleanup EXIT TERM INT |
| 12 | + |
| 13 | +_cleanup() { |
| 14 | + rm -rf "$tmp_dir" |
| 15 | +} |
| 16 | + |
| 17 | +_pacman_conf() { |
| 18 | + pacman-conf -c "$config_path" "$@" |
| 19 | +} |
| 20 | + |
| 21 | +_pacman_key() { |
| 22 | + pacman-key --config "$config_path" "$@" |
| 23 | +} |
| 24 | + |
| 25 | +_pacman() { |
| 26 | + command pacman --config "$config_path" "$@" |
| 27 | +} |
| 28 | + |
| 29 | +_get_pacman_repolist() { |
| 30 | + _pacman_conf -l |
| 31 | +} |
| 32 | + |
| 33 | +# Check if a repository exists in the pacman configuration |
| 34 | +# $1: repository name |
| 35 | +_has_repo() { |
| 36 | + _get_pacman_repolist | grep -qx "$1" |
| 37 | +} |
| 38 | + |
| 39 | +_pacman_S() { |
| 40 | + _pacman -S --noconfirm --needed "$@" |
| 41 | +} |
| 42 | + |
| 43 | +_pacman_U() { |
| 44 | + _pacman -U --noconfirm "$@" |
| 45 | +} |
| 46 | + |
| 47 | +_msg_info() { |
| 48 | + [[ "$log_level" == "quiet" ]] && return 0 |
| 49 | + echo "$@" |
| 50 | +} |
| 51 | +_msg_error() { |
| 52 | + echo "$@" >&2 |
| 53 | +} |
| 54 | +_msg_warn() { |
| 55 | + echo "$@" >&2 |
| 56 | +} |
| 57 | + |
| 58 | +# $1: repository name |
| 59 | +# $2: include file path |
| 60 | +_repo_config() { |
| 61 | + printf '[%s]\nInclude = %s\n' "$1" "$2" |
| 62 | +} |
| 63 | + |
| 64 | +_blackarch_install() { |
| 65 | + if _has_repo "blackarch"; then |
| 66 | + _msg_warn "blackarch repository already exists in pacman configuration." |
| 67 | + return 0 |
| 68 | + fi |
| 69 | + |
| 70 | + _blackarch_install_keyring |
| 71 | + _blackarch_install_pkgs |
| 72 | + _blackarch_apppend_repo |
| 73 | + |
| 74 | +} |
| 75 | + |
| 76 | +_blackarch_install_keyring() { |
| 77 | + local _url _version _tarfile="blackarch_keyring-latest.tar.gz" |
| 78 | + |
| 79 | + # 最新バージョンと対応する .tar.gz の URL を取得 |
| 80 | + _version=$(_blackarch_keyring_version) || return 1 |
| 81 | + _url=$(_blackarch_keyring_latest_files | grep '.tar.gz$' | head -n1) || true |
| 82 | + [[ -n "$_url" ]] || { |
| 83 | + _msg_error "failed to get latest blackarch keyring url" |
| 84 | + return 1 |
| 85 | + } |
| 86 | + |
| 87 | + _msg_info "Downloading $_url -> $_tarfile (version=$_version)" |
| 88 | + if ! curl -fL --retry 3 -o "$_tarfile" "$_url"; then |
| 89 | + _msg_error "failed to download $_url" |
| 90 | + return 1 |
| 91 | + fi |
| 92 | + |
| 93 | + # $keyrings_dir に展開 |
| 94 | + if ! tar xfz "$_tarfile" --strip-components=1 -C "$keyrings_dir"; then |
| 95 | + _msg_error "failed to extract $_tarfile to $keyrings_dir" |
| 96 | + return 1 |
| 97 | + fi |
| 98 | + |
| 99 | + # pacman-keyを更新 |
| 100 | + if ! _pacman_key --populate-from "$keyrings_dir" --populate blackarch; then |
| 101 | + _msg_error "failed to populate pacman keyring for blackarch" |
| 102 | + return 1 |
| 103 | + fi |
| 104 | + |
| 105 | + return 0 |
| 106 | +} |
| 107 | + |
| 108 | +_archlinuxcn_install_keyring() { |
| 109 | + _keyring_src="https://github.com/archlinuxcn/archlinuxcn-keyring/archive/refs/heads/master.zip" |
| 110 | + if ! curl -fL --retry 3 -o "archlinuxcn-keyring-latest.zip" "$_keyring_src"; then |
| 111 | + _msg_error "failed to download $_keyring_src" |
| 112 | + return 1 |
| 113 | + fi |
| 114 | + |
| 115 | + # $tmp_dir/archlinuxcn_keyring に展開 |
| 116 | + mkdir -p "$tmp_dir/archlinuxcn_keyring" |
| 117 | + if ! unzip -q "archlinuxcn-keyring-latest.zip" -d "$tmp_dir/archlinuxcn_keyring"; then |
| 118 | + _msg_error "failed to extract archlinuxcn-keyring-latest.zip to $tmp_dir/archlinuxcn_keyring" |
| 119 | + return 1 |
| 120 | + fi |
| 121 | + |
| 122 | + if ! cp -r "$tmp_dir/archlinuxcn_keyring/archlinuxcn-keyring-master/"* "$keyrings_dir/"; then |
| 123 | + _msg_error "failed to copy archlinuxcn-keyring files to $keyrings_dir" |
| 124 | + return 1 |
| 125 | + fi |
| 126 | + |
| 127 | + # pacman-keyを更新 |
| 128 | + if ! _pacman_key --populate-from "$keyrings_dir" --populate archlinuxcn; then |
| 129 | + _msg_error "failed to populate pacman keyring for archlinuxcn" |
| 130 | + return 1 |
| 131 | + fi |
| 132 | + |
| 133 | + return 0 |
| 134 | +} |
| 135 | + |
| 136 | +_blackarch_install_pkgs() { |
| 137 | + # Prepare blackarch-mirrorlist |
| 138 | + _blackarch_mirrorlist >"$tmp_dir/blackarch-mirrorlist" |
| 139 | + |
| 140 | + # Prepare blackarch.conf |
| 141 | + local _conf_file="$tmp_dir/blackarch.conf" |
| 142 | + _pacman_conf >"$_conf_file" |
| 143 | + _repo_config blackarch "$tmp_dir/blackarch-mirrorlist" >>"$_conf_file" |
| 144 | + |
| 145 | + # Install blackarch-keyring and blackarch-mirrorlist using the temporary config |
| 146 | + local _old_config_path="$config_path" |
| 147 | + config_path="$_conf_file" |
| 148 | + _pacman_S -y blackarch-keyring blackarch-mirrorlist |
| 149 | + config_path="$_old_config_path" |
| 150 | +} |
| 151 | + |
| 152 | +_archlinuxcn_install_pkgs() { |
| 153 | + # Prepare archlinuxcn-mirrorlist |
| 154 | + _archlinuxcn_mirrorlist >"$tmp_dir/archlinuxcn-mirrorlist" |
| 155 | + |
| 156 | + # Prepare archlinuxcn.conf |
| 157 | + local _conf_file="$tmp_dir/archlinuxcn.conf" |
| 158 | + _pacman_conf >"$_conf_file" |
| 159 | + _repo_config archlinuxcn "$tmp_dir/archlinuxcn-mirrorlist" >>"$_conf_file" |
| 160 | + |
| 161 | + # Install archlinuxcn-keyring using the temporary config |
| 162 | + local _old_config_path="$config_path" |
| 163 | + config_path="$_conf_file" |
| 164 | + _pacman_S -y archlinuxcn-keyring archlinuxcn-mirrorlist-git |
| 165 | + config_path="$_old_config_path" |
| 166 | +} |
| 167 | + |
| 168 | +_blackarch_apppend_repo() { |
| 169 | + _repo_config blackarch "/etc/pacman.d/blackarch-mirrorlist" >>"/etc/pacman.conf" |
| 170 | +} |
| 171 | + |
| 172 | +_blackarch_keyring_files() { |
| 173 | + local _url="https://www.blackarch.org/keyring/" |
| 174 | + |
| 175 | + if ! curl -fsSL "$_url" \ |
| 176 | + | awk -F '"' '/<a href="[^"]+"/ {print $2}' \ |
| 177 | + | grep -v '/$' \ |
| 178 | + | sed "s|^|$_url|"; then |
| 179 | + _msg_error "failed to fetch keyring file list from $_url" |
| 180 | + return 1 |
| 181 | + fi |
| 182 | +} |
| 183 | + |
| 184 | +_blackarch_keyring_version() { |
| 185 | + local _v |
| 186 | + _v=$(_blackarch_keyring_files \ |
| 187 | + | awk -F/ '{print $NF}' \ |
| 188 | + | sed -En 's/^blackarch-keyring-([0-9]{8})\.tar\.gz(\.sig)?$/\1/p' \ |
