feat: add ssh and vim, make scp possible

.drone.yml

@@ -11,27 +11,29 @@ steps:
 - name: markdown lint
   commands:
   - markdownlint *.md
-  image: docker.io/volkerraschek/markdownlint:0.29.0
+  image: docker.io/volkerraschek/markdownlint:0.33.0
   resources:
     limits:
-      cpu: 50
+      cpu: 150
-      memory: 50M
+      memory: 150M
 
 - name: email-notification
   environment:
-    PLUGIN_HOST:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
       from_secret: smtp_host
-    PLUGIN_USERNAME:
+    SMTP_USERNAME:
       from_secret: smtp_username
-    PLUGIN_PASSWORD:
+    SMTP_PASSWORD:
       from_secret: smtp_password
-    PLUGIN_FROM:
+  image: docker.io/volkerraschek/drone-email:0.1.1
-      from_secret: smtp_mail_address
-  image: docker.io/drillster/drone-email:latest
   resources:
     limits:
-      cpu: 50
+      cpu: 150
-      memory: 25M
+      memory: 150M
   when:
     status:
     - changed
@@ -42,6 +44,61 @@ trigger:
     exclude:
     - tag
 
+---
+kind: pipeline
+type: docker
+name: dry-run-amd64
+
+depends_on:
+- linter
+
+platform:
+  os: linux
+  arch: amd64
+
+steps:
+- name: build
+  image: docker.io/plugins/docker:latest
+  settings:
+    dockerfile: Dockerfile
+    auto_tag: false
+    dry_run: true
+    tags: latest-amd64
+    repo: volkerraschek/build-image
+    username:
+      from_secret: container_image_registry_user
+    password:
+      from_secret: container_image_registry_password
+    no_cache: true
+
+- name: email-notification
+  environment:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
+      from_secret: smtp_host
+    SMTP_USERNAME:
+      from_secret: smtp_username
+    SMTP_PASSWORD:
+      from_secret: smtp_password
+  image: docker.io/volkerraschek/drone-email:0.1.1
+  when:
+    status:
+    - changed
+    - failure
+
+trigger:
+  branch:
+    exclude:
+    - master
+  event:
+  - pull_request
+  - push
+  repo:
+  - volker.raschek/build-image
+
 ---
 kind: pipeline
 type: docker
@@ -53,7 +110,7 @@ platform:
 
 steps:
 - name: build
-  image: plugins/docker
+  image: docker.io/plugins/docker:latest
   settings:
     dockerfile: Dockerfile
     auto_tag: false
@@ -64,31 +121,25 @@ steps:
     password:
       from_secret: container_image_registry_password
     no_cache: true
-  volumes:
-  - name: docker_socket
-    path: /var/run/docker.sock
 
-- name: notify
+- name: email-notification
-  image: drillster/drone-email
   environment:
-    PLUGIN_HOST:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
       from_secret: smtp_host
-    PLUGIN_USERNAME:
+    SMTP_USERNAME:
       from_secret: smtp_username
-    PLUGIN_PASSWORD:
+    SMTP_PASSWORD:
       from_secret: smtp_password
-    PLUGIN_FROM:
+  image: docker.io/volkerraschek/drone-email:0.1.1
-      from_secret: smtp_mail_address
   when:
     status:
     - changed
     - failure
 
-volumes:
-- name: docker_socket
-  host:
-    path: /var/run/docker.sock
-
 depends_on:
 - linter
 
@@ -106,9 +157,16 @@ kind: pipeline
 type: kubernetes
 name: latest-manifest
 
+depends_on:
+- latest-amd64
+
 steps:
 - name: build-manifest
-  image: plugins/manifest
+  image: docker.io/plugins/manifest:latest
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
   settings:
     auto_tag: false
     ignore_missing: true
@@ -118,29 +176,28 @@ steps:
     password:
       from_secret: container_image_registry_password
 
-- name: notify
+- name: email-notification
-  image: docker.io/drillster/drone-email:latest
   environment:
-    PLUGIN_HOST:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
       from_secret: smtp_host
-    PLUGIN_USERNAME:
+    SMTP_USERNAME:
       from_secret: smtp_username
-    PLUGIN_PASSWORD:
+    SMTP_PASSWORD:
       from_secret: smtp_password
-    PLUGIN_FROM:
+  image: docker.io/volkerraschek/drone-email:0.1.1
-      from_secret: smtp_mail_address
   resources:
     limits:
-      cpu: 50
+      cpu: 150
-      memory: 25M
+      memory: 150M
   when:
     status:
     - changed
     - failure
 
-depends_on:
-- latest-amd64
-
 trigger:
   branch:
   - master
@@ -161,7 +218,7 @@ platform:
 
 steps:
 - name: build
-  image: plugins/docker
+  image: docker.io/plugins/docker:latest
   settings:
     dockerfile: Dockerfile
     auto_tag: true
@@ -172,31 +229,25 @@ steps:
     password:
       from_secret: container_image_registry_password
     no_cache: true
-  volumes:
-  - name: docker_socket
-    path: /var/run/docker.sock
 
-- name: notify
+- name: email-notification
-  image: drillster/drone-email
   environment:
-    PLUGIN_HOST:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
       from_secret: smtp_host
-    PLUGIN_USERNAME:
+    SMTP_USERNAME:
       from_secret: smtp_username
-    PLUGIN_PASSWORD:
+    SMTP_PASSWORD:
       from_secret: smtp_password
-    PLUGIN_FROM:
+  image: docker.io/volkerraschek/drone-email:0.1.1
-      from_secret: smtp_mail_address
   when:
     status:
     - changed
     - failure
 
-volumes:
-- name: docker_socket
-  host:
-    path: /var/run/docker.sock
-
 trigger:
   event:
   - tag
@@ -210,7 +261,11 @@ name: tagged-manifest
 
 steps:
 - name: build-manifest
-  image: plugins/manifest
+  image: docker.io/plugins/manifest:latest
+  resources:
+    limits:
+      cpu: 150
+      memory: 150M
   settings:
     auto_tag: true
     ignore_missing: true
@@ -220,21 +275,23 @@ steps:
     password:
       from_secret: container_image_registry_password
 
-- name: notify
+- name: email-notification
-  image: docker.io/drillster/drone-email:latest
   environment:
-    PLUGIN_HOST:
+    SMTP_FROM_ADDRESS:
+      from_secret: smtp_from_address
+    SMTP_FROM_NAME:
+      from_secret: smtp_from_name
+    SMTP_HOST:
       from_secret: smtp_host
-    PLUGIN_USERNAME:
+    SMTP_USERNAME:
       from_secret: smtp_username
-    PLUGIN_PASSWORD:
+    SMTP_PASSWORD:
       from_secret: smtp_password
-    PLUGIN_FROM:
+  image: docker.io/volkerraschek/drone-email:0.1.1
-      from_secret: smtp_mail_address
   resources:
     limits:
-      cpu: 50
+      cpu: 150
-      memory: 25M
+      memory: 150M
   when:
     status:
     - changed
@@ -248,58 +305,3 @@ trigger:
   - tag
   repo:
   - volker.raschek/build-image
-
----
-kind: pipeline
-type: kubernetes
-name: sync
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-- name: github
-  image: docker.io/appleboy/drone-git-push:latest
-  resources:
-    limits:
-      cpu: 50
-      memory: 25M
-  settings:
-    branch: master
-    remote: ssh://git@github.com/volker-raschek/build-image.git
-    force: true
-    ssh_key:
-      from_secret: ssh_key
-
-- name: email-notification
-  environment:
-    PLUGIN_HOST:
-      from_secret: smtp_host
-    PLUGIN_USERNAME:
-      from_secret: smtp_username
-    PLUGIN_PASSWORD:
-      from_secret: smtp_password
-    PLUGIN_FROM:
-      from_secret: smtp_mail_address
-  image: docker.io/drillster/drone-email:latest
-  resources:
-    limits:
-      cpu: 50
-      memory: 25M
-  when:
-    status:
-    - changed
-    - failure
-
-depends_on:
-- tagged-manifest
-
-trigger:
-  branch:
-  - master
-  event:
-  - cron
-  - push
-  repo:
-  - volker.raschek/build-image

