From 8e2b0fa28220bbbbce69a52d6dbf500950fe328b Mon Sep 17 00:00:00 2001
From: Alive4ever <alive4ever@live.com>
Date: Sun, 17 Jul 2016 17:33:21 +0700
Subject: [PATCH] Add a ca_certificates hook

This includes arch_ca_certificates hook on the arch boot image.
---
 etc/archboot/allinone.conf                    |  2 +-
 etc/archboot/default-network.conf             |  2 +-
 etc/archboot/default.conf                     |  2 +-
 usr/lib/initcpio/install/arch_ca_certificates | 22 ++++++++++++++++++++++
 4 files changed, 25 insertions(+), 3 deletions(-)
 create mode 100644 usr/lib/initcpio/install/arch_ca_certificates

diff --git a/etc/archboot/allinone.conf b/etc/archboot/allinone.conf
index c31b03c..bd3f57a 100644
--- a/etc/archboot/allinone.conf
+++ b/etc/archboot/allinone.conf
@@ -18,7 +18,7 @@ arch_openvpn arch_vpnc arch_pptpclient arch_smartmontools arch_licenses arch_wir
 arch_linux_atm arch_netctl arch_fsarchiver arch_vim arch_wipe arch_testdisk arch_ddrescue \
 arch_chntpw arch_weechat arch_nmap arch_tcpdump arch_speedtouch arch_openconnect arch_dnsmasq arch_platform \
 arch_hypervisor arch_dmidecode arch_wiki_lite arch_intel_ucode arch_wvdial \
-arch_usb_modeswitch arch_lockdown-ms arch_prebootloader arch_efivar net"
+arch_usb_modeswitch arch_lockdown-ms arch_prebootloader arch_efivar net arch_ca_certificates"
 
 ### NETWORK SETUP
 # the default install media creating process, uses latest files from svn!
diff --git a/etc/archboot/default-network.conf b/etc/archboot/default-network.conf
index d674d6f..66c4d8d 100644
--- a/etc/archboot/default-network.conf
+++ b/etc/archboot/default-network.conf
@@ -19,7 +19,7 @@ arch_pciutils arch_usbutils arch_openvpn arch_vpnc arch_pptpclient arch_smartmon
 arch_licenses arch_wireless arch_wireless_staging arch_linux_atm arch_netctl arch_fsarchiver \
 arch_addons arch_vim arch_wipe arch_testdisk arch_ddrescue arch_chntpw \
 arch_platform arch_dmidecode arch_wiki_lite arch_intel_ucode arch_wvdial \
-arch_usb_modeswitch arch_lockdown-ms arch_prebootloader arch_efivar net"
+arch_usb_modeswitch arch_lockdown-ms arch_prebootloader arch_efivar net arch_ca_certificates"
 
 ### NETWORK SETUP
 # the default install media creating process, uses latest files from svn!
diff --git a/etc/archboot/default.conf b/etc/archboot/default.conf
index c32ded7..16abf42 100644
--- a/etc/archboot/default.conf
+++ b/etc/archboot/default.conf
@@ -19,7 +19,7 @@ arch_usbutils arch_openvpn arch_vpnc arch_pptpclient arch_smartmontools arch_lic
 arch_wireless_staging arch_linux_atm arch_netctl arch_fsarchiver arch_vim arch_wipe \
 arch_testdisk arch_ddrescue arch_chntpw arch_platform arch_dmidecode arch_wiki_lite \
 arch_intel_ucode arch_wvdial arch_usb_modeswitch \
-arch_lockdown-ms arch_prebootloader arch_efivar net"
+arch_lockdown-ms arch_prebootloader arch_efivar net arch_ca_certificates"
 
 ### NETWORK SETUP
 # the default install media creating process, uses latest files from svn!
diff --git a/usr/lib/initcpio/install/arch_ca_certificates b/usr/lib/initcpio/install/arch_ca_certificates
new file mode 100644
index 0000000..b33d9f9
--- /dev/null
+++ b/usr/lib/initcpio/install/arch_ca_certificates
@@ -0,0 +1,22 @@
+#!/usr/bin/env bash
+
+build ()
+{
+    cafile="tls-ca-bundle.pem"
+    cert="cert.pem"
+    ca_dir="/etc/ca-certificates/extracted"
+    cert_dir="/etc/ssl"
+    add_full_dir "$ca_dir"
+    add_dir "$cert_dir"
+    add_file "${ca_dir}/${cafile}"
+    add_symlink "${cert_dir}/${cert}" "../ca-certificates/extracted/$cafile"
+}
+
+help ()
+{
+cat<<HELPEOF
+  This hook includes a trusted Certificate Authority bundle on an arch
+  boot image.
+HELPEOF
+} 
+
-- 
2.9.0