antontsv/homeshick.files

## homeshick.files
#!/usr/bin/env bash

homeshick_home_dir=${HOMESHICK_DIR:-$HOME/.homesick}
homeshick_repos_dir="$homeshick_home_dir/repos"
# In this setup main repo should not contain root /home directory
main_repo_uri="${DOT_FILES_REPO:-https://github.com/antontsv/.files.git}"
main_castle_name="${DOT_FILES_CASTLE_NAME:-main.files}"
main_castle_branch="${DOT_FILES_CASTLE_BRANCH:-master}"
main_castle_ignore_files="${DOT_FILES_IGNORE_FILES:-LICENSE,README.md,/.gitmodules}"
key_file="${DOT_FILES_REPO_PUB_PGP_KEY_FILE}"
trusted_keys="$homeshick_home_dir/trusted_keys.asc"

fatal(){
    echo "$*";
    exit 1;
}

fatal_on_error(){
    if [ $? -ne 0 ];then
        fatal "$*";
    fi;
}

sig_check="/tmp/verify-commit"

check_signature_at_path(){
    path="${1:?}"
    if ! "$sig_check" sigcheck -k "$trusted_keys" -p "$path";then
        echo "Cannot validate PGP signature on $path. Will not trust it."
        rm -rf "$path"
        fatal "Removing $path"
    fi;
}

if [ ! -e "$sig_check" ];then

    echo "Downloading tool for checking PGP signatures on commits..."
    OS=$(uname -s)
    hashsum="expected hash sum will be here"
    shasum_cmd="echo 'command for sha 256 will be set here'"
    if [ "$OS" = "Darwin" ]; then
        #  Mac OS
        shasum_cmd="/usr/bin/shasum -a 256"
        curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/macos-verify-commit"
        hashsum="93407ec562db389413a01f24dc71d391259545b9ef561c37933702f7121f1eb9"
    else
        shasum_cmd="/usr/bin/sha256sum"
        curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/verify-commit"
        hashsum="34d39967b2fbc4c8a81d28236556dff5f8f23d8e3d25431eb7d8de0a6da6c494"
    fi;

    if [ "$($shasum_cmd $sig_check | cut -d ' ' -f1 )" != "$hashsum" ];then
        rm -rf "$sig_check"
        echo "Downloaded tool for PGP verification does not have expected sha256."
        fatal "Cannot trust PGP tool."
    fi;

    chmod u+x "$sig_check"

fi;

if [ ! -d "$homeshick_repos_dir/homeshick" ];then
    # Original is git://github.com/andsens/homeshick.git
    # I use a fork mostly because of security concerns
    git clone https://github.com/antontsv/homeshick.git "$homeshick_repos_dir/homeshick"
    "$sig_check" writeKeyfile -o "$trusted_keys"
    check_signature_at_path "$homeshick_repos_dir/homeshick"
fi;

source "$homeshick_repos_dir/homeshick/homeshick.sh"

if [ ! -d "$homeshick_repos_dir/$main_castle_name" ];then
    clone_name=$(echo "$main_repo_uri" | awk -F/ '{print $(NF)}')
    clone_name="${clone_name/%.git/}"
    if [ -d "$clone_name" ];then
        fatal "Conflict with existing $clone_name castle"
    fi;
    [ -n "$key_file" ] && echo "Adding key" && "$sig_check" writeKeyfile -o "$trusted_keys" -k "$key_file"
    HOMESHICK_IGNORE="$main_castle_ignore_files" \
    HOMESHICK_USE_CASTLE_ROOT=true \
    HOMESHICK_CLONE_BRANCH="$main_castle_branch" \
    homeshick clone --batch "$main_repo_uri"
    fatal_on_error "Cannot clone $main_repo_uri"
    check_signature_at_path "$homeshick_repos_dir/$clone_name"
    [[ "$clone_name" = "$main_castle_name" ]] || (
        mv "$homeshick_repos_dir/$clone_name" "$homeshick_repos_dir/$main_castle_name" &&
        find "$homeshick_repos_dir/$main_castle_name" -type f -name .git -exec rm {} \; &&
        homeshick --batch pull "$main_castle_name" &&
        homeshick --batch link "$main_castle_name"
    )
    fatal_on_error "Cannot install $main_castle_name homeshick castle"
fi;

homeshick link --force "$main_castle_name"
fatal_on_error "Failed to link $main_castle_name castle"

if [ -d "$HOME/.sh" ] && [ ! -f "$HOME/.sh/init_homeshick.extra" ];then
    cat >> "$HOME/.sh/init_homeshick.extra" <<_INIT_EXTRA_
source "$homeshick_repos_dir/homeshick/homeshick.sh"
source "$homeshick_repos_dir/homeshick/completions/homeshick-completion.bash"
_INIT_EXTRA_

fi;

