430 lines
10 KiB
Bash
430 lines
10 KiB
Bash
#! /usr/bin/env sh
|
|
|
|
# defaults
|
|
CD_DEFAULT_DNS="\
|
|
9.9.9.9 \
|
|
"
|
|
CD_DEFAULT_REPO_ALMA="https://repo.almalinux.org/almalinux"
|
|
CD_DEFAULT_REPO_DEBIAN="https://deb.debian.org/debian"
|
|
|
|
CD_PYTHON_MODULES="\
|
|
cd \
|
|
rwx \
|
|
"
|
|
|
|
# main
|
|
cd_main () {
|
|
cd_set_environment_variables
|
|
cd_set_dns_resolving
|
|
cd_set_packages_repositories
|
|
cd_set_packages_configuration
|
|
cd_set_https_verification_off
|
|
cd_update_packages_catalog
|
|
cd_install_packages_tools
|
|
cd_install_ca_certificates
|
|
cd_write_ca_certificates
|
|
cd_update_ca_certificates
|
|
cd_set_https_verification_on
|
|
cd_update_packages_catalog
|
|
cd_upgrade_packages
|
|
cd_install_git
|
|
cd_install_python
|
|
cd_clean_packages_cache
|
|
cd_install_python_modules ${CD_PYTHON_MODULES}
|
|
cd_execute_python_module ${CD_PYTHON_MODULES}
|
|
}
|
|
|
|
# steps
|
|
|
|
cd_set_environment_variables () {
|
|
cd_step "Set environment variables"
|
|
#
|
|
[ "${CD_CA_1}" ] && CD_CA=true
|
|
#
|
|
case "$(cd_grep_os ID)" in
|
|
"almalinux")
|
|
CD_OS_ID="${CD_OS_ALMA}"
|
|
CD_OS_VERSION="$(cd_grep_os VERSION_ID)"
|
|
;;
|
|
"debian")
|
|
CD_OS_ID="${CD_OS_DEBIAN}"
|
|
CD_OS_VERSION="$(cd_grep_os VERSION_CODENAME)"
|
|
;;
|
|
esac
|
|
#
|
|
CD_CA_PACKAGE="ca-certificates"
|
|
CD_DNS_FILE="/etc/resolv.conf"
|
|
CD_GIT_PACKAGE="git"
|
|
#
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_ALMA}")
|
|
CD_OS_REPO="${CD_DEFAULT_REPO_ALMA}"
|
|
[ "${CD_REPO_ALMA}" ] && CD_OS_REPO="${CD_REPO_ALMA}"
|
|
case "${CD_OS_VERSION}" in
|
|
"8."*|"9."*) cd_nop ;;
|
|
*) cd_error_os "CD_OS_VERSION" ;;
|
|
esac
|
|
CD_CA_ROOT="/etc/pki/ca-trust/source/anchors"
|
|
CD_CMD_CA="update-ca-trust"
|
|
CD_CMD_CLEAN="dnf clean all"
|
|
CD_CMD_UPDATE="dnf makecache"
|
|
CD_CMD_UPGRADE="dnf upgrade --assumeyes"
|
|
CD_PKG_PKG=""
|
|
CD_PM_HTTPS_PATH="/etc/dnf/dnf.conf.d/https.conf"
|
|
CD_PM_HTTPS_TEXT="sslverify=False"
|
|
CD_PYTHON_COMMAND="python3.11"
|
|
CD_PYTHON_PACKAGE="python3.11"
|
|
CD_PYTHON_PACKAGES="/usr/lib64/python3.11/site-packages"
|
|
;;
|
|
"${CD_OS_DEBIAN}")
|
|
export DEBIAN_FRONTEND="noninteractive"
|
|
#
|
|
CD_OS_REPO="${CD_DEFAULT_REPO_DEBIAN}"
|
|
[ "${CD_REPO_DEBIAN}" ] && CD_OS_REPO="${CD_REPO_DEBIAN}"
|
|
case "${CD_OS_VERSION}" in
|
|
"bookworm"|"bullseye") cd_nop ;;
|
|
*) cd_error_os "CD_OS_VERSION" ;;
|
|
esac
|
|
CD_CA_ROOT="/usr/local/share/ca-certificates"
|
|
CD_CMD_CA="update-ca-certificates"
|
|
CD_CMD_CLEAN="apt-get clean"
|
|
CD_CMD_UPDATE="apt-get update"
|
|
CD_CMD_UPGRADE="apt-get upgrade --assume-yes"
|
|
CD_PKG_PKG="apt-utils"
|
|
CD_PM_HTTPS_PATH="/etc/apt/apt.conf.d/https"
|
|
CD_PM_HTTPS_TEXT="Acquire::https::Verify-Peer False;"
|
|
CD_PYTHON_COMMAND="python3"
|
|
CD_PYTHON_PACKAGE="python3"
|
|
CD_PYTHON_PACKAGES="/usr/lib/python3/dist-packages"
|
|
;;
|
|
*) cd_error_os "CD_OS_ID" ;;
|
|
esac
|
|
# continuous integration platform
|
|
if [ "${GITHUB_ACTIONS}" ] ; then
|
|
# forgejo / gitea / github
|
|
CD_SERVER_URL="${GITHUB_SERVER_URL}"
|
|
CD_PROJECTS_GROUP="$(dirname "${GITHUB_REPOSITORY}")"
|
|
CD_PROJECT_NAME="$(basename "${GITHUB_REPOSITORY}")"
|
|
CD_PROJECT_BRANCH="${GITHUB_REF_NAME}"
|
|
elif [ "${GITLAB_CI}" ] ; then
|
|
# gitlab
|
|
CD_SERVER_URL="${CI_SERVER_URL}"
|
|
CD_PROJECTS_GROUP="$(dirname "${CI_PROJECT_PATH}")"
|
|
CD_PROJECT_NAME="$(basename "${CI_PROJECT_PATH}")"
|
|
CD_PROJECT_BRANCH="${CI_COMMIT_BRANCH}"
|
|
else
|
|
# unsupported
|
|
cd_error_ci "ø"
|
|
fi
|
|
#
|
|
[ "${CD_SERVER_URL}" ] || cd_error_ci "CD_SERVER_URL"
|
|
[ "${CD_PROJECTS_GROUP}" ] || cd_error_ci "CD_PROJECTS_GROUP"
|
|
[ "${CD_PROJECT_NAME}" ] || cd_error_ci "CD_PROJECT_NAME"
|
|
[ "${CD_PROJECT_BRANCH}" ] || cd_error_ci "CD_PROJECT_BRANCH"
|
|
#
|
|
CD_PROJECTS_URL="${CD_SERVER_URL}/${CD_PROJECTS_GROUP}"
|
|
CD_PROJECT_URL="${CD_PROJECTS_URL}/${CD_PROJECT_NAME}"
|
|
#
|
|
cd_echo "CD_CA"
|
|
cd_split
|
|
cd_echo "CD_OS_ID" "CD_OS_VERSION"
|
|
cd_split
|
|
cd_echo "CD_DNS_FILE"
|
|
cd_split
|
|
cd_echo "CD_PYTHON_PACKAGE" "CD_PYTHON_PACKAGES" "CD_CA_ROOT"
|
|
cd_split
|
|
cd_echo "CD_SERVER_URL" \
|
|
"CD_PROJECTS_GROUP" "CD_PROJECT_NAME" "CD_PROJECT_BRANCH"
|
|
cd_split
|
|
cd_echo "CD_PROJECTS_URL" "CD_PROJECT_URL"
|
|
}
|
|
|
|
cd_set_dns_resolving () {
|
|
local server
|
|
local servers
|
|
local text=""
|
|
cd_step "Set DNS resolving"
|
|
[ "${CD_DNS}" ] && servers="${CD_DNS}" || servers="${CD_DEFAULT_DNS}"
|
|
for server in ${servers} ; do
|
|
text="${text}nameserver ${server}
|
|
"
|
|
done
|
|
cd_write "${CD_DNS_FILE}" "${text}"
|
|
}
|
|
|
|
cd_set_packages_repositories () {
|
|
local expression
|
|
local file
|
|
cd_step "Set packages repositories"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_ALMA}")
|
|
file="/etc/yum.repos.d/almalinux.repo"
|
|
cd_sed "${file}" \
|
|
"|^mirrorlist|# mirrorlist|" \
|
|
"|${CD_DEFAULT_REPO_ALMA}|${CD_OS_REPO}|" \
|
|
"|^# baseurl|baseurl|"
|
|
cd_cat "${file}"
|
|
;;
|
|
"${CD_OS_DEBIAN}")
|
|
cd_write "/etc/apt/sources.list" "\
|
|
deb ${CD_OS_REPO} ${CD_OS_VERSION} main
|
|
deb ${CD_OS_REPO} ${CD_OS_VERSION}-backports main
|
|
deb ${CD_OS_REPO} ${CD_OS_VERSION}-updates main
|
|
deb ${CD_OS_REPO}-security ${CD_OS_VERSION}-security main
