Release 2.5.2

In case if there is .gitignore file with asterics, the pkgbuild upload
would not appear

.bandit-test.yml

@@ -1 +1 @@
-skips: ['B101', 'B105', 'B404']
+skips: ['B101', 'B105', 'B106', 'B404']

.dockerignore

@@ -0,0 +1,14 @@
+.eggs/
+.git/
+.github/
+.idea/
+.mypy_cache/
+.pytest_cache/
+.tox/
+.venv/
+
+*.egg-info/
+__pycache__/
+*.pyc
+*.pyd
+*.pyo

.github/ISSUE_TEMPLATE/01-bug-report.md

@@ -0,0 +1,28 @@
+---
+name: Bug report
+about: Create a report to help us improve
+title: ''
+labels: bug
+assignees: ''
+
+---
+
+## Summary
+
+A clear and concise description of what the bug is.
+
+### Steps to reproduce
+
+Steps to reproduce the behavior (commands, environment etc).
+
+### Expected behavior
+
+A clear and concise description of what you expected to happen.
+
+### Logs
+
+Add logs to help explain your problem. By default, the application writes logs into `/dev/log` which is usually default systemd journal and can be accessed by `journalctl` command.
+
+You can also attach any additional information which can be helpful, e.g. configuration used by the application (be aware of passwords and other secrets if any); it can be generated by using `ahriman config` command.
+
+It is also sometimes useful to have information about installed packages which can be accessed by `ahriman version` command.

.github/ISSUE_TEMPLATE/02-security-report.md

@@ -0,0 +1,20 @@
+---
+name: Security report
+about: Create a report related to security issues
+title: ''
+labels: security
+assignees: ''
+
+---
+
+## Summary
+
+A clear and concise description of what the issue is.
+
+### Steps to reproduce
+
+Steps to reproduce the behavior (commands, environment etc).
+
+### Intended impact
+
+Brief optional description of how this vulnerability can be used and which effects can be achieved. 

.github/ISSUE_TEMPLATE/03-feature-request.md

@@ -13,7 +13,7 @@ Brief description of the feature required
 
 ### Cause of the feature request
 
-A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+A clear and concise description of what the problem is. E.g. I'm always frustrated when [...]
 
 ### Proposed changes and/or features
 

.github/ISSUE_TEMPLATE/bug-report.md

@@ -1,24 +0,0 @@
----
-name: Bug report
-about: Create a report to help us improve
-title: ''
-labels: bug
-assignees: ''
-
----
-
-## Summary
-
-A clear and concise description of what the bug is.
-
-### Steps to Reproduce
-
-Steps to reproduce the behavior (commands, environment etc)
-
-### Expected behavior
-
-A clear and concise description of what you expected to happen.
-
-### Logs
-
-Add logs to help explain your problem. Logs to stderr can be generated by using `--no-log` command line option.

.github/workflows/docker-image.yml

@@ -5,6 +5,7 @@ on:
     branches: [ master ]
     tags:
       - '*'
+      - '!*rc*'
 
 jobs:
   docker-image:

.github/workflows/run-setup.yml

@@ -7,6 +7,22 @@ on:
     branches: [ master ]
 
 jobs:
+  run-setup-minimal:
+
+    runs-on: ubuntu-latest
+
+    container:
+      image: archlinux:latest
+      volumes:
+        - ${{ github.workspace }}:/build
+      options: --privileged -w /build
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - name: setup the minimal service in arch linux container
+        run: .github/workflows/setup.sh minimal
+
   run-setup:
 
     runs-on: ubuntu-latest

.github/workflows/setup.sh

@@ -3,21 +3,25 @@
 
 set -ex
 
+[[ $1 = "minimal" ]] && MINIMAL_INSTALL=1
+
 # install dependencies
 echo -e '[arcanisrepo]\nServer = http://repo.arcanis.me/$arch\nSigLevel = Never' | tee -a /etc/pacman.conf
 # refresh the image
 pacman --noconfirm -Syu
 # main dependencies
-pacman --noconfirm -Sy base-devel devtools git pyalpm python-aur python-passlib python-srcinfo sudo
+pacman --noconfirm -Sy base-devel devtools git pyalpm python-aur python-passlib python-setuptools python-srcinfo sudo
 # make dependencies
 pacman --noconfirm -Sy python-build python-installer python-wheel
 # optional dependencies
-# VCS support
-pacman --noconfirm -Sy breezy darcs mercurial subversion
-# web server
-pacman --noconfirm -Sy python-aioauth-client python-aiohttp python-aiohttp-debugtoolbar python-aiohttp-jinja2 python-aiohttp-security python-aiohttp-session python-cryptography python-jinja
-# additional features
-pacman --noconfirm -Sy gnupg python-boto3 rsync
+if [[ -z $MINIMAL_INSTALL ]]; then
+    # VCS support
+    pacman --noconfirm -Sy breezy darcs mercurial subversion
+    # web server
+    pacman --noconfirm -Sy python-aioauth-client python-aiohttp python-aiohttp-debugtoolbar python-aiohttp-jinja2 python-aiohttp-security python-aiohttp-session python-cryptography python-jinja
+    # additional features
+    pacman --noconfirm -Sy gnupg python-boto3 rsync
+fi
 
 # create fresh tarball
 make VERSION=1.0.0 archlinux  # well, it does not really matter which version we will put here
@@ -33,20 +37,23 @@ systemd-machine-id-setup
 # special thing for the container, because /dev/log interface is not available there
 sed -i "s/handlers = syslog_handler/handlers = console_handler/g" /etc/ahriman.ini.d/logging.ini
 # initial setup command as root
-ahriman -a x86_64 repo-setup --packager "ahriman bot <ahriman@example.com>" --repository "github" --web-port 8080
+[[ -z $MINIMAL_INSTALL ]] && WEB_ARGS=("--web-port" "8080")
+ahriman -a x86_64 repo-setup --packager "ahriman bot <ahriman@example.com>" --repository "github" "${WEB_ARGS[@]}"
 # enable services
 systemctl enable ahriman-web@x86_64
 systemctl enable ahriman@x86_64.timer
-# run web service (detached)
-sudo -u ahriman -- ahriman -a x86_64 web &
-WEBPID=$!
-sleep 15s  # wait for the web service activation
+if [[ -z $MINIMAL_INSTALL ]]; then
+    # run web service (detached)
+    sudo -u ahriman -- ahriman -a x86_64 web &
+    WEB_PID=$!
+    sleep 15s  # wait for the web service activation
+fi
 # add the first package
 # the build itself does not really work in the container
 sudo -u ahriman -- ahriman package-add --now yay
 # check if package was actually installed
-#test -n "$(find "/var/lib/ahriman/repository/x86_64" -name "yay*pkg*")"
+test -n "$(find "/var/lib/ahriman/repository/x86_64" -name "yay*pkg*")"
 # run package check
 sudo -u ahriman -- ahriman repo-update
 # stop web service lol
-kill $WEBPID
+[[ -z $WEB_PID ]] || kill $WEB_PID

.github/workflows/tests.sh

@@ -4,7 +4,7 @@
 set -ex
 
 # install dependencies
-pacman --noconfirm -Syu base-devel python-pip python-tox
+pacman --noconfirm -Syu base-devel python-pip python-setuptools python-tox
 
 # run test and check targets
 make check tests

.gitignore

@@ -97,3 +97,5 @@ ENV/
 status_cache.json
 
 *.db
+
+docs/html/

.pylintrc

@@ -60,17 +60,7 @@ confidence=
 # --enable=similarities". If you want to run only the classes checker, but have
 # no Warning level messages displayed, use "--disable=all --enable=classes
 # --disable=W".
-disable=print-statement,
-        parameter-unpacking,
-        unpacking-in-except,
-        old-raise-syntax,
-        backtick,
-        long-suffix,
-        old-ne-operator,
-        old-octal-literal,
-        import-star-module-level,
-        non-ascii-bytes-literal,
-        raw-checker-failed,
+disable=raw-checker-failed,
         bad-inline-option,
         locally-disabled,
         file-ignored,
@@ -78,67 +68,6 @@ disable=print-statement,
         useless-suppression,
         deprecated-pragma,
         use-symbolic-message-instead,
-        apply-builtin,
-        basestring-builtin,
-        buffer-builtin,
-        cmp-builtin,
-        coerce-builtin,
-        execfile-builtin,
-        file-builtin,
-        long-builtin,
-        raw_input-builtin,
-        reduce-builtin,
-        standarderror-builtin,
-        unicode-builtin,
-        xrange-builtin,
-        coerce-method,
-        delslice-method,
-        getslice-method,
-        setslice-method,
-        no-absolute-import,
-        old-division,
-        dict-iter-method,
-        dict-view-method,
-        next-method-called,
-        metaclass-assignment,
-        indexing-exception,
-        raising-string,
-        reload-builtin,
-        oct-method,
-        hex-method,
-        nonzero-method,
-        cmp-method,
-        input-builtin,
-        round-builtin,
-        intern-builtin,
-        unichr-builtin,
-        map-builtin-not-iterating,
-        zip-builtin-not-iterating,
-        range-builtin-not-iterating,
-        filter-builtin-not-iterating,
-        using-cmp-argument,
-        eq-without-hash,
-        div-method,
-        idiv-method,
-        rdiv-method,
-        exception-message-attribute,
-        invalid-str-codec,
-        sys-max-int,
-        bad-python3-import,
-        deprecated-string-function,
-        deprecated-str-translate-call,
-        deprecated-itertools-function,
-        deprecated-types-field,
-        next-method-defined,
-        dict-items-not-iterating,
-        dict-keys-not-iterating,
-        dict-values-not-iterating,
-        deprecated-operator-function,
-        deprecated-urllib-function,
-        xreadlines-attribute,
-        deprecated-sys-function,
-        exception-escape,
-        comprehension-escape,
         missing-module-docstring,
         line-too-long,
         no-name-in-module,
@@ -153,7 +82,8 @@ disable=print-statement,
         fixme,
         too-many-arguments,
         duplicate-code,
-        cyclic-import
+        cyclic-import,
+        confusing-with-statement,
 
 
 # Enable the message, report, category or checker with the given id(s). You can
@@ -219,7 +149,7 @@ indent-string='    '
 max-line-length=100
 
 # Maximum number of lines in a module.
-max-module-lines=1000
+max-module-lines=400
 
 # Allow the body of a class to be on the same line as the declaration if body
 # contains single statement.

.readthedocs.yaml

@@ -0,0 +1,24 @@
+version: 2
+
+formats:
+  - pdf
+
+build:
+  os: ubuntu-20.04
+  tools:
+    python: "3.10"
+
+sphinx:
+  builder: html
+  configuration: docs/conf.py
+  fail_on_warning: true
+
+python:
+  install:
+    - method: pip
+      path: .
+      extra_requirements:
+        - docs
+        - s3
+        - web
+  system_packages: true

AUTHORS

@@ -1,2 +1,2 @@
-Current developers:
-Evgenii Alekseev aka arcanis <esalexeev (at) gmail (dot) com>
+Current maintainer:
+Evgenii Alekseev <esalexeev (at) gmail (dot) com>

CONTRIBUTING.md

@@ -0,0 +1,68 @@
+# Contributing to ahriman
+
+Welcome to ahriman! The goal of the project is to provide the best user experience to manage Arch linux repositories. In order to follow this we set some limitations for the issue creations and heavily restricted code contribution.
+
+## Create an issue
+
+Basically just follow the suggested templates:
+
+* Bug report requires at least the way to reproduce the issue and behaviour description (expected and actual ones). In order to resolve the bug, the additional questions may be asked, please consider them as lesser evil.
+* Feature requests basically just require feature description and the purpose why do you want this feature to be implemented. It is required to make sure that the feature you want is going to be implemented in the way you really want it (and to make sure that this feature is not already implemented).
+* Questions and discussions have free templates, and you are free to ask your question in the way you want.
+
+## Code contribution
+
+There are some strict limitation for suggested pull requests:
+
+* `autopep8`, `bandit`, `pylint`, `mypy` must pass.
+* Test coverage must remain 100%.
+
+### Code formatting
+
+In order to resolve all difficult cases the `autopep8` is used. You can perform formatting at any time by running `make check` or running `autopep8` command directly.
+
+### Code style
+
+Again, the most checks can be performed by `make check` command, though some additional guidelines must be applied:
+
+* Every class, every function (including private and protected), every attribute must be documented. The project follows [Google style documentation](https://google.github.io/styleguide/pyguide.html). The only exception is local functions.
+* Type annotations are the must, even for local functions.
+* For any path interactions `pathlib.Path` must be used.
+* Configuration interactions must go through `ahriman.core.configuration.Configuration` class instance.
+* In case if class load requires some actions, it is recommended to create class method which can be used for class instantiating.
+* The code must follow the exception safety, unless it is explicitly asked by end user. It means that most exceptions must be handled and printed to log, no other actions must be done (e.g. raising another exception).
+* For the external command `ahriman.core.util.check_output` function must be used.
+* Every temporary file/directory must be removed at the end of processing, no matter what. The `tempfile` module provides good ways to do it.
+* Import order must be the following:
+
+    ```python
+    # optional imports from future module
+    from __future__ import annotations
+
+    # Module import for those which are installed into environment (no matter standard library or not)...
+    import os
+    # ...one per line...
+    import pyalpm
+    # ...in alphabetical order
+    import sys
+
+    # Blank line between
+    # ``from module import submodule`` import
+    from pathlib import Path
+    # ...again in alphabet order. It is possible to do several imports, but make sure that they are also in alphabetical order.
+    from pyalpm import Handle, Package
+
+    # Blank line again and package imports
+    from ahriman.core.configuration import Configuration
+    ```
+
+* One file should define only one class, exception is class satellites in case if file length remains less than 400 lines.
+* It is possible to create file which contains some functions (e.g. `ahriman.core.util`), but in this case you would need to define `__all__` attribute.
+* The file size mentioned above must be applicable in general. In case of big classes consider splitting them into traits. Note, however, that `pylint` includes comments and docstrings into counter, thus you need to check file size by other tools.
+* No global variable is allowed outside of `ahriman.version` module.
+* Single quotes are not allowed. The reason behind this restriction is the fact that docstrings must be written by using double quotes only, and we would like to make style consistent.
+* If your class writes anything to log, the `ahriman.core.log.LazyLogging` trait must be used.
+
+### Other checks
+
+The projects also uses typing checks (provided by `mypy`) and some linter checks provided by `pylint` and `bandit`. Those checks must be passed successfully for any open pull requests.

