diff options
| author |   Jason A. Donenfeld <Jason@zx2c4.com> | 2019-10-13 20:00:26 +0200 |
|---|---|---|
| committer | Jason A. Donenfeld <Jason@zx2c4.com> | 2019-10-14 13:03:10 +0200 |
| commit | e3f0f43bb81119eafeb04b66cb7deacd5c1db743 (patch) | |
| tree | 3141511288cc86bcf6b16eed3a28ba1590513555 /util | |
| download | android-wireguard-module-builder-e3f0f43bb81119eafeb04b66cb7deacd5c1db743.tar.xz android-wireguard-module-builder-e3f0f43bb81119eafeb04b66cb7deacd5c1db743.zip | |
Initial commit
Diffstat (limited to 'util')
| -rwxr-xr-x | util/extract-version-hash-from-factory.bash | 19 | ||||
| -rw-r--r-- | util/server.conf | 3 | ||||
| -rwxr-xr-x | util/sign-and-upload.bash | 19 |
3 files changed, 41 insertions, 0 deletions
diff --git a/util/extract-version-hash-from-factory.bash b/util/extract-version-hash-from-factory.bash new file mode 100755 index 0000000..a9e0778 --- /dev/null +++ b/util/extract-version-hash-from-factory.bash @@ -0,0 +1,19 @@ +#!/bin/bash +set -e + +URL="$1" +# Expecting URL like https://dl.google.com/dl/android/aosp/crosshatch-qp1a.191005.007-factory-2989a08d.zip +[[ -n $URL ]] || { echo "Usage: $0 URL" >&2; exit 1; } + +D="$(mktemp -d)" +trap 'rm -rf "$D"' INT TERM EXIT +cd "$D" + +curl -#o out.zip "$URL" +bsdtar --strip-components 1 -xvf out.zip +bsdtar -xvf image-*.zip boot.img +abootimg -x boot.img +unlz4 zImage Image +version="$(strings Image | grep '^Linux version [^%]' | head -n 1)" +[[ -n $version ]] || { echo "ERROR: no proper version in image" >&2; exit 1; } +printf '\n==========================================\n\n%s|%s\n' "$(echo "$version" | sha256sum | cut -d ' ' -f 1)" "$version" diff --git a/util/server.conf b/util/server.conf new file mode 100644 index 0000000..dcf2fa1 --- /dev/null +++ b/util/server.conf @@ -0,0 +1,3 @@ +WEB_SERVER=metheny.zx2c4.com +SERVER_PATH=/var/www/htdocs/download.wireguard.com/android-module/ +SIGNING_KEY="$HOME/Projects/yubihsm/keys/wireguard-android-module.sec" diff --git a/util/sign-and-upload.bash b/util/sign-and-upload.bash new file mode 100755 index 0000000..6d80694 --- /dev/null +++ b/util/sign-and-upload.bash @@ -0,0 +1,19 @@ +#!/bin/bash +set -ex + +BASE="$(readlink -f "$(dirname "$(readlink -f "$0")")")" +source "$BASE/server.conf" +SSH_OPTS=( -q -o ControlMaster=auto -o ControlPath=../.ssh-deployment.sock ) + +cd "$BASE/../out" +sha256sum *.ko > modules.txt +signify -S -e -s "$SIGNING_KEY" -m modules.txt +rm modules.txt + +ssh "${SSH_OPTS[@]}" -Nf "$WEB_SERVER" +ssh -t "${SSH_OPTS[@]}" $WEB_SERVER "sudo -u nginx -v" +rsync -aizm --delete --rsh="ssh ${SSH_OPTS[*]}" --rsync-path="sudo -n -u nginx rsync" ./ "$WEB_SERVER:$SERVER_PATH" +ssh -t "${SSH_OPTS[@]}" "$WEB_SERVER" "sudo chown -R nginx:nginx '$SERVER_PATH'" +ssh -t "${SSH_OPTS[@]}" "$WEB_SERVER" "sudo find '$SERVER_PATH' -type f -exec chmod 640 {} \;; sudo find '$SERVER_PATH' -type d -exec chmod 750 {} \;;" +ssh -O exit "${SSH_OPTS[@]}" "$WEB_SERVER" + |