From dada2f255daaa2fb493ec8c7d47e2a8123aea494 Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Mon, 26 Jan 2026 17:36:38 -0600 Subject: refactor(dotfiles): rename system/ to common/ and remove unused configs Rename dotfiles/system to dotfiles/common for clarity - indicates shared dotfiles used across all desktop environments (DWM, Hyprland). Removed config directories for uninstalled applications: - ghostty (using different terminal) - lf (using ranger instead) - mopidy (using mpd instead) - nitrogen (X11-only, obsolete for Wayland) - pychess (not installed) - JetBrains (not installed via archsetup) - youtube-dl (using yt-dlp with different config location) Kept audacious config for potential future use. Updated all references in archsetup, CLAUDE.md, todo.org, and validation.sh. Co-Authored-By: Claude Opus 4.5 --- dotfiles/common/.local/bin/get-arch-iso.sh | 78 ++++++++++++++++++++++++++++++ 1 file changed, 78 insertions(+) create mode 100755 dotfiles/common/.local/bin/get-arch-iso.sh (limited to 'dotfiles/common/.local/bin/get-arch-iso.sh') diff --git a/dotfiles/common/.local/bin/get-arch-iso.sh b/dotfiles/common/.local/bin/get-arch-iso.sh new file mode 100755 index 0000000..635034a --- /dev/null +++ b/dotfiles/common/.local/bin/get-arch-iso.sh @@ -0,0 +1,78 @@ +#!/usr/bin/env bash +# fetch-arch-iso.sh +# Downloads the latest Arch ISO + signature, checks GPG key, verifies the download. + +set -u +set -o pipefail + +# CONFIGURATION +BASE_DIR="${HOME}/downloads/isos" +ISO_NAME="archlinux-x86_64.iso" +SIG_NAME="${ISO_NAME}.sig" +ISO_URL="https://geo.mirror.pkgbuild.com/iso/latest/${ISO_NAME}" +SIG_URL="https://geo.mirror.pkgbuild.com/iso/latest/${SIG_NAME}" +# The “Arch Linux Master Key” is what signs the ISO. We look for its name in your keyring. +ARCH_KEY_SEARCH="Arch Linux Master Key" + +# 1) Build target directory, e.g. ~/downloads/isos/archlinux.2025.08.22 +today=$(date +%Y.%m.%d) +TARGET_DIR="${BASE_DIR}/archlinux.${today}" + +mkdir -p "${TARGET_DIR}" || { + echo "Error: could not create ${TARGET_DIR}" >&2 + exit 1 +} + +# 2) A small helper to download with one retry +download_with_retry() { + local url=$1 out=$2 + echo " -> Downloading ${url} to ${out}" + if ! wget -q --show-progress -O "${out}" "${url}"; then + echo " First attempt failed; retrying once..." + if ! wget -q --show-progress -O "${out}" "${url}"; then + echo "Error: failed to download ${url} after 2 tries." + echo " Please check your network connectivity." + exit 1 + fi + fi +} + +# 3) Make sure GPG is installed (we assume gpg binary exists) +if ! command -v gpg >/dev/null; then + echo "Error: gpg is not installed. Please install it and re-run." + exit 1 +fi + +# 4) Check for the Arch Linux signing key +if ! gpg --list-keys "${ARCH_KEY_SEARCH}" >/dev/null 2>&1; then + echo "Warning: Arch Linux signing key not found in your keyring." + read -p "Install archlinux-keyring package now? [y/N] " ans + ans=${ans,,} # tolower + if [[ "${ans}" == "y" || "${ans}" == "yes" ]]; then + sudo pacman -Sy --needed archlinux-keyring || { + echo "Error: could not install archlinux-keyring." >&2 + exit 1 + } + else + echo "Cannot verify ISO without the Arch key. Aborting." + exit 1 + fi +fi + +# 5) Download the ISO and its .sig +download_with_retry "${ISO_URL}" "${TARGET_DIR}/${ISO_NAME}" +download_with_retry "${SIG_URL}" "${TARGET_DIR}/${SIG_NAME}" + +# 6) Verify the ISO against the signature +echo " -> Verifying the ISO with GPG..." +if gpg --verify "${TARGET_DIR}/${SIG_NAME}" "${TARGET_DIR}/${ISO_NAME}"; then + echo + echo "SUCCESS: The ISO signature is valid." + echo "You can now burn or mount ${TARGET_DIR}/${ISO_NAME} with confidence." + exit 0 +else + echo + echo "ERROR: GPG signature verification failed!" + echo " The downloaded ISO may be corrupted or tampered with." + exit 1 +fi -- cgit v1.2.3