#!/bin/bash

# Ensure we have the nomarchy-keyring and it's populated
if nomarchy-pkg-missing nomarchy-keyring || ! sudo pacman-key --list-keys 40DFB630FF42BCFFB047046CF0134EE680CAC571 &>/dev/null; then
  sudo pacman-key --recv-keys 40DFB630FF42BCFFB047046CF0134EE680CAC571 --keyserver keys.openpgp.org
  sudo pacman-key --lsign-key 40DFB630FF42BCFFB047046CF0134EE680CAC571

  # This is generally not a good idea, but this is a special case because we're going to be updating
  # the full set of packages in nomarchy-update-system-pkgs right after this (and it needs latest keyring)!
  sudo pacman -Sy
  nomarchy-pkg-add nomarchy-keyring

  sudo pacman-key --list-keys 40DFB630FF42BCFFB047046CF0134EE680CAC571
fi

# Ensure we have the latest archlinux-keyring, maintainer keys might have changed
echo -e "\e[32m\nUpdate Arch signing keys\e[0m"
sudo pacman -Sy --noconfirm archlinux-keyring >/dev/null
