Skip to content

Instantly share code, notes, and snippets.

@antontsv
Last active November 12, 2023 06:51
Show Gist options
  • Save antontsv/1167f4a1128b505e9ee1740947491580 to your computer and use it in GitHub Desktop.
Save antontsv/1167f4a1128b505e9ee1740947491580 to your computer and use it in GitHub Desktop.
Install .files using homeshick - https://git.io/install.files
#!/usr/bin/env bash
homeshick_home_dir=${HOMESHICK_DIR:-$HOME/.homesick}
homeshick_repos_dir="$homeshick_home_dir/repos"
# In this setup main repo should not contain root /home directory
main_repo_uri="${DOT_FILES_REPO:-https://github.com/antontsv/.files.git}"
main_castle_name="${DOT_FILES_CASTLE_NAME:-main.files}"
main_castle_branch="${DOT_FILES_CASTLE_BRANCH:-master}"
main_castle_ignore_files="${DOT_FILES_IGNORE_FILES:-LICENSE,README.md,/.gitmodules}"
key_file="${DOT_FILES_REPO_PUB_PGP_KEY_FILE}"
trusted_keys="$homeshick_home_dir/trusted_keys.asc"
fatal(){
echo "$*";
exit 1;
}
fatal_on_error(){
if [ $? -ne 0 ];then
fatal "$*";
fi;
}
sig_check="/tmp/verify-commit"
check_signature_at_path(){
path="${1:?}"
if ! "$sig_check" sigcheck -k "$trusted_keys" -p "$path";then
echo "Cannot validate PGP signature on $path. Will not trust it."
rm -rf "$path"
fatal "Removing $path"
fi;
}
if [ ! -e "$sig_check" ];then
echo "Downloading tool for checking PGP signatures on commits..."
OS=$(uname -s)
hashsum="expected hash sum will be here"
shasum_cmd="echo 'command for sha 256 will be set here'"
if [ "$OS" = "Darwin" ]; then
#  Mac OS
shasum_cmd="/usr/bin/shasum -a 256"
curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/macos-verify-commit"
hashsum="93407ec562db389413a01f24dc71d391259545b9ef561c37933702f7121f1eb9"
else
shasum_cmd="/usr/bin/sha256sum"
curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/verify-commit"
hashsum="34d39967b2fbc4c8a81d28236556dff5f8f23d8e3d25431eb7d8de0a6da6c494"
fi;
if [ "$($shasum_cmd $sig_check | cut -d ' ' -f1 )" != "$hashsum" ];then
rm -rf "$sig_check"
echo "Downloaded tool for PGP verification does not have expected sha256."
fatal "Cannot trust PGP tool."
fi;
chmod u+x "$sig_check"
fi;
if [ ! -d "$homeshick_repos_dir/homeshick" ];then
# Original is git://github.com/andsens/homeshick.git
# I use a fork mostly because of security concerns
git clone https://github.com/antontsv/homeshick.git "$homeshick_repos_dir/homeshick"
"$sig_check" writeKeyfile -o "$trusted_keys"
check_signature_at_path "$homeshick_repos_dir/homeshick"
fi;
source "$homeshick_repos_dir/homeshick/homeshick.sh"
if [ ! -d "$homeshick_repos_dir/$main_castle_name" ];then
clone_name=$(echo "$main_repo_uri" | awk -F/ '{print $(NF)}')
clone_name="${clone_name/%.git/}"
if [ -d "$clone_name" ];then
fatal "Conflict with existing $clone_name castle"
fi;
[ -n "$key_file" ] && echo "Adding key" && "$sig_check" writeKeyfile -o "$trusted_keys" -k "$key_file"
HOMESHICK_IGNORE="$main_castle_ignore_files" \
HOMESHICK_USE_CASTLE_ROOT=true \
HOMESHICK_CLONE_BRANCH="$main_castle_branch" \
homeshick clone --batch "$main_repo_uri"
fatal_on_error "Cannot clone $main_repo_uri"
check_signature_at_path "$homeshick_repos_dir/$clone_name"
[[ "$clone_name" = "$main_castle_name" ]] || (
mv "$homeshick_repos_dir/$clone_name" "$homeshick_repos_dir/$main_castle_name" &&
find "$homeshick_repos_dir/$main_castle_name" -type f -name .git -exec rm {} \; &&
homeshick --batch pull "$main_castle_name" &&
homeshick --batch link "$main_castle_name"
)
fatal_on_error "Cannot install $main_castle_name homeshick castle"
fi;
homeshick link --force "$main_castle_name"
fatal_on_error "Failed to link $main_castle_name castle"
if [ -d "$HOME/.sh" ] && [ ! -f "$HOME/.sh/init_homeshick.extra" ];then
cat >> "$HOME/.sh/init_homeshick.extra" <<_INIT_EXTRA_
source "$homeshick_repos_dir/homeshick/homeshick.sh"
source "$homeshick_repos_dir/homeshick/completions/homeshick-completion.bash"
_INIT_EXTRA_
fi;
# Remove broken symlinks from $HOME:
find -L "$HOME" -maxdepth 1 -type l -exec rm -- {} +
@antontsv
Copy link
Author

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment