mirror of
https://github.com/ben-grande/qusal.git
synced 2024-10-01 02:35:49 -04:00
style: limit line length per file extension
Editorconfig can only act based on file extension and path, not attributes, it remains a mean only for multiple collaborators to use the same configuration on their editor. When it is too restrictive, such as not considering the file syntax, use a lint tool for the specific file type instead of trusting editorconfig. Changes were made to increase readability.
This commit is contained in:
parent
2d0bf9784d
commit
011a71a36d
@ -1,4 +1,4 @@
|
||||
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
#
|
||||
# SPDX-License-Identifier: GPL-3.0-or-later
|
||||
|
||||
@ -16,8 +16,24 @@ end_of_line = lf
|
||||
indent_style = tab
|
||||
indent_size = 8
|
||||
|
||||
[*.{md,sh,yaml,yml,toml,json}]
|
||||
[*.{md,toml,json}]
|
||||
indent_size = 2
|
||||
|
||||
[*.{py}]
|
||||
[*.{yaml,yml}]
|
||||
indent_size = 2
|
||||
max_line_length = 120
|
||||
|
||||
[*.{sls,top,jinja}]
|
||||
max_line_length = 160
|
||||
|
||||
[*.py]
|
||||
indent_size = 4
|
||||
max_line_length = 79
|
||||
|
||||
[{*.{sh,bash,ksh,zsh,lessfilter,xinitrc,Xinitrc,xsession,Xsession,xsessionrc,Xsessionrc,xprofile,Xprofile},**/.config/{sh,bash,ksh,zsh}/**,**/git/shell/**,**/qubes-bind-dirs.d/**,**/lib-qubes-bind-dirs.d/**,**/rc.local.d/**,**/dom0/files/autostartart-scripts/**,**/git/template/hooks/**,**/git/files/client/git-core/**}]
|
||||
indent_size = 2
|
||||
## Impossible to be sure via file extension if it is a shell file.
|
||||
# /bin/.*
|
||||
# /rpc/.*
|
||||
# /network-hooks\.d/.*
|
||||
# /qubes-firewall\.d/.*
|
||||
|
6
.github/workflows/reject-pr.yaml
vendored
6
.github/workflows/reject-pr.yaml
vendored
@ -52,5 +52,9 @@ jobs:
|
||||
uses: peter-evans/close-pull@v3
|
||||
with:
|
||||
# yamllint disable-line rule:line-length
|
||||
comment: 'Automatically closing this PR due to submitter not reading the contribution guidelines and using GitHub WebUI to commit. Please fix the issues and open a new PR after you have read the contribution guidelines.'
|
||||
comment: >
|
||||
Automatically closing this PR due to submitter not reading the
|
||||
contribution guidelines and using GitHub WebUI to commit. Please
|
||||
fix the issues and open a new PR after you have read the
|
||||
contribution guidelines.
|
||||
delete-branch: false
|
||||
|
@ -28,9 +28,15 @@ repos:
|
||||
language: script
|
||||
pass_filenames: true
|
||||
# yamllint disable rule:line-length
|
||||
files: (\.sh|/rc\.local\.d/.*\.rc|/bin/.*|/rpc/.*|/network-hooks\.d/.*|/qubes-firewall\.d/.*|/(lib-)?qubes-bind-dirs\.d/.*|/\.config/(sh|bash|zsh|less|x11|git/shell|git/template/hooks)/.*|/autostart-scripts/.*|/qvm-copy-dotfiles|/git-core/.*)
|
||||
files: >-
|
||||
(\.sh|/rc\.local\.d/.*\.rc|/bin/.*|/rpc/.*|/network-hooks\.d/.*|
|
||||
/qubes-firewall\.d/.*|/(lib-)?qubes-bind-dirs\.d/.*|
|
||||
/\.config/(sh|bash|zsh|less|x11|git/shell|git/template/hooks)/.*|
|
||||
/autostart-scripts/.*|/qvm-copy-dotfiles|/git-core/.*)
|
||||
# yamllint disable rule:line-length
|
||||
exclude: \.(policy|asc|txt|top|sls|jinja|toml|vim|py|muttrc|nft|md|spec|list|sources|repo|socket|timer|service|y(a)?ml)$
|
||||
exclude: >-
|
||||
\.(policy|asc|txt|top|sls|jinja|toml|vim|py|muttrc|nft|md|spec|
|
||||
list|sources|repo|socket|timer|service|y(a)?ml)$
|
||||
description: Lint Shellscripts
|
||||
|
||||
- id: markdown-lint
|
||||
@ -81,7 +87,9 @@ repos:
|
||||
args: [test]
|
||||
pass_filenames: true
|
||||
# yamllint disable rule:line-length
|
||||
files: ^(rpm_spec/template/template.spec|salt/.*|scripts/spec-(get|gen)\.sh)$
|
||||
files: >-
|
||||
^(rpm_spec/template/template.spec|salt/.*|
|
||||
scripts/spec-(get|gen)\.sh)$
|
||||
description: Check if RPM SPEC files are up to date
|
||||
|
||||
- id: license-lint
|
||||
|
@ -20,8 +20,10 @@ prefs:
|
||||
- maxmem: 2000
|
||||
features:
|
||||
- set:
|
||||
# editorconfig-checker-disable
|
||||
- default-menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
|
||||
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
|
||||
# editorconfig-checker-enable
|
||||
- disable:
|
||||
- service.tracker
|
||||
- service.evolution-data-server
|
||||
@ -52,6 +54,8 @@ features:
|
||||
- service.tracker
|
||||
- service.evolution-data-server
|
||||
- set:
|
||||
# editorconfig-checker-disable
|
||||
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
|
||||
# editorconfig-checker-enable
|
||||
{%- endload %}
|
||||
{{ load(defaults) }}
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
@ -25,9 +25,11 @@ writeconf(){
|
||||
key="$2"
|
||||
value="$3"
|
||||
|
||||
group_id="$(grep -B1 -- "^Description=$group$" "$file" | head -1 | tr -d "[" | tr -d "]")"
|
||||
group_id="$(grep -B1 -- "^Description=$group$" "$file" | head -1 |
|
||||
tr -d "[" | tr -d "]")"
|
||||
if test -z "${group_id}"; then
|
||||
highest_id="$(grep -- "\[[0-9]\+\]" "$file" | tr -d "[" | tr -d "]" | sort | tail -1)"
|
||||
highest_id="$(grep -- "\[[0-9]\+\]" "$file" | tr -d "[" | tr -d "]" |
|
||||
sort | tail -1)"
|
||||
if test -n "${highest_id}"; then
|
||||
group_id="$((highest_id+1))"
|
||||
else
|
||||
@ -54,7 +56,8 @@ writeconf_group(){
|
||||
fi
|
||||
|
||||
## Regex: https://doc.qt.io/qt-6/qregularexpression.html
|
||||
writeconf "$chosen_group" title "^\\[(disp-|dvm-)?$chosen_group(-\\S+)?\\] .*"
|
||||
writeconf "$chosen_group" title \
|
||||
"^\\[(disp-|dvm-)?$chosen_group(-\\S+)?\\] .*"
|
||||
writeconf "$chosen_group" titlematch 3
|
||||
writeconf "$chosen_group" wmclass "$chosen_group"
