down KYLIN_ALL debs

debootstrap/cmd_debootstrap.sh

@@ -1,3 +1,76 @@
+#################### 创建本地源 ####################
+function reprepro() {
+    # 创建站点目录
+    mkdir -p /data/wwwroot/kylin/conf /data/wwwroot/kylin/key
+
+    GPG_ID=$(gpg --list-keys | sed -n '4p' | sed 's/ //g')
+
+    # 导出 GPG 公钥
+    gpg --armor -o /data/wwwroot/kylin/public.key --export ${GPG_ID}
+
+    cat >/data/wwwroot/kylin/conf/distributions <<EOF
+Origin: kylin-origin
+Label: kylin-label
+Suite: stable
+Codename: v101
+Version: 2022
+Architectures: amd64 i386 arm64
+Components: main
+Description: Kylin Package Archives
+SignWith: ${GPG_ID}
+EOF
+
+    # build tree
+    reprepro --ask-passphrase -Vb /data/wwwroot/kylin export
+    # 批量添加
+    reprepro --ask-passphrase -Vb /data/wwwroot/kylin -C main -A amd64 includedeb v101 /data/desktop-deb/*.deb
+
+    # 保存信息：
+    # Warning: database 'v101|main|amd64' was modified but no index file was exported.
+    # Changes will only be visible after the next 'export'!
+    # There have been errors!
+
+    # 类似的错误
+    # No section given for 'sd24plq', skipping.
+    # 1085 There have been errors!
+
+    # $ grep "No section" log.txt
+    # No section given for 'sdtmepos', skipping.
+    # No section given for 'hl3190cdwpdrv', skipping.
+    # No section given for 'sd24plq', skipping.
+    # No section given for 'sdzpl', skipping.
+    # No section given for 'sd24poki', skipping.
+    # No section given for 'sdcpcl', skipping.
+    # No section given for 'hll9310cdwpdrv', skipping.
+    # No section given for 'mfc9150cdnpdrv', skipping.
+
+    # 针对以上包 使用 -S thirdpart 参数
+    # 添加一个deb
+    reprepro --ask-passphrase -Vb /data/wwwroot/kylin -S thirdpart -C main -A amd64 includedeb v101 /data/desktop-deb/sdtmepos_1.0.0-1.2_amd64.deb
+    # 删除指定架构
+    reprepro --ask-passphrase -Vb /data/wwwroot/kylin -C main -A amd64 remove v101 sdtmepos
+
+    # 循环一个一个添加
+    for i in $(find /data/desktop-deb/ -name *.deb); do
+        echo $i
+        reprepro --ask-passphrase -Vb /data/wwwroot/kylin -C main -A amd64 includedeb v101 $i
+    done >>log.txt 2>&1
+
+    # 批量删除
+    reprepro -Vb /data/wwwroot/kylin list v101 | awk '{print $2}' | xargs -i reprepro --ask-passphrase -Vb /data/wwwroot/kylin -C main -A amd64 remove v101 {}
+
+    # 查看包列表
+    reprepro -Vb /data/wwwroot/kylin list v101
+
+    # 使用源
+    python3 -m http.server -d /data/wwwroot/
+    echo "deb [arch=amd64] http://172.29.220.242:8000/kylin v101 main" | sudo tee /etc/apt/sources.list.d/v101.list
+    # 添加公钥
+    wget -O - http://172.29.220.242:8000/kylin/public.key | sudo apt-key add -
+    # 更新软件源
+    sudo apt update
+}
+
 #################### docs ####################
 function docs() {
     # 源码: https://salsa.debian.org/installer-team/debootstrap

debootstrap/down-deb.sh

@@ -0,0 +1,18 @@
+# 本文件由源管理器管理，会定期检测与修复，请勿修改本文件
+# deb http://archive.kylinos.cn/kylin/KYLIN-ALL 10.1 main universe multiverse restricted
+# deb http://archive2.kylinos.cn/deb/kylin/production/PART-V10-SP1/custom/partner/V10-SP1 default all
+
+mkdir ~/KYLIN-ALL/arm64
+cd ~/KYLIN-ALL/arm64
+
+dpkg -l | grep "^ii" | awk '{print $2}' >arm64.list
+
+for i in $(cat arm64.list); do
+    # 判断麒麟软件源
+    if apt-cache madison $i | grep -q "kylin/KYLIN-ALL"; then
+        echo apt download $i
+        apt download $i
+    else
+        echo "partner: $i"
+    fi
+done