| 189 | + | sort | tail -n1) || true |
| 190 | + [[ -n "$_v" ]] || { |
| 191 | + _msg_error "failed to determine blackarch keyring version" |
| 192 | + return 1 |
| 193 | + } |
| 194 | + printf '%s\n' "$_v" |
| 195 | +} |
| 196 | + |
| 197 | +_archlinuxcn_install() { |
| 198 | + if _has_repo "archlinuxcn"; then |
| 199 | + _msg_warn "archlinuxcn repository already exists in pacman configuration." |
| 200 | + return 0 |
| 201 | + fi |
| 202 | + |
| 203 | + _archlinuxcn_install_keyring |
| 204 | + _archlinuxcn_install_pkgs |
| 205 | + _archlinuxcn_apppend_repo |
| 206 | +} |
| 207 | + |
| 208 | +_archlinuxcn_apppend_repo() { |
| 209 | + _repo_config archlinuxcn "/etc/pacman.d/archlinuxcn-mirrorlist" >>"/etc/pacman.conf" |
| 210 | +} |
| 211 | + |
| 212 | +_blackarch_keyring_latest_files() { |
| 213 | + local _ver _urls |
| 214 | + _ver=$(_blackarch_keyring_version) || return 1 |
| 215 | + _urls=$(_blackarch_keyring_files | grep "blackarch-keyring-${_ver}\.tar\.gz") || true |
| 216 | + [[ -n "$_urls" ]] || { |
| 217 | + _msg_error "failed to find keyring files for version $_ver" |
| 218 | + return 1 |
| 219 | + } |
| 220 | + printf '%s\n' "$_urls" |
| 221 | +} |
| 222 | + |
| 223 | +_blackarch_mirrorlist() { |
| 224 | + curl -fsSL "https://blackarch.org/blackarch-mirrorlist" #| sed 's/#Server/Server/' |
| 225 | +} |
| 226 | + |
| 227 | +_archlinuxcn_mirrorlist() { |
| 228 | + curl -fsSL "https://raw.githubusercontent.com/archlinuxcn/mirrorlist-repo/refs/heads/master/archlinuxcn-mirrorlist" | sed 's/^# Server/Server/' |
| 229 | +} |
| 230 | + |
| 231 | +_init() { |
| 232 | + # Parse flags: -c pacman_config, -r archlinuxcn|blackarch|all, -v, -q |
| 233 | + while getopts ":c:r:vq" opt; do |
| 234 | + case "$opt" in |
| 235 | + c) |
| 236 | + config_path="$OPTARG" |
| 237 | + ;; |
| 238 | + r) |
| 239 | + case "$OPTARG" in |
| 240 | + blackarch | archlinuxcn | all) |
| 241 | + target_repo="$OPTARG" |
| 242 | + ;; |
| 243 | + *) |
| 244 | + _msg_error "invalid value for -r: $OPTARG (expected: blackarch|archlinuxcn|all)" |
| 245 | + exit 1 |
| 246 | + ;; |
| 247 | + esac |
| 248 | + ;; |
| 249 | + v) |
| 250 | + log_level="info" |
| 251 | + ;; |
| 252 | + q) |
| 253 | + log_level="quiet" |
| 254 | + ;; |
| 255 | + ?) |
| 256 | + _msg_error "unknown option: -$OPTARG" |
| 257 | + exit 1 |
| 258 | + ;; |
| 259 | + esac |
| 260 | + done |
| 261 | + shift $((OPTIND - 1)) |
| 262 | + |
| 263 | + _pacman_key --init |
| 264 | + mkdir -p "$keyrings_dir" |
| 265 | +} |
| 266 | + |
| 267 | +_main() { |
| 268 | + if ((EUID != 0)); then |
| 269 | + _msg_error "This script must be run as root." |
| 270 | + exit 1 |
| 271 | + fi |
| 272 | + |
| 273 | + cd "$tmp_dir" || exit 1 |
| 274 | + _init "$@" |
| 275 | + |
| 276 | + case "$target_repo" in |
| 277 | + blackarch) |
| 278 | + _blackarch_install |
| 279 | + ;; |
| 280 | + archlinuxcn) |
| 281 | + _archlinuxcn_install |
| 282 | + ;; |
| 283 | + all) |
| 284 | + _blackarch_install |
| 285 | + _archlinuxcn_install |
| 286 | + ;; |
| 287 | + esac |
| 288 | + cd "${OLDPWD-.}" || exit 1 |
| 289 | +} |
| 290 | + |
| 291 | +_main "$@" |
0 commit comments