|
||||
writeconf "$chosen_group" wmclasscomplete false
|
||||
|
@ -9,7 +9,8 @@ set -eu
|
||||
list_backups(){
|
||||
## Hide stderr to hide remote login connection messages (banners etc).
|
||||
# shellcheck disable=SC2086
|
||||
${qrun_cmd} "${qube}" -- "${cmd} ${find_cmd} 2>/dev/null"
|
||||
qvm-run --filter-escape-chars --no-color-output --no-color-stderr \
|
||||
--pass-io "${qube}" -- "${cmd} ${find_cmd} 2>/dev/null"
|
||||
}
|
||||
|
||||
list_last_backup(){
|
||||
@ -35,7 +36,6 @@ cmd="${3-}"
|
||||
|
||||
find_pattern="qubes-backup-*"
|
||||
find_cmd="find \"${path}\" -maxdepth 1 -type f -name \"${find_pattern}\""
|
||||
qrun_cmd="qvm-run --filter-escape-chars --no-color-output --no-color-stderr --pass-io"
|
||||
|
||||
last_backup="$(list_last_backup)"
|
||||
if test -z "${last_backup}"; then
|
||||
|
@ -20,7 +20,8 @@ set -eu
|
||||
usage(){
|
||||
echo "Usage: ${0##*/} --i-like-danger <DEVICE>"
|
||||
echo "Example: ${0##*/} --i-like-danger 0000:00:1b.0"
|
||||
echo "Warning: It is strongly discouraged to reattach PCI devices to dom0, especially if they don't support resetting!"
|
||||
echo "Warning: Strongly discouraged to reattach PCI devices to dom0"
|
||||
echo "Warning: especially if it doesn't support resetting!"
|
||||
exit 1
|
||||
}
|
||||
|
||||
|
@ -72,7 +72,10 @@ get_rule_handle(){
|
||||
qube="${1}"
|
||||
chain="${2}"
|
||||
rule="${3}"
|
||||
run_qube "${qube}" "nft --handle --stateless list chain ip qubes ${chain} | tr -d '\"' | grep '^\s\+${rule} # handle ' | awk '{print \$NF}' | tr '\n' ' '" 2>/dev/null
|
||||
run_qube "${qube}" -- \
|
||||
"nft --handle --stateless list chain ip qubes ${chain} |
|
||||
tr -d '\"' | grep '^\s\+${rule} # handle ' | awk '{print \$NF}' |
|
||||
tr '\n' ' '" 2>/dev/null
|
||||
}
|
||||
|
||||
delete_rule_handle(){
|
||||
@ -124,10 +127,15 @@ forward() {
|
||||
fi
|
||||
|
||||
dnat_chain="custom-pf-${to_ip_escaped}"
|
||||
dnat_rule="iifname ${dev} ip saddr ${lan_ip} ${proto} dport ${port} ct state established,related,new counter dnat to ${to_ip}"
|
||||
dnat_rule="iifname ${dev} ip saddr ${lan_ip} ${proto} dport ${port} ct"
|
||||
dnat_rule="${dnat_rule} state established,related,new counter dnat to"
|
||||
dnat_rule="${dnat_rule} ${to_ip}"
|
||||
forward_chain="custom-forward"
|
||||
forward_rule="iifname ${dev} ip saddr ${lan_ip} ip daddr ${to_ip} ${proto} dport ${port} ct state established,related,new counter accept"
|
||||
full_rule="nft 'add chain ip qubes ${dnat_chain} { type nat hook prerouting priority filter +1; policy accept; }
|
||||
forward_rule="iifname ${dev} ip saddr ${lan_ip} ip daddr ${to_ip} ${proto}"
|
||||
forward_rule="${forward_rule} dport ${port} ct state"
|
||||
forward_rule="${forward_rule} established,related,new counter accept"
|
||||
dnat_policy="type nat hook prerouting priority filter +1; policy accept;"
|
||||
full_rule="nft 'add chain ip qubes ${dnat_chain} { ${dnat_policy}
|
||||
add rule ip qubes ${dnat_chain} ${dnat_rule}
|
||||
add rule ip qubes ${forward_chain} ${forward_rule}'"
|
||||
|
||||
@ -137,7 +145,8 @@ add rule ip qubes ${forward_chain} ${forward_rule}'"
|
||||
echo "info: ${from_qube}: deleting rules" >&2
|
||||
run_qube "${from_qube}" "rm -f ${hook}"
|
||||
else
|
||||
echo "info: ${from_qube}: adding forward rule dev ${dev} saddr ${lan_ip} daddr ${to_ip}" >&2
|
||||
msg="adding forward rule dev ${dev} saddr ${lan_ip} daddr ${to_ip}"
|
||||
echo "info: ${from_qube}: ${msg}" >&2
|
||||
run_qube "${from_qube}" "${full_rule}"
|
||||
|
||||
if test "${persistent}" = "1"; then
|
||||
@ -149,7 +158,9 @@ add rule ip qubes ${forward_chain} ${forward_rule}'"
|
||||
get_handle(){
|
||||
chain=\\\${1}
|
||||
rule=\\\${2}
|
||||
nft --handle --stateless list chain ip qubes \\\${chain} | tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
|
||||
nft --handle --stateless list chain ip qubes \\\${chain} | \\\
|
||||
tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | \\\
|
||||
awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
|
||||
}
|
||||
|
||||
forward_handle=\\\$(get_handle ${forward_chain} \\\"${forward_rule}\\\")
|
||||
@ -169,7 +180,8 @@ fi
|
||||
${full_rule}"
|
||||
|
||||
create_net_dir "${from_qube}"
|
||||
run_qube "${from_qube}" "echo \"${full_rule}\" | tee \"${hook}\" >/dev/null"
|
||||
run_qube "${from_qube}" \
|
||||
"echo \"${full_rule}\" | tee \"${hook}\" >/dev/null"
|
||||
run_qube "${from_qube}" "chmod +x ${hook}"
|
||||
fi
|
||||
fi
|
||||
@ -181,7 +193,8 @@ input() {
|
||||
hook="${hook_prefix}${to_ip}-${proto}-${port}.sh"
|
||||
create_net_dir "${qube}"
|
||||
|
||||
custom_input_rule="${proto} dport ${port} ip daddr ${to_ip} ct state new counter accept"
|
||||
custom_input_rule="${proto} dport ${port} ip daddr ${to_ip} ct state new"
|
||||
custom_input_rule="${custom_input_rule} counter accept"
|
||||
input_rule="nft add rule ip qubes custom-input ${custom_input_rule}"
|
||||
|
||||
delete_rule "${qube}" "custom-input" "${custom_input_rule}"
|
||||
@ -196,7 +209,9 @@ input() {
|
||||
get_handle(){
|
||||
chain=\\\${1}
|
||||
rule=\\\${2}
|
||||
nft --handle --stateless list chain ip qubes \\\${chain} | tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
|
||||
nft --handle --stateless list chain ip qubes \\\${chain} | \\\
|
||||
tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | \\\
|
||||
awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
|
||||
}
|
||||
|
||||
input_handle=\\\$(get_handle custom-input \\\"${custom_input_rule}\\\")
|
||||
@ -244,7 +259,7 @@ get_lan(){
|
||||
test_qvm_run(){
|
||||
qube="${1}"
|
||||
if ! run_qube "${qube}" echo "Test QUBESRPC" >/dev/null 2>&1; then
|
||||
echo "error: ${qube}: service qubes.VMShell failed, use a different qube" >&2
|
||||
echo "error: ${qube}: RPC qubes.VMShell failed, use a different qube" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
@ -267,7 +282,9 @@ recurse_netvms() {
|
||||
}
|
||||
|
||||
usage() {
|
||||
echo "Usage: ${0##*/} --action ACTION --qube QUBE --port PORT --proto PROTO [--persistent]
|
||||
echo "Usage: ${0##*/} OPTIONS
|
||||
Option syntax:
|
||||
--action ACTION --qube QUBE --port PORT --proto PROTO [--persistent]
|
||||
Options:
|
||||
-a, --action ACTION add or delete a rule (add, del)
|
||||
-q, --qube QUBE qube name which holds the service to be exposed
|
||||
@ -280,7 +297,7 @@ Example:
|
||||
${0##*/} --action del --qube work --port 22 --proto tcp
|
||||
${0##*/} --action del --qube work --port 444 --proto udp
|
||||
Note: Defaults to temporary rules
|
||||
Warn: Use of '--persistent' with disposable netvm saves the rule in the disposable template" >&2
|
||||
Warn: Persistent rules of disposable netvm are saved to its template" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
@ -322,7 +339,9 @@ hook_dir="/rw/config/network-hooks.d"
|
||||
hook_prefix="${hook_dir}/90-port-forward-"
|
||||
persistent=""
|
||||
|
||||
if ! OPTS=$(getopt -o h,a:q:p:n:s --long help,action:,qube:,port:,proto:,persistent -n "${0}" -- "${@}"); then
|
||||
if ! OPTS=$(getopt -o h,a:q:p:n:s \
|
||||
--long help,action:,qube:,port:,proto:,persistent -n "${0}" -- "${@}")
|
||||
then
|
||||
echo "An error occurred while parsing options." >&2
|
||||
exit 1
|
||||
fi
|
||||
|
@ -69,7 +69,8 @@ mkdir -p "${guivm_pictures_dir}" || exit 1
|
||||
|
||||
current_date="$(date +"%Y-%m-%d-%H%M%S")"
|
||||
screenshot_basename="${current_date}.png"
|
||||
screenshot_file="${guivm_pictures_dir}/${screenshot_basename}"
|
||||
screenshot_file="${guivm_pictures_dir%*/}/${screenshot_basename}"
|
||||
qube_screenshot_file="${qube_pictures_dir}/${screenshot_basename}"
|
||||
screenshot_type_text=""
|
||||
screenshot_action_text=""
|
||||
screenshot_action_supplied=""
|
||||
@ -179,7 +180,8 @@ else
|
||||
screenshot_cmd="xfce4-screenshooter"
|
||||
fi
|
||||
if test -z "${screenshot_cmd}"; then
|
||||
msg="screenshot programs not found: spectacle xfce4-screenshooter scrot maim"
|
||||
msg="screenshot programs not found"
|
||||
msg="${msg}: spectacle xfce4-screenshooter scrot maim"
|
||||
echo "[ERROR] ${msg}"
|
||||
case "${dialog_cmd}" in
|
||||
zenity) zenity --info --text "${msg}";;
|
||||
@ -217,7 +219,7 @@ case "${screenshot_type_text}" in
|
||||
*) echo "[ERROR] mode not selected"; exit 1;;
|
||||
esac
|
||||
|
||||
if ! test -f "${guivm_pictures_dir}/${screenshot_basename}"; then
|
||||
if ! test -f "${screenshot_file}"; then
|
||||
msg="Screenshot was not saved in GuiVM"
|
||||
echo "[ERROR] ${msg}"
|
||||
case "${dialog_cmd}" in
|
||||
@ -228,7 +230,7 @@ if ! test -f "${guivm_pictures_dir}/${screenshot_basename}"; then
|
||||
fi
|
||||
|
||||
if test "${screenshot_action_supplied}" != "1"; then
|
||||
dialog_title="Saved to ${screenshot_basename}. What do you want to do with the screenshot?"
|
||||
dialog_title="Saved to ${screenshot_file}. What do you want to do with it?"
|
||||
case "${dialog_cmd}" in
|
||||
zenity)
|
||||
screenshot_action_text="$(zenity --list --width=280 --height=210 \
|
||||
@ -314,10 +316,11 @@ if ! qvm-check -- "${qube}" >/dev/null 2>&1; then
|
||||
fi
|
||||
|
||||
qvm-run "${qube}" -- "mkdir -p \"${qube_pictures_dir}\""
|
||||
qvm-run --pass-io "${qube}" -- "cat > \"${qube_pictures_dir}/${screenshot_basename}\"" < "${guivm_pictures_dir}/${screenshot_basename}"
|
||||
qvm-run --pass-io "${qube}" -- "cat > \"${qube_screenshot_file}\"" \
|
||||
< "${screenshot_file}"
|
||||
|
||||
if test ${file_move} = "1"; then
|
||||
rm -f "${guivm_pictures_dir}/${screenshot_basename}"
|
||||
rm -f "${screenshot_file}"
|
||||
fi
|
||||
|
||||
if test "${file_manager}" = "1"; then
|
||||
|
@ -35,13 +35,13 @@ case "${1-}" in
|
||||
## Try to run on focused window, if Dom0 is focused, it will prompt you to
|
||||
## select a qube window.
|
||||
id="$(xdotool getwindowfocus)"
|
||||
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F '"' '{print $2}')"
|
||||
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F'"' '{print $2}')"
|
||||
if test -n "${qube}"; then
|
||||
exec qvm-run --service -- "${qube}" "qubes.StartApp+${service}"
|
||||
fi
|
||||
echo "Select a qube window ..."
|
||||
id="$(xdotool selectwindow)"
|
||||
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F '"' '{print $2}')"
|
||||
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F'"' '{print $2}')"
|
||||
if test -n "${qube}"; then
|
||||
qvm-run --service -- "${qube}" "qubes.StartApp+${service}"
|
||||
fi
|
||||
|
@ -1 +1 @@
|
||||
Subproject commit a8129e053a38dc4c69b2010e5202c1632e67a69d
|
||||
Subproject commit 024e9c469de634181ec77eb52420f25339f4f01e
|
@ -11,6 +11,7 @@
|
||||
set -eu
|
||||
|
||||
qube="${1}"
|
||||
dnf_min_install="dnf -q install --refresh -y --setopt=install_weak_deps=False"
|
||||
|
||||
qvm-run --user=root --pass-io --filter-escape-chars --no-color-output \
|
||||
--no-color-stderr "${qube}" -- \
|
||||
"dnf --quiet install --refresh --assumeyes --setopt=install_weak_deps=False python3-urllib3"
|
||||
--no-color-stderr "${qube}" -- "${dnf_min_install} python3-urllib3"
|
||||
|
@ -48,8 +48,10 @@ features:
|
||||
- enable:
|
||||
- appmenus-dispvm
|
||||
- set:
|
||||
# editorconfig-checker-disable
|
||||
- default-menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-start.desktop libreoffice-base.desktop libreoffice-calc.desktop libreoffice-draw.desktop libreoffice-impress.desktop libreoffice-math.desktop libreoffice-startcenter.desktop libreoffice-writer.desktop org.gnome.Evince.desktop qubes-open-file-manager.desktop" # noqa: 204
|
||||
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-start.desktop libreoffice-base.desktop libreoffice-calc.desktop libreoffice-draw.desktop libreoffice-impress.desktop libreoffice-math.desktop libreoffice-startcenter.desktop libreoffice-writer.desktop org.gnome.Evince.desktop qubes-open-file-manager.desktop" # noqa: 204
|
||||
# editorconfig-checker-enable
|
||||
{%- endload %}
|
||||
{{ load(defaults) }}
|
||||
|
||||
|
@ -8,7 +8,8 @@ set -eu
|
||||
conf="${HOME}/.bitcoin/conf.d/cookie.conf"
|
||||
|
||||
if ! systemctl is-active bitcoind >/dev/null 2>&1; then
|
||||
echo "systemd service 'bitcoind' is not active, remote RPC cannot add crendtials" >&2
|
||||
echo "systemd service 'bitcoind' is inactive" >&2
|
||||
echo "remote RPC can't add crendetials" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -25,7 +25,7 @@ check_installed(){
|
||||
missing_programs=1
|
||||
fi
|
||||
done
|
||||
if test "${missing_programs}"; then
|
||||
if test "${missing_programs}" = "1"; then
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
@ -45,7 +45,10 @@ getblock(){
|
||||
check_installed bitcoin-cli xxd
|
||||
bitcoin-cli getblock "${block_hash}" 0 \
|
||||
| tail -c+92167 \
|
||||
| for ((o=0;o<946;++o)); do read -rN420 x; echo -n "${x::130}${x:132:130}${x:264:130}" ; done \
|
||||
| for ((o=0;o<946;++o)); do \
|
||||
read -rN420 x; \
|
||||
echo -n "${x::130}${x:132:130}${x:264:130}"; \
|
||||
done \
|
||||
| xxd -r -p \
|
||||
| tail -c+9 \
|
||||
| head -c184292 \
|
||||
@ -77,15 +80,15 @@ gettxout(){
|
||||
}
|
||||
|
||||
usage(){
|
||||
echo "Usage: ${0##*/} getblock|getrawtransaction|gettxtout [DIR]"
|
||||
echo "Note: gettxtout works with pruned node"
|
||||
echo "Usage: ${0##*/} getblock|getrawtransaction|gettxout [DIR]"
|
||||
echo "Note: gettxout works with pruned node"
|
||||
echo "Note: DIR defaults to \$HOME"
|
||||
exit 1
|
||||
}
|
||||
|
||||
case "${1:-}" in
|
||||
"getblock"|"getrawtransaction"|"gettxtout")
|
||||
test -z "${2}" || dir="${2}"
|
||||
"getblock"|"getrawtransaction"|"gettxout")
|
||||
test -z "${2-}" || dir="${2}"
|
||||
validate_dir "${dir}"
|
||||
output_file="${dir}/${file}"
|
||||
"${1}"
|
||||
|
@ -14,7 +14,8 @@ bitcoin_pass="/home/user/.bitcoin/rpcclient.pass"
|
||||
user="${QREXEC_REMOTE_DOMAIN}"
|
||||
|
||||
if ! systemctl is-active bitcoind >/dev/null 2>&1; then
|
||||
echo "systemd service 'bitcoind' is not active, cannot add credentials with remote RPC" >&2
|
||||
echo "systemd service 'bitcoind' is not active" >&2
|
||||
echo "cannot add credentials with remote RPC" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
@ -10,7 +10,7 @@ import argparse
|
||||
import qubesadmin # pylint: disable=import-error
|
||||
import qubesadmin.vm # pylint: disable=import-error
|
||||
|
||||
def get_cacher_tagged_qubes(qubes, wanted_dist, extraneous=False):
|
||||
def get_clients(qubes, wanted_dist, extraneous=False):
|
||||
"""Get qubes tagged for ACNG"""
|
||||
domains = []
|
||||
for qube in qubes.domains: # pylint: disable=invalid-name
|
||||
@ -51,8 +51,7 @@ def main(): # pylint: disable=missing-function-docstring
|
||||
|
||||
wanted_dist = ["debian", "fedora", "arch", "ubuntu", "kicksecure"]
|
||||
qubes = qubesadmin.Qubes()
|
||||
domains = get_cacher_tagged_qubes(qubes, wanted_dist,
|
||||
extraneous=args.extraneous)
|
||||
domains = get_clients(qubes, wanted_dist, extraneous=args.extraneous)
|
||||
print("\n".join(domains))
|
||||
|
||||
|
||||
|
@ -4,6 +4,7 @@
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
cp -r /rw/config/systemd/qusal-acng-browser-forwarder* /usr/lib/systemd/system/
|
||||
cp -r /rw/config/systemd/qusal-acng-browser-forwarder* \
|
||||
/usr/lib/systemd/system/
|
||||
systemctl daemon-reload
|
||||
systemctl --no-block restart qusal-acng-browser-forwarder.socket
|
||||
|
@ -30,23 +30,27 @@ set_proxy_marker(){
|
||||
|
||||
if ! grep -q "^${marker_begin}$" "${proxy_file}"; then
|
||||
if grep -q "^${marker_end}$" "${proxy_file}"; then
|
||||
echo "Error: found marker ${marker_end_text} but not ${marker_begin_text} in ${proxy_file}" >&2
|
||||
echo "Fix the file by either removing both markers or adding missing ones and retry" >&2
|
||||
msg="found marker ${marker_end_text} but not ${marker_begin_text}"
|
||||
msg="${msg} in ${proxy_file}."
|
||||
msg="${msg} fix it by removing markers or adding missing ones and retry"
|
||||
echo "Error: ${msg}" >&2
|
||||
exit 1
|
||||
fi
|
||||
cp "${proxy_file}" "${proxy_file}.qubes-orig"
|
||||
echo "${marker_begin}" | tee -a "${proxy_file}" >/dev/null
|
||||
echo "${marker_end}" | tee -a "${proxy_file}" >/dev/null
|
||||
elif ! grep -q "^${marker_end}$" "${proxy_file}"; then
|
||||
echo "Error: found marker ${marker_begin_text} but not ${marker_end_text} in ${proxy_file}" >&2
|
||||
echo "Fix the file by either removing both markers or adding missing ones and retry" >&2
|
||||
msg="found marker ${marker_begin_text} but not ${marker_end_text}"
|
||||
msg="${msg} in ${proxy_file}."
|
||||
msg="${msg} fix it by removing markers or adding missing ones and retry"
|
||||
echo "error: ${msg}" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
proxy_tmp_file="$(mktemp)"
|
||||
cat >"${proxy_tmp_file}" <<EOF
|
||||
# The text between ${marker_begin_text} and ${marker_end_text} is automatically
|
||||
# generated by $0. All changes here will be overridden.
|
||||
# The text between ${marker_begin_text} and ${marker_end_text} is
|
||||
# automatically generated by $0. All changes here will be overridden.
|
||||
# You can override options after the ${marker_end_text}.
|
||||
${proxy_options}
|
||||
EOF
|
||||
@ -76,7 +80,7 @@ check_netvm_cacher(){
|
||||
if test -f /var/run/qubes-service/netvm-cacher; then
|
||||
proxy_host="$(qubesdb-read /qubes-gateway)"
|
||||
if test -z "${proxy_host}"; then
|
||||
echo "Error: service netvm-cacher enabled but netvm IP was not found" >&2
|
||||
echo "Error: service netvm-cacher enabled but netvm IP not found" >&2
|
||||
return 1
|
||||
fi
|
||||
fi
|
||||
@ -120,9 +124,14 @@ EOF
|
||||
|
||||
case "${action}" in
|
||||
install)
|
||||
baseurl_search="baseurl\s*=\s*https://"
|
||||
baseurl_repl="baseurl=http://HTTPS///"
|
||||
meta_search="metalink\s*=\s*https://"
|
||||
meta_repl="metalink=http://HTTPS///"
|
||||
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
|
||||
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|baseurl\s*=\s*https://|baseurl=http://HTTPS///|w ${changes_file}" \
|
||||
-e "s|metalink\s*=\s*https://|metalink=http://HTTPS///|w ${changes_file}" \
|
||||
-e "${baseurl_expr}" -e "${meta_expr}" \
|
||||
{} \+
|
||||
|
||||
set --
|
||||
@ -136,16 +145,26 @@ EOF
|
||||
done
|
||||
test -n "${*}" || return 0
|
||||
|
||||
baseurl_search="^\s*#.*baseurl"
|
||||
baseurl_repl="baseurl"
|
||||
meta_search="^\s*metalink\s*=\s*"
|
||||
meta_expr="#metalink="
|
||||
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
|
||||
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|^\s*#.*baseurl|baseurl|w ${changes_file}" \
|
||||
-e "s|^\s*metalink\s*=\s*|#metalink=|w ${changes_file}" \
|
||||
-e "${baseurl_expr}" -e "${meta_expr}" \
|
||||
{} \+
|
||||
;;
|
||||
|
||||
uninstall)
|
||||
baseurl_search="baseurl\s*=\s*http://HTTPS///"
|
||||
baseurl_repl="baseurl=https://"
|
||||
meta_search="metalink\s*=\s*http://HTTPS///"
|
||||
meta_repl="metalink=https://"
|
||||
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
|
||||
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|baseurl\s*=\s*http://HTTPS///|baseurl=https://|w ${changes_file}" \
|
||||
-e "s|metalink\s*=\s*http://HTTPS///|metalink=https://|w ${changes_file}" \
|
||||
-e "${baseurl_expr}" -e "${meta_expr}" \
|
||||
{} \+
|
||||
|
||||
set --
|
||||
@ -194,16 +213,26 @@ EOF
|
||||
|
||||
case "${action}" in
|
||||
install)
|
||||
sources_search="URIs:\s*https://"
|
||||
sources_repl="URIs: http://HTTPS///"
|
||||
list_search="^\s*\(#*\)\s*deb\(.*\)https://"
|
||||
list_repl="\1deb\2http://HTTPS///"
|
||||
sources_expr="s|${sources_search}|${sources_repl}|w ${changes_file}"
|
||||
list_expr="s|${list_search}|${list_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|URIs:\s*https://|URIs: http://HTTPS///|w ${changes_file}" \
|
||||
-e "s|^\s*\(#*\)\s*deb\(.*\)https://|\1deb\2http://HTTPS///|w ${changes_file}" \
|
||||
-e "${list_expr}" -e "${sources_expr}" \
|
||||
{} \+
|
||||
;;
|
||||
|
||||
uninstall)
|
||||
sources_search="URIs:\s*http://HTTPS///"
|
||||
sources_repl="URIs: https://"
|
||||
list_search="^\s*\(#*\)\s*deb\(.*\)http://HTTPS///"
|
||||
list_repl="\1deb\2https://"
|
||||
sources_expr="s|${sources_search}|${sources_repl}|w ${changes_file}"
|
||||
list_expr="s|${list_search}|${list_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|URIs:\s*http://HTTPS///|URIs: https://|w ${changes_file}" \
|
||||
-e "s|^\s*\(#*\)\s*deb\(.*\)http://HTTPS///|\1deb\2https://|w ${changes_file}" \
|
||||
-e "${list_expr}" -e "${sources_expr}" \
|
||||
{} \+
|
||||
;;
|
||||
esac
|
||||
@ -242,21 +271,27 @@ EOF
|
||||
|
||||
case "${action}" in
|
||||
install)
|
||||
repo_search="Server\s*=\s*https://" \
|
||||
repo_repl="Server = http://HTTPS///"
|
||||
repo_regex="s|${repo_search}|${repo_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|Server\s*=\s*https://|Server = http://HTTPS///|w ${changes_file}" \
|
||||
-e "${repo_regex}" \
|
||||
{} \+
|
||||
;;
|
||||
|
||||
uninstall)
|
||||
repo_search="Server\s*=\s*http://HTTPS///"
|
||||
repo_repl="Server = https://"
|
||||
repo_regex="s|${repo_search}|${repo_repl}|w ${changes_file}"
|
||||
find "${@}" -type f -exec sed -i \
|
||||
-e "s|Server\s*=\s*http://HTTPS///|Server = https://|w ${changes_file}" \
|
||||
-e "${repo_regex}" \
|
||||
{} \+
|
||||
;;
|
||||
esac
|
||||
|
||||
else
|
||||
## Gentoo: upstream does not have a good solution:
|
||||
## https://wiki.gentoo.org/wiki/Local_distfiles_cache#Configuring_for_Gentoo
|
||||
## https://wiki.gentoo.org/wiki/Local_distfiles_cache#Configuring_for_Gentoo
|
||||
reject_os
|
||||
fi
|
||||
}
|
||||
|
@ -9,6 +9,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
{{ clone_template('debian-minimal', 'electrs-builder', include_create=False) }}
|
||||
|
||||
{#
|
||||
# editorconfig-checker-disable
|
||||
TODO: Recheck: Cargo index fetch isis too big to be fetched over tor.
|
||||
Impossible to fetch Cargo index over tor as of Bookworm Cargo 1.65.
