-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmirror_apt_repo
executable file
·119 lines (104 loc) · 2.56 KB
/
mirror_apt_repo
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
#!/usr/bin/env bash
set -eufo pipefail
dir="$(realpath "$(dirname "${BASH_SOURCE[0]}")")"
parse_pkgs() (
"$dir/parse_pkgs" "$@"
)
download_gpg() (
echo "$1" >&2
file="$(mktemp)"
if curl "$1" | gpg --verify --output - > "$file"; then
echo "$file"
else
rm "$file"
exit 1
fi
)
download_sha256sum() (
echo "$2" >&2
file="$(mktemp)"
curl "$2" > "$file"
hash="$(sha256sum "$file" | head -c 64)"
if [ "$hash" != "$1" ]; then
echo "invalid sha256sum" >&2
rm "$file"
exit 1
fi
echo "$file"
)
download_from_release() (
repo="$1"
dist="$2"
path="$3"
hash="$(awk -v file="$path" '!/^ / { flag=0 } flag && $3 == file { print $1 } /^SHA256:$/ { flag = 1 }')"
file="$(download_sha256sum "$hash" "http://deb.debian.org/debian/dists/testing/$path")"
echo "$file"
)
main() (
target_dir=
repo=deb.debian.org/debian
dist=testing
description=snapshot
while [ $# -gt 0 ]; do
case "$1" in
-t|--target-dir)
target_dir="$2"
shift 2
;;
-r|--repo)
repo="$2"
shift 2
;;
-d|--dist)
dist="$2"
shift 2
;;
--i|--description)
description="$2"
shift 2
;;
*)
break
;;
esac
done
[ -n "$target_dir" ]
[ -n "$repo" ]
[ -n "$dist" ]
release="$(download_gpg "http://$repo/dists/$dist/InRelease")"
date="$(awk -F ': ' '$1 == "Date" { print $2 }' < "$release")"
timestamp="$(date -d "$date" '+%s')"
index_files="$(mktemp)"
mkdir -p "$target_dir"
truncate -s 0 "$target_dir/mirrorlist"
for path in main/binary-{all,amd64,arm64}/Packages main/source/Sources; do
mkdir -p "$target_dir/$(dirname "$path")"
file="$(download_from_release "$repo" "$dist" "$path.gz" < "$release")"
mirrorlist="$(mktemp)"
gzip -d < "$file" | parse_pkgs "source_file_prefix=http://$repo/" "mirrorlist=$mirrorlist" > "$target_dir/$path"
rm "$file"
cat "$mirrorlist" >> "$target_dir/mirrorlist"
rm "$mirrorlist"
size="$(wc -c "$target_dir/$path" | cut -d ' ' -f 1)"
hash="$(sha256sum "$target_dir/$path" | head -c 64)"
echo " $hash $size $path" >> "$index_files"
gzip < "$target_dir/$path" > "$target_dir/$path.gz"
rm "$target_dir/$path"
size="$(wc -c "$target_dir/$path.gz" | cut -d ' ' -f 1)"
hash="$(sha256sum "$target_dir/$path.gz" | head -c 64)"
echo " $hash $size $path.gz" >> "$index_files"
done
rm "$release"
cat <<-EOF | gpg --clearsign > "$target_dir/InRelease"
Codename: $timestamp
Description: $description
Components: main
Architectures: all amd64 arm64
Date: $(date -R -u -d "$date")
Valid-Until: $(date -R -u -d "$date + 100 years")
SHA256:
$(cat "$index_files")
EOF
rm "$index_files"
)
main "$@"