|
|
|
#!/usr/bin/env bash
|
|
|
|
|
|
|
|
readonly CHECKSUM_TYPE="sha256";
|
|
|
|
readonly CHECKSUM_APP="${CHECKSUM_TYPE}sum";
|
|
|
|
readonly GPG_FINGERPRINT="7C9E68152594688862D62AF62D9AE806EC1592E2";
|
|
|
|
readonly GITEA_USER={{ gitea_system_user | quote }};
|
|
|
|
readonly GITEA_DIR={{ gitea_installation_directory | quote }};
|
|
|
|
readonly GITEA_BIN={{ gitea_binary_path | quote }};
|
|
|
|
readonly SERVICE_NAME={{ gitea_service_name | quote }};
|
|
|
|
|
|
|
|
set -euxo pipefail;
|
|
|
|
|
|
|
|
gpg --quiet --keyserver eu.pool.sks-keyservers.net --recv "$GPG_FINGERPRINT";
|
|
|
|
|
|
|
|
function error() {
|
|
|
|
echo "$@" >&2;
|
|
|
|
}
|
|
|
|
|
|
|
|
function as() {
|
|
|
|
sudo -u "$GITEA_USER" "$@";
|
|
|
|
}
|
|
|
|
|
|
|
|
if [ -f "$GITEA_BIN" ]; then
|
|
|
|
installed=$(cd "$GITEA_DIR" && as "$GITEA_BIN" --version | grep --only-matching --perl-regexp '(?<=version )\d+(\.\d+)*(?= )');
|
|
|
|
else
|
|
|
|
installed=0;
|
|
|
|
fi
|
|
|
|
version=$(curl --silent https://blog.gitea.io/index.xml | grep --only-matching --perl-regexp '<title>.*</title>' | grep --only-matching --perl-regexp '\d+(\.\d+)+' | sort --version-sort --reverse | head --lines=1);
|
|
|
|
address="https://dl.gitea.io/gitea/$version";
|
|
|
|
binary="gitea-$version-linux-amd64";
|
|
|
|
signature="$binary.asc";
|
|
|
|
checksum="$binary.$CHECKSUM_TYPE";
|
|
|
|
|
|
|
|
if [[ -z "$installed" ]]; then
|
|
|
|
error "Missing version installed";
|
|
|
|
exit 2;
|
|
|
|
fi
|
|
|
|
if [[ -z "$version" ]]; then
|
|
|
|
error "Missing version available";
|
|
|
|
exit 2;
|
|
|
|
fi
|
|
|
|
if [[ "$installed" = "$version" ]]; then
|
|
|
|
exit 0;
|
|
|
|
fi
|
|
|
|
|
|
|
|
cd "$GITEA_DIR";
|
|
|
|
|
|
|
|
for a in "$binary" "$signature" "$checksum"; do
|
|
|
|
if ! wget --quiet --output-document="$a" "$address/$a"; then
|
|
|
|
error "Failed to download $a";
|
|
|
|
exit 1;
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
|
|
|
|
if ! "$CHECKSUM_APP" --quiet --check "$checksum"; then
|
|
|
|
error "Checksum not correct!";
|
|
|
|
exit 1;
|
|
|
|
fi
|
|
|
|
if ! (gpg --status-fd 1 --verify "$signature" "$binary" 2>/dev/null | grep --perl-regexp 'VALIDSIG .* '"$GPG_FINGERPRINT" > /dev/null); then
|
|
|
|
error "Signature not valid!";
|
|
|
|
exit 1;
|
|
|
|
fi
|
|
|
|
|
|
|
|
rm "$checksum";
|
|
|
|
rm "$signature";
|
|
|
|
|
|
|
|
mv "$binary" "$GITEA_BIN";
|
|
|
|
chmod u=rwx,g=rx,o=r "$GITEA_BIN";
|
|
|
|
chown root:"$GITEA_USER" "$GITEA_BIN"
|
|
|
|
|
|
|
|
if [[ ! "$installed" = "0" ]]; then
|
|
|
|
systemctl restart "$SERVICE_NAME";
|
|
|
|
fi
|