path: root/config-etckeeper.PKGBUILD

. ${BUILDFILE%/*}/common.sh
pkgver=20160713.2

depends=(etckeeper pristine-etc-keeper)

package() {
cd "$pkgdir"

# [https://www.parabola.nu/packages/community/any/etckeeper/
# etckeeper] is configured to use git (the default) to keep track of
# changes in `/etc`. The systemd unit etckeeper.timer is enabled,
# which makes a commit (if necessary) daily.  It will also run before
# and after pacman via libalpm hooks.
add-unit etc/systemd/system/multi-user.target.wants/etckeeper.timer

# In addition to etckeeper keeping track of the current configuration,
# lukeshu's
# [https://www.parabola.nu/packages/pcr/any/pristine-etc-keeper-git/
# pristine-etc-keeper] maintains a branch of what `/etc` would be like
# if we never made any changes from the default files. The clean
# version of etc is available as the clean remote's master
# branch. Doing a git diff clean/master master should be helpful in
# investigating how things have been configured.
add-unit etc/systemd/system/multi-user.target.wants/pristine-etc-keeper.timer

# The etckeeper update-ignore hook is customized to ignore a couple
# more files in `/etc` (and avoid ignoring `/etc/mtab`).  We ignore
# `resolv.conf` because it is managed by
# [https://www.parabola.nu/packages/core/any/openresolv/
# openresolv/resolvconf].
add-file -m755 etc/etckeeper/update-ignore.d/02custom <<_EOF_
#!/bin/bash
sed -i '/^# end section managed by etckeeper\$/,\$d' .gitignore
cat >> .gitignore <<EOF
# end section managed by etckeeper
!/mtab
/group-
/gshadow-
/passwd-
/shadow-
/.updated
/resolv.conf
EOF
_EOF_

# For files in subdirectories of `/etc`, we use separate `.gitignore`
# files in each directory:
add-file etc/ca-certificates/.gitignore <<EOF
/trust-source/blacklist/
/trust-source/anchors/
/extracted/
EOF
add-file etc/ssl/.gitignore <<EOF
/certs/*.0
/certs/*.1
/certs/*.pem
/certs/java/cacerts
/.ssh/
EOF
add-file etc/udev/.gitignore <<EOF
/hwdb.bin
EOF
add-file etc/pacman.d/.gitignore <<EOF
/gnupg/
EOF

}