@@ -23,7 +23,10 @@ set -e

 #     s3cmd put --acl-public -P hack/install.sh s3://get.docker.com/index

 #

-url='https://get.docker.com/'

+url="https://get.docker.com/"

+apt_url="https://apt.dockerproject.org"

+yum_url="https://yum.dockerproject.org"

+gpg_fingerprint="58118E89F3A912897C070ADBF76221572C52609D"

 command_exists() {

 	command -v "$@" > /dev/null 2>&1

@@ -161,11 +164,13 @@ do_install() {

 	fi

 	# check to see which repo they are trying to install from

-	repo='main'

-	if [ "https://test.docker.com/" = "$url" ]; then

-		repo='testing'

-	elif [ "https://experimental.docker.com/" = "$url" ]; then

-		repo='experimental'

+	if [ -z "$repo" ]; then

+		repo='main'

+		if [ "https://test.docker.com/" = "$url" ]; then

+			repo='testing'

+		elif [ "https://experimental.docker.com/" = "$url" ]; then

+			repo='experimental'

+		fi

 	fi

 	# perform some very rudimentary platform detection

@@ -370,9 +375,9 @@ do_install() {

 			fi

 			(

 			set -x

-			$sh_c "apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D"

+			$sh_c "apt-key adv --keyserver hkp://pool.sks-keyservers.net:80 --recv-keys ${gpg_fingerprint}"

 			$sh_c "mkdir -p /etc/apt/sources.list.d"

-			$sh_c "echo deb [arch=$(dpkg --print-architecture)] https://apt.dockerproject.org/repo ${lsb_dist}-${dist_version} ${repo} > /etc/apt/sources.list.d/docker.list"

+			$sh_c "echo deb [arch=$(dpkg --print-architecture)] ${apt_url}/repo ${lsb_dist}-${dist_version} ${repo} > /etc/apt/sources.list.d/docker.list"

 			$sh_c 'sleep 3; apt-get update; apt-get install -y -q docker-engine'

 			)

 			echo_docker_as_nonroot

@@ -383,10 +388,10 @@ do_install() {

 			$sh_c "cat >/etc/yum.repos.d/docker-${repo}.repo" <<-EOF

 			[docker-${repo}-repo]

 			name=Docker ${repo} Repository

-			baseurl=https://yum.dockerproject.org/repo/${repo}/${lsb_dist}/${dist_version}

+			baseurl=${yum_url}/repo/${repo}/${lsb_dist}/${dist_version}

 			enabled=1

 			gpgcheck=1

-			gpgkey=https://yum.dockerproject.org/gpg

+			gpgkey=${yum_url}/gpg

 			EOF

 			if [ "$lsb_dist" = "fedora" ] && [ "$dist_version" -ge "22" ]; then

 				(

new file mode 100644

@@ -0,0 +1,63 @@

+#!/bin/bash

+set -e

+

+# This script modifies the install.sh script for domains and keys other than

+# those used by the primary opensource releases.

+#

+# You can provide `url`, `yum_url`, `apt_url` and optionally `gpg_fingerprint`

+# or `GPG_KEYID` as environment variables, or the defaults for open source are used.

+#

+# The lower-case variables are substituted into install.sh.

+#

+# gpg_fingerprint and GPG_KEYID are optional, defaulting to the opensource release

+# key ("releasedocker"). Other GPG_KEYIDs will require you to mount a volume with

+# the correct contents to /root/.gnupg.

+#

+# It outputs the modified `install.sh` file to $DOCKER_RELEASE_DIR (default: $DEST)

+#

+# Example usage:

+#

+# docker run \

+# --rm \

+# --privileged \

+# -e "GPG_KEYID=deadbeef" \

+# -e "GNUPGHOME=/root/.gnupg" \

+# -v $HOME/.gnupg:/root/.gnupg \

+# -v $(pwd):/go/src/github.com/docker/docker/bundles \

+# "$IMAGE_DOCKER" \

+# hack/make.sh install-script

+

+: ${DOCKER_RELEASE_DIR:=$DEST}

+: ${GPG_KEYID:=releasedocker}

+

+DEFAULT_URL="https://get.docker.com/"

+DEFAULT_APT_URL="https://apt.dockerproject.org"

+DEFAULT_YUM_URL="https://yum.dockerproject.org"

+DEFAULT_GPG_FINGERPRINT="58118E89F3A912897C070ADBF76221572C52609D"

+

+: ${url:=$DEFAULT_URL}

+: ${apt_url:=$DEFAULT_APT_URL}

+: ${yum_url:=$DEFAULT_YUM_URL}

+if [[ "$GPG_KEYID" == "releasedocker" ]] ; then

+	: ${gpg_fingerprint:=$DEFAULT_GPG_FINGERPRINT}

+fi

+

+DEST_FILE="$DOCKER_RELEASE_DIR/install.sh"

+

+bundle_install_script() {

+	mkdir -p "$DOCKER_RELEASE_DIR"

+

+	if [[ -z "$gpg_fingerprint" ]] ; then

+		# NOTE: if no key matching key is in /root/.gnupg, this will fail

+		gpg_fingerprint=$(gpg --with-fingerprint -k "$GPG_KEYID" | grep "Key fingerprint" | awk -F "=" '{print $2};' | tr -d ' ')

+	fi

+

+	cp hack/install.sh "$DEST_FILE"

+	sed -i.bak 's#^url=".*"$#url="'"$url"'"#' "$DEST_FILE"

+	sed -i.bak 's#^apt_url=".*"$#apt_url="'"$apt_url"'"#' "$DEST_FILE"

+	sed -i.bak 's#^yum_url=".*"$#yum_url="'"$yum_url"'"#' "$DEST_FILE"

+	sed -i.bak 's#^gpg_fingerprint=".*"$#gpg_fingerprint="'"$gpg_fingerprint"'"#' "$DEST_FILE"

+	rm "${DEST_FILE}.bak"

+}

+

+bundle_install_script

@@ -289,7 +289,8 @@ EOF

 # Upload the index script

 release_index() {

 	echo "Releasing index"

-	sed "s,url='https://get.docker.com/',url='$(s3_url)/'," hack/install.sh | write_to_s3 "s3://$BUCKET_PATH/index"

+	url="$(s3_url)" hack/make.sh install-script

+	write_to_s3 "s3://$BUCKET_PATH/index" < "bundles/$VERSION/install-script/install.sh"

 }

 release_test() {