launchpad.dev/KY-CA.crt

@@ -0,0 +1,22 @@
+-----BEGIN CERTIFICATE-----
+MIIDkzCCAnugAwIBAgIJAKtgXlfnbpL+MA0GCSqGSIb3DQEBCwUAMFgxEjAQBgoJ
+kiaJk/IsZAEZFgJDTjEXMBUGCgmSJomT8ixkARkWB0tZTElOT1MxDDAKBgNVBAoT
+A1RLTDELMAkGA1UECxMCQ1AxDjAMBgNVBAMTBUtZLUNBMB4XDTE2MTAwOTA5MDIw
+OVoXDTM2MTAwOTA5MDIwOVowWDESMBAGCgmSJomT8ixkARkWAkNOMRcwFQYKCZIm
+iZPyLGQBGRYHS1lMSU5PUzEMMAoGA1UEChMDVEtMMQswCQYDVQQLEwJDUDEOMAwG
+A1UEAxMFS1ktQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfYlDK
+tKnBcdbJXJI5JzH5PBWo7E70Oec/QMrYbAUVlKj9it6YSvaqbvELYX0QLZv7m366
+bRFL985KA0Gi02WuMx9gpWchYlNHgxaA6dvBIOHQCfvHfAEUTtpKhlJDcFVKOfch
+jUZSpbW4U82d1cnlJ5S4t19V10xO7VLnoz/MWuYEDq43ekyTyrD095sXgFmchE4h
+ih6lwsx8zacBAk3Xvu8s0tuOFG0RA9tlRtQteZlyJASD4bifoYQVfKhTI1tn1kyf
++7fhztidASZsxU4u4KXtGSEiR4fCSudMqfIGB6MTD9MNG+M3iyH7NN9est61/gXW
+Wul23tY1r1ggd/xlAgMBAAGjYDBeMB0GA1UdDgQWBBSCePHsRai4wLJatMpWQ4rm
+nbcizzAfBgNVHSMEGDAWgBSCePHsRai4wLJatMpWQ4rmnbcizzAPBgNVHRMBAf8E
+BTADAQH/MAsGA1UdDwQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEAGb/TngjrXyzW
+sd3iuHK6dl+McEnW+8TmnBBK4QmaBgxAhrTPmdkQ1a5NsuZHhB9m7qjdBaxXI5kd
+WlFrLYwvnyzi08/kFbmIQucnhbKMaxw2U7dNVVBO85po81PFMs2RB2JowNOdWcYF
+gWybMdHPIG4DKTFlMKMAPyODsOgmii3SmbmVs707kqqnl8PkZ3hmLrIyTNQfanEI
+m6RtgMasdrfjkvdBOzY/xIQzEJaIJh6rfbzse+9Rtx3ZEtwhwcgh+UMVK5uVR2W2
+Uw9+0UAZTbESFlk8KEmKaM2tnwytwtwxT+yq/KXJbB9rFvylcFq25EInh8NKxHVD
+bRqTxoNfTg==
+-----END CERTIFICATE-----

launchpad.dev/KY-WEB.crt

@@ -0,0 +1,80 @@
+Certificate:
+    Data:
+        Version: 3 (0x2)
+        Serial Number: 1 (0x1)
+    Signature Algorithm: sha256WithRSAEncryption
+        Issuer: DC=CN, DC=KYLINOS, O=TKL, OU=CP, CN=KY-CA
+        Validity
+            Not Before: Oct  9 09:12:48 2016 GMT
+            Not After : Oct  9 09:12:48 2026 GMT
+        Subject: DC=CN, DC=KYLINOS, OU=CP, CN=KY-WEB
+        Subject Public Key Info:
+            Public Key Algorithm: rsaEncryption
+                Public-Key: (2048 bit)
+                Modulus:
+                    00:dd:d8:13:6c:ef:a1:d6:4e:89:25:d5:85:e1:07:
+                    e4:5a:e4:b6:c9:3e:65:e6:32:19:ad:02:78:80:85:
+                    ea:54:c6:b9:81:71:ca:08:7f:95:d3:06:5e:ed:5a:
+                    2f:b2:a7:aa:9f:24:e5:ef:38:a6:1c:d0:a5:f2:b3:
+                    bf:69:2b:6d:b9:64:ea:37:ee:2f:59:ce:30:a0:a9:
+                    54:c3:64:1f:63:07:90:27:a3:2c:34:33:37:74:6a:
+                    d6:84:8c:ef:ef:d9:a1:29:ec:66:81:35:bb:c4:36:
+                    41:24:28:c9:7e:fa:cd:fc:45:b5:b2:45:8c:7e:3c:
+                    32:0c:ef:1c:77:b4:0f:c0:af:fb:39:1c:c2:43:ad:
+                    f1:60:24:95:cb:01:98:82:92:07:54:12:86:1c:a5:
+                    ec:ba:a7:c7:85:39:be:16:c4:ee:27:02:65:aa:9f:
+                    6b:82:7f:a3:6b:49:51:7f:09:22:2a:55:63:82:ea:
+                    b0:1e:e1:9f:80:c5:be:5c:78:07:12:59:62:1e:3d:
+                    bb:e9:1b:bb:85:af:b3:cc:cd:1c:25:b7:0f:58:c3:
+                    8b:e8:bf:c0:25:d4:24:86:6c:ba:90:20:31:2a:6b:
+                    25:24:71:e9:f5:6d:a6:91:6f:e4:c1:2d:1c:b1:be:
+                    58:58:ca:8b:2b:d7:85:d1:11:51:f0:d1:59:a7:66:
+                    ed:53
+                Exponent: 65537 (0x10001)
+        X509v3 extensions:
+            X509v3 Subject Key Identifier: 
+                95:8E:B4:98:7B:13:D3:3E:80:7F:F9:D4:F3:06:B4:41:F2:CB:36:05
+            X509v3 Authority Key Identifier: 
+                keyid:82:78:F1:EC:45:A8:B8:C0:B2:5A:B4:CA:56:43:8A:E6:9D:B7:22:CF
+
+            X509v3 Basic Constraints: critical
+                CA:TRUE
+            X509v3 Key Usage: 
+                Certificate Sign, CRL Sign
+    Signature Algorithm: sha256WithRSAEncryption
+         d1:5f:a4:66:8d:4a:ac:fc:b5:83:b3:14:97:af:53:18:2d:9b:
+         db:ae:e3:01:98:13:36:df:5d:db:64:36:35:c5:52:4e:35:72:
+         3f:81:0a:46:10:d0:30:8e:b6:3c:95:da:1d:03:a7:79:0f:d2:
+         9c:3e:af:ff:8b:8c:91:43:d0:e6:bf:dc:93:3c:d1:6b:cb:8a:
+         5a:d4:bd:b0:cf:0c:1f:95:0c:d5:2f:8a:c4:bd:60:4d:60:22:
+         62:2c:32:ec:3d:66:6c:e2:d3:21:50:10:07:66:6c:09:0b:56:
+         38:98:59:71:ab:1d:7d:73:b0:dd:17:7c:fc:67:df:44:32:82:
+         61:a5:34:6c:87:1e:bd:be:80:62:46:42:7e:e9:5d:1f:a9:a7:
+         13:c2:7d:09:5b:e4:7a:c3:6a:30:82:0b:8a:71:da:d2:29:c2:
+         77:c8:00:e9:e7:11:a8:54:de:e9:dc:c5:03:2e:05:84:f0:17:
+         c4:bd:a2:64:ec:6b:32:a0:d4:f5:f0:d8:3d:0e:00:54:63:66:
+         3e:f9:76:4b:f7:6a:13:d4:0e:16:24:f2:70:97:ca:ce:99:db:
+         da:b2:09:1b:10:6a:5d:1c:1b:ad:87:01:3e:54:69:4c:29:fe:
+         c3:26:f6:e9:7e:5f:96:21:15:df:f3:ac:d2:48:a3:ed:ca:64:
+         60:29:33:64
+-----BEGIN CERTIFICATE-----
+MIIDfjCCAmagAwIBAgIBATANBgkqhkiG9w0BAQsFADBYMRIwEAYKCZImiZPyLGQB
+GRYCQ04xFzAVBgoJkiaJk/IsZAEZFgdLWUxJTk9TMQwwCgYDVQQKEwNUS0wxCzAJ
+BgNVBAsTAkNQMQ4wDAYDVQQDEwVLWS1DQTAeFw0xNjEwMDkwOTEyNDhaFw0yNjEw
+MDkwOTEyNDhaMEsxEjAQBgoJkiaJk/IsZAEZFgJDTjEXMBUGCgmSJomT8ixkARkW
+B0tZTElOT1MxCzAJBgNVBAsTAkNQMQ8wDQYDVQQDEwZLWS1XRUIwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDd2BNs76HWTokl1YXhB+Ra5LbJPmXmMhmt
+AniAhepUxrmBccoIf5XTBl7tWi+yp6qfJOXvOKYc0KXys79pK225ZOo37i9ZzjCg
+qVTDZB9jB5Anoyw0Mzd0ataEjO/v2aEp7GaBNbvENkEkKMl++s38RbWyRYx+PDIM
+7xx3tA/Ar/s5HMJDrfFgJJXLAZiCkgdUEoYcpey6p8eFOb4WxO4nAmWqn2uCf6Nr
+SVF/CSIqVWOC6rAe4Z+Axb5ceAcSWWIePbvpG7uFr7PMzRwltw9Yw4vov8Al1CSG
+bLqQIDEqayUkcen1baaRb+TBLRyxvlhYyosr14XREVHw0VmnZu1TAgMBAAGjYDBe
+MB0GA1UdDgQWBBSVjrSYexPTPoB/+dTzBrRB8ss2BTAfBgNVHSMEGDAWgBSCePHs
+Rai4wLJatMpWQ4rmnbcizzAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAN
+BgkqhkiG9w0BAQsFAAOCAQEA0V+kZo1KrPy1g7MUl69TGC2b267jAZgTNt9d22Q2
+NcVSTjVyP4EKRhDQMI62PJXaHQOneQ/SnD6v/4uMkUPQ5r/ckzzRa8uKWtS9sM8M
+H5UM1S+KxL1gTWAiYiwy7D1mbOLTIVAQB2ZsCQtWOJhZcasdfXOw3Rd8/GffRDKC
+YaU0bIcevb6AYkZCfuldH6mnE8J9CVvkesNqMIILinHa0inCd8gA6ecRqFTe6dzF
+Ay4FhPAXxL2iZOxrMqDU9fDYPQ4AVGNmPvl2S/dqE9QOFiTycJfKzpnb2rIJGxBq
+XRwbrYcBPlRpTCn+wyb26X5fliEV3/Os0kij7cpkYCkzZA==
+-----END CERTIFICATE-----

