Initial commit
This commit is contained in:
commit
4c343d4eeb
21
generic-sign.sh
Executable file
21
generic-sign.sh
Executable file
|
@ -0,0 +1,21 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
if [ -z "$1" ]; then
|
||||
echo Usage: $0 '<MANIFEST>' >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
echo
|
||||
echo Starting the signature process.
|
||||
read -sp 'Please enter your private key (hidden) and press enter: ' privkey
|
||||
echo
|
||||
|
||||
echo
|
||||
echo Signing manifest "$1" ...
|
||||
# check if the separator is already in the file
|
||||
if ! fgrep -q -- --- "$1"; then
|
||||
echo --- >> "$1"
|
||||
fi
|
||||
ecdsasign <( awk '/^BRANCH/,/^---/' "$1" | egrep -v ^--- ) <<< "$privkey" >> "$1"
|
||||
echo 'Last 10 lines of the signed manifest:'
|
||||
tail -10 "$1"
|
52
stable_sign.sh
Executable file
52
stable_sign.sh
Executable file
|
@ -0,0 +1,52 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
BASEPATH=~/firmware
|
||||
|
||||
cat <<EOF
|
||||
This script is intended to make signing stable firmwares easier.
|
||||
It will ask you which firmware you want to sign and will ask you for your private key.
|
||||
|
||||
EOF
|
||||
|
||||
cd $BASEPATH
|
||||
firmware=(v*/)
|
||||
echo Available firmware versions in $(pwd):
|
||||
for i in ${!firmware[*]}; do
|
||||
echo $i. ${firmware[$i]}
|
||||
done
|
||||
read -p 'Enter the number of the firmware you wish to sign: ' fw
|
||||
firmware=${firmware[$fw]}
|
||||
echo Selected firmware: ${firmware}
|
||||
|
||||
echo
|
||||
echo Manifests to be signed:
|
||||
for betastable in beta stable; do
|
||||
m=${BASEPATH}/${firmware}/stable/images/sysupgrade/${betastable}.manifest
|
||||
echo "####### Manifest: ${m}"
|
||||
if ! head -3 $m; then
|
||||
echo ERROR: no beta.manifest, try update_manifests.sh first.
|
||||
exit 1
|
||||
fi
|
||||
done
|
||||
|
||||
echo
|
||||
echo Press enter if you want to sign the manifests listed above. To abort, hit Ctrl+C.
|
||||
read -r confirm
|
||||
|
||||
echo
|
||||
echo Starting the signature process.
|
||||
read -sp 'Please enter your private key (hidden) and press enter: ' privkey
|
||||
echo
|
||||
|
||||
echo
|
||||
echo Signing manifests...
|
||||
for betastable in beta stable; do
|
||||
m=${BASEPATH}/${firmware}/stable/images/sysupgrade/${betastable}.manifest
|
||||
echo "####### Manifest: ${m}"
|
||||
# check if the separator is already in the file
|
||||
if ! fgrep -q -- --- $m; then
|
||||
echo --- >> $m
|
||||
fi
|
||||
# generate the signature
|
||||
ecdsasign <( awk '/^BRANCH/,/^---/' $m | egrep -v ^--- ) <<< "$privkey" >> $m
|
||||
done
|
19
sync-firmware.sh
Executable file
19
sync-firmware.sh
Executable file
|
@ -0,0 +1,19 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
-n)
|
||||
DRYRUN=--dry-run
|
||||
;;
|
||||
*)
|
||||
echo "Unknown option: $1" >&2
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
echo '############################# Uploading to srv01...'
|
||||
rsync --recursive --delete-before --links --hard-links --times --partial --verbose --progress $DRYRUN ~/firmware/update-mirror/. ffupdates@srv01.hamburg.freifunk.net:updates/
|
||||
echo '############################# Uploading to srv03...'
|
||||
rsync --recursive --delete-before --links --hard-links --times --partial --verbose --progress $DRYRUN ~/firmware/update-mirror/. ffupdates@srv03.hamburg.freifunk.net:/var/www/updates/
|
64
update-manifests.sh
Executable file
64
update-manifests.sh
Executable file
|
@ -0,0 +1,64 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
BASEPATH=~/firmware
|
||||
|
||||
cat <<EOF
|
||||
This script modifies the stable.manifest and beta.manifest in each firmware directory and updates
|
||||
the branch, date and priority information. Signatures will be removed as they become invalid due to the changes.
|
||||
It will ask you which firmware you want modify.
|
||||
|
||||
EOF
|
||||
|
||||
cd $BASEPATH
|
||||
firmware=(v*/)
|
||||
echo Available firmware versions in $(pwd):
|
||||
for i in ${!firmware[*]}; do
|
||||
echo $i. ${firmware[$i]}
|
||||
done
|
||||
read -p 'Enter the number of the firmware you wish to update: ' fw
|
||||
firmware=${firmware[$fw]}
|
||||
echo Selected firmware: ${firmware}
|
||||
|
||||
echo
|
||||
echo Manifest to be modified:
|
||||
m=${BASEPATH}/${firmware}/stable/images/sysupgrade/stable.manifest
|
||||
echo "####### Manifest: ${m}"
|
||||
head -3 $m
|
||||
|
||||
echo
|
||||
echo Press enter if you want to use the manifest listed above. To abort, hit Ctrl+C.
