From d1f27749a9345b3f5134b35262bfc190400fdfd8 Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Fri, 3 Jul 2020 02:04:55 +0800
Subject: [PATCH 1/7] New qrexec calls for interacting with template repos.

See <https://gist.github.com/WillyPillow/b8a643ddbd9235a97bc187e6e44b16e4> for details.
---
 qubes-rpc/qubes.TemplateDownload  |  3 +++
 qubes-rpc/qubes.TemplateSearch    |  3 +++
 qubes-rpc/qvm-template-repo-query | 42 +++++++++++++++++++++++++++++++
 3 files changed, 48 insertions(+)
 create mode 100755 qubes-rpc/qubes.TemplateDownload
 create mode 100755 qubes-rpc/qubes.TemplateSearch
 create mode 100755 qubes-rpc/qvm-template-repo-query

diff --git a/qubes-rpc/qubes.TemplateDownload b/qubes-rpc/qubes.TemplateDownload
new file mode 100755
index 0000000..7f0097b
--- /dev/null
+++ b/qubes-rpc/qubes.TemplateDownload
@@ -0,0 +1,3 @@
+#!/usr/bin/bash
+
+exec /usr/lib/qubes/qvm-template-repo-query download
diff --git a/qubes-rpc/qubes.TemplateSearch b/qubes-rpc/qubes.TemplateSearch
new file mode 100755
index 0000000..fe79b29
--- /dev/null
+++ b/qubes-rpc/qubes.TemplateSearch
@@ -0,0 +1,3 @@
+#!/usr/bin/bash
+
+exec /usr/lib/qubes/qvm-template-repo-query query
diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
new file mode 100755
index 0000000..02060b7
--- /dev/null
+++ b/qubes-rpc/qvm-template-repo-query
@@ -0,0 +1,42 @@
+#!/usr/bin/bash
+
+OPTS=()
+SPEC=
+while IFS= read -r line; do
+    if [ "$line" = "---" ]; then
+        break
+    fi
+    case "$line" in
+        --enablerepo=*|\
+        --disablerepo=*|\
+        --repoid=*|\
+        --repofrompath=*|\
+        --releasever=*)
+            OPTS+=("$line")
+            ;;
+        *)
+            SPEC="$line"
+            ;;
+    esac
+done
+
+repodir=$(mktemp -d)
+cat > "$repodir/template.repo"
+
+OPTS+=("--setopt=reposdir=${repodir}")
+OPTS+=("--quiet")
+
+RET=0
+
+if [ "$1" = "query" ]; then
+    # shellcheck disable=SC2068
+    dnf repoquery ${OPTS[@]} --qf='%{name}:%{epoch}:%{version}:%{release}:%{reponame}:%{downloadsize}:%{summary}' "$SPEC"
+    RET="$?"
+elif [ "$1" = "download" ]; then
+    # shellcheck disable=SC2068
+    curl -L "$(dnf download ${OPTS[@]} --url "$SPEC" | shuf -n 1)" -o -
+    RET="$?"
+fi
+
+rm -r "$repodir"
+exit "$RET"

From 1d65c5ee01868a0c60691e1d684347ace1c7bbac Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Sat, 4 Jul 2020 01:10:24 +0800
Subject: [PATCH 2/7] Remove repofrompath.

---
 qubes-rpc/qvm-template-repo-query | 1 -
 1 file changed, 1 deletion(-)

diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
index 02060b7..d764fc6 100755
--- a/qubes-rpc/qvm-template-repo-query
+++ b/qubes-rpc/qvm-template-repo-query
@@ -10,7 +10,6 @@ while IFS= read -r line; do
         --enablerepo=*|\
         --disablerepo=*|\
         --repoid=*|\
-        --repofrompath=*|\
         --releasever=*)
             OPTS+=("$line")
             ;;

From e91f2eb6f497f6e36f0968eafd45fb7e00e15862 Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Sat, 4 Jul 2020 01:11:53 +0800
Subject: [PATCH 3/7] Fix shell quoting.