Dockerfile

@@ -1,4 +1,4 @@
-FROM archlinux:base-devel
+FROM archlinux:base
 
 # image configuration
 ENV AHRIMAN_ARCHITECTURE="x86_64"
@@ -10,27 +10,29 @@ ENV AHRIMAN_PACKAGER="ahriman bot <ahriman@example.com>"
 ENV AHRIMAN_PORT=""
 ENV AHRIMAN_REPOSITORY="aur-clone"
 ENV AHRIMAN_REPOSITORY_ROOT="/var/lib/ahriman/ahriman"
+ENV AHRIMAN_UNIX_SOCKET=""
 ENV AHRIMAN_USER="ahriman"
 
 # install environment
-## install git which is required for AUR interaction and go for yay
-RUN pacman --noconfirm -Syu git go
+## update pacman.conf with multilib
+RUN echo "[multilib]" >> "/etc/pacman.conf" && \
+    echo "Include = /etc/pacman.d/mirrorlist" >> "/etc/pacman.conf"
+## install minimal required packages
+RUN pacman --noconfirm -Syu binutils fakeroot git make sudo
 ## create build user
-RUN useradd -m -d /home/build -s /usr/bin/nologin build && \
-    echo "build ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/build
-## install AUR helper
-RUN YAY_DIR="$(runuser -u build -- mktemp -d)" && \
-    git clone https://aur.archlinux.org/yay.git "$YAY_DIR" && \
-    cd "$YAY_DIR" && \
-    runuser -u build -- makepkg --noconfirm --install && \
-    cd - && rm -r "$YAY_DIR"
+RUN useradd -m -d "/home/build" -s "/usr/bin/nologin" build && \
+    echo "build ALL=(ALL) NOPASSWD: ALL" > "/etc/sudoers.d/build"
+COPY "docker/install-aur-package.sh" "/usr/local/bin/install-aur-package"
 ## install package dependencies
-RUN runuser -u build -- yay --noconfirm -Sy devtools git pyalpm python-inflection python-passlib python-requests python-srcinfo && \
-    runuser -u build -- yay --noconfirm -Sy python-build python-installer python-wheel && \
-    runuser -u build -- yay --noconfirm -Sy breezy darcs mercurial python-aioauth-client python-aiohttp \
-                                            python-aiohttp-debugtoolbar python-aiohttp-jinja2 python-aiohttp-security \
-                                            python-aiohttp-session python-boto3 python-cryptography python-jinja \
-                                            rsync subversion
+## darcs is not installed by reasons, because it requires a lot haskell packages which dramatically increase image size
+RUN pacman --noconfirm -Sy devtools git pyalpm python-inflection python-passlib python-requests python-setuptools python-srcinfo && \
+    pacman --noconfirm -Sy python-build python-installer python-wheel && \
+    pacman --noconfirm -Sy breezy mercurial python-aiohttp python-boto3 python-cryptography python-jinja python-requests-unixsocket rsync subversion && \
+    runuser -u build -- install-aur-package python-aioauth-client python-aiohttp-jinja2 python-aiohttp-debugtoolbar \
+                                            python-aiohttp-session python-aiohttp-security
+
+# cleanup unused
+RUN find "/var/cache/pacman/pkg" -type f -delete
 
 # install ahriman
 ## copy tree
@@ -41,7 +43,7 @@ RUN cd "/home/build/ahriman" && \
     cp ./*-src.tar.xz "package/archlinux" && \
     cd "package/archlinux" && \
     runuser -u build -- makepkg --noconfirm --install --skipchecksums && \
-    cd - && rm -r "/home/build/ahriman"
+    cd / && rm -r "/home/build/ahriman"
 
 VOLUME ["/var/lib/ahriman"]
 
@@ -49,4 +51,4 @@ VOLUME ["/var/lib/ahriman"]
 COPY "docker/entrypoint.sh" "/usr/local/bin/entrypoint"
 ENTRYPOINT ["entrypoint"]
 # default command
-CMD ["repo-update"]
+CMD ["repo-update", "--refresh"]

Makefile

@@ -1,18 +1,15 @@
-.PHONY: architecture archive archive_directory archlinux check clean directory man push tests version
+.PHONY: archive archlinux check clean directory html push specification tests version
 .DEFAULT_GOAL := archlinux
 
 PROJECT := ahriman
 
-FILES := AUTHORS COPYING README.md docs package src setup.py tox.ini web.png
+FILES := AUTHORS CONTRIBUTING.md COPYING Makefile README.md SECURITY.md docs package src setup.py tox.ini web.png
 TARGET_FILES := $(addprefix $(PROJECT)/, $(FILES))
 IGNORE_FILES := package/archlinux src/.mypy_cache
 
 $(TARGET_FILES) : $(addprefix $(PROJECT), %) : $(addprefix ., %) directory version
 	@cp -rp $< $@
 
-architecture:
-	cd src && pydeps ahriman -o ../docs/ahriman-architecture.svg --no-show --cluster
-
 archive: archive_directory
 	tar cJf "$(PROJECT)-$(VERSION)-src.tar.xz" "$(PROJECT)"
 	rm -rf "$(PROJECT)"
@@ -36,16 +33,22 @@ clean:
 directory: clean
 	mkdir "$(PROJECT)"
 
-man:
-	cd src &&  PYTHONPATH=. argparse-manpage --module ahriman.application.ahriman --function _parser --author "ahriman team" --project-name ahriman --author-email "" --url https://github.com/arcan1s/ahriman --output ../docs/ahriman.1
+html: specification
+	rm -rf docs/html
+	tox -e docs-html
 
-push: architecture man archlinux
-	git add package/archlinux/PKGBUILD src/ahriman/version.py docs/ahriman-architecture.svg docs/ahriman.1
+push: specification archlinux
+	git add package/archlinux/PKGBUILD src/ahriman/version.py docs/ahriman-architecture.svg docs/ahriman.1 docs/completions/
 	git commit -m "Release $(VERSION)"
 	git tag "$(VERSION)"
 	git push
 	git push --tags
 
+specification:
+	# make sure that old files are removed
+	find docs -type f -name "$(PROJECT)*.rst" -delete
+	tox -e docs
+
 tests: clean
 	tox -e tests
 
@@ -53,4 +56,4 @@ version:
 ifndef VERSION
 	$(error VERSION is required, but not set)
 endif
-	sed -i '/__version__ = .*/s/[^"][^)]*/__version__ = "$(VERSION)"/' src/ahriman/version.py
+	sed -i 's/^__version__ = .*/__version__ = "$(VERSION)"/' src/ahriman/version.py

README.md

@@ -1,31 +1,41 @@
-# ArcH Linux ReposItory MANager
+# ArcH linux ReposItory MANager
 
 [![tests status](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/run-tests.yml)
 [![setup status](https://github.com/arcan1s/ahriman/actions/workflows/run-setup.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/run-setup.yml)
-[![docker image](https://github.com/arcan1s/ahriman/actions/workflows/docker-image.yml/badge.svg)](https://github.com/arcan1s/ahriman/actions/workflows/docker-image.yml)
+[![Docker Image Version (latest semver)](https://img.shields.io/docker/v/arcan1s/ahriman?label=docker%20image)](https://hub.docker.com/r/arcan1s/ahriman)
 [![CodeFactor](https://www.codefactor.io/repository/github/arcan1s/ahriman/badge)](https://www.codefactor.io/repository/github/arcan1s/ahriman)
+[![Documentation Status](https://readthedocs.org/projects/ahriman/badge/?version=latest)](https://ahriman.readthedocs.io/?badge=latest)
 
 Wrapper for managing custom repository inspired by [repo-scripts](https://github.com/arcan1s/repo-scripts).
 
 ## Features
 
-* Install-configure-forget manager for own repository.
+* Install-configure-forget manager for the very own repository.
 * Multi-architecture support.
-* VCS packages support.
-* Sign support with gpg (repository, package, per package settings).
-* Synchronization to remote services (rsync, s3 and github) and report generation (email, html, telegram).
 * Dependency manager.
+* VCS packages support.
+* Official repository support.
 * Ability to patch AUR packages and even create package from local PKGBUILDs.
+* Sign support with gpg (repository, package, per package settings).
+* Triggers for repository updates, e.g. synchronization to remote services (rsync, s3 and github) and report generation (email, html, telegram).
 * Repository status interface with optional authorization and control options:
 
     ![web interface](web.png)
 
 ## Installation and run
 
-For installation details please refer to the [documentation](docs/setup.md). For command help, `--help` subcommand must be used. Subcommands have own help message as well. The package also provides a [man page](docs/ahriman.1).
+For installation details kindly refer to the [documentation](https://ahriman.readthedocs.io/en/latest/setup.html). For application commands it is possible to get information by using `--help`/`help` command or by using man page ([web version](https://ahriman.readthedocs.io/en/latest/command-line.html)).
 
 ## Configuration
 
-Every available option is described in the [documentation](docs/configuration.md).
+Every available option is described in the [documentation](https://ahriman.readthedocs.io/en/latest/configuration.html).
 
-## [FAQ](docs/faq.md)
+The application provides reasonable defaults which allow to use it out-of-box; however additional steps (like configuring build toolchain and sudoers) are recommended and can be easily achieved by following install instructions.
+
+## [FAQ](https://ahriman.readthedocs.io/en/latest/faq.html)
+
+## Live demos
+
+* [Build status page](https://ahriman-demo.arcanis.me). You can log in as `demo` user by using `demo` password. However, you will not be able to run tasks.
+* [Repository index](http://repo.arcanis.me/x86_64/index.html).
+* [Telegram feed](https://t.me/arcanisrepo).

SECURITY.md

@@ -0,0 +1,9 @@
+# Security Policy
+
+## Supported Versions
+
+The project follows bleeding edge philosophy, thus only the latest version is supported with the exception for release candidates (i.e. tags which are marked with `rc` suffix).
+
+## Reporting a Vulnerability
+
+In the most cases you can report (suspected) security vulnerabilities directly on github by using ["Security report" template](https://github.com/arcan1s/ahriman/issues/new?assignees=&labels=security&template=02-security-report.md&title=). However, if your report could lead to data leak or break the system we kindly ask you to contact [current maintainer](AUTHORS) directly by email.

docker/entrypoint.sh

@@ -4,9 +4,17 @@ set -e
 [ -n "$AHRIMAN_DEBUG" ] && set -x
 
 # configuration tune
-sed -i "s|root = /var/lib/ahriman|root = $AHRIMAN_REPOSITORY_ROOT|g" "/etc/ahriman.ini"
-sed -i "s|database = /var/lib/ahriman/ahriman.db|database = $AHRIMAN_REPOSITORY_ROOT/ahriman.db|g" "/etc/ahriman.ini"
-sed -i "s|host = 127.0.0.1|host = $AHRIMAN_HOST|g" "/etc/ahriman.ini"
+cat <<EOF > "/etc/ahriman.ini.d/00-docker.ini"
+[repository]
+root = $AHRIMAN_REPOSITORY_ROOT
+
+[settings]
+database = $AHRIMAN_REPOSITORY_ROOT/ahriman.db
+
+[web]
+host = $AHRIMAN_HOST
+
+EOF
 sed -i "s|handlers = syslog_handler|handlers = ${AHRIMAN_OUTPUT}_handler|g" "/etc/ahriman.ini.d/logging.ini"
 
 AHRIMAN_DEFAULT_ARGS=("--architecture" "$AHRIMAN_ARCHITECTURE")
@@ -22,18 +30,23 @@ fi
 [ -d "$AHRIMAN_REPOSITORY_ROOT" ] || mkdir "$AHRIMAN_REPOSITORY_ROOT"
 chown "$AHRIMAN_USER":"$AHRIMAN_USER" "$AHRIMAN_REPOSITORY_ROOT"
 
+# create .gnupg directory which is required for keys
+AHRIMAN_GNUPG_HOME="$(getent passwd "$AHRIMAN_USER" | cut -d : -f 6)/.gnupg"
+[ -d "$AHRIMAN_GNUPG_HOME" ] || mkdir -m700 "$AHRIMAN_GNUPG_HOME"
+chown "$AHRIMAN_USER":"$AHRIMAN_USER" "$AHRIMAN_GNUPG_HOME"
+
 # run built-in setup command
 AHRIMAN_SETUP_ARGS=("--build-as-user" "$AHRIMAN_USER")
 AHRIMAN_SETUP_ARGS+=("--packager" "$AHRIMAN_PACKAGER")
 AHRIMAN_SETUP_ARGS+=("--repository" "$AHRIMAN_REPOSITORY")
 if [ -n "$AHRIMAN_PORT" ]; then
-    # in addition it must be handled in docker run command
     AHRIMAN_SETUP_ARGS+=("--web-port" "$AHRIMAN_PORT")
 fi
+if [ -n "$AHRIMAN_UNIX_SOCKET" ]; then
+    AHRIMAN_SETUP_ARGS+=("--web-unix-socket" "$AHRIMAN_UNIX_SOCKET")
+fi
 ahriman "${AHRIMAN_DEFAULT_ARGS[@]}" repo-setup "${AHRIMAN_SETUP_ARGS[@]}"
 
-# refresh database
-runuser -u build -- yay --noconfirm -Syy &> /dev/null
 # create machine-id which is required by build tools
 systemd-machine-id-setup &> /dev/null
 

docker/install-aur-package.sh

@@ -0,0 +1,12 @@
+#!/bin/bash
+
+set -e
+
+for PACKAGE in "$@"; do
+    BUILD_DIR="$(mktemp -d)"
+    git clone https://aur.archlinux.org/"$PACKAGE".git "$BUILD_DIR"
+    cd "$BUILD_DIR"
+    makepkg --noconfirm --install --rmdeps --syncdeps
+    cd /
+    rm -r "$BUILD_DIR"
+done

docs/advanced-usage.rst

@@ -0,0 +1,42 @@
+Advanced usage
+==============
+
+Depending on the goal the package can be used in different ways. Nevertheless, in the most cases you will need some basic classes
+
+.. code-block:: python
+
+   from pathlib import Path
+
+   from ahriman.core.configuration import Configuration
+   from ahriman.core.database import SQLite
+
+   architecture = "x86_64"
+   configuration = Configuration.from_path(Path("/etc/ahriman.ini"), architecture)
+   database = SQLite.load(configuration)
+
+At this point there are ``configuration`` and ``database`` instances which can be used later at any time anywhere, e.g.
+
+.. code-block:: python
+
+   # instance of ``RepositoryPaths`` class
+   paths = configuration.repository_paths
+
+Almost all actions are wrapped by ``ahriman.core.repository.Repository`` class
+
+.. code-block:: python
+
+   from ahriman.core.repository import Repository
+
+   repository = Repository(architecture, configuration, database, report=True, unsafe=False)
+
+And the ``repository`` instance can be used to perform repository maintenance
+
+.. code-block:: python
+
+   build_result = repository.process_build(known_packages)
+   built_packages = repository.packages_built()
+   update_result = repository.process_update(built_packages)
+
+   repository.triggers.on_result(update_result, repository.packages())
+
+For the more info please refer to the classes documentation.

docs/ahriman.application.application.rst

@@ -0,0 +1,45 @@
+ahriman.application.application package
+=======================================
+
+Submodules
+----------
+
+ahriman.application.application.application module
+--------------------------------------------------
+
+.. automodule:: ahriman.application.application.application
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.application.application\_packages module
+------------------------------------------------------------
+
+.. automodule:: ahriman.application.application.application_packages
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.application.application\_properties module
+--------------------------------------------------------------
+
+.. automodule:: ahriman.application.application.application_properties
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.application.application\_repository module
+--------------------------------------------------------------
+
+.. automodule:: ahriman.application.application.application_repository
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.application.application
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.application.handlers.rst

@@ -0,0 +1,221 @@
+ahriman.application.handlers package
+====================================
+
+Submodules
+----------
+
+ahriman.application.handlers.add module
+---------------------------------------
+
+.. automodule:: ahriman.application.handlers.add
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.backup module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.backup
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.clean module
+-----------------------------------------
+
+.. automodule:: ahriman.application.handlers.clean
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.daemon module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.daemon
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.dump module
+----------------------------------------
+
+.. automodule:: ahriman.application.handlers.dump
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.handler module
+-------------------------------------------
+
+.. automodule:: ahriman.application.handlers.handler
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.help module
+----------------------------------------
+
+.. automodule:: ahriman.application.handlers.help
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.key\_import module
+-----------------------------------------------
+
+.. automodule:: ahriman.application.handlers.key_import
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.patch module
+-----------------------------------------
+
+.. automodule:: ahriman.application.handlers.patch
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.rebuild module
+-------------------------------------------
+
+.. automodule:: ahriman.application.handlers.rebuild
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.remove module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.remove
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.remove\_unknown module
+---------------------------------------------------
+
+.. automodule:: ahriman.application.handlers.remove_unknown
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.restore module
+-------------------------------------------
+
+.. automodule:: ahriman.application.handlers.restore
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.search module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.search
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.setup module
+-----------------------------------------
+
+.. automodule:: ahriman.application.handlers.setup
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.shell module
+-----------------------------------------
+
+.. automodule:: ahriman.application.handlers.shell
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.sign module
+----------------------------------------
+
+.. automodule:: ahriman.application.handlers.sign
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.status module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.status\_update module
+--------------------------------------------------
+
+.. automodule:: ahriman.application.handlers.status_update
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.structure module
+---------------------------------------------
+
+.. automodule:: ahriman.application.handlers.structure
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.triggers module
+--------------------------------------------
+
+.. automodule:: ahriman.application.handlers.triggers
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.unsafe\_commands module
+----------------------------------------------------
+
+.. automodule:: ahriman.application.handlers.unsafe_commands
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.update module
+------------------------------------------
+
+.. automodule:: ahriman.application.handlers.update
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.users module
+-----------------------------------------
+
+.. automodule:: ahriman.application.handlers.users
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.versions module
+--------------------------------------------
+
+.. automodule:: ahriman.application.handlers.versions
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.handlers.web module
+---------------------------------------
+
+.. automodule:: ahriman.application.handlers.web
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.application.handlers
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.application.rst

@@ -0,0 +1,38 @@
+ahriman.application package
+===========================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.application.application
+   ahriman.application.handlers
+
+Submodules
+----------
+
+ahriman.application.ahriman module
+----------------------------------
+
+.. automodule:: ahriman.application.ahriman
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.application.lock module
+-------------------------------
+
+.. automodule:: ahriman.application.lock
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.application
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.alpm.remote.rst

@@ -0,0 +1,45 @@
+ahriman.core.alpm.remote package
+================================
+
+Submodules
+----------
+
+ahriman.core.alpm.remote.aur module
+-----------------------------------
+
+.. automodule:: ahriman.core.alpm.remote.aur
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.alpm.remote.official module
+----------------------------------------
+
+.. automodule:: ahriman.core.alpm.remote.official
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.alpm.remote.official\_syncdb module
+------------------------------------------------
+
+.. automodule:: ahriman.core.alpm.remote.official_syncdb
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.alpm.remote.remote module
+--------------------------------------
+
+.. automodule:: ahriman.core.alpm.remote.remote
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.alpm.remote
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.alpm.rst

@@ -0,0 +1,37 @@
+ahriman.core.alpm package
+=========================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.core.alpm.remote
+
+Submodules
+----------
+
+ahriman.core.alpm.pacman module
+-------------------------------
+
+.. automodule:: ahriman.core.alpm.pacman
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.alpm.repo module
+-----------------------------
+
+.. automodule:: ahriman.core.alpm.repo
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.alpm
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.auth.rst

@@ -0,0 +1,45 @@
+ahriman.core.auth package
+=========================
+
+Submodules
+----------
+
+ahriman.core.auth.auth module
+-----------------------------
+
+.. automodule:: ahriman.core.auth.auth
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.auth.helpers module
+--------------------------------
+
+.. automodule:: ahriman.core.auth.helpers
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.auth.mapping module
+--------------------------------
+
+.. automodule:: ahriman.core.auth.mapping
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.auth.oauth module
+------------------------------
+
+.. automodule:: ahriman.core.auth.oauth
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.auth
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.build_tools.rst

@@ -0,0 +1,29 @@
+ahriman.core.build\_tools package
+=================================
+
+Submodules
+----------
+
+ahriman.core.build\_tools.sources module
+----------------------------------------
+
+.. automodule:: ahriman.core.build_tools.sources
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.build\_tools.task module
+-------------------------------------
+
+.. automodule:: ahriman.core.build_tools.task
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.build_tools
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.database.data.rst

@@ -0,0 +1,45 @@
+ahriman.core.database.data package
+==================================
+
+Submodules
+----------
+
+ahriman.core.database.data.package\_remotes module
+--------------------------------------------------
+
+.. automodule:: ahriman.core.database.data.package_remotes
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.data.package\_statuses module
+---------------------------------------------------
+
+.. automodule:: ahriman.core.database.data.package_statuses
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.data.patches module
+-----------------------------------------
+
+.. automodule:: ahriman.core.database.data.patches
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.data.users module
+---------------------------------------
+
+.. automodule:: ahriman.core.database.data.users
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.database.data
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.database.migrations.rst

@@ -0,0 +1,53 @@
+ahriman.core.database.migrations package
+========================================
+
+Submodules
+----------
+
+ahriman.core.database.migrations.m000\_initial module
+-----------------------------------------------------
+
+.. automodule:: ahriman.core.database.migrations.m000_initial
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.migrations.m001\_package\_source module
+-------------------------------------------------------------
+
+.. automodule:: ahriman.core.database.migrations.m001_package_source
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.migrations.m002\_user\_access module
+----------------------------------------------------------
+
+.. automodule:: ahriman.core.database.migrations.m002_user_access
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.migrations.m003\_patch\_variables module
+--------------------------------------------------------------
+
+.. automodule:: ahriman.core.database.migrations.m003_patch_variables
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.migrations.m004\_logs module
+--------------------------------------------------
+
+.. automodule:: ahriman.core.database.migrations.m004_logs
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.database.migrations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.database.operations.rst

@@ -0,0 +1,61 @@
+ahriman.core.database.operations package
+========================================
+
+Submodules
+----------
+
+ahriman.core.database.operations.auth\_operations module
+--------------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.auth_operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.operations.build\_operations module
+---------------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.build_operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.operations.logs\_operations module
+--------------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.logs_operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.operations.operations module
+--------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.operations.package\_operations module
+-----------------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.package_operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.database.operations.patch\_operations module
+---------------------------------------------------------
+
+.. automodule:: ahriman.core.database.operations.patch_operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.database.operations
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.database.rst

@@ -0,0 +1,31 @@
+ahriman.core.database package
+=============================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.core.database.data
+   ahriman.core.database.migrations
+   ahriman.core.database.operations
+
+Submodules
+----------
+
+ahriman.core.database.sqlite module
+-----------------------------------
+
+.. automodule:: ahriman.core.database.sqlite
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.database
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.formatters.rst

@@ -0,0 +1,109 @@
+ahriman.core.formatters package
+===============================
+
+Submodules
+----------
+
+ahriman.core.formatters.aur\_printer module
+-------------------------------------------
+
+.. automodule:: ahriman.core.formatters.aur_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.build\_printer module
+---------------------------------------------
+
+.. automodule:: ahriman.core.formatters.build_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.configuration\_printer module
+-----------------------------------------------------
+
+.. automodule:: ahriman.core.formatters.configuration_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.package\_printer module
+-----------------------------------------------
+
+.. automodule:: ahriman.core.formatters.package_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.patch\_printer module
+---------------------------------------------
+
+.. automodule:: ahriman.core.formatters.patch_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.printer module
+--------------------------------------
+
+.. automodule:: ahriman.core.formatters.printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.status\_printer module
+----------------------------------------------
+
+.. automodule:: ahriman.core.formatters.status_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.string\_printer module
+----------------------------------------------
+
+.. automodule:: ahriman.core.formatters.string_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.tree\_printer module
+--------------------------------------------
+
+.. automodule:: ahriman.core.formatters.tree_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.update\_printer module
+----------------------------------------------
+
+.. automodule:: ahriman.core.formatters.update_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.user\_printer module
+--------------------------------------------
+
+.. automodule:: ahriman.core.formatters.user_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.formatters.version\_printer module
+-----------------------------------------------
+
+.. automodule:: ahriman.core.formatters.version_printer
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.formatters
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.gitremote.rst

@@ -0,0 +1,45 @@
+ahriman.core.gitremote package
+==============================
+
+Submodules
+----------
+
+ahriman.core.gitremote.remote\_pull module
+------------------------------------------
+
+.. automodule:: ahriman.core.gitremote.remote_pull
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.gitremote.remote\_pull\_trigger module
+---------------------------------------------------
+
+.. automodule:: ahriman.core.gitremote.remote_pull_trigger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.gitremote.remote\_push module
+------------------------------------------
+
+.. automodule:: ahriman.core.gitremote.remote_push
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.gitremote.remote\_push\_trigger module
+---------------------------------------------------
+
+.. automodule:: ahriman.core.gitremote.remote_push_trigger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.gitremote
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.log.rst

@@ -0,0 +1,45 @@
+ahriman.core.log package
+========================
+
+Submodules
+----------
+
+ahriman.core.log.filtered\_access\_logger module
+------------------------------------------------
+
+.. automodule:: ahriman.core.log.filtered_access_logger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.log.http\_log\_handler module
+------------------------------------------
+
+.. automodule:: ahriman.core.log.http_log_handler
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.log.lazy\_logging module
+-------------------------------------
+
+.. automodule:: ahriman.core.log.lazy_logging
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.log.log module
+---------------------------
+
+.. automodule:: ahriman.core.log.log
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.log
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.report.rst

@@ -0,0 +1,69 @@
+ahriman.core.report package
+===========================
+
+Submodules
+----------
+
+ahriman.core.report.console module
+----------------------------------
+
+.. automodule:: ahriman.core.report.console
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.email module
+--------------------------------
+
+.. automodule:: ahriman.core.report.email
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.html module
+-------------------------------
+
+.. automodule:: ahriman.core.report.html
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.jinja\_template module
+------------------------------------------
+
+.. automodule:: ahriman.core.report.jinja_template
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.report module
+---------------------------------
+
+.. automodule:: ahriman.core.report.report
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.report\_trigger module
+------------------------------------------
+
+.. automodule:: ahriman.core.report.report_trigger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.report.telegram module
+-----------------------------------
+
+.. automodule:: ahriman.core.report.telegram
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.report
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.repository.rst

@@ -0,0 +1,53 @@
+ahriman.core.repository package
+===============================
+
+Submodules
+----------
+
+ahriman.core.repository.cleaner module
+--------------------------------------
+
+.. automodule:: ahriman.core.repository.cleaner
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.repository.executor module
+---------------------------------------
+
+.. automodule:: ahriman.core.repository.executor
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.repository.repository module
+-----------------------------------------
+
+.. automodule:: ahriman.core.repository.repository
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.repository.repository\_properties module
+-----------------------------------------------------
+
+.. automodule:: ahriman.core.repository.repository_properties
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.repository.update\_handler module
+----------------------------------------------
+
+.. automodule:: ahriman.core.repository.update_handler
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.repository
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.rst

@@ -0,0 +1,73 @@
+ahriman.core package
+====================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.core.alpm
+   ahriman.core.auth
+   ahriman.core.build_tools
+   ahriman.core.database
+   ahriman.core.formatters
+   ahriman.core.gitremote
+   ahriman.core.log
+   ahriman.core.report
+   ahriman.core.repository
+   ahriman.core.sign
+   ahriman.core.status
+   ahriman.core.triggers
+   ahriman.core.upload
+
+Submodules
+----------
+
+ahriman.core.configuration module
+---------------------------------
+
+.. automodule:: ahriman.core.configuration
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.exceptions module
+------------------------------
+
+.. automodule:: ahriman.core.exceptions
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.spawn module
+-------------------------
+
+.. automodule:: ahriman.core.spawn
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.tree module
+------------------------
+
+.. automodule:: ahriman.core.tree
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.util module
+------------------------
+
+.. automodule:: ahriman.core.util
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.sign.rst

