Skip to content

Instantly share code, notes, and snippets.

@drybjed

drybjed/create-gpgring-package.sh

Forked from stbuehler/create-gpgring-package.sh
Last active August 29, 2015 14:14
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save drybjed/00dd885d57310d667a54 to your computer and use it in GitHub Desktop.
Save drybjed/00dd885d57310d667a54 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
create-gpgring-package.sh
#!/bin/bash
# syntax: $0 -p <packagename> [-a "author <email>"] [-k "my-keyring-filename.gpg"] [-d <destdir for package>] [-v <packageversion>] [--] <keyfiles...>
set -e
selfdir=$(readlink -f "$0")
selfdir=$(dirname "${selfdir}")
tmpdir=$(mktemp --tmpdir -d create-gpgring-package-XXXXXXX)
trap 'rm -rf "${tmpdir}"' EXIT
unset KEYFILES
KEYFILES=()
PACKAGENAME=
PACKAGEAUTHOR=
KEYRING=
PACKAGEVERSION=
DESTDIR=.
CreateKeyring=create-gpgring.sh
if [ -x "${selfdir}/create-gpgring.sh" ]; then
CreateKeyring="${selfdir}/create-gpgring.sh"
fi
while [ $# -gt 0 ]; do
case "$1" in
-p)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -p" >&2
exit 2
fi
if [ -n "${PACKAGENAME}" ]; then
echo "Already have a package name: '${PACKAGENAME}'" >&2
exit 2
fi
PACKAGENAME="$1"
;;
-a)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -a" >&2
exit 2
fi
if [ -n "${PACKAGEAUTHOR}" ]; then
echo "Already have a package author: '${PACKAGEAUTHOR}'" >&2
exit 2
fi
PACKAGEAUTHOR="$1"
;;
-k)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -k" >&2
exit 2
fi
if [ -n "${KEYRING}" ]; then
echo "Already have a keyring filename: '${KEYRING}'" >&2
exit 2
fi
KEYRING="$1"
;;
-d)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -d" >&2
exit 2
fi
if [ "${DESTDIR}" != "." ]; then
echo "Already have a destination directory: '${DESTDIR}'" >&2
exit 2
fi
DESTDIR="$1"
;;
-v)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -v" >&2
exit 2
fi
if [ "${PACKAGEVERSION}" != "." ]; then
echo "Already have a package version: '${PACKAGEVERSION}'" >&2
exit 2
fi
PACKAGEVERSION="$1"
;;
--)
shift
KEYFILES+=("$@")
shift $#
;;
-*)
echo "Uknown option: '$1'" >&2
exit 2
;;
*)
KEYFILES+=("$1")
;;
esac
shift || true
done
if [ -z "${PACKAGENAME}" ]; then
echo "Need a package name (-p <...>)" >&2
exit 2
fi
if [ -z "${KEYFILES[*]}" ]; then
echo "No key files specified" >&2
exit 2
fi
if [ -z "${PACKAGEVERSION}" ]; then
PACKAGEVERSION=$(date +%Y%m%d%H%M)
fi
if [ -z "${PACKAGEAUTHOR}" ]; then
PACKAGEAUTHOR="${USER} <${USER}@$(hostname -f)>"
fi
if [ -z "${KEYRING}" ]; then
KEYRING="${PACKAGENAME}"
fi
if [ "${KEYRING:-4}" != ".gpg" ]; then
# enforce extension
KEYRING="${KEYRING}.gpg"
fi
mkdir -p "${tmpdir}/pkg/DEBIAN" "${tmpdir}/pkg/etc/apt/trusted.gpg.d/" "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}"
"${CreateKeyring}" -o "${tmpdir}/pkg/etc/apt/trusted.gpg.d/${KEYRING}" -- "${KEYFILES}"
cat > "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}/changelog" <<EOF
${PACKAGENAME} (${PACKAGEVERSION}) unstable; urgency=low
* Keyring from $(date +"%a, %d %b %Y %H:%M:%S %z")
-- ${PACKAGEAUTHOR} $(date +"%a, %d %b %Y %H:%M:%S %z")
EOF
gzip "${tmpdir}/pkg/usr/share/doc/${PACKAGENAME}/changelog"
PACKAGESIZE=$(du -ksc "${tmpdir}/pkg/etc" "${tmpdir}/pkg/usr" | tail -n1 | cut -f1)
cat >"${tmpdir}/pkg/DEBIAN/control" <<EOF
Package: ${PACKAGENAME}
Version: ${PACKAGEVERSION}
Architecture: all
Maintainer: ${PACKAGEAUTHOR}
Installed-Size: ${PACKAGESIZE}
Depends: gpgv
Recommends: gnupg
Breaks: apt (<< 0.7.25.1)
Section: misc
Priority: important
Multi-Arch: foreign
Description: GnuPG archive keys
This package contains archive keys for apt.
EOF
cat >"${tmpdir}/pkg/DEBIAN/conffiles" <<EOF
/etc/apt/trusted.gpg.d/${KEYRING}
EOF
echo "Building package:"
if [ "$UID" -eq 0 ]; then
dpkg-deb --build "${tmpdir}/pkg" "${tmpdir}/"
else
fakeroot -- dpkg-deb --build "${tmpdir}/pkg" "${tmpdir}/"
fi
PACKAGEFILE="${PACKAGENAME}_${PACKAGEVERSION}_all.deb"
if [ ! -f "${tmpdir}/${PACKAGEFILE}" ]; then
echo "Cannot find package file - build failed?" >&2
echo 'List of temporary files:' >&2
ls -Rlisha "${tmpdir}" >&2
exit 1
fi
mv "${tmpdir}/${PACKAGEFILE}" "${DESTDIR}/"
Raw
create-gpgring.sh
#!/bin/bash
# syntax: $0 [-o <keyring outfile>] [--] <keyfiles...>
# export a key from your keyring:
# gpg -a --export --export-options export-minimal your@id
set -e
tmpdir=$(mktemp --tmpdir -d create-gpgring-XXXXXXX)
trap 'rm -rf "${tmpdir}"' EXIT
mygpg() {
gpg --homedir "${tmpdir}/.gnupg" --batch --no-tty --no-options --no-default-keyring --no-auto-check-trustdb --trustdb-name "${tmpdir}/trustdb.gpg" "$@"
}
unset INFILES
INFILES=()
OUTFILE=
while [ $# -gt 0 ]; do
case "$1" in
-o)
shift
if [ $# -eq 0 ]; then
echo "Missing parameter value for -o" >&2
exit 2
fi
OUTFILE="$1"
;;
--)
shift
INFILES+=("$@")
shift $#
;;
-*)
echo "Uknown option: '$1'" >&2
exit 2
;;
*)
INFILES+=("$1")
;;
esac
shift || true
done
if [ -z "${OUTFILE}" -o "${OUTFILE}" = "-" ]; then
OUTFILE="${tmpdir}/stdout"
fi
if [ -z "${INFILES[*]}" -o "${INFILES[*]}" = "-" ]; then
INFILES=("${tmpdir}/stdin")
cat > "${INFILES[0]}"
fi
export HOME="${tmpdir}"
KEYRING="${tmpdir}/keyring"
mygpg --keyring "${KEYRING}" --import -- "${INFILES[@]}"
mygpg --keyring "${KEYRING}" --list-keys
mv "${KEYRING}" "${OUTFILE}"
if [ -f "${tmpdir}/stdout" ]; then
cat "${tmpdir}/stdout"
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment