style: limit line length per file extension

Editorconfig can only act based on file extension and path, not
attributes, it remains a mean only for multiple collaborators to use the
same configuration on their editor. When it is too restrictive, such as
not considering the file syntax, use a lint tool for the specific file
type instead of trusting editorconfig. Changes were made to increase
readability.
This commit is contained in:
Ben Grande 2024-07-09 17:42:07 +02:00
parent 2d0bf9784d
commit 011a71a36d
No known key found for this signature in database
GPG Key ID: 00C64E14F51F9E56
37 changed files with 330 additions and 123 deletions

View File

@ -1,4 +1,4 @@
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: GPL-3.0-or-later
@ -16,8 +16,24 @@ end_of_line = lf
indent_style = tab
indent_size = 8
[*.{md,sh,yaml,yml,toml,json}]
[*.{md,toml,json}]
indent_size = 2
[*.{py}]
[*.{yaml,yml}]
indent_size = 2
max_line_length = 120
[*.{sls,top,jinja}]
max_line_length = 160
[*.py]
indent_size = 4
max_line_length = 79
[{*.{sh,bash,ksh,zsh,lessfilter,xinitrc,Xinitrc,xsession,Xsession,xsessionrc,Xsessionrc,xprofile,Xprofile},**/.config/{sh,bash,ksh,zsh}/**,**/git/shell/**,**/qubes-bind-dirs.d/**,**/lib-qubes-bind-dirs.d/**,**/rc.local.d/**,**/dom0/files/autostartart-scripts/**,**/git/template/hooks/**,**/git/files/client/git-core/**}]
indent_size = 2
## Impossible to be sure via file extension if it is a shell file.
# /bin/.*
# /rpc/.*
# /network-hooks\.d/.*
# /qubes-firewall\.d/.*

View File

@ -52,5 +52,9 @@ jobs:
uses: peter-evans/close-pull@v3
with:
# yamllint disable-line rule:line-length
comment: 'Automatically closing this PR due to submitter not reading the contribution guidelines and using GitHub WebUI to commit. Please fix the issues and open a new PR after you have read the contribution guidelines.'
comment: >
Automatically closing this PR due to submitter not reading the
contribution guidelines and using GitHub WebUI to commit. Please
fix the issues and open a new PR after you have read the
contribution guidelines.
delete-branch: false

View File

@ -28,9 +28,15 @@ repos:
language: script
pass_filenames: true
# yamllint disable rule:line-length
files: (\.sh|/rc\.local\.d/.*\.rc|/bin/.*|/rpc/.*|/network-hooks\.d/.*|/qubes-firewall\.d/.*|/(lib-)?qubes-bind-dirs\.d/.*|/\.config/(sh|bash|zsh|less|x11|git/shell|git/template/hooks)/.*|/autostart-scripts/.*|/qvm-copy-dotfiles|/git-core/.*)
files: >-
(\.sh|/rc\.local\.d/.*\.rc|/bin/.*|/rpc/.*|/network-hooks\.d/.*|
/qubes-firewall\.d/.*|/(lib-)?qubes-bind-dirs\.d/.*|
/\.config/(sh|bash|zsh|less|x11|git/shell|git/template/hooks)/.*|
/autostart-scripts/.*|/qvm-copy-dotfiles|/git-core/.*)
# yamllint disable rule:line-length
exclude: \.(policy|asc|txt|top|sls|jinja|toml|vim|py|muttrc|nft|md|spec|list|sources|repo|socket|timer|service|y(a)?ml)$
exclude: >-
\.(policy|asc|txt|top|sls|jinja|toml|vim|py|muttrc|nft|md|spec|
list|sources|repo|socket|timer|service|y(a)?ml)$
description: Lint Shellscripts
- id: markdown-lint
@ -81,7 +87,9 @@ repos:
args: [test]
pass_filenames: true
# yamllint disable rule:line-length
files: ^(rpm_spec/template/template.spec|salt/.*|scripts/spec-(get|gen)\.sh)$
files: >-
^(rpm_spec/template/template.spec|salt/.*|
scripts/spec-(get|gen)\.sh)$
description: Check if RPM SPEC files are up to date
- id: license-lint

View File

@ -20,8 +20,10 @@ prefs:
- maxmem: 2000
features:
- set:
# editorconfig-checker-disable
- default-menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
# editorconfig-checker-enable
- disable:
- service.tracker
- service.evolution-data-server
@ -52,6 +54,8 @@ features:
- service.tracker
- service.evolution-data-server
- set:
# editorconfig-checker-disable
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-open-file-manager.desktop qubes-start.desktop" # noqa: 204
# editorconfig-checker-enable
{%- endload %}
{{ load(defaults) }}

View File

@ -1,6 +1,6 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
@ -25,9 +25,11 @@ writeconf(){
key="$2"
value="$3"
group_id="$(grep -B1 -- "^Description=$group$" "$file" | head -1 | tr -d "[" | tr -d "]")"
group_id="$(grep -B1 -- "^Description=$group$" "$file" | head -1 |
tr -d "[" | tr -d "]")"
if test -z "${group_id}"; then
highest_id="$(grep -- "\[[0-9]\+\]" "$file" | tr -d "[" | tr -d "]" | sort | tail -1)"
highest_id="$(grep -- "\[[0-9]\+\]" "$file" | tr -d "[" | tr -d "]" |
sort | tail -1)"
if test -n "${highest_id}"; then
group_id="$((highest_id+1))"
else
@ -54,7 +56,8 @@ writeconf_group(){
fi
## Regex: https://doc.qt.io/qt-6/qregularexpression.html
writeconf "$chosen_group" title "^\\[(disp-|dvm-)?$chosen_group(-\\S+)?\\] .*"
writeconf "$chosen_group" title \
"^\\[(disp-|dvm-)?$chosen_group(-\\S+)?\\] .*"
writeconf "$chosen_group" titlematch 3
writeconf "$chosen_group" wmclass "$chosen_group"
writeconf "$chosen_group" wmclasscomplete false

View File

@ -9,7 +9,8 @@ set -eu
list_backups(){
## Hide stderr to hide remote login connection messages (banners etc).
# shellcheck disable=SC2086
${qrun_cmd} "${qube}" -- "${cmd} ${find_cmd} 2>/dev/null"
qvm-run --filter-escape-chars --no-color-output --no-color-stderr \
--pass-io "${qube}" -- "${cmd} ${find_cmd} 2>/dev/null"
}
list_last_backup(){
@ -35,7 +36,6 @@ cmd="${3-}"
find_pattern="qubes-backup-*"
find_cmd="find \"${path}\" -maxdepth 1 -type f -name \"${find_pattern}\""
qrun_cmd="qvm-run --filter-escape-chars --no-color-output --no-color-stderr --pass-io"
last_backup="$(list_last_backup)"
if test -z "${last_backup}"; then

View File

@ -20,7 +20,8 @@ set -eu
usage(){
echo "Usage: ${0##*/} --i-like-danger <DEVICE>"
echo "Example: ${0##*/} --i-like-danger 0000:00:1b.0"
echo "Warning: It is strongly discouraged to reattach PCI devices to dom0, especially if they don't support resetting!"
echo "Warning: Strongly discouraged to reattach PCI devices to dom0"
echo "Warning: especially if it doesn't support resetting!"
exit 1
}

View File

@ -72,7 +72,10 @@ get_rule_handle(){
qube="${1}"
chain="${2}"
rule="${3}"
run_qube "${qube}" "nft --handle --stateless list chain ip qubes ${chain} | tr -d '\"' | grep '^\s\+${rule} # handle ' | awk '{print \$NF}' | tr '\n' ' '" 2>/dev/null
run_qube "${qube}" -- \
"nft --handle --stateless list chain ip qubes ${chain} |
tr -d '\"' | grep '^\s\+${rule} # handle ' | awk '{print \$NF}' |
tr '\n' ' '" 2>/dev/null
}
delete_rule_handle(){
@ -124,10 +127,15 @@ forward() {
fi
dnat_chain="custom-pf-${to_ip_escaped}"
dnat_rule="iifname ${dev} ip saddr ${lan_ip} ${proto} dport ${port} ct state established,related,new counter dnat to ${to_ip}"
dnat_rule="iifname ${dev} ip saddr ${lan_ip} ${proto} dport ${port} ct"
dnat_rule="${dnat_rule} state established,related,new counter dnat to"
dnat_rule="${dnat_rule} ${to_ip}"
forward_chain="custom-forward"
forward_rule="iifname ${dev} ip saddr ${lan_ip} ip daddr ${to_ip} ${proto} dport ${port} ct state established,related,new counter accept"
full_rule="nft 'add chain ip qubes ${dnat_chain} { type nat hook prerouting priority filter +1; policy accept; }
forward_rule="iifname ${dev} ip saddr ${lan_ip} ip daddr ${to_ip} ${proto}"
forward_rule="${forward_rule} dport ${port} ct state"
forward_rule="${forward_rule} established,related,new counter accept"
dnat_policy="type nat hook prerouting priority filter +1; policy accept;"
full_rule="nft 'add chain ip qubes ${dnat_chain} { ${dnat_policy}
add rule ip qubes ${dnat_chain} ${dnat_rule}
add rule ip qubes ${forward_chain} ${forward_rule}'"
@ -137,7 +145,8 @@ add rule ip qubes ${forward_chain} ${forward_rule}'"
echo "info: ${from_qube}: deleting rules" >&2
run_qube "${from_qube}" "rm -f ${hook}"
else
echo "info: ${from_qube}: adding forward rule dev ${dev} saddr ${lan_ip} daddr ${to_ip}" >&2
msg="adding forward rule dev ${dev} saddr ${lan_ip} daddr ${to_ip}"
echo "info: ${from_qube}: ${msg}" >&2
run_qube "${from_qube}" "${full_rule}"
if test "${persistent}" = "1"; then
@ -149,7 +158,9 @@ add rule ip qubes ${forward_chain} ${forward_rule}'"
get_handle(){
chain=\\\${1}
rule=\\\${2}
nft --handle --stateless list chain ip qubes \\\${chain} | tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
nft --handle --stateless list chain ip qubes \\\${chain} | \\\
tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | \\\
awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
}
forward_handle=\\\$(get_handle ${forward_chain} \\\"${forward_rule}\\\")
@ -169,7 +180,8 @@ fi
${full_rule}"
create_net_dir "${from_qube}"
run_qube "${from_qube}" "echo \"${full_rule}\" | tee \"${hook}\" >/dev/null"
run_qube "${from_qube}" \
"echo \"${full_rule}\" | tee \"${hook}\" >/dev/null"
run_qube "${from_qube}" "chmod +x ${hook}"
fi
fi
@ -181,7 +193,8 @@ input() {
hook="${hook_prefix}${to_ip}-${proto}-${port}.sh"
create_net_dir "${qube}"
custom_input_rule="${proto} dport ${port} ip daddr ${to_ip} ct state new counter accept"
custom_input_rule="${proto} dport ${port} ip daddr ${to_ip} ct state new"
custom_input_rule="${custom_input_rule} counter accept"
input_rule="nft add rule ip qubes custom-input ${custom_input_rule}"
delete_rule "${qube}" "custom-input" "${custom_input_rule}"
@ -196,7 +209,9 @@ input() {
get_handle(){
chain=\\\${1}
rule=\\\${2}
nft --handle --stateless list chain ip qubes \\\${chain} | tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
nft --handle --stateless list chain ip qubes \\\${chain} | \\\
tr -d '\\\"' | grep '^\\\s\\\+\\\${rule} \\# handle ' | \\\
awk '{print \\\$NF}' | tr \\\"\\\n\\\" \\\" \\\"
}
input_handle=\\\$(get_handle custom-input \\\"${custom_input_rule}\\\")
@ -244,7 +259,7 @@ get_lan(){
test_qvm_run(){
qube="${1}"
if ! run_qube "${qube}" echo "Test QUBESRPC" >/dev/null 2>&1; then
echo "error: ${qube}: service qubes.VMShell failed, use a different qube" >&2
echo "error: ${qube}: RPC qubes.VMShell failed, use a different qube" >&2
exit 1
fi
}
@ -267,7 +282,9 @@ recurse_netvms() {
}
usage() {
echo "Usage: ${0##*/} --action ACTION --qube QUBE --port PORT --proto PROTO [--persistent]
echo "Usage: ${0##*/} OPTIONS
Option syntax:
--action ACTION --qube QUBE --port PORT --proto PROTO [--persistent]
Options:
-a, --action ACTION add or delete a rule (add, del)
-q, --qube QUBE qube name which holds the service to be exposed
@ -280,7 +297,7 @@ Example:
${0##*/} --action del --qube work --port 22 --proto tcp
${0##*/} --action del --qube work --port 444 --proto udp
Note: Defaults to temporary rules
Warn: Use of '--persistent' with disposable netvm saves the rule in the disposable template" >&2
Warn: Persistent rules of disposable netvm are saved to its template" >&2
exit 1
}
@ -322,7 +339,9 @@ hook_dir="/rw/config/network-hooks.d"
hook_prefix="${hook_dir}/90-port-forward-"
persistent=""
if ! OPTS=$(getopt -o h,a:q:p:n:s --long help,action:,qube:,port:,proto:,persistent -n "${0}" -- "${@}"); then
if ! OPTS=$(getopt -o h,a:q:p:n:s \
--long help,action:,qube:,port:,proto:,persistent -n "${0}" -- "${@}")
then
echo "An error occurred while parsing options." >&2
exit 1
fi

View File

@ -69,7 +69,8 @@ mkdir -p "${guivm_pictures_dir}" || exit 1
current_date="$(date +"%Y-%m-%d-%H%M%S")"
screenshot_basename="${current_date}.png"
screenshot_file="${guivm_pictures_dir}/${screenshot_basename}"
screenshot_file="${guivm_pictures_dir%*/}/${screenshot_basename}"
qube_screenshot_file="${qube_pictures_dir}/${screenshot_basename}"
screenshot_type_text=""
screenshot_action_text=""
screenshot_action_supplied=""
@ -179,7 +180,8 @@ else
screenshot_cmd="xfce4-screenshooter"
fi
if test -z "${screenshot_cmd}"; then
msg="screenshot programs not found: spectacle xfce4-screenshooter scrot maim"
msg="screenshot programs not found"
msg="${msg}: spectacle xfce4-screenshooter scrot maim"
echo "[ERROR] ${msg}"
case "${dialog_cmd}" in
zenity) zenity --info --text "${msg}";;
@ -217,7 +219,7 @@ case "${screenshot_type_text}" in
*) echo "[ERROR] mode not selected"; exit 1;;
esac
if ! test -f "${guivm_pictures_dir}/${screenshot_basename}"; then
if ! test -f "${screenshot_file}"; then
msg="Screenshot was not saved in GuiVM"
echo "[ERROR] ${msg}"
case "${dialog_cmd}" in
@ -228,7 +230,7 @@ if ! test -f "${guivm_pictures_dir}/${screenshot_basename}"; then
fi
if test "${screenshot_action_supplied}" != "1"; then
dialog_title="Saved to ${screenshot_basename}. What do you want to do with the screenshot?"
dialog_title="Saved to ${screenshot_file}. What do you want to do with it?"
case "${dialog_cmd}" in
zenity)
screenshot_action_text="$(zenity --list --width=280 --height=210 \
@ -314,10 +316,11 @@ if ! qvm-check -- "${qube}" >/dev/null 2>&1; then
fi
qvm-run "${qube}" -- "mkdir -p \"${qube_pictures_dir}\""
qvm-run --pass-io "${qube}" -- "cat > \"${qube_pictures_dir}/${screenshot_basename}\"" < "${guivm_pictures_dir}/${screenshot_basename}"
qvm-run --pass-io "${qube}" -- "cat > \"${qube_screenshot_file}\"" \
< "${screenshot_file}"
if test ${file_move} = "1"; then
rm -f "${guivm_pictures_dir}/${screenshot_basename}"
rm -f "${screenshot_file}"
fi
if test "${file_manager}" = "1"; then

View File

@ -35,13 +35,13 @@ case "${1-}" in
## Try to run on focused window, if Dom0 is focused, it will prompt you to
## select a qube window.
id="$(xdotool getwindowfocus)"
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F '"' '{print $2}')"
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F'"' '{print $2}')"
if test -n "${qube}"; then
exec qvm-run --service -- "${qube}" "qubes.StartApp+${service}"
fi
echo "Select a qube window ..."
id="$(xdotool selectwindow)"
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F '"' '{print $2}')"
qube="$(xprop -id "${id}" -notype _QUBES_VMNAME | awk -F'"' '{print $2}')"
if test -n "${qube}"; then
qvm-run --service -- "${qube}" "qubes.StartApp+${service}"
fi

@ -1 +1 @@
Subproject commit a8129e053a38dc4c69b2010e5202c1632e67a69d
Subproject commit 024e9c469de634181ec77eb52420f25339f4f01e

View File

@ -11,6 +11,7 @@
set -eu
qube="${1}"
dnf_min_install="dnf -q install --refresh -y --setopt=install_weak_deps=False"
qvm-run --user=root --pass-io --filter-escape-chars --no-color-output \
--no-color-stderr "${qube}" -- \
"dnf --quiet install --refresh --assumeyes --setopt=install_weak_deps=False python3-urllib3"
--no-color-stderr "${qube}" -- "${dnf_min_install} python3-urllib3"

View File

@ -48,8 +48,10 @@ features:
- enable:
- appmenus-dispvm
- set:
# editorconfig-checker-disable
- default-menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-start.desktop libreoffice-base.desktop libreoffice-calc.desktop libreoffice-draw.desktop libreoffice-impress.desktop libreoffice-math.desktop libreoffice-startcenter.desktop libreoffice-writer.desktop org.gnome.Evince.desktop qubes-open-file-manager.desktop" # noqa: 204
- menu-items: "qusal-mullvad-browser.desktop org.mozilla.firefox.desktop firefox.desktop firefox-esr.desktop chromium.desktop google-chrome.desktop qubes-run-terminal.desktop qubes-start.desktop libreoffice-base.desktop libreoffice-calc.desktop libreoffice-draw.desktop libreoffice-impress.desktop libreoffice-math.desktop libreoffice-startcenter.desktop libreoffice-writer.desktop org.gnome.Evince.desktop qubes-open-file-manager.desktop" # noqa: 204
# editorconfig-checker-enable
{%- endload %}
{{ load(defaults) }}

View File

@ -8,7 +8,8 @@ set -eu
conf="${HOME}/.bitcoin/conf.d/cookie.conf"
if ! systemctl is-active bitcoind >/dev/null 2>&1; then
echo "systemd service 'bitcoind' is not active, remote RPC cannot add crendtials" >&2
echo "systemd service 'bitcoind' is inactive" >&2
echo "remote RPC can't add crendetials" >&2
exit 1
fi

View File

@ -25,7 +25,7 @@ check_installed(){
missing_programs=1
fi
done
if test "${missing_programs}"; then
if test "${missing_programs}" = "1"; then
exit 1
fi
}
@ -45,7 +45,10 @@ getblock(){
check_installed bitcoin-cli xxd
bitcoin-cli getblock "${block_hash}" 0 \
| tail -c+92167 \
| for ((o=0;o<946;++o)); do read -rN420 x; echo -n "${x::130}${x:132:130}${x:264:130}" ; done \
| for ((o=0;o<946;++o)); do \
read -rN420 x; \
echo -n "${x::130}${x:132:130}${x:264:130}"; \
done \
| xxd -r -p \
| tail -c+9 \
| head -c184292 \
@ -77,15 +80,15 @@ gettxout(){
}
usage(){
echo "Usage: ${0##*/} getblock|getrawtransaction|gettxtout [DIR]"
echo "Note: gettxtout works with pruned node"
echo "Usage: ${0##*/} getblock|getrawtransaction|gettxout [DIR]"
echo "Note: gettxout works with pruned node"
echo "Note: DIR defaults to \$HOME"
exit 1
}
case "${1:-}" in
"getblock"|"getrawtransaction"|"gettxtout")
test -z "${2}" || dir="${2}"
"getblock"|"getrawtransaction"|"gettxout")
test -z "${2-}" || dir="${2}"
validate_dir "${dir}"
output_file="${dir}/${file}"
"${1}"

View File

@ -14,7 +14,8 @@ bitcoin_pass="/home/user/.bitcoin/rpcclient.pass"
user="${QREXEC_REMOTE_DOMAIN}"
if ! systemctl is-active bitcoind >/dev/null 2>&1; then
echo "systemd service 'bitcoind' is not active, cannot add credentials with remote RPC" >&2
echo "systemd service 'bitcoind' is not active" >&2
echo "cannot add credentials with remote RPC" >&2
exit 1
fi

View File

@ -10,7 +10,7 @@ import argparse
import qubesadmin # pylint: disable=import-error
import qubesadmin.vm # pylint: disable=import-error
def get_cacher_tagged_qubes(qubes, wanted_dist, extraneous=False):
def get_clients(qubes, wanted_dist, extraneous=False):
"""Get qubes tagged for ACNG"""
domains = []
for qube in qubes.domains: # pylint: disable=invalid-name
@ -51,8 +51,7 @@ def main(): # pylint: disable=missing-function-docstring
wanted_dist = ["debian", "fedora", "arch", "ubuntu", "kicksecure"]
qubes = qubesadmin.Qubes()
domains = get_cacher_tagged_qubes(qubes, wanted_dist,
extraneous=args.extraneous)
domains = get_clients(qubes, wanted_dist, extraneous=args.extraneous)
print("\n".join(domains))

View File

@ -4,6 +4,7 @@
#
# SPDX-License-Identifier: AGPL-3.0-or-later
cp -r /rw/config/systemd/qusal-acng-browser-forwarder* /usr/lib/systemd/system/
cp -r /rw/config/systemd/qusal-acng-browser-forwarder* \
/usr/lib/systemd/system/
systemctl daemon-reload
systemctl --no-block restart qusal-acng-browser-forwarder.socket

View File

@ -30,23 +30,27 @@ set_proxy_marker(){
if ! grep -q "^${marker_begin}$" "${proxy_file}"; then
if grep -q "^${marker_end}$" "${proxy_file}"; then
echo "Error: found marker ${marker_end_text} but not ${marker_begin_text} in ${proxy_file}" >&2
echo "Fix the file by either removing both markers or adding missing ones and retry" >&2
msg="found marker ${marker_end_text} but not ${marker_begin_text}"
msg="${msg} in ${proxy_file}."
msg="${msg} fix it by removing markers or adding missing ones and retry"
echo "Error: ${msg}" >&2
exit 1
fi
cp "${proxy_file}" "${proxy_file}.qubes-orig"
echo "${marker_begin}" | tee -a "${proxy_file}" >/dev/null
echo "${marker_end}" | tee -a "${proxy_file}" >/dev/null
elif ! grep -q "^${marker_end}$" "${proxy_file}"; then
echo "Error: found marker ${marker_begin_text} but not ${marker_end_text} in ${proxy_file}" >&2
echo "Fix the file by either removing both markers or adding missing ones and retry" >&2
msg="found marker ${marker_begin_text} but not ${marker_end_text}"
msg="${msg} in ${proxy_file}."
msg="${msg} fix it by removing markers or adding missing ones and retry"
echo "error: ${msg}" >&2
exit 1
fi
proxy_tmp_file="$(mktemp)"
cat >"${proxy_tmp_file}" <<EOF
# The text between ${marker_begin_text} and ${marker_end_text} is automatically
# generated by $0. All changes here will be overridden.
# The text between ${marker_begin_text} and ${marker_end_text} is
# automatically generated by $0. All changes here will be overridden.
# You can override options after the ${marker_end_text}.
${proxy_options}
EOF
@ -76,7 +80,7 @@ check_netvm_cacher(){
if test -f /var/run/qubes-service/netvm-cacher; then
proxy_host="$(qubesdb-read /qubes-gateway)"
if test -z "${proxy_host}"; then
echo "Error: service netvm-cacher enabled but netvm IP was not found" >&2
echo "Error: service netvm-cacher enabled but netvm IP not found" >&2
return 1
fi
fi
@ -120,9 +124,14 @@ EOF
case "${action}" in
install)
baseurl_search="baseurl\s*=\s*https://"
baseurl_repl="baseurl=http://HTTPS///"
meta_search="metalink\s*=\s*https://"
meta_repl="metalink=http://HTTPS///"
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|baseurl\s*=\s*https://|baseurl=http://HTTPS///|w ${changes_file}" \
-e "s|metalink\s*=\s*https://|metalink=http://HTTPS///|w ${changes_file}" \
-e "${baseurl_expr}" -e "${meta_expr}" \
{} \+
set --
@ -136,16 +145,26 @@ EOF
done
test -n "${*}" || return 0
baseurl_search="^\s*#.*baseurl"
baseurl_repl="baseurl"
meta_search="^\s*metalink\s*=\s*"
meta_expr="#metalink="
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|^\s*#.*baseurl|baseurl|w ${changes_file}" \
-e "s|^\s*metalink\s*=\s*|#metalink=|w ${changes_file}" \
-e "${baseurl_expr}" -e "${meta_expr}" \
{} \+
;;
uninstall)
baseurl_search="baseurl\s*=\s*http://HTTPS///"
baseurl_repl="baseurl=https://"
meta_search="metalink\s*=\s*http://HTTPS///"
meta_repl="metalink=https://"
baseurl_expr="s|${baseurl_search}|${baseurl_repl}|w ${changes_file}"
meta_expr="s|${meta_search}|${meta_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|baseurl\s*=\s*http://HTTPS///|baseurl=https://|w ${changes_file}" \
-e "s|metalink\s*=\s*http://HTTPS///|metalink=https://|w ${changes_file}" \
-e "${baseurl_expr}" -e "${meta_expr}" \
{} \+
set --
@ -194,16 +213,26 @@ EOF
case "${action}" in
install)
sources_search="URIs:\s*https://"
sources_repl="URIs: http://HTTPS///"
list_search="^\s*\(#*\)\s*deb\(.*\)https://"
list_repl="\1deb\2http://HTTPS///"
sources_expr="s|${sources_search}|${sources_repl}|w ${changes_file}"
list_expr="s|${list_search}|${list_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|URIs:\s*https://|URIs: http://HTTPS///|w ${changes_file}" \
-e "s|^\s*\(#*\)\s*deb\(.*\)https://|\1deb\2http://HTTPS///|w ${changes_file}" \
-e "${list_expr}" -e "${sources_expr}" \
{} \+
;;
uninstall)
sources_search="URIs:\s*http://HTTPS///"
sources_repl="URIs: https://"
list_search="^\s*\(#*\)\s*deb\(.*\)http://HTTPS///"
list_repl="\1deb\2https://"
sources_expr="s|${sources_search}|${sources_repl}|w ${changes_file}"
list_expr="s|${list_search}|${list_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|URIs:\s*http://HTTPS///|URIs: https://|w ${changes_file}" \
-e "s|^\s*\(#*\)\s*deb\(.*\)http://HTTPS///|\1deb\2https://|w ${changes_file}" \
-e "${list_expr}" -e "${sources_expr}" \
{} \+
;;
esac
@ -242,21 +271,27 @@ EOF
case "${action}" in
install)
repo_search="Server\s*=\s*https://" \
repo_repl="Server = http://HTTPS///"
repo_regex="s|${repo_search}|${repo_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|Server\s*=\s*https://|Server = http://HTTPS///|w ${changes_file}" \
-e "${repo_regex}" \
{} \+
;;
uninstall)
repo_search="Server\s*=\s*http://HTTPS///"
repo_repl="Server = https://"
repo_regex="s|${repo_search}|${repo_repl}|w ${changes_file}"
find "${@}" -type f -exec sed -i \
-e "s|Server\s*=\s*http://HTTPS///|Server = https://|w ${changes_file}" \
-e "${repo_regex}" \
{} \+
;;
esac
else
## Gentoo: upstream does not have a good solution:
## https://wiki.gentoo.org/wiki/Local_distfiles_cache#Configuring_for_Gentoo
## https://wiki.gentoo.org/wiki/Local_distfiles_cache#Configuring_for_Gentoo
reject_os
fi
}

View File

@ -9,6 +9,7 @@ SPDX-License-Identifier: AGPL-3.0-or-later
{{ clone_template('debian-minimal', 'electrs-builder', include_create=False) }}
{#
# editorconfig-checker-disable
TODO: Recheck: Cargo index fetch isis too big to be fetched over tor.
Impossible to fetch Cargo index over tor as of Bookworm Cargo 1.65.
Cargo >=1.68 does support "sparse" registry protocol,
@ -36,4 +37,5 @@ Caused by:
{#
{{ clone_template(['debian-minimal', 'whonix-workstation'], sls_path) }}
{{ clone_template('whonix-workstation', 'electrs-builder', include_create=False) }}
# editorconfig-checker-enable
#}

View File

@ -11,14 +11,16 @@ case "${GIT_TRACE_HELPER:-}" in
esac
usage(){
echo "Usage: ${helper} [<qube>] [<repository>]"
echo "Note: qube defaults to '@default' and repository to the current repository"
echo "Usage: ${helper} [<qube>] [<repository>]" >&2
echo "Note: qube defaults to @default" >&2
echo "Note: repository defaults to current working repository" >&2
exit 1
}
is_git_repo(){
if ! git rev-parse --show-toplevel >/dev/null 2>&1; then
echo "Error: Either run from inside a git repository or provide it as an argument" >&2
echo "Error: Current working directory is not in a git repository" >&2
echo "Error: Run from a repository or pass the name as an argument" >&2
usage
fi
}
@ -49,7 +51,8 @@ elif command -v qrexec-client >/dev/null; then
die "Qube doesn't exist: '${authority}'"
fi
qvm-start --skip-if-running -- "${authority}"
exec qrexec-client -tT -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
rpc_cmd="DEFAULT:QUBESRPC ${rpc_cmd} dom0"
exec qrexec-client -tT -d "${authority}" -- "${rpc_cmd}"
fi
die "Qrexec programs not found: qrexec-client-vm, qrexec-client"