---
 qubes-rpc/qvm-template-repo-query | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
index d764fc6..08798dd 100755
--- a/qubes-rpc/qvm-template-repo-query
+++ b/qubes-rpc/qvm-template-repo-query
@@ -28,12 +28,10 @@ OPTS+=("--quiet")
 RET=0
 
 if [ "$1" = "query" ]; then
-    # shellcheck disable=SC2068
-    dnf repoquery ${OPTS[@]} --qf='%{name}:%{epoch}:%{version}:%{release}:%{reponame}:%{downloadsize}:%{summary}' "$SPEC"
+    dnf repoquery "${OPTS[@]}" --qf='%{name}:%{epoch}:%{version}:%{release}:%{reponame}:%{downloadsize}:%{summary}' "$SPEC"
     RET="$?"
 elif [ "$1" = "download" ]; then
-    # shellcheck disable=SC2068
-    curl -L "$(dnf download ${OPTS[@]} --url "$SPEC" | shuf -n 1)" -o -
+    curl -L "$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)" -o -
     RET="$?"
 fi
 

From 686d0d3c120b13424b46c05296125bfab49b0895 Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Wed, 29 Jul 2020 19:35:37 +0800
Subject: [PATCH 4/7] qubes.Template*: Change separator from : to | and include
 additional metadata.

---
 qubes-rpc/qvm-template-repo-query | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
index 08798dd..31ccfde 100755
--- a/qubes-rpc/qvm-template-repo-query
+++ b/qubes-rpc/qvm-template-repo-query
@@ -28,7 +28,7 @@ OPTS+=("--quiet")
 RET=0
 
 if [ "$1" = "query" ]; then
-    dnf repoquery "${OPTS[@]}" --qf='%{name}:%{epoch}:%{version}:%{release}:%{reponame}:%{downloadsize}:%{summary}' "$SPEC"
+    dnf repoquery "${OPTS[@]}" --qf='%{name}|%{epoch}|%{version}|%{release}|%{reponame}|%{downloadsize}|%{buildtime}|%{license}|%{url}|%{summary}|%{description}|' "$SPEC"
     RET="$?"
 elif [ "$1" = "download" ]; then
     curl -L "$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)" -o -

From 9bedf507869995835d08c79071442c651b5f0eec Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Wed, 29 Jul 2020 19:36:12 +0800
Subject: [PATCH 5/7] qubes.Template*: Invoke curl with --silent.

---
 qubes-rpc/qvm-template-repo-query | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
index 31ccfde..affb2c1 100755
--- a/qubes-rpc/qvm-template-repo-query
+++ b/qubes-rpc/qvm-template-repo-query
@@ -31,7 +31,7 @@ if [ "$1" = "query" ]; then
     dnf repoquery "${OPTS[@]}" --qf='%{name}|%{epoch}|%{version}|%{release}|%{reponame}|%{downloadsize}|%{buildtime}|%{license}|%{url}|%{summary}|%{description}|' "$SPEC"
     RET="$?"
 elif [ "$1" = "download" ]; then
-    curl -L "$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)" -o -
+    curl --silent -L "$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)" -o -
     RET="$?"
 fi
 

From b0edd5f2095dc8abcd966bc46200139603a38c53 Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Wed, 29 Jul 2020 19:46:18 +0800
Subject: [PATCH 6/7] qubes.Template*: Add --refresh option and allow DNF cache
 to be used.

---
 qubes-rpc/qvm-template-repo-query | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/qubes-rpc/qvm-template-repo-query b/qubes-rpc/qvm-template-repo-query
index affb2c1..9391649 100755
--- a/qubes-rpc/qvm-template-repo-query
+++ b/qubes-rpc/qvm-template-repo-query
@@ -10,7 +10,8 @@ while IFS= read -r line; do
         --enablerepo=*|\
         --disablerepo=*|\
         --repoid=*|\
-        --releasever=*)
+        --releasever=*|\
+        --refresh)
             OPTS+=("$line")
             ;;
         *)
@@ -25,13 +26,22 @@ cat > "$repodir/template.repo"
 OPTS+=("--setopt=reposdir=${repodir}")
 OPTS+=("--quiet")
 
+# This creates the hashfile if it doesn't exist, and keep the ctime and mtime
+# unchanged otherwise.
+# We then copy the {c,m}time to the repo config.
+# This allows DNF caching to work properly.
+hashfile="/tmp/qvm-template-$(b2sum "$repodir/template.repo" | cut -f1 -d' ')"
+touch -a "$hashfile"
+touch -r "$hashfile" "$repodir/template.repo"
+
 RET=0
 
 if [ "$1" = "query" ]; then
     dnf repoquery "${OPTS[@]}" --qf='%{name}|%{epoch}|%{version}|%{release}|%{reponame}|%{downloadsize}|%{buildtime}|%{license}|%{url}|%{summary}|%{description}|' "$SPEC"
     RET="$?"
 elif [ "$1" = "download" ]; then
-    curl --silent -L "$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)" -o -
+    url="$(dnf download "${OPTS[@]}" --url "$SPEC" | shuf -n 1)"
+    curl --silent -L "$url" -o -
     RET="$?"
 fi
 

From e83408d601e3ad8dbea9053c6739c91ef40e0bf7 Mon Sep 17 00:00:00 2001
From: WillyPillow <wp@nerde.pw>
Date: Tue, 25 Aug 2020 11:09:48 +0800
Subject: [PATCH 7/7] qvm-template: Add qubes.Template{Search,Download} files
 to the package.