|
|
"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
cd_set_packages_configuration () {
|
|
cd_step "Set packages configuration"
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_ALMA}")
|
|
cd_write "/etc/dnf/dnf.conf" "\
|
|
[main]
|
|
best=True
|
|
clean_requirements_on_remove=True
|
|
gpgcheck=1
|
|
installonly_limit=3
|
|
skip_if_unavailable=False
|
|
"
|
|
;;
|
|
"${CD_OS_DEBIAN}")
|
|
cd_write "/etc/apt/apt.conf.d/apt.conf" "\
|
|
Acquire::Check-Valid-Until True;
|
|
APT::Get::Show-Versions True;
|
|
APT::Install-Recommends False;
|
|
APT::Install-Suggests False;
|
|
Dir::Etc::SourceParts \"\";
|
|
"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# agnostic steps
|
|
|
|
cd_set_https_verification_off () {
|
|
if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then
|
|
cd_step "Set HTTPS verification off"
|
|
cd_mkdir "$(dirname "${CD_PM_HTTPS_PATH}")"
|
|
cd_write "${CD_PM_HTTPS_PATH}" "${CD_PM_HTTPS_TEXT}"
|
|
fi
|
|
}
|
|
|
|
cd_update_packages_catalog () {
|
|
cd_step "Update packages catalog"
|
|
${CD_CMD_UPDATE} || exit
|
|
}
|
|
|
|
cd_install_packages_tools () {
|
|
cd_step "Install packages tools"
|
|
cd_install_package "${CD_PKG_PKG}"
|
|
}
|
|
|
|
cd_install_ca_certificates () {
|
|
cd_step "Install CA"
|
|
cd_install_package "${CD_CA_PACKAGE}"
|
|
}
|
|
|
|
cd_write_ca_certificates () {
|
|
local index
|
|
local text
|
|
cd_step "Write CA certificates"
|
|
cd_mkdir "${CD_CA_ROOT}"
|
|
index=1
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
while [ "${text}" ] ; do
|
|
cd_write "${CD_CA_ROOT}/${index}.crt" "${text}"
|
|
index=$((index+1))
|
|
eval "text=\"\${CD_CA_${index}}\""
|
|
done
|
|
}
|
|
|
|
cd_update_ca_certificates () {
|
|
cd_step "Update CA certificates"
|
|
${CD_CMD_CA} || exit
|
|
}
|
|
|
|
cd_set_https_verification_on () {
|
|
if [ "${CD_CA}" -o "${CD_OS_ID}" = "${CD_OS_DEBIAN}" ] ; then
|
|
cd_step "Set HTTPS verification on"
|
|
cd_rm "${CD_PM_HTTPS_PATH}"
|
|
fi
|
|
}
|
|
|
|
cd_upgrade_packages () {
|
|
cd_step "Upgrade packages"
|
|
${CD_CMD_UPGRADE} || exit
|
|
}
|
|
|
|
cd_install_git () {
|
|
cd_step "Install Git"
|
|
cd_install_package "${CD_GIT_PACKAGE}"
|
|
}
|
|
|
|
cd_install_python () {
|
|
cd_step "Install Python"
|
|
cd_install_package "${CD_PYTHON_PACKAGE}"
|
|
}
|
|
|
|
cd_clean_packages_cache () {
|
|
cd_step "Clean packages cache"
|
|
${CD_CMD_CLEAN} || exit
|
|
}
|
|
|
|
cd_install_python_modules () {
|
|
local path
|
|
local repository
|
|
local root
|
|
local url
|
|
cd_step "Install Python modules"
|
|
root="$(mktemp --directory)" || exit
|
|
echo "${root}"
|
|
for repository in "${@}" ; do