config-certs.sh → launchpad.dev/config-certs.sh

@@ -7,8 +7,11 @@ if [ "$(id -u)" != "0" ]; then
 fi
 
 # 以root权限执行
-[ -f /usr/share/ca-certificates/KY-WEB.crt ] || wget -q http://pki.kylin.com/ca/KY-WEB.crt -O /usr/share/ca-certificates/KY-WEB.crt
-[ -f /usr/share/ca-certificates/KY-CA.crt ] || wget -q http://pki.kylin.com/ca/KY-CA.crt -O /usr/share/ca-certificates/KY-CA.crt
+# [ -f /usr/share/ca-certificates/KY-WEB.crt ] || wget -q http://pki.kylin.com/ca/KY-WEB.crt -O /usr/share/ca-certificates/KY-WEB.crt
+# [ -f /usr/share/ca-certificates/KY-CA.crt ] || wget -q http://pki.kylin.com/ca/KY-CA.crt -O /usr/share/ca-certificates/KY-CA.crt
+
+sudo cp KY-WEB.crt /usr/share/ca-certificates/KY-WEB.crt
+sudo cp KY-CA.crt /usr/share/ca-certificates/KY-CA.crt
 
 CONFIG_FILE=/etc/ca-certificates.conf
 CONFIG_STRING_FLAG="# ====== kylin certs ======"

launchpad.dev/launchpad.sh

@@ -6,5 +6,13 @@ if [ ! -f ~/.devscripts ]; then
     cp .devscripts ~
 fi
 
+# 列出秘钥
+# gpg --list-keys
+
+# 备份
+# gpg -a -o public-file.key --export 8AC0AB86C34ADC6ED110A5A9E6730F4374866065
+# gpg -a -o private-file.key --export-secret-keys 8AC0AB86C34ADC6ED110A5A9E6730F4374866065
+
+# 还原
 gpg --import my-gpg/public-file.key
 gpg --import my-gpg/private-file.key