#!/bin/bash # runs on the buildmaster only, works currently only there # # calls all subscripts to build the iso, sign it, generate checksums, # update the website, update RSS feeds, feed the torrents, etc. # # this script is supposed to be used by Archlinux32 people only # as it contains hard-coded pathes and server names.. # prerequisites: # - mkinitcpio-archiso32 and archiso32 installed on the host # - https://git.archlinux32.org/releng checked out locally # - pacman-mirrorlist32 for /etc/pacman.d/mirrorlist32 # - mktorrent, python-feedgenerator, transmission-cli, hefur # parameters CONFIG="releng" ARCH="i686" #ARCH = "dual" DESC="i686 only" #DESC="dual bootable" DATE=$(date +%Y.%m.%d) #DATE="2022.02.01" ISO="archlinux32-${DATE}-${ARCH}.iso" SIGNATURE="${ISO}.sig" TORRENT="${ISO}.torrent" TORRENT_SERVER="archlinux32.org" TORRENT_USER="hefur" WEBSITE_DIR="/srv/http/archlinux32.org" MIRROR_DIR="/srv/http/mirror/mirror.archlinux32.org" ARCHISOS_DIR="${MIRROR_DIR}/archisos/" ARCHIVE_DIR="/srv/http/mirror/archive.archlinux32.org/iso" MIRROR_USER='mirror' MIRROR_GROUP='mirror' #Andreas Baumann (sign) #SIGN_KEY='16194A82231E9EF823562181C8E8F5A0AF9BA7E7' # Archlinux 32 Release Key SIGN_KEY='33CA3597B0D161AAE4173F65C17F1214114574A4' base_dir=$( readlink -e "${0%/*}" ) pushd() { command pushd "$@" > /dev/null } popd() { command popd "$@" > /dev/null } export pushd popd usage() { >&2 echo "" >&2 echo "build-all: do all release engineering for Archlinux32 ISOs and downloads" >&2 echo "" >&2 echo "possible options:" >&2 echo " -h|--help: show this help and exit." >&2 echo " -f|--force: overwrite already existing artifacts (use with care!)." >&2 echo " -t|--test: test mode, generate artifacts, but don't pusblish anything." [ -z "$1" ] && exit 1 || exit "$1" } # fail on first error set -e # cleanup hook tmp_dir="$(mktemp -d)" cleanup() { if mountpoint -q "${tmp_dir}"; then sudo umount "${tmp_dir}" fi rm -rf --one-file-system "${tmp_dir}" } trap cleanup EXIT eval set -- "$( getopt -o hft \ --long force \ --long test \ --long help \ -n "$(basename "$0")" -- "$@" || \ echo usage )" force=0 testmode=0 while [ $# -gt 0 ]; do case "$1" in '--force'|'-f') force=1 ;; '--test'|'-t') testmode=1 ;; '--help'|'-h') usage 0 ;; '--') shift break ;; *) >&2 printf 'Whoops, option "%s" is not yet implemented!\n' "$1" exit 42 ;; esac shift done if [ $# -gt 0 ]; then >&2 echo 'Too many arguments.' exit 2 fi # build the ISO pushd "${ARCHISOS_DIR}" if [ $force = 1 ]; then rm -f "${ISO}" fi if [ ! -f "${ISO}" ]; then echo "Building ISO.." "${base_dir}/build-iso" --config="${CONFIG}" --arch "${ARCH}" \ --output-dir="${ARCHISOS_DIR}" --iso "${ISO}" else echo "Refusing to overwrite existing ISO '${ISO}'." fi popd if [ ! -f "${ARCHISOS_DIR}/${ISO}" ]; then >&2 echo "The ISO file '${ISO}' does not exist, it makes no sense to continue." exit 1 fi # sign ISO pushd "${ARCHISOS_DIR}" if [ $force = 1 ]; then rm -f "${ISO}.sig" fi if [ ! -f "${ISO}.sig" ]; then