.gitignore

@@ -1 +1,2 @@
-.env
+.env
+test.sh

Dockerfile

@@ -1,25 +1,42 @@
 FROM docker.io/library/archlinux:latest
 
-RUN pacman --sync --refresh --noconfirm --sysupgrade \
+ENV BUILD_USER=build
+
+RUN pacman --sync --refresh --noconfirm --sysupgrade sudo
+
+RUN echo "${BUILD_USER} ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/${BUILD_USER} && \
+    useradd --create-home --home-dir /home/${BUILD_USER} --shell /bin/bash ${BUILD_USER}
+USER ${BUILD_USER}
+
+# execute local files
+COPY installation-scripts /tmp/installation-scripts
+RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do sudo /tmp/installation-scripts/$f; done && \
+    sudo rm --recursive --force /tmp/installation-scripts
+ENV PATH="/home/${BUILD_USER}/.cargo/bin:/${BUILD_USER}/go/bin:${PATH}"
+
+# Install PKGs from public repositories
+RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
       awk \
+      base-devel \
       bash-completion \
       docker \
       gcc \
       git \
+      gnupg \
       go \
       make \
+      openssh \
+      pacman-contrib \
       podman \
+      vim \
       which \
-      zip
+      zip && \
+    sudo rm --recursive --force /var/cache/pacman/pkg/*
 
-# execute local files
+RUN sudo usermod --append --groups docker ${BUILD_USER}
-COPY installation-scripts /tmp/installation-scripts
-RUN for f in {00-pacman-mirror.sh,01-rustup.sh}; do /tmp/installation-scripts/$f; done && \
-    rm --recursive --force /tmp/installation-scripts
-ENV PATH="/root/.cargo/bin:/root/go/bin:${PATH}"
 
-# Install PKGs from own repo
+# Install PKGs from private repositories
-RUN pacman --sync --refresh --noconfirm --sysupgrade \
+RUN sudo pacman --sync --refresh --noconfirm --sysupgrade \
       oracle-instantclient-basic \
       oracle-instantclient-jdbc \
       oracle-instantclient-odbc \
@@ -28,4 +45,11 @@ RUN pacman --sync --refresh --noconfirm --sysupgrade \
       oracle-instantclient-tools \
       rpm-builder
 
-WORKDIR /workspace
+RUN sudo mkdir /workspace && sudo chown ${BUILD_USER}:${BUILD_USER} /workspace
+WORKDIR /workspace
+VOLUME [ "/workspace" ]
+
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
+RUN sudo chmod +x /usr/local/bin/entrypoint.sh
+
+ENTRYPOINT [ "/usr/local/bin/entrypoint.sh" ]

README.md

@@ -4,8 +4,43 @@
 [![Docker Pulls](https://img.shields.io/docker/pulls/volkerraschek/build-image)](https://hub.docker.com/r/volkerraschek/build-image)
 
 This project contains all sources to build the container image
-`docker.io/volkerraschek/build-image`. The primary goal of the image is only
+`docker.io/volkerraschek/build-image`. The primary goal of the image is only to
-to provide an environment to compile source code like go or rust.
+provide an environment to compile source code for `go` or `rust` and package
+compiled binaries as PKG for Arch Linux or as RPM for RHEL based distributions.
+
+## Supported environment variables
+
+### gnupg
+
+#### GNUPG_KEY
+
+Import private gpg key via `GPG_KEY`. The private key must be escaped to import
+the key inside the container image correctly. For example:
+
+```bash
+GPG_FPR=YOUR_GPG_FINGERPRINT
+GPG_KEY=$(gpg --armor --export-secret-keys ${GPG_FPR} | cat -e | sed -e 's/\$/\\n/g' -e 's/^[ \t]*//g')
+```
+
+### makepkg
+
+The `makepkg.conf` configuration is composed from the environment variables with
+the prefix `MAKEPKG_`. Below are some examples:
+
+`MAKEPKG_PACKAGER="Hugo McKinnock <hugo.mckinnock@example.local>"`
+`MAKEPKG_GPGKEY="0123456789"`
+`MAKEPKG_PKGEXT=.pkg.tar.zst"`
+
+### ssh
+
+#### SSH_KEY
+
+Import private ssh key via `SSH_KEY`. The private key must be escaped to import
+the key inside the container image correctly. For example:
+
+```bash
+SSH_KEY=$(cat -e ${HOME}/.ssh/id_rsa | sed -e 's/\$/\\n/g')
+```
 