@@ -0,0 +1,21 @@
+ahriman.core.sign package
+=========================
+
+Submodules
+----------
+
+ahriman.core.sign.gpg module
+----------------------------
+
+.. automodule:: ahriman.core.sign.gpg
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.sign
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.status.rst

@@ -0,0 +1,37 @@
+ahriman.core.status package
+===========================
+
+Submodules
+----------
+
+ahriman.core.status.client module
+---------------------------------
+
+.. automodule:: ahriman.core.status.client
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.status.watcher module
+----------------------------------
+
+.. automodule:: ahriman.core.status.watcher
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.status.web\_client module
+--------------------------------------
+
+.. automodule:: ahriman.core.status.web_client
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.triggers.rst

@@ -0,0 +1,29 @@
+ahriman.core.triggers package
+=============================
+
+Submodules
+----------
+
+ahriman.core.triggers.trigger module
+------------------------------------
+
+.. automodule:: ahriman.core.triggers.trigger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.triggers.trigger\_loader module
+--------------------------------------------
+
+.. automodule:: ahriman.core.triggers.trigger_loader
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.triggers
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.core.upload.rst

@@ -0,0 +1,61 @@
+ahriman.core.upload package
+===========================
+
+Submodules
+----------
+
+ahriman.core.upload.github module
+---------------------------------
+
+.. automodule:: ahriman.core.upload.github
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.upload.http\_upload module
+---------------------------------------
+
+.. automodule:: ahriman.core.upload.http_upload
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.upload.rsync module
+--------------------------------
+
+.. automodule:: ahriman.core.upload.rsync
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.upload.s3 module
+-----------------------------
+
+.. automodule:: ahriman.core.upload.s3
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.upload.upload module
+---------------------------------
+
+.. automodule:: ahriman.core.upload.upload
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.core.upload.upload\_trigger module
+------------------------------------------
+
+.. automodule:: ahriman.core.upload.upload_trigger
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.core.upload
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.models.rst

@@ -0,0 +1,213 @@
+ahriman.models package
+======================
+
+Submodules
+----------
+
+ahriman.models.action module
+----------------------------
+
+.. automodule:: ahriman.models.action
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.aur\_package module
+----------------------------------
+
+.. automodule:: ahriman.models.aur_package
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.auth\_settings module
+------------------------------------
+
+.. automodule:: ahriman.models.auth_settings
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.build\_status module
+-----------------------------------
+
+.. automodule:: ahriman.models.build_status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.context\_key module
+----------------------------------
+
+.. automodule:: ahriman.models.context_key
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.counters module
+------------------------------
+
+.. automodule:: ahriman.models.counters
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.internal\_status module
+--------------------------------------
+
+.. automodule:: ahriman.models.internal_status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.log\_record\_id module
+-------------------------------------
+
+.. automodule:: ahriman.models.log_record_id
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.migration module
+-------------------------------
+
+.. automodule:: ahriman.models.migration
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.migration\_result module
+---------------------------------------
+
+.. automodule:: ahriman.models.migration_result
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.package module
+-----------------------------
+
+.. automodule:: ahriman.models.package
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.package\_description module
+------------------------------------------
+
+.. automodule:: ahriman.models.package_description
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.package\_source module
+-------------------------------------
+
+.. automodule:: ahriman.models.package_source
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.pkgbuild\_patch module
+-------------------------------------
+
+.. automodule:: ahriman.models.pkgbuild_patch
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.property module
+------------------------------
+
+.. automodule:: ahriman.models.property
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.remote\_source module
+------------------------------------
+
+.. automodule:: ahriman.models.remote_source
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.report\_settings module
+--------------------------------------
+
+.. automodule:: ahriman.models.report_settings
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.repository\_paths module
+---------------------------------------
+
+.. automodule:: ahriman.models.repository_paths
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.result module
+----------------------------
+
+.. automodule:: ahriman.models.result
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.sign\_settings module
+------------------------------------
+
+.. automodule:: ahriman.models.sign_settings
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.smtp\_ssl\_settings module
+-----------------------------------------
+
+.. automodule:: ahriman.models.smtp_ssl_settings
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.upload\_settings module
+--------------------------------------
+
+.. automodule:: ahriman.models.upload_settings
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.user module
+--------------------------
+
+.. automodule:: ahriman.models.user
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.user\_access module
+----------------------------------
+
+.. automodule:: ahriman.models.user_access
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.models.user\_identity module
+------------------------------------
+
+.. automodule:: ahriman.models.user_identity
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.models
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.rst

@@ -0,0 +1,32 @@
+ahriman package
+===============
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.application
+   ahriman.core
+   ahriman.models
+   ahriman.web
+
+Submodules
+----------
+
+ahriman.version module
+----------------------
+
+.. automodule:: ahriman.version
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.middlewares.rst

@@ -0,0 +1,29 @@
+ahriman.web.middlewares package
+===============================
+
+Submodules
+----------
+
+ahriman.web.middlewares.auth\_handler module
+--------------------------------------------
+
+.. automodule:: ahriman.web.middlewares.auth_handler
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.middlewares.exception\_handler module
+-------------------------------------------------
+
+.. automodule:: ahriman.web.middlewares.exception_handler
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web.middlewares
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.rst

@@ -0,0 +1,38 @@
+ahriman.web package
+===================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.web.middlewares
+   ahriman.web.views
+
+Submodules
+----------
+
+ahriman.web.routes module
+-------------------------
+
+.. automodule:: ahriman.web.routes
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.web module
+----------------------
+
+.. automodule:: ahriman.web.web
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.views.rst

@@ -0,0 +1,39 @@
+ahriman.web.views package
+=========================
+
+Subpackages
+-----------
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman.web.views.service
+   ahriman.web.views.status
+   ahriman.web.views.user
+
+Submodules
+----------
+
+ahriman.web.views.base module
+-----------------------------
+
+.. automodule:: ahriman.web.views.base
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.index module
+------------------------------
+
+.. automodule:: ahriman.web.views.index
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web.views
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.views.service.rst

@@ -0,0 +1,69 @@
+ahriman.web.views.service package
+=================================
+
+Submodules
+----------
+
+ahriman.web.views.service.add module
+------------------------------------
+
+.. automodule:: ahriman.web.views.service.add
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.pgp module
+------------------------------------
+
+.. automodule:: ahriman.web.views.service.pgp
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.rebuild module
+----------------------------------------
+
+.. automodule:: ahriman.web.views.service.rebuild
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.remove module
+---------------------------------------
+
+.. automodule:: ahriman.web.views.service.remove
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.request module
+----------------------------------------
+
+.. automodule:: ahriman.web.views.service.request
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.search module
+---------------------------------------
+
+.. automodule:: ahriman.web.views.service.search
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.service.update module
+---------------------------------------
+
+.. automodule:: ahriman.web.views.service.update
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web.views.service
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.views.status.rst

@@ -0,0 +1,45 @@
+ahriman.web.views.status package
+================================
+
+Submodules
+----------
+
+ahriman.web.views.status.logs module
+------------------------------------
+
+.. automodule:: ahriman.web.views.status.logs
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.status.package module
+---------------------------------------
+
+.. automodule:: ahriman.web.views.status.package
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.status.packages module
+----------------------------------------
+
+.. automodule:: ahriman.web.views.status.packages
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.status.status module
+--------------------------------------
+
+.. automodule:: ahriman.web.views.status.status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web.views.status
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/ahriman.web.views.user.rst

@@ -0,0 +1,29 @@
+ahriman.web.views.user package
+==============================
+
+Submodules
+----------
+
+ahriman.web.views.user.login module
+-----------------------------------
+
+.. automodule:: ahriman.web.views.user.login
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+ahriman.web.views.user.logout module
+------------------------------------
+
+.. automodule:: ahriman.web.views.user.logout
+   :members:
+   :no-undoc-members:
+   :show-inheritance:
+
+Module contents
+---------------
+
+.. automodule:: ahriman.web.views.user
+   :members:
+   :no-undoc-members:
+   :show-inheritance:

docs/architecture.md

@@ -1,227 +0,0 @@
-# Package structure
-
-Packages have strict rules of importing:
-
-* `ahriman.application` package must not be used anywhere except for itself.
-* `ahriman.core` and `ahriman.models` packages don't have any import restriction. Actually we would like to totally restrict importing of `core` package from `models`, but it is impossible at the moment.
-* `ahriman.web` package is allowed to be imported from `ahriman.application` (web handler only, only `ahriman.web.web` methods). It also must not be imported globally, only local import is allowed. 
-
-Full dependency diagram:
-
-![architecture](ahriman-architecture.svg)
-
-## `ahriman.application` package
-
-This package contains application (aka executable) related classes and everything for that. It also contains package called `ahriman.application.handlers` in which all available subcommands are described as separated classes derived from base `ahriman.application.handlers.handler.Handler` class.
-
-`ahriman.application.application.application.Application` (god class) is used for any interaction from parsers with repository, web etc. It is divided into multiple traits by functions (package related and repository related) in the same package.
-
-`ahriman.application.ahriman` contains only command line parses and executes specified `Handler` on success, `ahriman.application.lock.Lock` is additional class which provides file-based lock and also performs some common checks.
-
-## `ahriman.core` package
-
-This package contains everything which is required for any time of application run and separated to several packages:
-
-* `ahriman.core.alpm` package controls pacman related functions. It provides wrappers for `pyalpm` library and safe calls for repository tools (`repo-add` and `repo-remove`).
-* `ahriman.core.auth` package provides classes for authorization methods used by web mostly. Base class is `ahriman.core.auth.auth.Auth` which must be called by `load` method.
-* `ahriman.core.build_tools` is a package which provides wrapper for `devtools` commands.
-* `ahriman.core.database` is everything including data and schema migrations for database.
-* `ahriman.core.formatters` package provides `Printer` sub-classes for printing data (e.g. package properties) to stdout which are used by some handlers.
-* `ahriman.core.report` is a package with reporting classes. Usually it must be called by `ahriman.core.report.report.Report.load` method.
-* `ahriman.core.repository` contains several traits and base repository (`ahriman.core.repository.repository.Repository` class) implementation.
-* `ahriman.core.sign` package provides sign feature (only gpg calls are available).
-* `ahriman.core.status` contains helpers and watcher class which are required for web application. Reporter must be initialized by using `ahriman.core.status.client.Client.load` method.
-* `ahriman.core.upload` package provides sync feature, must be called by `ahriman.core.upload.upload.Upload.load` method.
-
-This package also provides some generic functions and classes which may be used by other packages:
-
-* `ahriman.core.configuration.Configuration` is an extension for standard `configparser` library.
-* `ahriman.core.exceptions` provides custom exceptions.
-* `ahriman.core.spawn.Spawn` is a tool which can spawn another `ahriman` process. This feature is used by web application.
-* `ahriman.core.tree` is a dependency tree implementation.
-
-## `ahriman.models` package
-
-It provides models for any other part of application. Unlike `ahriman.core` package classes from here provides only conversion methods (e.g. create class from another or convert to). Mostly case classes and enumerations.
-
-## `ahriman.web` package
-
-Web application. It is important that this package is isolated from any other to allow it to be optional feature (i.e. dependencies which are required by the package are optional).
-
-* `ahriman.web.middlewares` provides middlewares for request handlers.
-* `ahriman.web.views` contains web views derived from aiohttp view class.
-* `ahriman.web.routes` creates routes for web application.
-* `ahriman.web.web` provides main web application functions (e.g. start, initialization).
-
-# Application run
-
-* Parse command line arguments, find command and related handler which is set by parser.
-* Call `Handler.execute` method.
-* Define list of architectures to run. In case if there is more than one architecture specified run several subprocesses or process in current process otherwise. Class attribute `ALLOW_MULTI_ARCHITECTURE_RUN` controls whether application can be run in multiple processes or not - this feature is required for some handlers (e.g. `Web`) which should be able to spawn child process in daemon mode (it is impossible to do for daemonic processes).
-* In each child process call lock functions.
-* After success checks pass control to `Handler.run` method defined by specific handler class.
-* Return result (success or failure) of each subprocess and exit from application.
-* Some handlers may override their status and throw `ExitCode` exception. This exception is just silently suppressed and changes application exit code to `1`.
-
-In most cases handlers spawn god class `ahriman.application.application.Application` class and call required methods.
-
-Application is designed to run from `systemd` services and provides parametrized by architecture timer and service file for that.
-
-# Database
-
-The service uses SQLite database in order to store some internal info.
-
-## Database instance
-
-All methods related to specific part of database (basically operations per table) are split into different traits located inside `ahriman.core.database.operations` package. The base trait `ahriman.core.database.operations.operations.Operations` also provides generic methods for database access (e.g. row converters and transactional support).
-
-The `ahriman.core.database.sqlite.SQLite` class itself derives from all of these traits and implements methods for initialization, including migrations.
-
-## Schema and data migrations
-
-The schema migration are applied according to current `pragma user_info` values, located at `ahriman.core.database.migrations` package and named as `m000_migration_name.py` (the preceding `m` is required in order to import migration content for tests). Additional class `ahriman.core.database.migrations.Migrations` reads all migrations autmatically and applies them in alphabetical order.
-
-There are also data migrations which are located at `ahriman.core.database.data` package and move data from old-style (e.g. json files in filesystem, directory trees, etc) to the database. They are also part of migration and (unlike schema migrations) are applied only at specific version breakpoints (e.g. if `user_version` is more than 0 no initial migration will be applied).
-
-## Type conversions
-
-By default, it parses rows into python dictionary. In addition, the following pseudo-types are supported:
-
-* `Dict[str, Any]`, `List[Any]` - for storing JSON data structures in database (technically there is no restriction on types for dictionary keys and values, but it is recommended to use only string keys). The type is stored as `json` datatype and `json.loads` and `json.dumps` methods are used in order to read and write from/to database respectively.
-
-# Basic flows
-
-## Add new packages or rebuild existing
-
-Idea is to copy package to the directory from which it will be handled at the next update run. Different variants are supported:
-
-* If supplied argument is file then application moves the file to the directory with built packages. Same rule applies for directory, but in this case it copies every package-like file from the specified directory.
-* If supplied argument is directory and there is `PKGBUILD` file there it will be treated as local package. In this case it will queue this package to build and copy source files (`PKGBUILD` and `.SRCINFO`) to caches.
-* If supplied argument iis not file then application tries to lookup for the specified name in AUR and clones it into the directory with manual updates. This scenario can also handle package dependencies which are missing in repositories.
-
-This logic can be overwritten by specifying the `source` parameter, which is partially useful if you would like to add package from AUR, but there is local directory cloned from AUR.
-
-## Rebuild packages
-
-Same as add function for every package in repository. Optional filter by reverse dependency can be supplied.
-
-## Remove packages
-
-This flow removes package from filesystem, updates repository database and also runs synchronization and reporting methods.
-
-## Update packages
-
-This feature is divided into to stages: check AUR for updates and run rebuild for required packages. Whereas check does not do anything except for check itself, update flow is the following:
-
-1. Process every built package first. Those packages are usually added manually.
-2. Run sync and report methods.
-3. Generate dependency tree for packages to be built.
-4. For each level of tree it does:
-   1. Download package data from AUR.
-   2. Build every package in clean chroot.
-   3. Sign packages if required.
-   4. Add packages to database and sign database if required.
-   5. Process sync and report methods.
-
-After any step any package data is being removed.
-
-# Core functions reference
-
-## Configuration 
-
-`ahriman.core.configuration.Configuration` class provides some additional methods (e.g. `getpath` and `getlist`) and also combines multiple files into single configuration dictionary using architecture overrides. It is the recommended way to deal with settings.
-
-## Utils
-
-For every external command run (which is actually not recommended if possible) custom wrapper for `subprocess` is used. Additional functions `ahriman.core.auth.helpers` provide safe calls for `aiohttp_security` methods and are required to make this dependency optional.
-
-## Submodules
-
-Some packages provide different behaviour depending on configuration settings. In these cases inheritance is used and recommended way to deal with them is to call class method `load` from base classes.
-
-## Authorization
-
-The package provides several authorization methods: disabled, based on configuration and OAuth2. 
-
-Disabled (default) authorization provider just allows everything for everyone and does not have any specific configuration (it uses some default configuration parameters though). It also provides generic interface for derived classes.
-
-Mapping (aka configuration) provider uses hashed passwords with salt from the database in order to authenticate users. This provider also enables user permission checking (read/write) (authorization). Thus, it defines the following methods:
-
-* `check_credentials` - user password validation (authentication).
-* `verify_access` - user permission validation (authorization).
-
-Passwords must be stored in database as `hash(password + salt)`, where `password` is user defined password (taken from user input), `salt` is random string (any length) defined globally in configuration and `hash` is secure hash function. Thus, the following configuration
-
-```csv
-"username","password","access"
-"username","$6$rounds=656000$mWBiecMPrHAL1VgX$oU4Y5HH8HzlvMaxwkNEJjK13ozElyU1wAHBoO/WW5dAaE4YEfnB0X3FxbynKMl4FBdC3Ovap0jINz4LPkNADg0","read"
-```
-
-means that there is user `username` with `read` access and password `password` hashed by `sha512` with salt `salt`.
-
-OAuth provider uses library definitions (`aioauth-client`) in order _authenticate_ users. It still requires user permission to be set in database, thus it inherits mapping provider without any changes. Whereas we could override `check_credentials` (authentication method) by something custom, OAuth flow is a bit more complex than just forward request, thus we have to implement the flow in login form.
-
-OAuth's implementation also allows authenticating users via username + password (in the same way as mapping does) though it is not recommended for end-users and password must be left blank. In particular this feature is used by service reporting (aka robots).
-
-In order to configure users there are special commands.
-
-## Remote synchronization
-
-There are several supported synchronization providers, currently they are `rsync`, `s3`, `github`. 
-
-`rsync` provider does not have any specific logic except for running external rsync application with configured arguments. The service does not handle SSH configuration, thus it has to be configured before running application manually.
-
-`s3` provider uses `boto3` package and implements sync feature. The files are stored in architecture directory (e.g. if bucket is `repository`, packages will be stored in `repository/x86_64` for the `x86_64` architecture), bucket must be created before any action and API key must have permissions to write to the bucket. No external configuration required. In order to upload only changed files the service compares calculated hashes with the Amazon ETags, used realization is described [here](https://teppen.io/2018/10/23/aws_s3_verify_etags/). 
-
-`github` provider authenticates through basic auth, API key with repository write permissions is required. There will be created a release with the name of the architecture in case if it does not exist; files will be uploaded to the release assets. It also stores array of files and their MD5 checksums in release body in order to upload only changed ones. According to the Github API in case if there is already uploaded asset with the same name (e.g. database files), asset will be removed first.
-
-## Additional features
-
-Some features require optional dependencies to be installed:
-
-* Version control executables (e.g. `git`, `svn`) for VCS packages.
-* `gnupg` application for package and repository sign feature.
-* `rsync` application for rsync based repository sync.
-* `boto3` python package for `S3` sync.
-* `Jinja2` python package for HTML report generation (it is also used by web application).
-
-# Web application
-
-Web application requires the following python packages to be installed:
-
-* Core part requires `aiohttp` (application itself), `aiohttp_jinja2` and `Jinja2` (HTML generation from templates).
-* In addition, `aiohttp_debugtoolbar` is required for debug panel. Please note that this option does not work together with authorization and basically must not be used in production.
-* In addition, authorization feature requires `aiohttp_security`, `aiohttp_session` and `cryptography`.
-* In addition to base authorization dependencies, OAuth2 also requires `aioauth-client` library.
-
-## Middlewares
-
-Service provides some custom middlewares, e.g. logging every exception (except for user ones) and user authorization.
-
-## Web views
-
-All web views are defined in separated package and derived from `ahriman.web.views.base.Base` class which provides typed interfaces for web application. 
-
-REST API supports both form and JSON data, but the last one is recommended. 
-
-Different APIs are separated into different packages:
-
-* `ahriman.web.views.service` provides views for application controls.
-* `ahriman.web.views.status` package provides REST API for application reporting.
-* `ahriman.web.views.user` package provides login and logout methods which can be called without authorization.
-
-## Templating
-
-Package provides base jinja templates which can be overridden by settings. Vanilla templates are actively using bootstrap library.
-
-## Requests and scopes
-
-Service provides optional authorization which can be turned on in settings. In order to control user access there are two levels of authorization - read-only (only GET-like requests) and write (anything) which are provided by each web view directly.
-
-If this feature is configured any request will be prohibited without authentication. In addition, configuration flag `auth.safe_build_status` can be used in order to allow seeing main page without authorization.
-
-For authenticated users it uses encrypted session cookies to store tokens; encryption key is generated each time at the start of the application. It also stores expiration time of the session inside.
-
-## External calls
-
-Web application provides external calls to control main service. It spawns child process with specific arguments and waits for its termination. This feature must be used either with authorization or in safe (i.e. when status page is not available world-wide) environment.