View File

@ -12,7 +12,9 @@
set -eu
usage(){
echo "Usage: ${helper} <remote> [${scheme}://<authority>/<path>[?query=value][&other_query=value]]" >&2
url_format="${scheme}://<authority>/<path>"
url_format="${url_format}[?query=value][&other_query=value]"
echo "Usage: ${helper} <remote> [${url_format}]" >&2
}
die(){

View File

@ -76,8 +76,9 @@ elif command -v qrexec-client >/dev/null; then
die "Qube doesn't exist: '${authority}'"
fi
qvm-start --skip-if-running -- "${authority}"
log "->" qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
exec qrexec-client -T -d "${authority}" -- "DEFAULT:QUBESRPC ${rpc_cmd} dom0"
rpc_cmd="DEFAULT:QUBESRPC ${rpc_cmd} dom0"
log "->" qrexec-client -T -d "${authority}" -- "${rpc_cmd}"
exec qrexec-client -T -d "${authority}" -- "${rpc_cmd}"
fi
die "Qrexec programs not found: qrexec-client-vm, qrexec-client"

View File

@ -1,6 +1,6 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
@ -24,7 +24,10 @@ fi
if ! (echo "${untrusted_repo}" | grep -q "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
then
die "Forbidden characters in repository name. Allowed chars: letters, numbers, hyphen, underscore and dot. It cannot begin with hyphen, underscore or dot"
msg="Forbidden characters in agent name."
msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
msg="${msg} Name cannot begin with hyphen, underscore or dot"
die "${msg}"
fi
## Length arbitrarily set.
@ -52,7 +55,8 @@ esac
if test "${action}" != "Init"; then
test -d "${path}" || die "Directory doesn't exist: ${repo}"
git -C "${path}" rev-parse >/dev/null 2>&1 || die "Not a git repository: ${repo}"
git -C "${path}" rev-parse >/dev/null 2>&1 ||
die "Not a git repository: ${repo}"
is_bare="$(git -C "${path}" rev-parse --is-bare-repository)"
test "${is_bare}" = "true" || die "Not a bare repository: ${repo}"
fi

View File

@ -6,11 +6,11 @@
## How to use with SSH?
## On Dom0 Qrexec policy:
## qusal.ConnectTCP +domain.tld+22 sshclient @default ask default_target=sshproxy
## qusal.ConnectTCP +domain.tld+22 client @default ask default_target=proxy
## On Dom0, enable the "qusal-proxy-client" service for the client qube:
## qvm-features sshclient service.qusal-proxy-client 1
## qvm-features client service.qusal-proxy-client 1
## On the SSH Proxy server (netvm of your liking), install this RPC service.
## qubesctl --skip-dom0 --targets=sshproxy state.apply sys-net.install-proxy
## qubesctl --skip-dom0 --targets=proxy state.apply sys-net.install-proxy
## On the client ssh configuration:
## Match Exec "test -f /var/run/qubes-service/qusal-proxy-client"
## ProxyCommand qrexec-client-vm @default qusal.ConnectTCP+%h+%p

View File

@ -1,21 +1,28 @@
#!/bin/sh
# SPDX-FileCopyrightText: 2023 Benjamin Grande M. S. <ben.grande.b@gmail.com>
# SPDX-FileCopyrightText: 2023 - 2024 Benjamin Grande M. S. <ben.grande.b@gmail.com>
#
# SPDX-License-Identifier: AGPL-3.0-or-later
set -eu
die(){
echo "error: ${1}" >&2
exit 1
}
untrusted_agent="$QREXEC_SERVICE_ARGUMENT"
if test -z "${untrusted_agent}"; then
echo "Agent name is empty" >&2
exit 1
die "Agent name is empty"
fi
if ! (echo "${untrusted_agent}" | grep -q "^[A-Za-z0-9][A-Za-z0-9_.-]\+$")
then
die "Forbidden characters in agent name. Allowed chars: letters, numbers, hyphen, underscore and dot. It cannot begin with hyphen, underscore or dot"
msg="Forbidden characters in agent name."
msg="${msg} Allowed chars: letters, numbers, hyphen, underscore and dot."
msg="${msg} Name cannot begin with hyphen, underscore or dot"
die "${msg}"
fi
## Length arbitrarily set.

View File

@ -4,6 +4,7 @@
#
# SPDX-License-Identifier: AGPL-3.0-or-later
cp -r /rw/config/systemd/qusal-syncthing-browser-forwarder* /usr/lib/systemd/system/
cp -r /rw/config/systemd/qusal-syncthing-browser-forwarder* \
/usr/lib/systemd/system/
systemctl daemon-reload
systemctl --no-block restart qusal-syncthing-browser-forwarder.socket

View File

@ -48,7 +48,8 @@ qvm-run -u root "$qube" -- "cp ${user_conf} ${system_conf}"
## TOFU
# shellcheck disable=SC2016
endpoint="$(qvm-run -p -u root "$qube" -- awk '/Endpoint/{print $3}' "${system_conf}")"
endpoint="$(qvm-run -p -u root "$qube" -- awk '/Endpoint/{print $3}' \
"${system_conf}")"
if echo "${endpoint}" | grep -qF "["; then
ip="${ip##[\[]}"
ip="${ip%%\]*}"
@ -70,8 +71,10 @@ fi
echo "Firewalling $qube to reach only '$ip:$port'"
qvm-firewall --verbose -- "$qube" reset
qvm-firewall --verbose -- "$qube" del --rule-no 0
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" proto=udp
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" proto=tcp
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" \
proto=udp
qvm-firewall --verbose -- "$qube" add accept dsthost="$ip" dstports="$port" \
proto=tcp
qvm-firewall --verbose -- "$qube" add drop
if qvm-check -q --paused -- "$qube" >/dev/null 2>&1; then

