1+ #! /usr/bin/env bash
2+
3+ # VERSION=0.0.1
4+ # -------------------------------------------------------#
5+ # # <DO NOT RUN STANDALONE, meant for CI Only>
6+ # # Meant to Setup Build Machine
7+ # # Self: https://raw.githubusercontent.com/pkgforge/pkgcache/refs/heads/main/scripts/runner/setup_riscv64-Linux.sh
8+ # bash <(curl -qfsSL "https://raw.githubusercontent.com/pkgforge/pkgcache/refs/heads/main/scripts/runner/setup_$(uname -m)-$(uname -s).sh")
9+ # ##-----------------------------------------------------###
10+ # ## Setups Essential Tools & Preps Sys Environ for Deps ###
11+ # ## This Script must be run as `root` (passwordless) ###
12+ # ## Assumptions: Arch: riscv64 | OS: Debian 64bit ###
13+ # ##-----------------------------------------------------###
14+
15+ # -------------------------------------------------------#
16+ # #ENV
17+ if [ -z " ${SYSTMP+x} " || [ -z " ${SYSTMP##* [[:space:]]} " ; then
18+ SYSTMP=" $( dirname $( mktemp -u) ) " && export SYSTMP=" ${SYSTMP} "
19+ fi
20+ USER=" $( whoami) " && export USER=" ${USER} "
21+ HOME=" $( getent passwd ${USER} | cut -d: -f6) " && export HOME=" ${HOME} "
22+ if command -v awk & > /dev/null && command -v sed & > /dev/null; then
23+ PATH=" $( echo " ${PATH} " | awk ' BEGIN{RS=":";ORS=":"}{gsub(/\n/,"");if(!a[$0]++)print}' | sed ' s/:*$//' ) " ; export PATH
24+ fi
25+ # -------------------------------------------------------#
26+ # #Sanity Checks
27+ # #Check if it was recently initialized
28+ # +360 --> 06 Hrs
29+ # +720 --> 12 HRs
30+ # +1440 --> 24 HRs
31+ find " ${SYSTMP} /INITIALIZED" " {}" \; 2> /dev/null
32+ if [ -s " ${SYSTMP} /INITIALIZED" ; then
33+ echo -e " \n[+] Recently Initialized... (Skipping!)\n"
34+ export CONTINUE=" YES"
35+ return 0 || exit 0
36+ else
37+ # #Sane Configs
38+ # In case of removed/privated GH repos
39+ # https://git-scm.com/docs/git#Documentation/git.txt-codeGITTERMINALPROMPTcode
40+ export GIT_TERMINAL_PROMPT=" 0"
41+ # https://git-scm.com/docs/git#Documentation/git.txt-codeGITASKPASScode
42+ export GIT_ASKPASS=" /bin/echo"
43+ # Eget
44+ EGET_TIMEOUT=" timeout -k 1m 2m" && export EGET_TIMEOUT=" ${EGET_TIMEOUT} "
45+ # #Check for apt
46+ if ! command -v apt & > /dev/null; then
47+ echo -e " \n[-] apt NOT Found"
48+ echo -e " \n[+] Maybe not on Debian (Debian Based Distro) ?\n"
49+ # Fail & exit
50+ export CONTINUE=" NO"
51+ return 1 || exit 1
52+ else
53+ # Export as noninteractive
54+ export DEBIAN_FRONTEND=" noninteractive"
55+ export CONTINUE=" YES"
56+ fi
57+ # #Check for sudo
58+ if [ " ${CONTINUE} " == " YES" ; then
59+ if ! command -v sudo & > /dev/null; then
60+ echo -e " \n[-] sudo NOT Installed"
61+ echo -e " \n[+] Trying to Install\n"
62+ # Try to install
63+ apt-get update -y 2> /dev/null ; apt-get dist-upgrade -y 2> /dev/null ; apt-get upgrade -y 2> /dev/null
64+ apt install sudo -y 2> /dev/null
65+ # Fail if it didn't work
66+ if ! command -v sudo & > /dev/null; then
67+ echo -e " [-] Failed to Install sudo (Maybe NOT root || NOT enough perms)\n"
68+ # exit
69+ export CONTINUE=" NO"
70+ return 1 || exit 1
71+ fi
72+ fi
73+ fi
74+ # #Check for passwordless sudo
75+ if [ " ${CONTINUE} " == " YES" ; then
76+ if sudo -n true 2> /dev/null; then
77+ echo -e " \n[+] Passwordless sudo is Configured"
78+ sudo grep -E ' ^\s*[^#]*\s+ALL\s*=\s*\(\s*ALL\s*\)\s+NOPASSWD:' " /etc/sudoers" 2> /dev/null
79+ else