|
|
cd_split
|
|
url="${CD_PROJECTS_URL}/${repository}"
|
|
echo -n "\
|
|
${url}
|
|
↓
|
|
"
|
|
git clone \
|
|
"${url}" "${root}/${repository}" \
|
|
|| exit
|
|
path="${root}/${repository}/${repository}"
|
|
echo -n "\
|
|
${path}
|
|
↓
|
|
${CD_PYTHON_PACKAGES}
|
|
"
|
|
cp --recursive \
|
|
"${path}" "${CD_PYTHON_PACKAGES}" \
|
|
|| exit
|
|
done
|
|
cd_split
|
|
cd_rm "${root}"
|
|
}
|
|
|
|
cd_execute_python_module () {
|
|
local self
|
|
cd_step "Execute Python module"
|
|
self="$(realpath "${0}")"
|
|
echo -n "\
|
|
${self}
|
|
↓
|
|
${1}
|
|
"
|
|
"${CD_PYTHON_COMMAND}" -m "${1}" "${CD_STEP}" "${self}"
|
|
}
|
|
|
|
# functions
|
|
|
|
cd_cat () {
|
|
if [ -f "${1}" ] ; then
|
|
echo "╭╴$(realpath "${1}")"
|
|
cat "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_echo () {
|
|
local name
|
|
if [ "${1}" ] ; then
|
|
for name in "${@}" ; do
|
|
eval "echo ${name}=\${${name}}"
|
|
done
|
|
fi
|
|
}
|
|
|
|
cd_error_ci () {
|
|
echo "× CI: ${1}"
|
|
exit ${CD_ERROR_CI}
|
|
}
|
|
|
|
cd_error_os () {
|
|
local variable="${1}"
|
|
echo -n "× OS: "
|
|
cd_echo "${variable}"
|
|
exit ${CD_ERROR_OS}
|
|
}
|
|
|
|
cd_grep_os () {
|
|
local variable="${1}"
|
|
if [ "${variable}" ] ; then
|
|
grep "^${variable}=" "/etc/os-release" \
|
|
| sed "s|^${variable}=||" \
|
|
| sed "s|^\"\(.*\)\"$|\1|"
|
|
fi
|
|
}
|
|
|
|
cd_install_package () {
|
|
if [ "${1}" ] ; then
|
|
case "${CD_OS_ID}" in
|
|
"${CD_OS_DEBIAN}") apt-get install --assume-yes "${1}" || exit ;;
|
|
"${CD_OS_ALMA}") dnf install --assumeyes "${1}" || exit ;;
|
|
esac
|
|
fi
|
|
}
|
|
|
|
cd_mkdir () {
|
|
if [ "${1}" ] ; then
|
|
echo "→ ${1}"
|
|
mkdir --parents "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_nop () { true ; }
|
|
|
|
cd_rm () {
|
|
if [ -e "${1}" ] ; then
|
|
echo "← $(realpath "${1}")"
|
|
rm --recursive "${1}" || exit
|
|
fi
|
|
}
|
|
|
|
cd_sed () {
|
|
local expression
|
|
local file
|
|
if [ -f "${1}" ] ; then
|
|
file="${1}"
|
|
shift
|
|
for expression in "${@}" ; do
|
|
sed --in-place "s${expression}g" "${file}" || exit
|
|
done
|
|
fi
|
|
}
|
|
|
|
cd_split () {
|
|
echo -n "\
|
|
╶─╌╌┄┄┈┈
|
|
"
|
|
}
|
|
|
|
cd_step () {
|
|
if [ "${1}" ] ; then
|
|
CD_STEP=$((CD_STEP+1))
|
|
echo -n "\
|
|
╭─╌╌┄┄┈┈
|
|
│ ${CD_STEP} ${1}
|
|
╰─╌╌┄┄┈┈
|
|
"
|
|
fi
|
|
}
|
|
|
|
cd_write () {
|
|
local file="${1}"
|
|
local text="${2}"
|
|
if [ "${file}" ] ; then
|
|
echo -n "${text}" > "${file}" || exit
|
|
cd_cat "${file}"
|
|
fi
|
|
}
|
|
|
|
# constants
|
|
|
|
CD_ERROR_CI=2
|
|
CD_ERROR_OS=1
|
|
|
|
CD_OS_ALMA="alma"
|
|
CD_OS_DEBIAN="debian"
|
|
|
|
# run
|
|
cd_main
|