View File

@ -21,7 +21,9 @@ set_nft_dnat(){
ipv="${1}" # empty(4), 6
proto="${2}" # tcp, udp
dns_host="${3}"
set_nft "insert rule ip${ipv} qubes custom-dnat iifgroup 2 ${proto} dport 53 dnat to ${dns_host}"
rule_prefix="insert rule ip${ipv} qubes custom-dnat iifgroup 2 ${proto}"
rule_suffix="dport 53 dnat to ${dns_host}"
set_nft "${rule_prefix} ${rule_suffix}"
}
dns="$(grep -s "^\s*DNS\s*=\s*\S\+" "${wg_conf}" | sed "s/.*=//;s/ //g")"

View File

@ -40,8 +40,8 @@ fi
case "${find_tool}" in
fd|fdfind)
files="$(${find_tool} . --hidden --exclude .github --type=f --extension=md)"
extra_files="$(${find_tool} . --hidden --type=f --extension=md .github)"
files="$(${find_tool} . -H -E .github -t f -e md)"
extra_files="$(${find_tool} . -H -t f -e md .github)"
;;
find)
files="$(find . -not -path './.github/*' -type f -name "*.md")"

View File

@ -20,13 +20,14 @@ if test "${1-}" = "test"; then
fi
ignored="$(git ls-files --exclude-standard --others --ignored salt/)"
untracked="$(git ls-files --exclude-standard --others salt/)"
unwanted="$(printf %s"${ignored}\n${untracked}\n" | grep "^salt/\S\+/README.md" \
| cut -d "/" -f2 | sort -u)"
unwanted="$(printf %s"${ignored}\n${untracked}\n" |
grep "^salt/\S\+/README.md" | cut -d "/" -f2 | sort -u)"
group="$(./scripts/spec-get.sh dom0 group)"
projects="$(find salt/ -mindepth 1 -maxdepth 1 -type d \
| sort -d | sed "s|^salt/\(\S\+\)| - rpm_spec/${group}-\1.spec|")"
projects="$(find salt/ -mindepth 1 -maxdepth 1 -type d | sort -d |
sed "s|^salt/\(\S\+\)| - rpm_spec/${group}-\1.spec|")"
for unwanted_project in ${unwanted}; do
projects="$(echo "${projects}" | sed "\@rpm_spec/${group}-${unwanted_project}.spec@d")"
projects="$(echo "${projects}" |
sed "\@rpm_spec/${group}-${unwanted_project}.spec@d")"
done
if test "${1-}" = "print"; then

View File

@ -18,8 +18,14 @@ cd "$(git rev-parse --show-toplevel)" || exit 1
find_tool="$(./scripts/best-program.sh fd fdfind find)"
case "${find_tool}" in
fd|fdfind) files="$(${find_tool} . minion.d/ --extension=conf) $(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls)";;
find) files="$(find minion.d/ -type f -name "*.conf") $(find salt/ -maxdepth 2 -type f -name '*.sls')";;
fd|fdfind)
files="$(${find_tool} . minion.d/ --extension=conf)
$(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls)"
;;
find)
files="$(find minion.d/ -type f -name "*.conf")
$(find salt/ -maxdepth 2 -type f -name '*.sls')"
;;
esac
## 201 - Fix trailing whitespace:

View File

@ -31,8 +31,15 @@ if test -n "${1-}"; then
fi
case "${find_tool}" in
fd|fdfind) files="$(${find_tool} . minion.d/ --extension=conf) $(${find_tool} . salt/ --max-depth=2 --type=f --extension=sls --extension=top | sort -d)";;
find) files="$(find minion.d/ -type f -name "*.conf") $(find salt/* -maxdepth 2 -type f \( -name '*.sls' -o -name '*.top' \) | sort -d)";;
fd|fdfind)
files="$(${find_tool} . minion.d/ --e conf)
$(${find_tool} . salt/ -d 2 -t f -e sls -e top | sort -d)"
;;
find)
files="$(find minion.d/ -type f -name "*.conf")
$(find salt/* -maxdepth 2 -type f \( -name '*.sls' -o -name '*.top' \) |
sort -d)"
;;
esac
exec salt-lint ${conf} ${files}

View File

@ -13,8 +13,38 @@ command -v git >/dev/null || { echo "Missing program: git" >&2; exit 1; }
cd "$(git rev-parse --show-toplevel)" || exit 1
./scripts/requires-program.sh shellcheck file
exit_code=0
find_tool="$(./scripts/best-program.sh fd fdfind find)"
show_long_lines(){
tty_stderr=0
if test -t 2; then
tty_stderr=1
fi
awk -v color="${tty_stderr}" '
BEGIN {
MAGENTA=""
GREEN=""
RESET=""
if (color == 1) {
MAGENTA="\033[1;35m"
GREEN="\033[1;32m"
RESET="\033[0m"
}
}
{
nlines++;
if (length > 78 && !/^\s*#.*(:\/\/|SPDX-)/) {
exit_code=1
prefix = MAGENTA FILENAME RESET ":" GREEN FNR RESET
print prefix ": line too long: " length " > 78" >"/dev/stderr"
if (nlines==NR) { if (exit_code==1) { exit 1; }; }
}
if (nlines==NR) { if (exit_code==1) { exit 1; }; }
}
' "${@}" >&2
}
if test -n "${1-}"; then
files=""
sh_files=""
@ -32,31 +62,40 @@ if test -n "${1-}"; then
if test -z "$files" && test -z "$sh_files"; then
exit 0
fi
test -z "$files" || shellcheck ${files}
test -z "$sh_files" || shellcheck -s sh ${sh_files}
exit
if test -n "${files}" || test -n "${sh_files}"; then
show_long_lines ${files} ${sh_files} || exit_code=1
fi
if test -n "${files}"; then
shellcheck ${files} || exit_code=1
fi
if test -n "${sh_files}"; then
shellcheck -s sh ${sh_files} || exit_code=1
fi
exit "${exit_code}"
fi
case "${find_tool}" in
fd|fdfind)
# shellcheck disable=2016,2215
files="$(${find_tool} . scripts/ salt/ --hidden --exclude=zsh --type=f \
--exec-batch file | awk -F ":" '/ shell script,/{ print $1 }')"
files="$(${find_tool} . scripts/ salt/ -H -E zsh -t f -X file |
awk -F ":" '/ shell script,/{ print $1 }')"
## No Shebang
sh_files="$(${find_tool} rc.local salt/ --type=f)"
;;
find)
files="$(find scripts/ salt/ -not \( -path "*/zsh" -prune \) -type f \
-exec file {} \+ | awk -F ":" '/ shell script,/{ print $1 }')"
-exec file {} \+ | awk -F ":" '/ shell script,/{ print $1 }')"
## No Shebang
sh_files="$(find salt/ -type f -name "rc.local")"
;;
esac
echo "${files}" | sort -u | tr " " "\n"
exit
files="$(echo "$files" | sort -u)"
sh_files="$(echo "$sh_files" | sort -u)"
#files="$(echo "$files" | sort -u)"
#sh_files="$(echo "$sh_files" | sort -u)"
#test -z "${files}" || shellcheck ${files}
#test -z "${sh_files}" || shellcheck -s sh ${sh_files}
show_long_lines ${files} ${sh_files} || exit_code=1
shellcheck ${files} || exit_code=1
if test -n "$sh_files"; then
shellcheck -s sh ${sh_files} || exit_code=1
fi
exit "${exit_code}"