|
||||
read -sr confirm
|
||||
echo
|
||||
|
||||
valuesok=n
|
||||
while [ "${valuesok}" != "y" ]; do
|
||||
echo -n 'Please enter the new priority (default 7): '
|
||||
read -r prio
|
||||
echo
|
||||
prio=${prio:-7}
|
||||
|
||||
d=${d:-$(date '+%Y-%m-%d %H:%M:%S%:z')}
|
||||
echo 'The date will be interpreted by "date", so you can use something like "tuesday"'
|
||||
echo -n "Please enter the new date (default: $d): "
|
||||
read -r newd
|
||||
d="$(date --date="${newd:-${d:-now}}" '+%Y-%m-%d %H:%M:%S%:z')"
|
||||
|
||||
cat <<-EOF
|
||||
New settings:
|
||||
Priority: $prio
|
||||
Date: $d
|
||||
EOF
|
||||
echo
|
||||
echo 'Is this correct? [yn] '
|
||||
read -r valuesok
|
||||
done
|
||||
|
||||
echo
|
||||
echo Updating manifest...
|
||||
# Use the stable manifest as source...
|
||||
src="$(cat ${BASEPATH}/${firmware}/stable/images/sysupgrade/stable.manifest)"
|
||||
for branch in beta stable; do
|
||||
m=${BASEPATH}/${firmware}/stable/images/sysupgrade/${branch}.manifest
|
||||
echo "####### Manifest: ${m}"
|
||||
awk -v "branch=${branch}" -v "d=${d}" -v "prio=${prio}" '/^BRANCH=/ {print "BRANCH=" branch; next} /^DATE=/ {print "DATE=" d; next} /^PRIORITY=/ {print "PRIORITY=" prio; next} /^---/ {exit} {print}' <<< "${src}" > "${m}"
|
||||
done
|
63
update-mirror.sh
Executable file
63
update-mirror.sh
Executable file
|
@ -0,0 +1,63 @@
|
|||
#!/bin/bash -e
|
||||
|
||||
LOCAL_BASE="${HOME}/firmware/update-mirror"
|
||||
|
||||
show_usage() {
|
||||
cat <<EOF
|
||||
This script adds firmware to the update-mirror. Note that this script will replace an already existing version if
|
||||
it has the same version number.
|
||||
Usage: $0 [-r] [-n] [-u] <firmware>
|
||||
-r Release the firmware by changing the branch specific link to point to the new firmware
|
||||
-n Set the rsync dry-run flag (WARNING: does not prevent the release link!)
|
||||
-u rsync update-mirror to the update servers. use sync-firmware.sh if you want to do that later.
|
||||
firmware: The directory created by the site-ffhh/build.sh script
|
||||
for example: /home/gluon/firmware/0.8.5+exp20171028
|
||||
Must contain a single subdirectory named stable or experimental.
|
||||
EOF
|
||||
}
|
||||
|
||||
while [ $# -gt 0 ]; do
|
||||
case "$1" in
|
||||
-r)
|
||||
RELEASE=1
|
||||
;;
|
||||
-n)
|
||||
DRYRUN=--dry-run
|
||||
;;
|
||||
-u)
|
||||
UPLOAD=1
|
||||
;;
|
||||
*)
|
||||
FIRMWARE="$1"
|
||||
if [ ! -d "$FIRMWARE" ]; then
|
||||
show_usage
|
||||
exit 1
|
||||
fi
|
||||
;;
|
||||
esac
|
||||
shift
|
||||
done
|
||||
|
||||
if [ ! -d "$FIRMWARE" ]; then
|
||||
show_usage
|
||||
exit 1
|
||||
fi
|
||||
|
||||
pushd "$FIRMWARE" 2>/dev/null
|
||||
VERSION="$(basename -- $(pwd -P))"
|
||||
branch=$(ls | head -1)
|
||||
pushd "$branch" 2>/dev/null
|
||||
echo '############################# Updating the local mirror...'
|
||||
TARGET="${LOCAL_BASE}/multi/archive/${VERSION}"
|
||||
mkdir -p "${TARGET}"
|
||||
rsync --verbose --progress --stats --recursive --hard-links --links --perms --times $DRYRUN . "${TARGET}"
|
||||
if [ "${RELEASE}" == "1" ]; then
|
||||
rm -f "${LOCAL_BASE}/multi/${branch}"
|
||||
ln -s "archive/${VERSION}" "${LOCAL_BASE}/multi/${branch}"
|
||||
fi
|
||||
|
||||
if [ "${UPLOAD}" == "1" ]; then
|
||||
echo '############################# Uploading to servers...'
|
||||
rsync --recursive --delete-before --links --hard-links --times --partial --verbose --progress $DRYRUN $EXCLUDES "${LOCAL_BASE}/." ffupdates@srv01.hamburg.freifunk.net:updates/
|
||||
rsync --recursive --delete-before --links --hard-links --times --partial --verbose --progress $DRYRUN $EXCLUDES "${LOCAL_BASE}/." ffupdates@srv03.hamburg.freifunk.net:/var/www/updates/
|
||||
fi
|
Loading…
Reference in a new issue