|
||||
Cargo >=1.68 does support "sparse" registry protocol,
|
||||
@ -36,4 +37,5 @@ Caused by:
|
||||
{#
|
||||
{{ clone_template(['debian-minimal', 'whonix-workstation'], sls_path) }}
|
||||
{{ clone_template('whonix-workstation', 'electrs-builder', include_create=False) }}
|
||||
# editorconfig-checker-enable
|
||||
#}
|
||||
|
@ -11,14 +11,16 @@ case "${GIT_TRACE_HELPER:-}" in
|
||||
esac
|
||||
|
||||
usage(){
|
||||
echo "Usage: ${helper} [<qube>] [<repository>]"
|
||||
echo "Note: qube defaults to '@default' and repository to the current repository"
|
||||
echo "Usage: ${helper} [<qube>] [<repository>]" >&2
|
||||
echo "Note: qube defaults to @default" >&2
|
||||
echo "Note: repository defaults to current working repository" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
is_git_repo(){
|
||||
if ! git rev-parse --show-toplevel >/dev/null 2>&1; then
|
||||
echo "Error: Either run from inside a git repository or provide it as an argument" >&2
|
||||
echo "Error: Current working directory is not in a git repository" >&2
|
||||
echo "Error: Run from a repository or pass the name as an argument" >&2
|
||||
usage
|
||||
fi
|
||||
}
|
||||
@ -49,7 +51,8 @@ elif command -v qrexec-client >/dev/null; then
|
||||
die "Qube doesn't exist: '${authority}'"
|
||||
fi
|
||||
qvm-start --skip-if-running -- "${authority}"
|
||||
exec qrexec-client -tT -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
|
||||
rpc_cmd="DEFAULT:QUBESRPC ${rpc_cmd} dom0"
|
||||
exec qrexec-client -tT -d "${authority}" -- "${rpc_cmd}"
|
||||
fi
|
||||
|
||||
die "Qrexec programs not found: qrexec-client-vm, qrexec-client"
|
||||
|
@ -12,7 +12,9 @@
|
||||
set -eu
|
||||
|
||||
usage(){
|
||||
echo "Usage: ${helper} <remote> [${scheme}://<authority>/<path>[?query=value][&other_query=value]]" >&2
|
||||
url_format="${scheme}://<authority>/<path>"
|
||||
url_format="${url_format}[?query=value][&other_query=value]"
|
||||
echo "Usage: ${helper} <remote> [${url_format}]" >&2
|
||||
}
|
||||
|
||||
die(){
|
||||
|
@ -76,8 +76,9 @@ elif command -v qrexec-client >/dev/null; then
|
||||
die "Qube doesn't exist: '${authority}'"
|
||||
fi
|
||||
qvm-start --skip-if-running -- "${authority}"
|
||||
log "->" qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
|
||||
exec qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
|
||||
rpc_cmd="DEFAULT:QUBESRPC ${rpc_cmd} dom0"
|
||||
log "->" qrexec-client -T -d "${authority}" -- "${rpc_cmd}"
|
||||
exec qrexec-client -T -d "${authority}" -- "${rpc_cmd}"
|
||||
fi
|
||||
|
||||
die "Qrexec programs not found: qrexec-client-vm, qrexec-client"
|
||||
|
@ -1,6 +1,6 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
@ -24,7 +24,10 @@ fi
|
||||
|
||||
if ! (echo "${untrusted_repo}" | grep -q "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
|
||||
then
|
||||
die "Forbidden characters in repository name. Allowed chars: letters, numbers, hyphen, underscore and dot. It cannot begin with hyphen, underscore or dot"
|
||||
msg="Forbidden characters in agent name."
|
||||
msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
|
||||
msg="${msg} Name cannot begin with hyphen, underscore or dot"
|
||||
die "${msg}"
|
||||
fi
|
||||
|
||||
## Length arbitrarily set.
|
||||
@ -52,7 +55,8 @@ esac
|
||||
|
||||
if test "${action}" != "Init"; then
|
||||
test -d "${path}" || die "Directory doesn't exist: ${repo}"
|
||||
git -C "${path}" rev-parse >/dev/null 2>&1 || die "Not a git repository: ${repo}"
|
||||
git -C "${path}" rev-parse >/dev/null 2>&1 ||
|
||||
die "Not a git repository: ${repo}"
|
||||
is_bare="$(git -C "${path}" rev-parse --is-bare-repository)"
|
||||
test "${is_bare}" = "true" || die "Not a bare repository: ${repo}"
|
||||
fi
|
||||
|
@ -6,11 +6,11 @@
|
||||
|
||||
## How to use with SSH?
|
||||
## On Dom0 Qrexec policy:
|
||||
## qusal.ConnectTCP +domain.tld+22 sshclient @default ask default_target=sshproxy
|
||||
## qusal.ConnectTCP +domain.tld+22 client @default ask default_target=proxy
|
||||
## On Dom0, enable the "qusal-proxy-client" service for the client qube:
|
||||
## qvm-features sshclient service.qusal-proxy-client 1
|
||||
## qvm-features client service.qusal-proxy-client 1
|
||||
## On the SSH Proxy server (netvm of your liking), install this RPC service.
|
||||
## qubesctl --skip-dom0 --targets=sshproxy state.apply sys-net.install-proxy
|
||||
## qubesctl --skip-dom0 --targets=proxy state.apply sys-net.install-proxy
|
||||
## On the client ssh configuration:
|
||||
## Match Exec "test -f /var/run/qubes-service/qusal-proxy-client"
|
||||
## ProxyCommand qrexec-client-vm @default qusal.ConnectTCP+%h+%p
|
||||
|
@ -1,21 +1,28 @@
|
||||
#!/bin/sh
|
||||
|
||||
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
set -eu
|
||||
|
||||
die(){
|
||||
echo "error: ${1}" >&2
|
||||
exit 1
|
||||
}
|
||||
|
||||
untrusted_agent="$QREXEC_SERVICE_ARGUMENT"
|
||||
|
||||
if test -z "${untrusted_agent}"; then
|
||||
echo "Agent name is empty" >&2
|
||||
exit 1
|
||||
die "Agent name is empty"
|
||||
fi
|
||||
|
||||
if ! (echo "${untrusted_agent}" | grep -q "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
|
||||
then
|
||||
die "Forbidden characters in agent name. Allowed chars: letters, numbers, hyphen, underscore and dot. It cannot begin with hyphen, underscore or dot"
|
||||
msg="Forbidden characters in agent name."
|
||||
msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
|
||||
msg="${msg} Name cannot begin with hyphen, underscore or dot"
|
||||
die "${msg}"
|
||||
fi
|
||||
|
||||
## Length arbitrarily set.
|
||||
|
@ -4,6 +4,7 @@
|
||||
#
|
||||
# SPDX-License-Identifier: AGPL-3.0-or-later
|
||||
|
||||
cp -r /rw/config/systemd/qusal-syncthing-browser-forwarder* /usr/lib/systemd/system/
|
||||
cp -r /rw/config/systemd/qusal-syncthing-browser-forwarder* \
|
||||
/usr/lib/systemd/system/
|
||||
systemctl daemon-reload
|
||||
systemctl --no-block restart qusal-syncthing-browser-forwarder.socket
|
||||
|
@ -48,7 +48,8 @@ qvm-run -u root "$qube" -- "cp ${user_conf} ${system_conf}"
|
||||
|
||||
## TOFU
|
||||
# shellcheck disable=SC2016
|
||||
endpoint="$(qvm-run -p -u root "$qube" -- awk '/Endpoint/{print $3}' "${system_conf}")"
|
||||
endpoint="$(qvm-run -p -u root "$qube" -- awk '/Endpoint/{print $3}' \
|
||||
"${system_conf}")"
|
||||
if echo "${endpoint}" | grep -qF "["; then
|
||||
ip="${ip##[\[]}"
|
||||
ip="${ip%%\]*}"
|
||||
@ -70,8 +71,10 @@ fi
|
||||
echo "Firewalling $qube to reach only '$ip:$port'"
|
||||
qvm-firewall --verbose -- "$qube" reset
|
||||
qvm-firewall --verbose -- "$qube" del --rule-no 0
|
||||
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" proto=udp
|
||||
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" proto=tcp
|
||||
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" \
|
||||
proto=udp
|
||||
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" \