# Remove broken symlinks from $HOME:
find -L "$HOME" -maxdepth 1 -type l -exec rm -- {} +
	#!/usr/bin/env bash

	homeshick_home_dir=${HOMESHICK_DIR:-$HOME/.homesick}
	homeshick_repos_dir="$homeshick_home_dir/repos"
	# In this setup main repo should not contain root /home directory
	main_repo_uri="${DOT_FILES_REPO:-https://github.com/antontsv/.files.git}"
	main_castle_name="${DOT_FILES_CASTLE_NAME:-main.files}"
	main_castle_branch="${DOT_FILES_CASTLE_BRANCH:-master}"
	main_castle_ignore_files="${DOT_FILES_IGNORE_FILES:-LICENSE,README.md,/.gitmodules}"
	key_file="${DOT_FILES_REPO_PUB_PGP_KEY_FILE}"
	trusted_keys="$homeshick_home_dir/trusted_keys.asc"

	fatal(){
	echo "$*";
	exit 1;
	}

	fatal_on_error(){
	if [ $? -ne 0 ];then
	fatal "$*";
	fi;
	}

	sig_check="/tmp/verify-commit"

	check_signature_at_path(){
	path="${1:?}"
	if ! "$sig_check" sigcheck -k "$trusted_keys" -p "$path";then
	echo "Cannot validate PGP signature on $path. Will not trust it."
	rm -rf "$path"
	fatal "Removing $path"
	fi;
	}

	if [ ! -e "$sig_check" ];then

	echo "Downloading tool for checking PGP signatures on commits..."
	OS=$(uname -s)
	hashsum="expected hash sum will be here"
	shasum_cmd="echo 'command for sha 256 will be set here'"
	if [ "$OS" = "Darwin" ]; then
	#  Mac OS
	shasum_cmd="/usr/bin/shasum -a 256"
	curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/macos-verify-commit"
	hashsum="93407ec562db389413a01f24dc71d391259545b9ef561c37933702f7121f1eb9"
	else
	shasum_cmd="/usr/bin/sha256sum"
	curl -Ls -o "$sig_check" "https://github.com/antontsv/verify-commit/releases/download/v1.0.0-antontsv.gpg/verify-commit"
	hashsum="34d39967b2fbc4c8a81d28236556dff5f8f23d8e3d25431eb7d8de0a6da6c494"
	fi;

	if [ "$($shasum_cmd $sig_check \| cut -d ' ' -f1 )" != "$hashsum" ];then
	rm -rf "$sig_check"
	echo "Downloaded tool for PGP verification does not have expected sha256."
	fatal "Cannot trust PGP tool."
	fi;

	chmod u+x "$sig_check"

	fi;

	if [ ! -d "$homeshick_repos_dir/homeshick" ];then
	# Original is git://github.com/andsens/homeshick.git
	# I use a fork mostly because of security concerns
	git clone https://github.com/antontsv/homeshick.git "$homeshick_repos_dir/homeshick"
	"$sig_check" writeKeyfile -o "$trusted_keys"
	check_signature_at_path "$homeshick_repos_dir/homeshick"
	fi;

	source "$homeshick_repos_dir/homeshick/homeshick.sh"

	if [ ! -d "$homeshick_repos_dir/$main_castle_name" ];then
	clone_name=$(echo "$main_repo_uri" \| awk -F/ '{print $(NF)}')
	clone_name="${clone_name/%.git/}"
	if [ -d "$clone_name" ];then
	fatal "Conflict with existing $clone_name castle"
	fi;
	[ -n "$key_file" ] && echo "Adding key" && "$sig_check" writeKeyfile -o "$trusted_keys" -k "$key_file"
	HOMESHICK_IGNORE="$main_castle_ignore_files" \
	HOMESHICK_USE_CASTLE_ROOT=true \
	HOMESHICK_CLONE_BRANCH="$main_castle_branch" \
	homeshick clone --batch "$main_repo_uri"
	fatal_on_error "Cannot clone $main_repo_uri"
	check_signature_at_path "$homeshick_repos_dir/$clone_name"
	[[ "$clone_name" = "$main_castle_name" ]] \|\| (
	mv "$homeshick_repos_dir/$clone_name" "$homeshick_repos_dir/$main_castle_name" &&
	find "$homeshick_repos_dir/$main_castle_name" -type f -name .git -exec rm {} \; &&
	homeshick --batch pull "$main_castle_name" &&
	homeshick --batch link "$main_castle_name"
	)
	fatal_on_error "Cannot install $main_castle_name homeshick castle"
	fi;

	homeshick link --force "$main_castle_name"
	fatal_on_error "Failed to link $main_castle_name castle"

	if [ -d "$HOME/.sh" ] && [ ! -f "$HOME/.sh/init_homeshick.extra" ];then
	cat >> "$HOME/.sh/init_homeshick.extra" <<_INIT_EXTRA_
	source "$homeshick_repos_dir/homeshick/homeshick.sh"
	source "$homeshick_repos_dir/homeshick/completions/homeshick-completion.bash"
	_INIT_EXTRA_

	fi;

	# Remove broken symlinks from $HOME:
	find -L "$HOME" -maxdepth 1 -type l -exec rm -- {} +