 ## Usage
 
@@ -22,6 +57,21 @@ $ docker run \
       go build
 ```
 
+### makepkg
+
+With the following example will be an package be build for Arch Linux. Execute
+the commond in the root directory of the project, where the `PKGBUILD` file is
+located.
+
+```bash
+$ docker run \
+    --env MAKEPKG_PACKAGER="Max Mustermann <max.mustermann@example.com" \
+    --rm \
+    --volume ${PWD}:/workspace \
+    volkerraschek/build-image:latest \
+      makepkg
+```
+
 ### rust
 
 If you want to compile instead go rust sourcecode, than you can do it similar to

entrypoint.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+
+IFS=$'\n'
+
+# generate makepkg.conf
+MAKEPKG_ENV_VARS=($(env | sort | grep --perl-regexp '^MAKEPKG_.*'))
+for ENV_VAR in ${MAKEPKG_ENV_VARS[@]}; do
+  KEY=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="1" | sed 's/MAKEPKG_//' | tr '[:lower:]' '[:upper:]')
+  VALUE=$(echo ${ENV_VAR} | cut --delimiter="=" --fields="2-")
+  echo "${KEY}='${VALUE}'" >> ${HOME}/.makepkg.conf
+done
+
+# import gpg key
+if [ ! -z ${GPG_KEY+x} ]; then
+  echo -e ${GPG_KEY} | gpg --import
+
+  # trust gpg key
+  for fpr in $(gpg --list-keys --with-colons | awk -F: '/fpr:/ {print $10}' | sort -u); do
+    echo -e "5\ny\n" | gpg --command-fd 0 --expert --edit-key $fpr trust
+  done
+fi
+
+# add ssh private key
+if [ ! -z ${SSH_KEY+x} ]; then
+  mkdir --parents ${HOME}/.ssh
+  sudo chmod 0700 ${HOME}/.ssh
+  echo -e ${SSH_KEY} > ${HOME}/.ssh/key
+  sudo chmod 0600 ${HOME}/.ssh/key
+  echo -e "Host *\n  IdentityFile ~/.ssh/key\n  StrictHostKeyChecking no\n  UserKnownHostsFile /dev/null\n" > ${HOME}/.ssh/config
+fi
+
+/bin/bash ${@}

installation-scripts/00-pacman-mirror.sh

@@ -2,25 +2,112 @@
 
 set -e
 
-cat > /etc/pacman.d/gnupg/dirmngr.conf <<EOF
-keyserver hkps://hkps.pool.sks-keyservers.net:443
-keyserver hkp://pool.sks-keyservers.net:80
-EOF
-
 # Initialize pacman-key ring
 pacman-key --init
-# pacman-key --refresh-keys
+
+# Trust public gpg keys
+cat <<EOF | pacman-key --add -
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mDMEWeeMUxYJKwYBBAHaRw8BAQdAHveGqBPgokL9W1ocxTcaCR6fKAe7dgSicczH
+HrFqn220K01hcmt1cyBQZXNjaCA8bWFya3VzLnBlc2NoQGNyeXB0aWMuc3lzdGVt
+cz6IkwQTFggAOwIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgBYhBJsUbRGp7Wyn
