#!/bin/sh
# never run this unless you trust me with your life, and you shouldn't:
# curl --pinnedpubkey 'sha256//eEHQC9au2QRAP1FnvcYEsmvXT7511EXQ2gw8ppBfseM=' https://burtrum.org/aur/aur.sh | sudo bash
set -euxo pipefail
curlb="curl --pinnedpubkey sha256//eEHQC9au2QRAP1FnvcYEsmvXT7511EXQ2gw8ppBfseM="
$curlb https://burtrum.org/aur/aur.key | gpg --import -
# or this: gpg --recv-keys C2D58F05E6597D2C75550D6AC763CC85EC708119
$curlb -O https://burtrum.org/aur/pacman.conf -O https://burtrum.org/aur/pacman.conf.sig
gpg -v pacman.conf.sig
rm pacman.conf.sig
mv pacman.conf /etc/pacman.conf

# remove key if we already have it, ignore errors
pacman-key -d C2D58F05E6597D2C75550D6AC763CC85EC708119 || true

gpg --export C2D58F05E6597D2C75550D6AC763CC85EC708119 | gpg --homedir /etc/pacman.d/gnupg --import - && pacman-key --lsign-key C2D58F05E6597D2C75550D6AC763CC85EC708119
# or this: curl https://burtrum.org/aur/aur.key | gpg --homedir /etc/pacman.d/gnupg --import - && pacman-key --lsign-key C2D58F05E6597D2C75550D6AC763CC85EC708119
# or this: pacman-key -r C2D58F05E6597D2C75550D6AC763CC85EC708119 && pacman-key --lsign-key C2D58F05E6597D2C75550D6AC763CC85EC708119