docs/architecture.rst

@@ -0,0 +1,296 @@
+Architecture
+============
+
+Package structure
+-----------------
+
+Packages have strict rules of importing:
+
+* ``ahriman.application`` package must not be used anywhere except for itself.
+* ``ahriman.core`` and ``ahriman.models`` packages don't have any import restriction. Actually we would like to totally restrict importing of ``core`` package from ``models``, but it is impossible at the moment.
+* ``ahriman.web`` package is allowed to be imported from ``ahriman.application`` (web handler only, only ``ahriman.web.web`` methods). It also must not be imported globally, only local import is allowed. 
+
+Full dependency diagram:
+
+.. image:: ahriman-architecture.svg
+   :target: _images/ahriman-architecture.svg
+   :alt: architecture
+
+``ahriman.application`` package
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This package contains application (aka executable) related classes and everything for that. It also contains package called ``ahriman.application.handlers`` in which all available subcommands are described as separated classes derived from base ``ahriman.application.handlers.Handler`` class.
+
+``ahriman.application.application.Application`` (god class) is used for any interaction from parsers with repository. It is divided into multiple traits by functions (package related and repository related) in the same package.
+
+``ahriman.application.ahriman`` contains only command line parses and executes specified ``Handler`` on success, ``ahriman.application.lock.Lock`` is additional class which provides file-based lock and also performs some common checks.
+
+``ahriman.core`` package
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+This package contains everything required for the most of application actions and it is separated into several packages:
+
+* ``ahriman.core.alpm`` package controls pacman related functions. It provides wrappers for ``pyalpm`` library and safe calls for repository tools (``repo-add`` and ``repo-remove``). Also this package contains ``ahriman.core.alpm.remote`` package which provides wrapper for remote sources (e.g. AUR RPC and official repositories RPC).
+* ``ahriman.core.auth`` package provides classes for authorization methods used by web mostly. Base class is ``ahriman.core.auth.Auth`` which must be called by ``load`` method.
+* ``ahriman.core.build_tools`` is a package which provides wrapper for ``devtools`` commands.
+* ``ahriman.core.database`` is everything including data and schema migrations for database.
+* ``ahriman.core.formatters`` package provides ``Printer`` sub-classes for printing data (e.g. package properties) to stdout which are used by some handlers.
+* ``ahriman.core.gitremote`` is a package with remote PKGBUILD triggers. Should not be called directly.
+* ``ahriman.core.log`` is a log utils package. It includes logger loader class, custom HTTP based logger and access logger for HTTP services with additional filters.
+* ``ahriman.core.report`` is a package with reporting triggers. Should not be called directly.
+* ``ahriman.core.repository`` contains several traits and base repository (``ahriman.core.repository.Repository`` class) implementation.
+* ``ahriman.core.sign`` package provides sign feature (only gpg calls are available).
+* ``ahriman.core.status`` contains helpers and watcher class which are required for web application. Reporter must be initialized by using ``ahriman.core.status.client.Client.load`` method.
+* ``ahriman.core.triggers`` package contains base trigger classes. Classes from this package must be imported in order to implement user extensions. In fact, ``ahriman.core.report`` and ``ahriman.core.upload`` use this package.
+* ``ahriman.core.upload`` package provides sync feature, should not be called directly.
+
+This package also provides some generic functions and classes which may be used by other packages:
+
+* ``ahriman.core.configuration.Configuration`` is an extension for standard ``configparser`` library.
+* ``ahriman.core.exceptions`` provides custom exceptions.
+* ``ahriman.core.spawn.Spawn`` is a tool which can spawn another ``ahriman`` process. This feature is used by web application.
+* ``ahriman.core.tree`` is a dependency tree implementation.
+
+``ahriman.models`` package
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+It provides models for any other part of application. Unlike ``ahriman.core`` package classes from here provide only conversion methods (e.g. create class from another or convert to). Mostly case classes and enumerations.
+
+``ahriman.web`` package
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Web application. It is important that this package is isolated from any other to allow it to be optional feature (i.e. dependencies which are required by the package are optional).
+
+* ``ahriman.web.middlewares`` provides middlewares for request handlers.
+* ``ahriman.web.views`` contains web views derived from aiohttp view class.
+* ``ahriman.web.routes`` creates routes for web application.
+* ``ahriman.web.web`` provides main web application functions (e.g. start, initialization).
+
+Application run
+---------------
+
+* Parse command line arguments, find command and related handler which is set by parser.
+* Call ``Handler.execute`` method.
+* Define list of architectures to run. In case if there is more than one architecture specified run several subprocesses or process in current process otherwise. Class attribute ``ALLOW_MULTI_ARCHITECTURE_RUN`` controls whether application can be run in multiple processes or not - this feature is required for some handlers (e.g. ``Web``) which should be able to spawn child process in daemon mode (it is impossible to do from daemonic processes).
+* In each child process call lock functions.
+* After success checks pass control to ``Handler.run`` method defined by specific handler class.
+* Return result (success or failure) of each subprocess and exit from application.
+* Some handlers may override their status and throw ``ExitCode`` exception. This exception is just silently suppressed and changes application exit code to ``1``.
+
+In the most cases handlers spawn god class ``ahriman.application.application.Application`` class and call required methods.
+
+Application is designed to run from ``systemd`` services and provides parametrized by architecture timer and service file for that.
+
+Database
+--------
+
+The service uses SQLite database in order to store some internal info.
+
+Database instance
+^^^^^^^^^^^^^^^^^
+
+All methods related to specific part of database (basically operations per table) are split into different traits located inside ``ahriman.core.database.operations`` package. The base trait ``ahriman.core.database.operations.Operations`` also provides generic methods for database access (e.g. row converters and transactional support).
+
+The ``ahriman.core.database.SQLite`` class itself derives from all of these traits and implements methods for initialization, including migrations.
+
+Schema and data migrations
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+The schema migration are applied according to current ``pragma user_info`` values, located at ``ahriman.core.database.migrations`` package and named as ``m000_migration_name.py`` (the preceding ``m`` is required in order to import migration content for tests). Additional class ``ahriman.core.database.migrations.Migrations`` reads all migrations automatically and applies them in alphabetical order.
+
+There are also data migrations which are located at ``ahriman.core.database.data`` package and move data from old-style (e.g. json files in filesystem, directory trees, etc) to the database. They are also part of migration and (unlike schema migrations) are applied only at specific version breakpoints (e.g. if ``user_version`` is more than 0 no initial migration will be applied).
+
+Type conversions
+^^^^^^^^^^^^^^^^
+
+By default, it parses rows into python dictionary. In addition, the following pseudo-types are supported:
+
+* ``Dict[str, Any]``, ``List[Any]`` - for storing JSON data structures in database (technically there is no restriction on types for dictionary keys and values, but it is recommended to use only string keys). The type is stored as ``json`` data type and ``json.loads`` and ``json.dumps`` methods are used in order to read and write from/to database respectively.
+
+Basic flows
+-----------
+
+Add new packages or rebuild existing
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Idea is to copy package to the directory from which it will be handled at the next update run. Different variants are supported:
+
+* If supplied argument is file then application moves the file to the directory with built packages. Same rule applies for directory, but in this case it copies every package-like file from the specified directory.
+* If supplied argument is directory and there is ``PKGBUILD`` file there it will be treated as local package. In this case it will queue this package to build and copy source files (``PKGBUILD`` and ``.SRCINFO``) to caches.
+* If supplied argument is not file then application tries to lookup for the specified name in AUR and clones it into the directory with manual updates. This scenario can also handle package dependencies which are missing in repositories.
+
+This logic can be overwritten by specifying the ``source`` parameter, which is partially useful if you would like to add package from AUR, but there is local directory cloned from AUR.
+
+Rebuild packages
+^^^^^^^^^^^^^^^^
+
+Same as add function for every package in repository. Optional filter by reverse dependency can be supplied.
+
+Remove packages
+^^^^^^^^^^^^^^^
+
+This flow removes package from filesystem, updates repository database and also runs synchronization and reporting methods.
+
+Update packages
+^^^^^^^^^^^^^^^
+
+This feature is divided into to stages: check AUR for updates and run rebuild for required packages. Whereas check does not do anything except for check itself, update flow is the following:
+
+#. Process every built package first. Those packages are usually added manually.
+#. Run sync and report methods.
+#. Generate dependency tree for packages to be built.
+#. For each level of tree it does:
+
+   #. Download package data from AUR.
+   #. Build every package in clean chroot.
+   #. Sign packages if required.
+   #. Add packages to database and sign database if required.
+   #. Process triggers.
+
+After any step any package data is being removed.
+
+Core functions reference
+------------------------
+
+Configuration
+^^^^^^^^^^^^^
+
+``ahriman.core.configuration.Configuration`` class provides some additional methods (e.g. ``getpath`` and ``getlist``) and also combines multiple files into single configuration dictionary using architecture overrides. It is the recommended way to deal with settings.
+
+Enumerations
+^^^^^^^^^^^^
+
+All enumerations are derived from ``str`` and ``enum.Enum``. Integer enumerations are not allowed, because most of operations require conversions from string variable. Derivation from string class is required to make json conversions implicitly (e.g. during calling ``json.dumps`` methods).
+
+In addition, some enumerations provide ``from_option`` class methods in order to allow some flexibility while reading configuration options.
+
+Utils
+^^^^^
+
+For every external command run (which is actually not recommended if possible) custom wrapper for ``subprocess`` is used. Additional functions ``ahriman.core.auth.helpers`` provide safe calls for ``aiohttp_security`` methods and are required to make this dependency optional.
+
+Context variables
+^^^^^^^^^^^^^^^^^
+
+Package provides implicit global variables which can be accessed from ``ahriman.core`` package as ``context`` variable, wrapped by ``contextvars.ContextVar`` class. The value of the variable is defaulting to private ``_Context`` class which is defined in the same module. The default values - such as ``database`` and ``sign`` - are being set on the service initialization.
+
+The ``_Context`` class itself mimics default collection interface (as is Mapping) and can be modified by ``_Context.set`` method. The stored variables can be achieved by ``_Context.get`` method, which is unlike default ``Mapping`` interface also performs type and presence checks.
+
+In order to provide statically typed interface, the ``ahriman.models.context_key.ContextKey`` class is used for both ``_Content.get`` and ``_Content.set`` methods; the context instance itself, however, does not store information about types.
+
+Submodules
+^^^^^^^^^^
+
+Some packages provide different behaviour depending on configuration settings. In these cases inheritance is used and recommended way to deal with them is to call class method ``load`` from base classes.
+
+Authorization
+^^^^^^^^^^^^^
+
+The package provides several authorization methods: disabled, based on configuration and OAuth2. 
+
+Disabled (default) authorization provider just allows everything for everyone and does not have any specific configuration (it uses some default configuration parameters though). It also provides generic interface for derived classes.
+
+Mapping (aka configuration) provider uses hashed passwords with salt from the database in order to authenticate users. This provider also enables user permission checking (read/write) (authorization). Thus, it defines the following methods:
+
+* ``check_credentials`` - user password validation (authentication).
+* ``verify_access`` - user permission validation (authorization).
+
+Passwords must be stored in database as ``hash(password + salt)``, where ``password`` is user defined password (taken from user input), ``salt`` is random string (any length) defined globally in configuration and ``hash`` is secure hash function. Thus, the following configuration
+
+.. code-block::
+
+   "username","password","access"
+   "username","$6$rounds=656000$mWBiecMPrHAL1VgX$oU4Y5HH8HzlvMaxwkNEJjK13ozElyU1wAHBoO/WW5dAaE4YEfnB0X3FxbynKMl4FBdC3Ovap0jINz4LPkNADg0","read"
+
+means that there is user ``username`` with ``read`` access and password ``password`` hashed by ``sha512`` with salt ``salt``.
+
+OAuth provider uses library definitions (``aioauth-client``) in order *authenticate* users. It still requires user permission to be set in database, thus it inherits mapping provider without any changes. Whereas we could override ``check_credentials`` (authentication method) by something custom, OAuth flow is a bit more complex than just forward request, thus we have to implement the flow in login form.
+
+OAuth's implementation also allows authenticating users via username + password (in the same way as mapping does) though it is not recommended for end-users and password must be left blank. In particular this feature can be used by service reporting (aka robots).
+
+In addition, web service checks the source socket used. In case if it belongs to ``socket.AF_UNIX`` family, it will skip any furher checks considering the request to be performed in safe environment (e.g. on the same physical machine). This feature, in particular is being used by the reporter instances in case if socket address is set in configuration.
+
+In order to configure users there are special commands.
+
+Triggers
+^^^^^^^^
+
+Triggers are extensions which can be used in order to perform any actions on application start, after the update process and, finally, before the application exit.
+
+The main idea is to load classes by their full path (e.g. ``ahriman.core.upload.UploadTrigger``) by using ``importlib``: get the last part of the import and treat it as class name, join remain part by ``.`` and interpret as module path, import module and extract attribute from it.
+
+The loaded triggers will be called with ``ahriman.models.result.Result`` and ``List[Packages]`` arguments, which describes the process result and current repository packages respectively. Any exception raised will be suppressed and will generate an exception message in logs.
+
+In addition triggers can implement ``on_start`` and ``on_stop`` actions which will be called on the application start and right before the application exit. The ``on_start`` action is usually being called from handlers directly in order to make sure that no trigger will be run when it is not required (e.g. on user management). As soon as ``on_start`` action is called, the additional flag will be set; ``ahriman.core.triggers.TriggerLoader`` class implements ``__del__`` method in which, if the flag is set, the ``on_stop`` actions will be called.
+
+For more details how to deal with the triggers, refer to :doc:`documentation <triggers>` and modules descriptions.
+
+Remote synchronization
+^^^^^^^^^^^^^^^^^^^^^^
+
+There are several supported synchronization providers, currently they are ``rsync``, ``s3``, ``github``.
+
+``rsync`` provider does not have any specific logic except for running external rsync application with configured arguments. The service does not handle SSH configuration, thus it has to be configured before running application manually.
+
+``s3`` provider uses ``boto3`` package and implements sync feature. The files are stored in architecture directory (e.g. if bucket is ``repository``, packages will be stored in ``repository/x86_64`` for the ``x86_64`` architecture), bucket must be created before any action and API key must have permissions to write to the bucket. No external configuration required. In order to upload only changed files the service compares calculated hashes with the Amazon ETags, used realization is described `here <https://teppen.io/2018/10/23/aws_s3_verify_etags/>`_.
+
+``github`` provider authenticates through basic auth, API key with repository write permissions is required. There will be created a release with the name of the architecture in case if it does not exist; files will be uploaded to the release assets. It also stores array of files and their MD5 checksums in release body in order to upload only changed ones. According to the Github API in case if there is already uploaded asset with the same name (e.g. database files), asset will be removed first.
+
+Additional features
+^^^^^^^^^^^^^^^^^^^
+
+Some features require optional dependencies to be installed:
+
+* Version control executables (e.g. ``git``, ``svn``) for VCS packages.
+* ``gnupg`` application for package and repository sign feature.
+* ``rsync`` application for rsync based repository sync.
+* ``boto3`` python package for ``S3`` sync.
+* ``Jinja2`` python package for HTML report generation (it is also used by web application).
+
+Web application
+---------------
+
+Web application requires the following python packages to be installed:
+
+* Core part requires ``aiohttp`` (application itself), ``aiohttp_jinja2`` and ``Jinja2`` (HTML generation from templates).
+* In addition, ``aiohttp_debugtoolbar`` is required for debug panel. Please note that this option does not work together with authorization and basically must not be used in production.
+* In addition, authorization feature requires ``aiohttp_security``, ``aiohttp_session`` and ``cryptography``.
+* In addition to base authorization dependencies, OAuth2 also requires ``aioauth-client`` library.
+* In addition if you would like to disable authorization for local access (recommended way in order to run the application itself with reporting support), the ``requests-unixsocket`` library is required.
+
+Middlewares
+^^^^^^^^^^^
+
+Service provides some custom middlewares, e.g. logging every exception (except for user ones) and user authorization.
+
+Web views
+^^^^^^^^^
+
+All web views are defined in separated package and derived from ``ahriman.web.views.base.Base`` class which provides typed interfaces for web application. 
+
+REST API supports both form and JSON data, but the last one is recommended. 
+
+Different APIs are separated into different packages:
+
+* ``ahriman.web.views.service`` provides views for application controls.
+* ``ahriman.web.views.status`` package provides REST API for application reporting.
+* ``ahriman.web.views.user`` package provides login and logout methods which can be called without authorization.
+
+Templating
+^^^^^^^^^^
+
+Package provides base jinja templates which can be overridden by settings. Vanilla templates are actively using bootstrap library.
+
+Requests and scopes
+^^^^^^^^^^^^^^^^^^^
+
+Service provides optional authorization which can be turned on in settings. In order to control user access there are two levels of authorization - read-only (only GET-like requests) and write (anything) which are provided by each web view directly.
+
+If this feature is configured any request will be prohibited without authentication. In addition, configuration flag ``auth.allow_read_only`` can be used in order to allow read-only operations - reading index page and packages - without authorization.
+
+For authenticated users it uses encrypted session cookies to store tokens; encryption key is generated each time at the start of the application. It also stores expiration time of the session inside.
+
+External calls
+^^^^^^^^^^^^^^
+
+Web application provides external calls to control main service. It spawns child process with specific arguments and waits for its termination. This feature must be used either with authorization or in safe (i.e. when status page is not available world-wide) environment.

docs/command-line.rst

@@ -0,0 +1,10 @@
+Commands reference
+==================
+
+ahriman
+-------
+
+.. argparse::
+   :module: ahriman.application.ahriman
+   :func: _parser
+   :prog: ahriman

