-
-
Notifications
You must be signed in to change notification settings - Fork 30
/
update_all.sh
executable file
·153 lines (128 loc) · 5.26 KB
/
update_all.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
#!/bin/bash
# Copyright (c) 2022-2024 José Manuel Barroso Galindo <[email protected]>
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
# You can download the latest version of this tool from:
# https://github.com/theypsilon/Update_All_MiSTer
set -euo pipefail
SCRIPT_PATH="/tmp/update_all.sh"
LATEST_SCRIPT_PATH="/media/fat/Scripts/.config/update_all/update_all_latest.zip"
CACERT_PEM="/etc/ssl/certs/cacert.pem"
if (( $(date +%Y) < 2000 )) ; then
NTP_SERVER="0.pool.ntp.org"
echo "Syncing date and time with $NTP_SERVER"
echo
if ntpdate -s -b -u $NTP_SERVER ; then
echo "Date and time is:"
echo "$(date)"
echo
elif [[ "${CURL_SSL:-}" != "--insecure" ]] ; then
echo "Unable to sync."
echo "Please, try again later."
exit 1
fi
fi
if [ -s "${CACERT_PEM}" ] ; then
export CURL_CA_BUNDLE="${CACERT_PEM}"
fi
download_file() {
local DOWNLOAD_PATH="${1}"
local DOWNLOAD_URL="${2}"
for (( COUNTER=0; COUNTER<=60; COUNTER+=1 )); do
if [ ${COUNTER} -ge 1 ] ; then
sleep 1s
fi
set +e
curl ${CURL_SSL:-} --silent --fail --location -o "${DOWNLOAD_PATH}" "${DOWNLOAD_URL}"
local CMD_RET=$?
set -e
case ${CMD_RET} in
0)
export CURL_SSL="${CURL_SSL:-}"
return
;;
60|77|35|51|58|59|82|83)
set +e
dialog --keep-window --title "Bad Certificates" --defaultno \
--yesno "CA certificates need to be fixed, do you want me to fix them?\n\nNOTE: This operation will delete files at /etc/ssl/certs" \
7 65
local DIALOG_RET=$?
set -e
if [[ "${DIALOG_RET}" == "0" ]] ; then
local RO_ROOT="false"
if mount | grep "on / .*[(,]ro[,$]" -q ; then
RO_ROOT="true"
fi
[ "${RO_ROOT}" == "true" ] && mount / -o remount,rw
rm /etc/ssl/certs/* 2> /dev/null || true
echo
echo "Installing cacert.pem from https://curl.se"
curl --insecure --location -o /tmp/cacert.pem "https://curl.se/ca/cacert.pem"
curl --insecure --location -o /tmp/cacert.pem.sha256 "https://curl.se/ca/cacert.pem.sha256"
local DOWNLOAD_SHA256=$(cat /tmp/cacert.pem.sha256 | awk '{print $1}')
local CALCULATED_SHA256=$(sha256sum /tmp/cacert.pem | awk '{print $1}')
if [[ "${DOWNLOAD_SHA256}" == "${CALCULATED_SHA256}" ]]; then
mv /tmp/cacert.pem /etc/ssl/certs/cacert.pem
sync
else
echo "Checksum validation for downloaded CA certificate failed."
continue
fi
[ "${RO_ROOT}" == "true" ] && mount / -o remount,ro
echo
export CURL_SSL="--cacert /etc/ssl/certs/cacert.pem"
continue
fi
set +e
dialog --keep-window --title "Insecure Connection" --defaultno \
--yesno "Would you like to run this tool using an insecure connection?\n\nNOTE: You should fix the certificates instead." \
7 67
DIALOG_RET=$?
set -e
if [[ "${DIALOG_RET}" == "0" ]] ; then
echo
echo "WARNING! Connection is insecure."
export CURL_SSL="--insecure"
sleep 5s
echo
continue
fi
echo "No secure connection is possible without fixing the certificates."
exit 1
;;
*)
echo "No Internet connection, please try again later."
exit 1
;;
esac
done
echo "Internet connection failed, please try again later."
exit 1
}
echo -n "Launching Update All"
rm ${SCRIPT_PATH} 2> /dev/null || true
if [ -s "${LATEST_SCRIPT_PATH}" ] ; then
cp "${LATEST_SCRIPT_PATH}" "${SCRIPT_PATH}"
if [[ "${CURL_SSL:-}" != "--insecure" ]] ; then
download_file "/dev/null" "https://raw.githubusercontent.com/theypsilon/Update_All_MiSTer/master/update_all.sh"
fi
else
download_file "${SCRIPT_PATH}" "https://raw.githubusercontent.com/theypsilon/Update_All_MiSTer/master/dont_download2.sh"
echo -n "!"
fi
echo ; echo
chmod +x "${SCRIPT_PATH}"
if ! "${SCRIPT_PATH}" ; then
echo -e "Update All failed!\n"
exit 1
fi
rm ${SCRIPT_PATH} 2> /dev/null || true
exit 0