|
||||
proto=tcp
|
||||
qvm-firewall --verbose -- "$qube" add drop
|
||||
|
||||
if qvm-check -q --paused -- "$qube" >/dev/null 2>&1; then
|
||||
|
@ -21,7 +21,9 @@ set_nft_dnat(){
|
||||
ipv="${1}" # empty(4), 6
|
||||
proto="${2}" # tcp, udp
|
||||
dns_host="${3}"
|
||||
set_nft "insert rule ip${ipv} qubes custom-dnat iifgroup 2 ${proto} dport 53 dnat to ${dns_host}"
|
||||
rule_prefix="insert rule ip${ipv} qubes custom-dnat iifgroup 2 ${proto}"
|
||||
rule_suffix="dport 53 dnat to ${dns_host}"
|
||||
set_nft "${rule_prefix} ${rule_suffix}"
|
||||
}
|
||||
|
||||
dns="$(grep -s "^\s*DNS\s*=\s*\S\+" "${wg_conf}" | sed "s/.*=//;s/ //g")"
|
||||
|
@ -40,8 +40,8 @@ fi
|
||||
|
||||
case "${find_tool}" in
|
||||
fd|fdfind)
|
||||
files="$(${find_tool} . --hidden --exclude .github --type=f --extension=md)"
|
||||
extra_files="$(${find_tool} . --hidden --type=f --extension=md .github)"
|
||||
files="$(${find_tool} . -H -E .github -t f -e md)"
|
||||
extra_files="$(${find_tool} . -H -t f -e md .github)"
|
||||
;;
|
||||
find)
|
||||
files="$(find . -not -path './.github/*' -type f -name "*.md")"
|
||||
|
@ -20,13 +20,14 @@ if test "${1-}" = "test"; then
|
||||
fi
|
||||
ignored="$(git ls-files --exclude-standard --others --ignored salt/)"
|
||||
untracked="$(git ls-files --exclude-standard --others salt/)"
|
||||
unwanted="$(printf %s"${ignored}\n${untracked}\n" | grep "^salt/\S\+/README.md" \
|
||||
| cut -d "/" -f2 | sort -u)"
|
||||
unwanted="$(printf %s"${ignored}\n${untracked}\n" |
|
||||
grep "^salt/\S\+/README.md" | cut -d "/" -f2 | sort -u)"
|
||||
group="$(./scripts/spec-get.sh dom0 group)"
|
||||
projects="$(find salt/ -mindepth 1 -maxdepth 1 -type d \
|
||||
| sort -d | sed "s|^salt/\(\S\+\)| - rpm_spec/${group}-\1.spec|")"
|
||||
projects="$(find salt/ -mindepth 1 -maxdepth 1 -type d | sort -d |
|
||||
sed "s|^salt/\(\S\+\)| - rpm_spec/${group}-\1.spec|")"
|
||||
for unwanted_project in ${unwanted}; do
|
||||
projects="$(echo "${projects}" | sed "\@rpm_spec/${group}-${unwanted_project}.spec@d")"
|
||||
projects="$(echo "${projects}" |
|
||||
sed "\@rpm_spec/${group}-${unwanted_project}.spec@d")"
|
||||
done
|
||||
|
||||
if test "${1-}" = "print"; then
|
||||
|
@ -18,8 +18,14 @@ cd "$(git rev-parse --show-toplevel)" || exit 1
|
||||
find_tool="$(./scripts/best-program.sh fd fdfind find)"
|
||||
|
||||
case "${find_tool}" in
|
||||
fd|fdfind) files="$(${find_tool} . minion.d/ --extension=conf) $(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls)";;
|
||||
find) files="$(find minion.d/ -type f -name "*.conf") $(find salt/ -maxdepth 2 -type f -name '*.sls')";;
|
||||
fd|fdfind)
|
||||
files="$(${find_tool} . minion.d/ --extension=conf)
|
||||
$(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls)"
|
||||
;;
|
||||
find)
|
||||
files="$(find minion.d/ -type f -name "*.conf")
|
||||
$(find salt/ -maxdepth 2 -type f -name '*.sls')"
|
||||
;;
|
||||
esac
|
||||
|
||||
## 201 - Fix trailing whitespace:
|
||||
|
@ -31,8 +31,15 @@ if test -n "${1-}"; then
|
||||
fi
|
||||
|
||||
case "${find_tool}" in
|
||||
fd|fdfind) files="$(${find_tool} . minion.d/ --extension=conf) $(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls --extension=top | sort -d)";;
|
||||
find) files="$(find minion.d/ -type f -name "*.conf") $(find salt/* -maxdepth 2 -type f \( -name '*.sls' -o -name '*.top' \) | sort -d)";;
|
||||
fd|fdfind)
|
||||
files="$(${find_tool} . minion.d/ --e conf)
|
||||
$(${find_tool} . salt/ -d 2 -t f -e sls -e top | sort -d)"
|
||||
;;
|
||||
find)
|
||||
files="$(find minion.d/ -type f -name "*.conf")
|
||||
$(find salt/* -maxdepth 2 -type f \( -name '*.sls' -o -name '*.top' \) |
|
||||
sort -d)"
|
||||
;;
|
||||
esac
|
||||
|
||||
exec salt-lint ${conf} ${files}
|
||||
|
@ -13,8 +13,38 @@ command -v git >/dev/null || { echo "Missing program: git" >&2; exit 1; }
|
||||
cd "$(git rev-parse --show-toplevel)" || exit 1
|
||||
./scripts/requires-program.sh shellcheck file
|
||||
|
||||
exit_code=0
|
||||
find_tool="$(./scripts/best-program.sh fd fdfind find)"
|
||||
|
||||
show_long_lines(){
|
||||
tty_stderr=0
|
||||
if test -t 2; then
|
||||
tty_stderr=1
|
||||
fi
|
||||
awk -v color="${tty_stderr}" '
|
||||
BEGIN {
|
||||
MAGENTA=""
|
||||
GREEN=""
|
||||
RESET=""
|
||||
if (color == 1) {
|
||||
MAGENTA="\033[1;35m"
|
||||
GREEN="\033[1;32m"
|
||||
RESET="\033[0m"
|
||||
}
|
||||
}
|
||||
{
|
||||
nlines++;
|
||||
if (length > 78 && !/^\s*#.*(:\/\/|SPDX-)/) {
|
||||
exit_code=1
|
||||
prefix = MAGENTA FILENAME RESET ":" GREEN FNR RESET
|
||||
print prefix ": line too long: " length " > 78" >"/dev/stderr"
|
||||
if (nlines==NR) { if (exit_code==1) { exit 1; }; }
|
||||
}
|
||||
if (nlines==NR) { if (exit_code==1) { exit 1; }; }
|
||||
}
|
||||
' "${@}" >&2
|
||||
}
|
||||
|
||||
if test -n "${1-}"; then
|
||||
files=""
|
||||
sh_files=""
|
||||
@ -32,31 +62,40 @@ if test -n "${1-}"; then
|
||||
if test -z "$files" && test -z "$sh_files"; then
|
||||
exit 0
|
||||
fi
|
||||
test -z "$files" || shellcheck ${files}
|
||||
test -z "$sh_files" || shellcheck -s sh ${sh_files}
|
||||
exit
|
||||
if test -n "${files}" || test -n "${sh_files}"; then
|
||||
show_long_lines ${files} ${sh_files} || exit_code=1
|
||||
fi
|
||||
if test -n "${files}"; then
|
||||
shellcheck ${files} || exit_code=1
|
||||
fi
|
||||
if test -n "${sh_files}"; then
|
||||
shellcheck -s sh ${sh_files} || exit_code=1
|
||||
fi
|
||||
exit "${exit_code}"
|
||||
fi
|
||||
|
||||
case "${find_tool}" in
|
||||
fd|fdfind)
|
||||
# shellcheck disable=2016,2215
|
||||
files="$(${find_tool} . scripts/ salt/ --hidden --exclude=zsh --type=f \
|
||||
--exec-batch file | awk -F ":" '/ shell script,/{ print $1 }')"
|
||||
files="$(${find_tool} . scripts/ salt/ -H -E zsh -t f -X file |
|
||||
awk -F ":" '/ shell script,/{ print $1 }')"
|
||||
## No Shebang
|
||||
sh_files="$(${find_tool} rc.local salt/ --type=f)"
|
||||
;;
|
||||
find)
|
||||
files="$(find scripts/ salt/ -not \( -path "*/zsh" -prune \) -type f \
|
||||
-exec file {} \+ | awk -F ":" '/ shell script,/{ print $1 }')"
|
||||
-exec file {} \+ | awk -F ":" '/ shell script,/{ print $1 }')"
|
||||
## No Shebang
|
||||
sh_files="$(find salt/ -type f -name "rc.local")"
|
||||
;;
|
||||
esac
|
||||
|
||||
echo "${files}" | sort -u | tr " " "\n"
|
||||
exit
|
||||
files="$(echo "$files" | sort -u)"
|
||||
sh_files="$(echo "$sh_files" | sort -u)"
|
||||
|
||||
#files="$(echo "$files" | sort -u)"
|
||||
#sh_files="$(echo "$sh_files" | sort -u)"
|
||||
#test -z "${files}" || shellcheck ${files}
|
||||
#test -z "${sh_files}" || shellcheck -s sh ${sh_files}
|
||||
show_long_lines ${files} ${sh_files} || exit_code=1
|
||||
shellcheck ${files} || exit_code=1
|
||||
if test -n "$sh_files"; then
|
||||
shellcheck -s sh ${sh_files} || exit_code=1
|
||||
fi
|
||||
exit "${exit_code}"