docs/completions/bash/_ahriman

@@ -0,0 +1,484 @@
+# AUTOMATICALLY GENERATED by `shtab`
+
+_shtab_ahriman_subparsers=('aur-search' 'search' 'daemon' 'help' 'help-commands-unsafe' 'key-import' 'package-add' 'add' 'package-update' 'package-remove' 'remove' 'package-status' 'status' 'package-status-remove' 'package-status-update' 'status-update' 'patch-add' 'patch-list' 'patch-remove' 'patch-set-add' 'repo-backup' 'repo-check' 'check' 'repo-clean' 'clean' 'repo-config' 'config' 'repo-rebuild' 'rebuild' 'repo-remove-unknown' 'remove-unknown' 'repo-report' 'report' 'repo-restore' 'repo-setup' 'init' 'repo-init' 'setup' 'repo-sign' 'sign' 'repo-status-update' 'repo-sync' 'sync' 'repo-tree' 'repo-triggers' 'repo-update' 'update' 'shell' 'user-add' 'user-list' 'user-remove' 'version' 'web')
+
+_shtab_ahriman_option_strings=('-h' '--help' '-a' '--architecture' '-c' '--configuration' '--force' '-l' '--lock' '--report' '--no-report' '-q' '--quiet' '--unsafe' '-V' '--version')
+_shtab_ahriman_aur_search_option_strings=('-h' '--help' '-e' '--exit-code' '--info' '--no-info' '--sort-by')
+_shtab_ahriman_search_option_strings=('-h' '--help' '-e' '--exit-code' '--info' '--no-info' '--sort-by')
+_shtab_ahriman_daemon_option_strings=('-h' '--help' '-i' '--interval' '--aur' '--no-aur' '--local' '--no-local' '--manual' '--no-manual' '--vcs' '--no-vcs' '-y' '--refresh')
+_shtab_ahriman_help_option_strings=('-h' '--help')
+_shtab_ahriman_help_commands_unsafe_option_strings=('-h' '--help' '--command')
+_shtab_ahriman_key_import_option_strings=('-h' '--help' '--key-server')
+_shtab_ahriman_package_add_option_strings=('-h' '--help' '-e' '--exit-code' '-n' '--now' '-y' '--refresh' '-s' '--source' '--without-dependencies')
+_shtab_ahriman_add_option_strings=('-h' '--help' '-e' '--exit-code' '-n' '--now' '-y' '--refresh' '-s' '--source' '--without-dependencies')
+_shtab_ahriman_package_update_option_strings=('-h' '--help' '-e' '--exit-code' '-n' '--now' '-y' '--refresh' '-s' '--source' '--without-dependencies')
+_shtab_ahriman_package_remove_option_strings=('-h' '--help')
+_shtab_ahriman_remove_option_strings=('-h' '--help')
+_shtab_ahriman_package_status_option_strings=('-h' '--help' '--ahriman' '-e' '--exit-code' '--info' '--no-info' '-s' '--status')
+_shtab_ahriman_status_option_strings=('-h' '--help' '--ahriman' '-e' '--exit-code' '--info' '--no-info' '-s' '--status')
+_shtab_ahriman_package_status_remove_option_strings=('-h' '--help')
+_shtab_ahriman_package_status_update_option_strings=('-h' '--help' '-s' '--status')
+_shtab_ahriman_status_update_option_strings=('-h' '--help' '-s' '--status')
+_shtab_ahriman_patch_add_option_strings=('-h' '--help')
+_shtab_ahriman_patch_list_option_strings=('-h' '--help' '-e' '--exit-code' '-v' '--variable')
+_shtab_ahriman_patch_remove_option_strings=('-h' '--help' '-v' '--variable')
+_shtab_ahriman_patch_set_add_option_strings=('-h' '--help' '-t' '--track')
+_shtab_ahriman_repo_backup_option_strings=('-h' '--help')
+_shtab_ahriman_repo_check_option_strings=('-h' '--help' '-e' '--exit-code' '--vcs' '--no-vcs' '-y' '--refresh')
+_shtab_ahriman_check_option_strings=('-h' '--help' '-e' '--exit-code' '--vcs' '--no-vcs' '-y' '--refresh')
+_shtab_ahriman_repo_clean_option_strings=('-h' '--help' '--cache' '--no-cache' '--chroot' '--no-chroot' '--manual' '--no-manual' '--packages' '--no-packages' '--pacman' '--no-pacman')
+_shtab_ahriman_clean_option_strings=('-h' '--help' '--cache' '--no-cache' '--chroot' '--no-chroot' '--manual' '--no-manual' '--packages' '--no-packages' '--pacman' '--no-pacman')
+_shtab_ahriman_repo_config_option_strings=('-h' '--help')
+_shtab_ahriman_config_option_strings=('-h' '--help')
+_shtab_ahriman_repo_rebuild_option_strings=('-h' '--help' '--depends-on' '--dry-run' '--from-database' '-e' '--exit-code')
+_shtab_ahriman_rebuild_option_strings=('-h' '--help' '--depends-on' '--dry-run' '--from-database' '-e' '--exit-code')
+_shtab_ahriman_repo_remove_unknown_option_strings=('-h' '--help' '--dry-run')
+_shtab_ahriman_remove_unknown_option_strings=('-h' '--help' '--dry-run')
+_shtab_ahriman_repo_report_option_strings=('-h' '--help')
+_shtab_ahriman_report_option_strings=('-h' '--help')
+_shtab_ahriman_repo_restore_option_strings=('-h' '--help' '-o' '--output')
+_shtab_ahriman_repo_setup_option_strings=('-h' '--help' '--build-as-user' '--build-command' '--from-configuration' '--makeflags-jobs' '--no-makeflags-jobs' '--multilib' '--no-multilib' '--packager' '--repository' '--sign-key' '--sign-target' '--web-port' '--web-unix-socket')
+_shtab_ahriman_init_option_strings=('-h' '--help' '--build-as-user' '--build-command' '--from-configuration' '--makeflags-jobs' '--no-makeflags-jobs' '--multilib' '--no-multilib' '--packager' '--repository' '--sign-key' '--sign-target' '--web-port' '--web-unix-socket')
+_shtab_ahriman_repo_init_option_strings=('-h' '--help' '--build-as-user' '--build-command' '--from-configuration' '--makeflags-jobs' '--no-makeflags-jobs' '--multilib' '--no-multilib' '--packager' '--repository' '--sign-key' '--sign-target' '--web-port' '--web-unix-socket')
+_shtab_ahriman_setup_option_strings=('-h' '--help' '--build-as-user' '--build-command' '--from-configuration' '--makeflags-jobs' '--no-makeflags-jobs' '--multilib' '--no-multilib' '--packager' '--repository' '--sign-key' '--sign-target' '--web-port' '--web-unix-socket')
+_shtab_ahriman_repo_sign_option_strings=('-h' '--help')
+_shtab_ahriman_sign_option_strings=('-h' '--help')
+_shtab_ahriman_repo_status_update_option_strings=('-h' '--help' '-s' '--status')
+_shtab_ahriman_repo_sync_option_strings=('-h' '--help')
+_shtab_ahriman_sync_option_strings=('-h' '--help')
+_shtab_ahriman_repo_tree_option_strings=('-h' '--help')
+_shtab_ahriman_repo_triggers_option_strings=('-h' '--help')
+_shtab_ahriman_repo_update_option_strings=('-h' '--help' '--dry-run' '-e' '--exit-code' '--aur' '--no-aur' '--local' '--no-local' '--manual' '--no-manual' '--vcs' '--no-vcs' '-y' '--refresh')
+_shtab_ahriman_update_option_strings=('-h' '--help' '--dry-run' '-e' '--exit-code' '--aur' '--no-aur' '--local' '--no-local' '--manual' '--no-manual' '--vcs' '--no-vcs' '-y' '--refresh')
+_shtab_ahriman_shell_option_strings=('-h' '--help')
+_shtab_ahriman_user_add_option_strings=('-h' '--help' '-p' '--password' '-r' '--role' '-s' '--secure')
+_shtab_ahriman_user_list_option_strings=('-h' '--help' '-e' '--exit-code' '-r' '--role')
+_shtab_ahriman_user_remove_option_strings=('-h' '--help')
+_shtab_ahriman_version_option_strings=('-h' '--help')
+_shtab_ahriman_web_option_strings=('-h' '--help')
+
+
+
+_shtab_ahriman_pos_0_choices=('aur-search' 'search' 'daemon' 'help' 'help-commands-unsafe' 'key-import' 'package-add' 'add' 'package-update' 'package-remove' 'remove' 'package-status' 'status' 'package-status-remove' 'package-status-update' 'status-update' 'patch-add' 'patch-list' 'patch-remove' 'patch-set-add' 'repo-backup' 'repo-check' 'check' 'repo-clean' 'clean' 'repo-config' 'config' 'repo-rebuild' 'rebuild' 'repo-remove-unknown' 'remove-unknown' 'repo-report' 'report' 'repo-restore' 'repo-setup' 'init' 'repo-init' 'setup' 'repo-sign' 'sign' 'repo-status-update' 'repo-sync' 'sync' 'repo-tree' 'repo-triggers' 'repo-update' 'update' 'shell' 'user-add' 'user-list' 'user-remove' 'version' 'web')
+_shtab_ahriman_aur_search___sort_by_choices=('description' 'first_submitted' 'id' 'last_modified' 'maintainer' 'name' 'num_votes' 'out_of_date' 'package_base' 'package_base_id' 'popularity' 'repository' 'url' 'url_path' 'version')
+_shtab_ahriman_search___sort_by_choices=('description' 'first_submitted' 'id' 'last_modified' 'maintainer' 'name' 'num_votes' 'out_of_date' 'package_base' 'package_base_id' 'popularity' 'repository' 'url' 'url_path' 'version')
+_shtab_ahriman_package_add__s_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_package_add___source_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_add__s_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_add___source_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_package_update__s_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_package_update___source_choices=('auto' 'archive' 'aur' 'directory' 'local' 'remote' 'repository')
+_shtab_ahriman_package_status__s_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_package_status___status_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_status__s_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_status___status_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_package_status_update__s_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_package_status_update___status_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_status_update__s_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_status_update___status_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_repo_setup___sign_target_choices=('disabled' 'packages' 'repository')
+_shtab_ahriman_init___sign_target_choices=('disabled' 'packages' 'repository')
+_shtab_ahriman_repo_init___sign_target_choices=('disabled' 'packages' 'repository')
+_shtab_ahriman_setup___sign_target_choices=('disabled' 'packages' 'repository')
+_shtab_ahriman_repo_status_update__s_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_repo_status_update___status_choices=('unknown' 'pending' 'building' 'failed' 'success')
+_shtab_ahriman_user_add__r_choices=('unauthorized' 'read' 'reporter' 'full')
+_shtab_ahriman_user_add___role_choices=('unauthorized' 'read' 'reporter' 'full')
+_shtab_ahriman_user_list__r_choices=('unauthorized' 'read' 'reporter' 'full')
+_shtab_ahriman_user_list___role_choices=('unauthorized' 'read' 'reporter' 'full')
+
+_shtab_ahriman_pos_0_nargs=A...
+_shtab_ahriman__h_nargs=0
+_shtab_ahriman___help_nargs=0
+_shtab_ahriman___force_nargs=0
+_shtab_ahriman___report_nargs=0
+_shtab_ahriman___no_report_nargs=0
+_shtab_ahriman__q_nargs=0
+_shtab_ahriman___quiet_nargs=0
+_shtab_ahriman___unsafe_nargs=0
+_shtab_ahriman__V_nargs=0
+_shtab_ahriman___version_nargs=0
+_shtab_ahriman_aur_search_pos_0_nargs=+
+_shtab_ahriman_aur_search__h_nargs=0
+_shtab_ahriman_aur_search___help_nargs=0
+_shtab_ahriman_aur_search__e_nargs=0
+_shtab_ahriman_aur_search___exit_code_nargs=0
+_shtab_ahriman_aur_search___info_nargs=0
+_shtab_ahriman_aur_search___no_info_nargs=0
+_shtab_ahriman_search_pos_0_nargs=+
+_shtab_ahriman_search__h_nargs=0
+_shtab_ahriman_search___help_nargs=0
+_shtab_ahriman_search__e_nargs=0
+_shtab_ahriman_search___exit_code_nargs=0
+_shtab_ahriman_search___info_nargs=0
+_shtab_ahriman_search___no_info_nargs=0
+_shtab_ahriman_daemon__h_nargs=0
+_shtab_ahriman_daemon___help_nargs=0
+_shtab_ahriman_daemon___aur_nargs=0
+_shtab_ahriman_daemon___no_aur_nargs=0
+_shtab_ahriman_daemon___local_nargs=0
+_shtab_ahriman_daemon___no_local_nargs=0
+_shtab_ahriman_daemon___manual_nargs=0
+_shtab_ahriman_daemon___no_manual_nargs=0
+_shtab_ahriman_daemon___vcs_nargs=0
+_shtab_ahriman_daemon___no_vcs_nargs=0
+_shtab_ahriman_daemon__y_nargs=0
+_shtab_ahriman_daemon___refresh_nargs=0
+_shtab_ahriman_help__h_nargs=0
+_shtab_ahriman_help___help_nargs=0
+_shtab_ahriman_help_commands_unsafe__h_nargs=0
+_shtab_ahriman_help_commands_unsafe___help_nargs=0
+_shtab_ahriman_key_import__h_nargs=0
+_shtab_ahriman_key_import___help_nargs=0
+_shtab_ahriman_package_add_pos_0_nargs=+
+_shtab_ahriman_package_add__h_nargs=0
+_shtab_ahriman_package_add___help_nargs=0
+_shtab_ahriman_package_add__e_nargs=0
+_shtab_ahriman_package_add___exit_code_nargs=0
+_shtab_ahriman_package_add__n_nargs=0
+_shtab_ahriman_package_add___now_nargs=0
+_shtab_ahriman_package_add__y_nargs=0
+_shtab_ahriman_package_add___refresh_nargs=0
+_shtab_ahriman_package_add___without_dependencies_nargs=0
+_shtab_ahriman_add_pos_0_nargs=+
+_shtab_ahriman_add__h_nargs=0
+_shtab_ahriman_add___help_nargs=0
+_shtab_ahriman_add__e_nargs=0
+_shtab_ahriman_add___exit_code_nargs=0
+_shtab_ahriman_add__n_nargs=0
+_shtab_ahriman_add___now_nargs=0
+_shtab_ahriman_add__y_nargs=0
+_shtab_ahriman_add___refresh_nargs=0
+_shtab_ahriman_add___without_dependencies_nargs=0
+_shtab_ahriman_package_update_pos_0_nargs=+
+_shtab_ahriman_package_update__h_nargs=0
+_shtab_ahriman_package_update___help_nargs=0
+_shtab_ahriman_package_update__e_nargs=0
+_shtab_ahriman_package_update___exit_code_nargs=0
+_shtab_ahriman_package_update__n_nargs=0
+_shtab_ahriman_package_update___now_nargs=0
+_shtab_ahriman_package_update__y_nargs=0