80+ echo -e " \n[-] Passwordless sudo is NOT Configured"
81+ echo -e " \n[-] READ: https://web.archive.org/web/20230614212916/https://linuxhint.com/setup-sudo-no-password-linux/\n"
82+ # exit
83+ export CONTINUE=" NO"
84+ return 1 || exit 1
85+ fi
86+ fi
87+ # #Install Needed CMDs
88+ bash <( curl -qfsSL " https://raw.githubusercontent.com/pkgforge/devscripts/main/Linux/install_bins_curl.sh" )
89+ sudo curl -qfsSL " https://github.com/pkgforge/bin/releases/download/riscv64-Linux/trufflehog" " /usr/local/bin/trufflehog"
90+ sudo chmod +x " /usr/local/bin/trufflehog"
91+ # #Check Needed CMDs
92+ for DEP_CMD in eget gh glab minisign oras rclone shellcheck soar zstd; do
93+ case " $( command -v " ${DEP_CMD} " 2> /dev/null) " in
94+ " " echo -e " \n[✗] FATAL: ${DEP_CMD} is NOT INSTALLED\n"
95+ export CONTINUE=" NO"
96+ return 1 || exit 1 ;;
97+ esac
98+ done
99+ # #Check for GITHUB_TOKEN
100+ if [ -n " ${GITHUB_TOKEN+x} " && [ -n " ${GITHUB_TOKEN##* [[:space:]]} " ; then
101+ echo -e " \n[+] GITHUB_TOKEN is Exported"
102+ # #gh-cli (uses ${GITHUB_TOKEN} env var)
103+ # echo "${GITHUB_TOKEN}" | gh auth login --with-token
104+ gh auth status
105+ # #eget
106+ # 5000 req/minute (80 req/minute)
107+ eget --rate
108+ else
109+ # 60 req/hr
110+ echo -e " \n[-] GITHUB_TOKEN is NOT Exported"
111+ echo -e " Export it to avoid ratelimits\n"
112+ eget --rate
113+ export CONTINUE=" NO"
114+ return 1 || exit 1
115+ fi
116+ # #Check for GHCR_TOKEN
117+ if [ -n " ${GHCR_TOKEN+x} " && [ -n " ${GHCR_TOKEN##* [[:space:]]} " ; then
118+ echo -e " \n[+] GHCR_TOKEN is Exported"
119+ # echo "${GHCR_TOKEN}" | oras login --username "Azathothas" --password-stdin "ghcr.io"
120+ oras login --username " Azathothas" " ${GHCR_TOKEN} " " ghcr.io"
121+ else
122+ echo -e " \n[-] GHCR_TOKEN is NOT Exported"
123+ echo -e " Export it to avoid ghcr\n"
124+ export CONTINUE=" NO"
125+ return 1 || exit 1
126+ fi
127+ # #Check for Gitlab Token
128+ if [ -n " ${GITLAB_TOKEN+x} " && [ -n " ${GITLAB_TOKEN##* [[:space:]]} " ; then
129+ echo -e " \n[+] GITLAB is Exported"
130+ glab auth status
131+ else
132+ echo -e " \n[-] GITLAB_TOKEN is NOT Exported"
133+ echo -e " Export it to avoid ratelimits\n"
134+ export CONTINUE=" NO"
135+ return 1 || exit 1
136+ fi
137+ # #Check for Minisign
138+ if [[ ! -s " ${HOME} /.minisign/pkgforge.key" || $( stat -c%s " ${HOME} /.minisign/pkgforge.key" ) -le 10 ]]; then
139+ if [ -n " ${MINISIGN_KEY+x} " && [ -n " ${MINISIGN_KEY##* [[:space:]]} " ; then
140+ mkdir -pv " ${HOME} /.minisign" && \
141+ echo ' pkgforge-minisign: minisign encrypted secret key' > " ${HOME} /.minisign/pkgforge.key" && \
142+ echo " ${MINISIGN_KEY} " >> " ${HOME} /.minisign/pkgforge.key"
143+ # https://github.com/pkgforge/.github/blob/main/keys/minisign.pub
144+ export MINISIGN_PUB_KEY=' RWSWp/oBUfND5B2fSmDlYaBXPimGV+r2s9skVRYTQ5cJ+7i6ff/1Nxcr'
145+ else
146+ echo -e " \n[-] MINISIGN_KEY is NOT Exported"
147+ echo -e " Export it to Use minisign (Signing)\n"
148+ export CONTINUE=" NO"
149+ return 1 || exit 1
150+ fi
151+ else
152+ export MINISIGN_PUB_KEY=' RWSWp/oBUfND5B2fSmDlYaBXPimGV+r2s9skVRYTQ5cJ+7i6ff/1Nxcr'
153+ fi
154+ fi
155+ # -------------------------------------------------------#
156+
157+
158+ # -------------------------------------------------------#
159+ # #Main
160+ pushd " $( mktemp -d) " & > /dev/null
161+ echo -e " \n\n [+] Started Initializing $( uname -mnrs) $( TZ=' UTC' ' %A, %Y-%m-%d (%I:%M:%S %p)' ) "
162+ echo -e " [+] USER = ${USER} "
163+ echo -e " [+] HOME = ${HOME} "
164+ echo -e " [+] PATH = ${PATH} \n"
165+ # ----------------------#
166+ # Docker
167+ if [[ " ${INSIDE_PODMAN} " != " TRUE" ; then
168+ # Doesn't work inside podman
169+ if ! command -v docker & > /dev/null; then
170+ sudo apt install " docker.io"
171+ else
172+ docker --version
173+ fi
174+ # Test
175+ if ! command -v docker & > /dev/null; then
176+ echo -e " \n[-] docker NOT Found\n"
177+ export CONTINUE=" NO"
178+ return 1 || exit 1
179+ else
180+ sudo systemctl status " docker.service"
181+ if ! sudo systemctl is-active --quiet docker; then
182+ sudo service docker restart & > /dev/null ; sleep 10
183+ fi
184+ sudo systemctl status " docker.service"
185+ fi
186+ if ! command -v podman & > /dev/null; then
187+ sudo apt install podman -y
188+ fi
189+ sudo apt install aardvark-dns iproute2 jq iptables netavark -y
190+ sudo mkdir -p " /etc/containers"
191+ echo " [engine]" | sudo tee -a " /etc/containers/containers.conf"
192+ echo " lock_type = \" file\" " | sudo tee -a " /etc/containers/containers.conf"
193+ fi
194+ # ----------------------#
195+ # #Nix
196+ [[ -f " ${HOME} /.bash_profile" && source " ${HOME} /.bash_profile"
197+ [[ -f " ${HOME} /.nix-profile/etc/profile.d/nix.sh" && source " ${HOME} /.nix-profile/etc/profile.d/nix.sh"
198+ hash -r & > /dev/null
199+ if ! command -v nix > /dev/null 2>&1 ; then
200+ pushd " $( mktemp -d) " & > /dev/null
201+ curl -qfsSL " https://raw.githubusercontent.com/pkgforge/devscripts/refs/heads/main/Linux/install_nix.sh" " ./install_nix.sh"
202+ dos2unix --quiet " ./install_nix.sh" ; chmod +x " ./install_nix.sh"
203+ bash " ./install_nix.sh"
204+ [[ -f " ${HOME} /.bash_profile" && source " ${HOME} /.bash_profile"
205+ [[ -f " ${HOME} /.nix-profile/etc/profile.d/nix.sh" && source " ${HOME} /.nix-profile/etc/profile.d/nix.sh"
206+ rm -rf " ./install_nix.sh" 2> /dev/null ; popd & > /dev/null
207+ fi
208+ # Test
209+ if ! command -v nix & > /dev/null; then
210+ echo -e " \n[-] nix NOT Found\n"
211+ export CONTINUE=" NO"
212+ return 1 || exit 1
213+ else
214+ # Add Env vars
215+ export NIXPKGS_ALLOW_BROKEN=" 1"
216+ export NIXPKGS_ALLOW_UNFREE=" 1"
217+ export NIXPKGS_ALLOW_UNSUPPORTED_SYSTEM=" 1"
218+ # Add Tokens
219+ echo " access-tokens = github.com=${GITHUB_TOKEN} " | sudo tee -a " /etc/nix/nix.conf" > /dev/null 2>&1
220+ # Update Channels
221+ nix --version && nix-channel --list && nix-channel --update
222+ # Seed Local Data
223+ nix derivation show " nixpkgs#hello" > /dev/null 2>&1
224+ fi
225+ # #Clean
226+ if [ " ${CONTINUE} " == " YES" ; then
227+ echo " INITIALIZED" > " ${SYSTMP} /INITIALIZED"
228+ rm -rf " ${SYSTMP} /init_Debian" 2> /dev/null
229+ # -------------------------------------------------------#
230+ # #END
231+ echo -e " \n\n [+] Finished Initializing $( uname -mnrs) $( TZ=' UTC' ' %A, %Y-%m-%d (%I:%M:%S %p)' ) "
232+ # In case of polluted env
233+ unset AR AS CC CFLAGS CPP CXX CPPFLAGS CXXFLAGS DLLTOOL HOST_CC HOST_CXX LD LDFLAGS LIBS NM OBJCOPY OBJDUMP RANLIB READELF SIZE STRINGS STRIP SYSROOT
234+ fi
235+ rm -rf " $( realpath .) " && popd & > /dev/null
236+ echo -e " \n[+] Continue : ${CONTINUE} \n"
237+ # -------------------------------------------------------#
0 commit comments