+4nnrGoUrzBcNgamCBQJaoCk9AhkBAAoJEIUrzBcNgamCfwwBANafiF2GF3qsF+9q
+1RC+MzPFTR6F9mUKHajnEGs65vySAP9bBjDT+RVANKbCT6EQQftZRbxIfOcXd69p
+0s+mAQ/WBYkCHAQQAQoABgUCWpxHfwAKCRC2RgOvF6sy1bxGD/9wcCxbBGwk3GQJ
+/GntnJ3P0lak97oGlsgb6OaudfVs74dyOZMUI+/Sv4PASc/hPNN/CiMcywYxr+cn
+Lvzlelj2ZQ6tItBzYEDGfHTqo/G+KI7Gv9kbWjZJsnOpLGs+t/P6rNLoqt/C6IfA
+cqOYw9n9Em5y/yntxLVFOdRoCMO/gUpUCxK3Meb9D08XCMiTtlHb0C8aII7G7HYx
+9slag/9KmoyOKeeLU98wCk16JDZRoUyVNLlel4FN2Q2hJVnTUlEkpzZ3r1NiYbQY
+fKhcGSGd6bXRrAfV1nQjQ4lopP3MHrBWty7FWcwTjJ6JtX7CLXP3EcPQ4GEvdeC9
+E95uy2RXUIke4Z3rD31trHrJms5OD/koVXaRG6djnTi1sP3LW84ov6F3i0CpTJAW
+rGnk3g2d6MvJLkjWjy+38np6q9YKOzj1LfEtLln4BWKD5XXm8KPVKqJZ8PCFlU7l
+uj4/rZ0Tjp4BNpf7UJXG1FBxxHqs3lF3NoetAYjwnJznZt/jRjMFyUSbLV3VcnJq
+f2X+yYuHeicCG7ONtth+cd1tIct9hiv1IvBkbLyGfvICSlIRbr/iZPEvjS11szya
+2Nh27crcnF73/FZhpj+Kn325+TbwHtf9GD7zdmyF/f/bDiKxGC5b9GFOhdo9r7x/
+lqr+jopEO9MmEE8gxmCiQQA4NK/EL4iQBBMWCAA4FiEEmxRtEantbKfieesahSvM
+Fw2BqYIFAlnnjFMCGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4AACgkQhSvMFw2B
+qYIshwD+KOKPayhyH7yvVSfp4z4+dB4BmrB0FH5z0SAmJFxXVzIA/31rt27l8btm
+a1huIgeTLY+cSPFTq+a7g2fkQNeLDNAHiJkEExYIAEECGwMFCwkIBwIGFQgJCgsC
+BBYCAwECHgECF4ACGQEWIQSbFG0Rqe1sp+J56xqFK8wXDYGpggUCXw8cvQUJCOn3
+agAKCRCFK8wXDYGpgscgAQCFXxilGa5OmPGGwQt8JVvRHRRY//LRsFpB5Qw4u1Vj
+8QEA1VNUNPMNkgfBlyUn6UBhY/qc80gxAt4+Skl3wUsuHQyJAhwEEwEIAAYFAlqg
+/UIACgkQDBj63BJUdWEfoBAAogVI6s50jF+4jE/WhGQugI0adEzfYyYxl/tmY00D
+wQhCNQnIkjynQn6TAhK8omPCXwCx+63hxzU3OWEHDEB85AEmdt7FQxlYCTQQnTn0
+AFX4Y0Zb1eEAgHT1fKJeE9joKk3R2kE6F7HixIVFSUKYVGCuWjDJaCsLUuP8D/HU
+h+G7EwsMWjQLUyh9wA4tXztp3h0VT9u2g9DsEncTDYXi0X9xOrLRJPfiPRo5UIYB
+U7v2Lm8rI1g0rBGqZOLrjJ1wliMs15OsJrZhz/OAS3hb+HAw9mlK8UlfvjoiSjjP
+B4PolgDT3AOPjF9eqr7pXRwlFRF50eAGz636sewXwRg5fa/nm5fCxsC1rqz3t0q6
+QHialS4EFvlS/Ql/hgGbeHJKejtEV9HNyPH4ozs1dVzkwvR08poTIOCr1eIZKZxW
+WstCJlRaIZdjuG470AJkdTPZuW7MOpf4rm4lYqsyO4kKPQ4DqWOZ3EXs8t+ugHeU
+fETXxhyCnhSCZbJNn66k/nL2dJafE9N5iKhkKL1re4S6wrVCsBPhOt9EYF2eo+bP
+lW7lHFr6Z5718IZLKavUTyHG6LJvmNxedculPSdxwc65zOo8RXDLdM5yehRne2L8
+RlNdiDbzokbdhsSplp49B6w93HAlDFX4y4s006tYb+0c7ptSinHCDbOzijv1PkzH
+1AqIkwQTFggAOwIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAIZARYhBJsUbRGp
+7Wyn4nnrGoUrzBcNgamCBQJgZzRFAAoJEIUrzBcNgamC8bcBAIgp9E4yrhlQY83g