echo "Signing ISO.." gpg --local-user "${SIGN_KEY}" --batch --no-tty --detach-sign "${ISO}" > sha512sums sort -k2,2 sha512sums --output sha512sums else echo "SHA512 checksum already done." fi if [ $(grep "${ISO}$" md5sums | wc -l) = 0 ]; then [ ! -f md5sums ] || sed -i "/${ISO}$/d" md5sums md5sum "${ISO}" >> md5sums sort -k2,2 md5sums --output md5sums else echo "MD5 checksum already done." fi popd # check sanity of ISO echo "Checking ISO.." "${base_dir}/check-iso" \ --output-dir "${ARCHISOS_DIR}" --iso="${ISO}" --check --expected-sign-key "${SIGN_KEY}" if [ $? = 1 ]; then >&2 echo "The ISO file '${iso}' is not sane. Not continuing! You should maybe delete this ISO file.." exit 1 fi # generate torrents echo "Generating torrents.." pushd "${ARCHISOS_DIR}" if [ $force = 1 ]; then rm -f "${ISO}.torrent" fi if [ ! -f "${ISO}.torrent" ]; then "${base_dir}/build-torrent" \ --arch="${ARCH}" \ --date="${DATE}" \ --mirror-dir="${MIRROR_DIR}" \ --torrent-server="${TORRENT_SERVER}" \ --torrent-user="${TORRENT_USER}" else echo "The torrent file '${ISO}.torrent' already exists, not generating a new one." fi # get the magnet link and add it to the RSS feed file echo "Generating magnet link and publish it in the RSS feed file.." magnet_link="$("${base_dir}"/build-torrent --arch="${ARCH}" --date="${DATE}" --mirror-dir="${MIRROR_DIR}" --magnet-link)" if [ $force = 1 ]; then rm -f "feed_${ARCH}.rss" fi if [ ! -f "feed_${ARCH}.rss" ]; then feed_url="https://pool.mirror.archlinux32.org/archisos/feed_${ARCH}.rss" "${base_dir}/magnet2feed.py" \ "${magnet_link}" "${ARCH}" "${DATE}" "${feed_url}" else echo "The RSS feed file 'feed_${ARCH}.rss' already exists, not generating a new one." fi # update web page for isos and download mirrors if [ $testmode = 0 ]; then echo "Updating website.." git -C "${WEBSITE_DIR}" reset --hard git -C "${WEBSITE_DIR}" pull --ff-only fi "${base_dir}/update-website" \ --website-dir="${WEBSITE_DIR}" \ --mirror-dir="${MIRROR_DIR}" \ --iso="${ISO}" \ --update-iso \ --update-mirrors \ --torrent-seed="https://pool.mirror.archlinux32.org/archisos/archlinux32-${DATE}-${ARCH}.iso.torrent" \ --magnet-link="${magnet_link}" if [ $testmode = 0 ]; then git -C "${WEBSITE_DIR}" commit 'download/index.html' -m 'download/index.html: new isos ('"${DATE}"')' git -C "${WEBSITE_DIR}" push fi # when did we last updates the date +%s > "${ARCHISOS_DIR}/lastupdate" # cleanup mirror and move old ISOs to the archive echo "Cleaning up old ISOs and pushing them into the archive" "${base_dir}/cleanup-isos" \ --mirror-dir="/srv/http/mirror/mirror.archlinux32.org" \ --archive-dir="/srv/http/mirror/archive.archlinux32.org" # set permissions correctly of all generated or changed fles echo "Fixing/setting permissions.." chown "${MIRROR_USER}:${MIRROR_GROUP}" \ "${ARCHISOS_DIR}/${ISO}" "${ARCHISOS_DIR}/${SIGNATURE}" "${ARCHISOS_DIR}/${TORRENT}" \ "${ARCHISOS_DIR}/sha512sums" "${ARCHISOS_DIR}/md5sums" "${ARCHISOS_DIR}/lastupdate" echo "Finished." exit 0