---
 debian/qubes-core-agent.install | 3 +++
 qubes-rpc/Makefile              | 6 ++++--
 rpm_spec/core-agent.spec.in     | 3 +++
 3 files changed, 10 insertions(+), 2 deletions(-)

diff --git a/debian/qubes-core-agent.install b/debian/qubes-core-agent.install
index fa4f033..43f90c9 100644
--- a/debian/qubes-core-agent.install
+++ b/debian/qubes-core-agent.install
@@ -35,6 +35,8 @@ etc/qubes-rpc/qubes.VMExec
 etc/qubes-rpc/qubes.VMExecGUI
 etc/qubes-rpc/qubes.WaitForSession
 etc/qubes-rpc/qubes.GetDate
+etc/qubes-rpc/qubes.TemplateSearch
+etc/qubes-rpc/qubes.TemplateDownload
 etc/qubes-suspend-module-blacklist
 etc/qubes/autostart/*
 etc/qubes/applications/*
@@ -147,6 +149,7 @@ usr/lib/qubes/upgrades-status-notify
 usr/lib/qubes/vm-file-editor
 usr/lib/qubes/xdg-icon
 usr/lib/qubes/tinyproxy-wrapper
+usr/lib/qubes/qvm-template-repo-query
 usr/lib/systemd/user/pulseaudio.service.d/30_qubes.conf
 usr/lib/systemd/user/pulseaudio.socket.d/30_qubes.conf
 usr/share/glib-2.0/schemas/*
diff --git a/qubes-rpc/Makefile b/qubes-rpc/Makefile
index 493a24c..3e7f6c3 100644
--- a/qubes-rpc/Makefile
+++ b/qubes-rpc/Makefile
@@ -44,7 +44,7 @@ install:
 	install -t $(DESTDIR)$(QUBESLIBDIR) \
 		prepare-suspend resize-rootfs \
 		qfile-agent qopen-in-vm qrun-in-vm qubes-sync-clock \
-		tar2qfile vm-file-editor xdg-icon
+		tar2qfile vm-file-editor xdg-icon qvm-template-repo-query
 	# Install qfile-unpacker as SUID, because it will fail to receive
 	# files from other vm.
 	install -t $(DESTDIR)$(QUBESLIBDIR) -m 4755 qfile-unpacker
@@ -69,7 +69,9 @@ install:
 		qubes.PostInstall \
 		qubes.GetDate \
 		qubes.ShowInTerminal \
-		qubes.ConnectTCP
+		qubes.ConnectTCP \
+		qubes.TemplateSearch \
+		qubes.TemplateDownload
 	ln -s qubes.VMExec $(DESTDIR)$(QUBESRPCCMDDIR)/qubes.VMExecGUI
 	for config in *.config; do \
 		install -D -m 0644 "$$config" "$(DESTDIR)$(QUBESRPCCONFDIR)/$${config%.config}"; \
diff --git a/rpm_spec/core-agent.spec.in b/rpm_spec/core-agent.spec.in
index f4dd797..b64fe42 100644
--- a/rpm_spec/core-agent.spec.in
+++ b/rpm_spec/core-agent.spec.in
@@ -599,6 +599,8 @@ rm -f %{name}-%{version}
 %config(noreplace) /etc/qubes-rpc/qubes.StartApp
 %config(noreplace) /etc/qubes-rpc/qubes.PostInstall
 %config(noreplace) /etc/qubes-rpc/qubes.GetDate
+%config(noreplace) /etc/qubes-rpc/qubes.TemplateSearch
+%config(noreplace) /etc/qubes-rpc/qubes.TemplateDownload
 %config(noreplace) /etc/qubes/rpc-config/qubes.OpenInVM
 %config(noreplace) /etc/qubes/rpc-config/qubes.OpenURL
 %config(noreplace) /etc/qubes/rpc-config/qubes.SelectFile
@@ -673,6 +675,7 @@ rm -f %{name}-%{version}
 /usr/lib/qubes/qubes-sync-clock
 /usr/lib/qubes/resize-rootfs
 /usr/lib/qubes/tinyproxy-wrapper
+/usr/lib/qubes/qvm-template-repo-query
 /usr/lib/dracut/dracut.conf.d/30-qubes.conf
 %dir /usr/lib/qubes/init
 /usr/lib/qubes/init/bind-dirs.sh