#!/bin/bash
parabola_keyring_version=$(
curl -Ss 'https://repo.parabola.nu/other/parabola-keyring/' \
| sed '
s@^.*.*$@\1@
t
d
' \
| sort -V \
| tail -n1
)
parabola_keyring="https://repo.parabola.nu/other/parabola-keyring/parabola-keyring-${parabola_keyring_version}.tar.gz"
archlinuxarm_keyring=$(
curl -Ss 'https://arch.eckner.net/archlinuxarm/arm/core/' \
| sed '
s@^.*.*$@\1@
t
d
' \
| sort -V \
| tail -n1 \
| sed '
s@^.*$@https://arch.eckner.net/archlinuxarm/arm/core/archlinuxarm-keyring-\0-any.pkg.tar.xz@
'
)
{
{
find \
/usr/src/archlinux/{packages,community}/ \
/usr/src/archlinux32/packages/ \
~/eigeneSkripte/archPackages/ \
-type f -name PKGBUILD \
-exec sed -n '
/^\s*validpgpkeys=.*)/p
/^\s*validpgpkeys=[^)]\+$/,/)/p
' {} + 2>/dev/null \
| sed '
s/#.*$//
s/^\s*validpgpkeys=(//
s/).*$//
' \
| tr -d '" \t'"'"
curl -Ss 'https://archlinux32.org/key-wishlist'
{
curl -Ss "${archlinuxarm_keyring}" \
| bsdtar -Oxf - usr/share/pacman/keyrings/archlinuxarm-{trusted,revoked}
curl -Ss "${parabola_keyring}" \
| bsdtar -Oxf - parabola-keyring-${parabola_keyring_version}/parabola-{trusted,revoked}
} \
| cut -d: -f1
} \
| sort -u \
| grep -x '[0-9a-fA-F]\{16,40\}' \
| while read -r key_id; do
key=$(gpg -a --export "${key_id}" 2>/dev/null)
if [ -z "${key}" ]; then
/usr/src/skripte/gpg-safe-import/gpg-safe-import --recv-keys "${key_id}"
key=$(gpg -a --export "${key_id}" 2>/dev/null)
fi
if [ -z "${key}" ]; then
>&2 printf 'wish-list key "%s" is unknown\n' "${key_id}"
continue
fi
printf '%s\n' "${key}"
done
gpg --homedir /etc/pacman.d/gnupg -a --export
curl -Ss "${archlinuxarm_keyring}" \
| bsdtar -Oxf - usr/share/pacman/keyrings/archlinuxarm.gpg
curl -Ss "${parabola_keyring}" \
| bsdtar -Oxf - parabola-keyring-${parabola_keyring_version}/parabola.gpg
} \
| if [ "x$1" = 'x-l' ]; then
sudo su http -s /bin/bash -c 'gpg --import'
elif [ $# -ne 0 ]; then
>&2 echo 'only valid parameter is "-l"'
exit 1
else
ssh archlinux32 "sudo su http -s /bin/bash -c 'gpg --import'"
fi