View File

@ -27,8 +27,10 @@ escape_key(){
## Get scriptlet command, else fail safe.
get_scriptlet(){
scriptlet="$1"
scriptlet_begin="-- pkg:begin:${scriptlet} --"
scriptlet_end="-- pkg:end:${scriptlet} --"
scriptlet="$(sed -n \
"/^<\!-- pkg:begin:${scriptlet} -->$/,/^<\!-- pkg:end:${scriptlet} -->$/p" \
"/^<\!${scriptlet_begin}>$/,/^<\!${scriptlet_end}>$/p" \
"${readme}" | sed '/^```.*/d;/^\S*$/d;/^<\!-- pkg:/d;s/^sudo //')"
if test -z "${scriptlet}"; then
echo true
@ -159,7 +161,9 @@ if test "${1-}" = "test"; then
shift
fi
if echo "${@}" | grep -qE "(^scripts/| scripts/|/template.spec)" || test -z "${1-}"; then
if echo "${@}" | grep -qE "(^scripts/| scripts/|/template.spec)" ||
test -z "${1-}"
then
# shellcheck disable=SC2046
set -- $(find salt/ -mindepth 1 -maxdepth 1 -type d -printf '%f\n' \
| sort -d | tr "\n" " ")

View File

@ -13,7 +13,7 @@ usage(){
echo "Usage: ${0##*/} <NAME> <KEY>"
echo "Example: ${0##*/} qubes-builder description"
echo "Names: ${names}"
echo "Keys: ${keys}"
echo "Keys: $(echo "${keys}" | tr "\n" " ")"
}
block_max_chars(){
@ -21,13 +21,31 @@ block_max_chars(){
char_value="${2}"
less_than="${3}"
if test "${#char_value}" -ge "${less_than}"; then
echo "Error: ${char_key} is too long. Must be less than ${less_than} chars." >&2
echo "Error: ${char_key} is too long. Must be <${less_than} chars." >&2
echo "Key contents: ${char_value}" >&2
exit 1
fi
}
keys="name branch group file_roots requires packager vendor url bug_url version project project_dir changelog readme license_csv license description summary saltfiles"
keys="name
branch
group
file_roots
requires
packager
vendor
url
bug_url
version
project
project_dir
changelog
readme
license_csv
license
description
summary
saltfiles"
name=""
key=""
@ -97,7 +115,10 @@ fi
## project per directory. The disadvantage of the changelog below is it
# #doesn't differentiate commits per version and release, but per commit id.
if test "${key}" = "changelog"; then
changelog="$(TZ=UTC0 git log -n 50 --format=format:"* %cd %an <%ae> - %h%n- %s%n" --date=format:"%a %b %d %Y" -- "${project_dir}" | sed -re "s/^- +- */- /")"
changelog="$(TZ=UTC0 git log -n 50 \
--format=format:"* %cd %an <%ae> - %h%n- %s%n" \
--date=format:"%a %b %d %Y" -- "${project_dir}" | \
sed -re "s/^- +- */- /")"
fi
if test "${key}" = "description"; then
@ -117,7 +138,9 @@ if test "${key}" = "saltfiles" || test "${key}" = "requires"; then
saltfiles="$(find "${project_dir}" -maxdepth 1 -name "*.sls")"
# shellcheck disable=SC2086
if test -n "${saltfiles}"; then
requires="$(sed -n '/^include:$/,/^\s*$/p' -- ${saltfiles} | sed "/^\s*- \./d;/{/d" | grep "^\s*- " | cut -d "." -f1 | sort -u | sed "s/- //")"
requires="$(sed -n '/^include:$/,/^\s*$/p' -- ${saltfiles} |
sed "/^\s*- \./d;/{/d" | grep "^\s*- " | cut -d "." -f1 | sort -u |
sed "s/- //")"
if grep -qrn "{%-\? from \('\|\"\)utils" ${saltfiles}; then
if test -n "${requires}"; then
requires="${requires} utils"

View File

@ -37,6 +37,7 @@ for f in "$@"; do
## This is fragile, the table of contents should have at least one block
## separated by an empty line before the nest heading, else it will delete
## the rest of the file.
vim -c 'norm zRgg' -c '/^## Table of Contents$' -c 'norm jd}k' -c ':GenTocGFM' -c 'norm ddgg' -c wq -- "${f}"
vim -c 'norm zRgg' -c '/^## Table of Contents$' -c 'norm jd}k' \
-c ':GenTocGFM' -c 'norm ddgg' -c wq -- "${f}"
echo "Updated TOC in file: $f"
done