+Axho/XENoaWzfild78kQjbs0OqvnAP4gxWXMwPl7T6OXoAEHZi6uPhrcMvy6A/3R
+qk8lt0ZCBYiZBBMWCABBAhsDBQsJCAcCBhUICQoLAgQWAgMBAh4BAheAFiEEmxRt
+EantbKfieesahSvMFw2BqYICGQEFAlqi35kFCQZe7cYACgkQhSvMFw2BqYKI3wEA
+9KG7JPgFbebhnp/6RQQ99g0NRo5jpTQuJNEZ7n9Lu4MA/jrigEytfYKDigpfo8dO
+jFuZRjLgwO6ZilFlWT2LVsYPiKwEExYKAFQCGwMFCwkIBwIGFQgJCgsCBBYCAwEC
+HgECF4ACGQEWIQSbFG0Rqe1sp+J56xqFK8wXDYGpggUCYGmKIhgYaGtwczovL2tl
+eXMub3BlbnBncC5vcmcACgkQhSvMFw2BqYL30gD/SVhkara8KZXSfbZZE2zTmawx
+eHLBLnuRHRaqS/wuWBUA/RDsnf8vX6QpzutoQrQzRYksJRqt+cIPja/VC7A41f8L
+iLgEExYKAGACGwMFCwkIBwIGFQgJCgsCBBYCAwECHgECF4ACGQEWIQSbFG0Rqe1s
+p+J56xqFK8wXDYGpggUCYGl7PCQYaGtwczovL2hrcHMucG9vbC5za3Mta2V5c2Vy
+dmVycy5uZXQACgkQhSvMFw2BqYL5owEAz0m/n/Iao5a25e1DxEi5ySLj3us3fb/0
+ttdBdxv+rE4A+QHIpdpMStQ05zpcW28yv1EMYekgU3k3+XBnTEKkdM4NtCJNYXJr
+dXMgUGVzY2ggPG1hcmt1cy5wZXNjaEB3ZWIuZGU+iJAEExYIADgWIQSbFG0Rqe1s
+p+J56xqFK8wXDYGpggUCWqApOAIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAK
+CRCFK8wXDYGpgjrOAQCNdLA2Aj05SNPwc/RJr3HqP4KBRZ1t/RBft8gBNVO8bAD/
+T5IzEn/EqGLIL57yeoRO4ljvW7SwDln4u6+zNRLCRAmIlgQTFggAPgIbAwULCQgH
+AgYVCgkICwIEFgIDAQIeAQIXgBYhBJsUbRGp7Wyn4nnrGoUrzBcNgamCBQJfDxy9
+BQkI6fdqAAoJEIUrzBcNgamCPAEBAIGFuIhrxntzA1+JjexSkOCbTixYDzROXEH/
+f6K74GphAQCHe223/UusaW6EW4LtnmrmuY/PrwaOjr7mM/3VacGJDYkCHAQTAQgA
+BgUCWqD9QgAKCRAMGPrcElR1YYsPEADH0zUk53OxKXXRp5eYYEdovcZjkkA1H1US
+ndCr7B4IZy4aBi6WmeKlZDLeds7IXee+MlO7yar3AJMkdUZ7fPSxmZ/9hh25X9Cc
+ggrtSK1auLqidaME+3PieX+wfsfsegq1RgwGKHhqSlVRera2tCOm1450wL23AsOD
+pOrNpIbglU3ImxnR2ua/C4lnQp306UncWR5fCUl+3fXRLdbWUSXf8YO7cTBu178G
+usV2r7xm+0wJOMlvqQfZTDdCDz085aq1xmTCFKjz3EFSGw92xGNq3FUOWQJ9YAdl
+4OSnV6qAXiG/kNK5XhQC/MWCmXS9pKfwmMhkuAAJbqfpRweKNThdwxk1P4kmPdRW
+0RUk0gy99ylwBC9mzDmRS6HJ9nbrhmlAt6gTQmgk4CJXvbXxlbT8cRSbJCKpUNXV
+Hn2dICxbwG5i4mOeTTWAue7z60xZkz6uLPM9eLXe9AosVTjGhdzWd19E7Mpa5V1Y
+75zvWHnf0MaDv0lOwQ+MDlFQtXFeeB1VxrgJEnJv1s1xqNRzZhy3/tuZyVoOtS/P
+3gdmOsTtbI96h2TClBzOrIWBv+i6EXlmN+7VjybuqBmMlkmgvgg8aB1S2EZjyxO9
+nTidgM3LQ1O6t2xLyCSOkc0M1lDm6hja7atDvXhkc+PqSt1HTPKM/rWF978u4hWk
+OlCjSu4XxYiQBBMWCAA4AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAFiEEmxRt
+EantbKfieesahSvMFw2BqYIFAmBnNEUACgkQhSvMFw2BqYKexAD+Iu/lsRF/FriP
+sXt2aMCDI/Xqzq5JtrpO/1LAwBGnxVcA/3lLmEn0hKNF2kMxZQ43C/bpv3YzkDWX
