#!/usr/bin/env bash readonly CHECKSUM_TYPE="sha256"; readonly CHECKSUM_APP="${CHECKSUM_TYPE}sum"; readonly GPG_FINGERPRINT="7C9E68152594688862D62AF62D9AE806EC1592E2"; readonly GITEA_USER={{ gitea_system_user | quote }}; readonly GITEA_DIR={{ gitea_installation_directory | quote }}; readonly GITEA_BIN={{ gitea_binary_path | quote }}; readonly SERVICE_NAME={{ gitea_service_name | quote }}; set -euxo pipefail; gpg --quiet --keyserver eu.pool.sks-keyservers.net --recv "$GPG_FINGERPRINT"; function error() { echo "$@" >&2; } function as() { sudo -u "$GITEA_USER" "$@"; } if [ -f "$GITEA_BIN" ]; then installed=$(cd "$GITEA_DIR" && as "$GITEA_BIN" --version | grep --only-matching --perl-regexp '(?<=version )\d+(\.\d+)*(?= )'); else installed=0; fi version=$(curl --silent https://blog.gitea.io/index.xml | grep --only-matching --perl-regexp '.*' | grep --only-matching --perl-regexp '\d+(\.\d+)+' | sort --version-sort --reverse | head --lines=1); address="https://dl.gitea.io/gitea/$version"; binary="gitea-$version-linux-amd64"; signature="$binary.asc"; checksum="$binary.$CHECKSUM_TYPE"; if [[ -z "$installed" ]]; then error "Missing version installed"; exit 2; fi if [[ -z "$version" ]]; then error "Missing version available"; exit 2; fi if [[ "$installed" = "$version" ]]; then exit 0; fi cd "$GITEA_DIR"; for a in "$binary" "$signature" "$checksum"; do if ! wget --quiet --output-document="$a" "$address/$a"; then error "Failed to download $a"; exit 1; fi done if ! "$CHECKSUM_APP" --quiet --check "$checksum"; then error "Checksum not correct!"; exit 1; fi if ! (gpg --status-fd 1 --verify "$signature" "$binary" 2>/dev/null | grep --perl-regexp 'VALIDSIG .* '"$GPG_FINGERPRINT" > /dev/null); then error "Signature not valid!"; exit 1; fi rm "$checksum"; rm "$signature"; mv "$binary" "$GITEA_BIN"; chmod u=rwx,g=rx,o=r "$GITEA_BIN"; chown root:"$GITEA_USER" "$GITEA_BIN" if [[ ! "$installed" = "0" ]]; then systemctl restart "$SERVICE_NAME"; fi