|
||||
|
@ -27,8 +27,10 @@ escape_key(){
|
||||
## Get scriptlet command, else fail safe.
|
||||
get_scriptlet(){
|
||||
scriptlet="$1"
|
||||
scriptlet_begin="-- pkg:begin:${scriptlet} --"
|
||||
scriptlet_end="-- pkg:end:${scriptlet} --"
|
||||
scriptlet="$(sed -n \
|
||||
"/^<\!-- pkg:begin:${scriptlet} -->$/,/^<\!-- pkg:end:${scriptlet} -->$/p" \
|
||||
"/^<\!${scriptlet_begin}>$/,/^<\!${scriptlet_end}>$/p" \
|
||||
"${readme}" | sed '/^```.*/d;/^\S*$/d;/^<\!-- pkg:/d;s/^sudo //')"
|
||||
if test -z "${scriptlet}"; then
|
||||
echo true
|
||||
@ -159,7 +161,9 @@ if test "${1-}" = "test"; then
|
||||
shift
|
||||
fi
|
||||
|
||||
if echo "${@}" | grep -qE "(^scripts/| scripts/|/template.spec)" || test -z "${1-}"; then
|
||||
if echo "${@}" | grep -qE "(^scripts/| scripts/|/template.spec)" ||
|
||||
test -z "${1-}"
|
||||
then
|
||||
# shellcheck disable=SC2046
|
||||
set -- $(find salt/ -mindepth 1 -maxdepth 1 -type d -printf '%f\n' \
|
||||
| sort -d | tr "\n" " ")
|
||||
|
@ -13,7 +13,7 @@ usage(){
|
||||
echo "Usage: ${0##*/} <NAME> <KEY>"
|
||||
echo "Example: ${0##*/} qubes-builder description"
|
||||
echo "Names: ${names}"
|
||||
echo "Keys: ${keys}"
|
||||
echo "Keys: $(echo "${keys}" | tr "\n" " ")"
|
||||
}
|
||||
|
||||
block_max_chars(){
|
||||
@ -21,13 +21,31 @@ block_max_chars(){
|
||||
char_value="${2}"
|
||||
less_than="${3}"
|
||||
if test "${#char_value}" -ge "${less_than}"; then
|
||||
echo "Error: ${char_key} is too long. Must be less than ${less_than} chars." >&2
|
||||
echo "Error: ${char_key} is too long. Must be <${less_than} chars." >&2
|
||||
echo "Key contents: ${char_value}" >&2
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
keys="name branch group file_roots requires packager vendor url bug_url version project project_dir changelog readme license_csv license description summary saltfiles"
|
||||
keys="name
|
||||
branch
|
||||
group
|
||||
file_roots
|
||||
requires
|
||||
packager
|
||||
vendor
|
||||
url
|
||||
bug_url
|
||||
version
|
||||
project
|
||||
project_dir
|
||||
changelog
|
||||
readme
|
||||
license_csv
|
||||
license
|
||||
description
|
||||
summary
|
||||
saltfiles"
|
||||
|
||||
name=""
|
||||
key=""
|
||||
@ -97,7 +115,10 @@ fi
|
||||
## project per directory. The disadvantage of the changelog below is it
|
||||
# #doesn't differentiate commits per version and release, but per commit id.
|
||||
if test "${key}" = "changelog"; then
|
||||
changelog="$(TZ=UTC0 git log -n 50 --format=format:"* %cd %an <%ae> - %h%n- %s%n" --date=format:"%a %b %d %Y" -- "${project_dir}" | sed -re "s/^- +- */- /")"
|
||||
changelog="$(TZ=UTC0 git log -n 50 \
|
||||
--format=format:"* %cd %an <%ae> - %h%n- %s%n" \
|
||||
--date=format:"%a %b %d %Y" -- "${project_dir}" | \
|
||||
sed -re "s/^- +- */- /")"
|
||||
fi
|
||||
|
||||
if test "${key}" = "description"; then
|
||||
@ -117,7 +138,9 @@ if test "${key}" = "saltfiles" || test "${key}" = "requires"; then
|
||||
saltfiles="$(find "${project_dir}" -maxdepth 1 -name "*.sls")"
|
||||
# shellcheck disable=SC2086
|
||||
if test -n "${saltfiles}"; then
|
||||
requires="$(sed -n '/^include:$/,/^\s*$/p' -- ${saltfiles} | sed "/^\s*- \./d;/{/d" | grep "^\s*- " | cut -d "." -f1 | sort -u | sed "s/- //")"
|
||||
requires="$(sed -n '/^include:$/,/^\s*$/p' -- ${saltfiles} |
|
||||
sed "/^\s*- \./d;/{/d" | grep "^\s*- " | cut -d "." -f1 | sort -u |
|
||||
sed "s/- //")"
|
||||
if grep -qrn "{%-\? from \('\|\"\)utils" ${saltfiles}; then
|
||||
if test -n "${requires}"; then
|
||||
requires="${requires} utils"
|
||||
|
@ -37,6 +37,7 @@ for f in "$@"; do
|
||||
## This is fragile, the table of contents should have at least one block
|
||||
## separated by an empty line before the nest heading, else it will delete
|
||||
## the rest of the file.
|
||||
vim -c 'norm zRgg' -c '/^## Table of Contents$' -c 'norm jd}k' -c ':GenTocGFM' -c 'norm ddgg' -c wq -- "${f}"
|
||||
vim -c 'norm zRgg' -c '/^## Table of Contents$' -c 'norm jd}k' \
|
||||
-c ':GenTocGFM' -c 'norm ddgg' -c wq -- "${f}"
|
||||
echo "Updated TOC in file: $f"
|
||||
done
|
||||
|
Loading…
Reference in New Issue
Block a user