+wicCXdDbZpgMiJYEExYIAD4WIQSbFG0Rqe1sp+J56xqFK8wXDYGpggIbAwULCQgH
+AgYVCgkICwIEFgIDAQIeAQIXgAUCWqLfmQUJBl7txgAKCRCFK8wXDYGpgjwZAQCy
+4nLI3GiXf6veug1vtxbF3N9q2fBrkObp31z06bsHBQEA0tkvYB9wUZhCbgqhxcLu
+x7ynkMjg96OlymsN7GZUHwKIqQQTFgoAUQIbAwULCQgHAgYVCgkICwIEFgIDAQIe
+AQIXgBYhBJsUbRGp7Wyn4nnrGoUrzBcNgamCBQJgaYoqGBhoa3BzOi8va2V5cy5v
+cGVucGdwLm9yZwAKCRCFK8wXDYGpgsoIAQCXGGzNRtpNpVwhVwSwFtyQdRe2Z6zc
+AfQuBozn+VLwWgD+MeQyhDWTGU28cnjcruwPWz+0TUj3sD65PyByetgKaAiItQQT
+FgoAXQIbAwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgBYhBJsUbRGp7Wyn4nnrGoUr
+zBcNgamCBQJgaXs8JBhoa3BzOi8vaGtwcy5wb29sLnNrcy1rZXlzZXJ2ZXJzLm5l
+dAAKCRCFK8wXDYGpgk+AAP4zusl21mq/1QZoNa0iJvo51HY+hFHt0H9bkvFkQ8bF
+4gEAu63MHXKM+WPIs6bnDHkuPIOAM0DbdAQKXeeTCfv9SgG4OARZ54xTEgorBgEE
+AZdVAQUBAQdAHbkzpmxX4yzhee+lv2Fb3sOmo1tG+QjNcysWY6BfCRADAQgHiHgE
+GBYIACAWIQSbFG0Rqe1sp+J56xqFK8wXDYGpggUCWeeMUwIbDAAKCRCFK8wXDYGp
+gpNEAP96kt/9lunUsrQKX0WoX/L2Fw7ZjDor5V601YvEw4qtwAD+MAd/S5E7wt4j
+U7p1yl1IV73aoAeCfQ0NPZXax/ZACgGIfgQYFggAJgIbDBYhBJsUbRGp7Wyn4nnr
+GoUrzBcNgamCBQJfDxy9BQkI6fdqAAoJEIUrzBcNgamCElQA/3Esiy4377L4YinY
+ZM8GAcxxeSGvgUB/TmSC1PUoIq96AQDMvKOEwIGXPCjCfb9kxJbDBXgcwLub64CB
+LHKIopNXC4h4BBgWCAAgAhsMFiEEmxRtEantbKfieesahSvMFw2BqYIFAmBnNDMA
+CgkQhSvMFw2BqYIM0AEAld0GcFTk3fyq0G1kmqhdgvnKTdo79awphLdtlKDVOxMA
+/2IMqGbZNVmJrpbwNhfvpNPFDbAH272KsshETynE9DID
+=cbcC
+-----END PGP PUBLIC KEY BLOCK-----
+EOF
 
 # Add additional pacman mirrors
-cat >> /etc/pacman.conf <<EOF
+cat >> /etc/pacman.conf <<'EOF'
 
-[any]
+[volker.raschek]
 SigLevel = Optional TrustAll
-Server = https://aur.cryptic.systems/any/
+Server = https://aur.cryptic.systems/$repo/$arch/
-
-[x86_64]
-SigLevel = Optional TrustAll
-Server = https://aur.cryptic.systems/x86_64/
 
 [oracle]
 SigLevel = Optional TrustAll

renovate.json

@@ -0,0 +1,17 @@
+{
+  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+  "assignees": [ "volker.raschek" ],
+  "automergeStrategy": "merge-commit",
+  "automergeType": "pr",
+  "labels": [ "renovate" ],
+  "packageRules": [
+    {
+      "addLabels": [ "renovate/droneci", "renovate/automerge" ],
+      "automerge": true,
+      "matchManagers": "droneci",
+      "matchUpdateTypes": [ "minor", "patch"]
+    }
+  ],
+  "rebaseLabel": "renovate/rebase",
+  "rebaseWhen": "behind-base-branch"
+}