+_shtab_ahriman_package_update___refresh_nargs=0
+_shtab_ahriman_package_update___without_dependencies_nargs=0
+_shtab_ahriman_package_remove_pos_0_nargs=+
+_shtab_ahriman_package_remove__h_nargs=0
+_shtab_ahriman_package_remove___help_nargs=0
+_shtab_ahriman_remove_pos_0_nargs=+
+_shtab_ahriman_remove__h_nargs=0
+_shtab_ahriman_remove___help_nargs=0
+_shtab_ahriman_package_status_pos_0_nargs=*
+_shtab_ahriman_package_status__h_nargs=0
+_shtab_ahriman_package_status___help_nargs=0
+_shtab_ahriman_package_status___ahriman_nargs=0
+_shtab_ahriman_package_status__e_nargs=0
+_shtab_ahriman_package_status___exit_code_nargs=0
+_shtab_ahriman_package_status___info_nargs=0
+_shtab_ahriman_package_status___no_info_nargs=0
+_shtab_ahriman_status_pos_0_nargs=*
+_shtab_ahriman_status__h_nargs=0
+_shtab_ahriman_status___help_nargs=0
+_shtab_ahriman_status___ahriman_nargs=0
+_shtab_ahriman_status__e_nargs=0
+_shtab_ahriman_status___exit_code_nargs=0
+_shtab_ahriman_status___info_nargs=0
+_shtab_ahriman_status___no_info_nargs=0
+_shtab_ahriman_package_status_remove_pos_0_nargs=+
+_shtab_ahriman_package_status_remove__h_nargs=0
+_shtab_ahriman_package_status_remove___help_nargs=0
+_shtab_ahriman_package_status_update_pos_0_nargs=*
+_shtab_ahriman_package_status_update__h_nargs=0
+_shtab_ahriman_package_status_update___help_nargs=0
+_shtab_ahriman_status_update_pos_0_nargs=*
+_shtab_ahriman_status_update__h_nargs=0
+_shtab_ahriman_status_update___help_nargs=0
+_shtab_ahriman_patch_add__h_nargs=0
+_shtab_ahriman_patch_add___help_nargs=0
+_shtab_ahriman_patch_list__h_nargs=0
+_shtab_ahriman_patch_list___help_nargs=0
+_shtab_ahriman_patch_list__e_nargs=0
+_shtab_ahriman_patch_list___exit_code_nargs=0
+_shtab_ahriman_patch_remove__h_nargs=0
+_shtab_ahriman_patch_remove___help_nargs=0
+_shtab_ahriman_patch_set_add__h_nargs=0
+_shtab_ahriman_patch_set_add___help_nargs=0
+_shtab_ahriman_repo_backup__h_nargs=0
+_shtab_ahriman_repo_backup___help_nargs=0
+_shtab_ahriman_repo_check_pos_0_nargs=*
+_shtab_ahriman_repo_check__h_nargs=0
+_shtab_ahriman_repo_check___help_nargs=0
+_shtab_ahriman_repo_check__e_nargs=0
+_shtab_ahriman_repo_check___exit_code_nargs=0
+_shtab_ahriman_repo_check___vcs_nargs=0
+_shtab_ahriman_repo_check___no_vcs_nargs=0
+_shtab_ahriman_repo_check__y_nargs=0
+_shtab_ahriman_repo_check___refresh_nargs=0
+_shtab_ahriman_check_pos_0_nargs=*
+_shtab_ahriman_check__h_nargs=0
+_shtab_ahriman_check___help_nargs=0
+_shtab_ahriman_check__e_nargs=0
+_shtab_ahriman_check___exit_code_nargs=0
+_shtab_ahriman_check___vcs_nargs=0
+_shtab_ahriman_check___no_vcs_nargs=0
+_shtab_ahriman_check__y_nargs=0
+_shtab_ahriman_check___refresh_nargs=0
+_shtab_ahriman_repo_clean__h_nargs=0
+_shtab_ahriman_repo_clean___help_nargs=0
+_shtab_ahriman_repo_clean___cache_nargs=0
+_shtab_ahriman_repo_clean___no_cache_nargs=0
+_shtab_ahriman_repo_clean___chroot_nargs=0
+_shtab_ahriman_repo_clean___no_chroot_nargs=0
+_shtab_ahriman_repo_clean___manual_nargs=0
+_shtab_ahriman_repo_clean___no_manual_nargs=0
+_shtab_ahriman_repo_clean___packages_nargs=0
+_shtab_ahriman_repo_clean___no_packages_nargs=0
+_shtab_ahriman_repo_clean___pacman_nargs=0
+_shtab_ahriman_repo_clean___no_pacman_nargs=0
+_shtab_ahriman_clean__h_nargs=0
+_shtab_ahriman_clean___help_nargs=0
+_shtab_ahriman_clean___cache_nargs=0
+_shtab_ahriman_clean___no_cache_nargs=0
+_shtab_ahriman_clean___chroot_nargs=0
+_shtab_ahriman_clean___no_chroot_nargs=0
+_shtab_ahriman_clean___manual_nargs=0
+_shtab_ahriman_clean___no_manual_nargs=0
+_shtab_ahriman_clean___packages_nargs=0
+_shtab_ahriman_clean___no_packages_nargs=0
+_shtab_ahriman_clean___pacman_nargs=0
+_shtab_ahriman_clean___no_pacman_nargs=0
+_shtab_ahriman_repo_config__h_nargs=0
+_shtab_ahriman_repo_config___help_nargs=0
+_shtab_ahriman_config__h_nargs=0
+_shtab_ahriman_config___help_nargs=0
+_shtab_ahriman_repo_rebuild__h_nargs=0
+_shtab_ahriman_repo_rebuild___help_nargs=0
+_shtab_ahriman_repo_rebuild___dry_run_nargs=0
+_shtab_ahriman_repo_rebuild___from_database_nargs=0
+_shtab_ahriman_repo_rebuild__e_nargs=0
+_shtab_ahriman_repo_rebuild___exit_code_nargs=0
+_shtab_ahriman_rebuild__h_nargs=0
+_shtab_ahriman_rebuild___help_nargs=0
+_shtab_ahriman_rebuild___dry_run_nargs=0
+_shtab_ahriman_rebuild___from_database_nargs=0
+_shtab_ahriman_rebuild__e_nargs=0
+_shtab_ahriman_rebuild___exit_code_nargs=0
+_shtab_ahriman_repo_remove_unknown__h_nargs=0
+_shtab_ahriman_repo_remove_unknown___help_nargs=0
+_shtab_ahriman_repo_remove_unknown___dry_run_nargs=0
+_shtab_ahriman_remove_unknown__h_nargs=0
+_shtab_ahriman_remove_unknown___help_nargs=0
+_shtab_ahriman_remove_unknown___dry_run_nargs=0
+_shtab_ahriman_repo_report__h_nargs=0
+_shtab_ahriman_repo_report___help_nargs=0
+_shtab_ahriman_report__h_nargs=0
+_shtab_ahriman_report___help_nargs=0
+_shtab_ahriman_repo_restore__h_nargs=0
+_shtab_ahriman_repo_restore___help_nargs=0
+_shtab_ahriman_repo_setup__h_nargs=0
+_shtab_ahriman_repo_setup___help_nargs=0
+_shtab_ahriman_repo_setup___makeflags_jobs_nargs=0
+_shtab_ahriman_repo_setup___no_makeflags_jobs_nargs=0
+_shtab_ahriman_repo_setup___multilib_nargs=0
+_shtab_ahriman_repo_setup___no_multilib_nargs=0
+_shtab_ahriman_init__h_nargs=0
+_shtab_ahriman_init___help_nargs=0
+_shtab_ahriman_init___makeflags_jobs_nargs=0
+_shtab_ahriman_init___no_makeflags_jobs_nargs=0
+_shtab_ahriman_init___multilib_nargs=0
+_shtab_ahriman_init___no_multilib_nargs=0
+_shtab_ahriman_repo_init__h_nargs=0
+_shtab_ahriman_repo_init___help_nargs=0
+_shtab_ahriman_repo_init___makeflags_jobs_nargs=0
+_shtab_ahriman_repo_init___no_makeflags_jobs_nargs=0
+_shtab_ahriman_repo_init___multilib_nargs=0
+_shtab_ahriman_repo_init___no_multilib_nargs=0
+_shtab_ahriman_setup__h_nargs=0
+_shtab_ahriman_setup___help_nargs=0
+_shtab_ahriman_setup___makeflags_jobs_nargs=0
+_shtab_ahriman_setup___no_makeflags_jobs_nargs=0
+_shtab_ahriman_setup___multilib_nargs=0
+_shtab_ahriman_setup___no_multilib_nargs=0
+_shtab_ahriman_repo_sign_pos_0_nargs=*
+_shtab_ahriman_repo_sign__h_nargs=0
+_shtab_ahriman_repo_sign___help_nargs=0
+_shtab_ahriman_sign_pos_0_nargs=*
+_shtab_ahriman_sign__h_nargs=0
+_shtab_ahriman_sign___help_nargs=0
+_shtab_ahriman_repo_status_update__h_nargs=0
+_shtab_ahriman_repo_status_update___help_nargs=0
+_shtab_ahriman_repo_sync__h_nargs=0
+_shtab_ahriman_repo_sync___help_nargs=0
+_shtab_ahriman_sync__h_nargs=0
+_shtab_ahriman_sync___help_nargs=0
+_shtab_ahriman_repo_tree__h_nargs=0
+_shtab_ahriman_repo_tree___help_nargs=0
+_shtab_ahriman_repo_triggers_pos_0_nargs=*
+_shtab_ahriman_repo_triggers__h_nargs=0
+_shtab_ahriman_repo_triggers___help_nargs=0
+_shtab_ahriman_repo_update_pos_0_nargs=*
+_shtab_ahriman_repo_update__h_nargs=0
+_shtab_ahriman_repo_update___help_nargs=0
+_shtab_ahriman_repo_update___dry_run_nargs=0
+_shtab_ahriman_repo_update__e_nargs=0
+_shtab_ahriman_repo_update___exit_code_nargs=0
+_shtab_ahriman_repo_update___aur_nargs=0
+_shtab_ahriman_repo_update___no_aur_nargs=0
+_shtab_ahriman_repo_update___local_nargs=0
+_shtab_ahriman_repo_update___no_local_nargs=0
+_shtab_ahriman_repo_update___manual_nargs=0
+_shtab_ahriman_repo_update___no_manual_nargs=0
+_shtab_ahriman_repo_update___vcs_nargs=0
+_shtab_ahriman_repo_update___no_vcs_nargs=0
+_shtab_ahriman_repo_update__y_nargs=0
+_shtab_ahriman_repo_update___refresh_nargs=0
+_shtab_ahriman_update_pos_0_nargs=*
+_shtab_ahriman_update__h_nargs=0
+_shtab_ahriman_update___help_nargs=0
+_shtab_ahriman_update___dry_run_nargs=0
+_shtab_ahriman_update__e_nargs=0
+_shtab_ahriman_update___exit_code_nargs=0
+_shtab_ahriman_update___aur_nargs=0
+_shtab_ahriman_update___no_aur_nargs=0
+_shtab_ahriman_update___local_nargs=0
+_shtab_ahriman_update___no_local_nargs=0
+_shtab_ahriman_update___manual_nargs=0
+_shtab_ahriman_update___no_manual_nargs=0
+_shtab_ahriman_update___vcs_nargs=0
+_shtab_ahriman_update___no_vcs_nargs=0
+_shtab_ahriman_update__y_nargs=0
+_shtab_ahriman_update___refresh_nargs=0
+_shtab_ahriman_shell__h_nargs=0
+_shtab_ahriman_shell___help_nargs=0
+_shtab_ahriman_shell__v_nargs=0
+_shtab_ahriman_shell___verbose_nargs=0
+_shtab_ahriman_user_add__h_nargs=0
+_shtab_ahriman_user_add___help_nargs=0
+_shtab_ahriman_user_add__s_nargs=0
+_shtab_ahriman_user_add___secure_nargs=0
+_shtab_ahriman_user_list__h_nargs=0
+_shtab_ahriman_user_list___help_nargs=0
+_shtab_ahriman_user_list__e_nargs=0
+_shtab_ahriman_user_list___exit_code_nargs=0
+_shtab_ahriman_user_remove__h_nargs=0
+_shtab_ahriman_user_remove___help_nargs=0
+_shtab_ahriman_version__h_nargs=0
+_shtab_ahriman_version___help_nargs=0
+_shtab_ahriman_web__h_nargs=0
+_shtab_ahriman_web___help_nargs=0
+
+
+# $1=COMP_WORDS[1]
+_shtab_compgen_files() {
+  compgen -f -- $1  # files
+}
+
+# $1=COMP_WORDS[1]
+_shtab_compgen_dirs() {
+  compgen -d -- $1  # recurse into subdirs
+}
+
+# $1=COMP_WORDS[1]
+_shtab_replace_nonword() {
+  echo "${1//[^[:word:]]/_}"
+}
+
+# set default values (called for the initial parser & any subparsers)
+_set_parser_defaults() {
+  local subparsers_var="${prefix}_subparsers[@]"
+  sub_parsers=${!subparsers_var}
+
+  local current_option_strings_var="${prefix}_option_strings[@]"
+  current_option_strings=${!current_option_strings_var}
+
+  completed_positional_actions=0
+
+  _set_new_action "pos_${completed_positional_actions}" true
+}
+
+# $1=action identifier
+# $2=positional action (bool)
+# set all identifiers for an action's parameters
+_set_new_action() {
+  current_action="${prefix}_$(_shtab_replace_nonword $1)"
+
+  local current_action_compgen_var=${current_action}_COMPGEN
+  current_action_compgen="${!current_action_compgen_var}"
+
+  local current_action_choices_var="${current_action}_choices[@]"
+  current_action_choices="${!current_action_choices_var}"
+
+  local current_action_nargs_var="${current_action}_nargs"
+  if [ -n "${!current_action_nargs_var}" ]; then
+    current_action_nargs="${!current_action_nargs_var}"
+  else
+    current_action_nargs=1
+  fi
+
+  current_action_args_start_index=$(( $word_index + 1 ))
+
+  current_action_is_positional=$2
+}
+
+# Notes:
+# `COMPREPLY`: what will be rendered after completion is triggered
+# `completing_word`: currently typed word to generate completions for
+# `${!var}`: evaluates the content of `var` and expand its content as a variable
+#     hello="world"
+#     x="hello"
+#     ${!x} -> ${hello} -> "world"
+_shtab_ahriman() {
+  local completing_word="${COMP_WORDS[COMP_CWORD]}"
+  COMPREPLY=()
+
+  prefix=_shtab_ahriman
+  word_index=0
+  _set_parser_defaults
+  word_index=1
+
+  # determine what arguments are appropriate for the current state
+  # of the arg parser
+  while [ $word_index -ne $COMP_CWORD ]; do
+    local this_word="${COMP_WORDS[$word_index]}"
+
+    if [[ -n $sub_parsers && " ${sub_parsers[@]} " =~ " ${this_word} " ]]; then
+      # valid subcommand: add it to the prefix & reset the current action
+      prefix="${prefix}_$(_shtab_replace_nonword $this_word)"
+      _set_parser_defaults
+    fi
+
+    if [[ " ${current_option_strings[@]} " =~ " ${this_word} " ]]; then
+      # a new action should be acquired (due to recognised option string or
+      # no more input expected from current action);
+      # the next positional action can fill in here
+      _set_new_action $this_word false
+    fi
+
+    if [[ "$current_action_nargs" != "*" ]] && \
+       [[ "$current_action_nargs" != "+" ]] && \
+       [[ "$current_action_nargs" != *"..." ]] && \
+       (( $word_index + 1 - $current_action_args_start_index >= \
+          $current_action_nargs )); then
+      $current_action_is_positional && let "completed_positional_actions += 1"
+      _set_new_action "pos_${completed_positional_actions}" true
+    fi
+
+    let "word_index+=1"
+  done
+
+  # Generate the completions
+
+  if [[ "${completing_word}" == -* ]]; then
+    # optional argument started: use option strings
+    COMPREPLY=( $(compgen -W "${current_option_strings[*]}" -- "${completing_word}") )
+  else
+    # use choices & compgen
+    local IFS=$'\n' # items may contain spaces, so delimit using newline
+    COMPREPLY=( $([ -n "${current_action_compgen}" ] \
+                  && "${current_action_compgen}" "${completing_word}") )
+    unset IFS
+    COMPREPLY+=( $(compgen -W "${current_action_choices[*]}" -- "${completing_word}") )
+  fi
+
+  return 0
+}
+
+complete -o filenames -F _shtab_ahriman ahriman

docs/completions/zsh/_ahriman

@@ -0,0 +1,531 @@
+#compdef ahriman
+
+# AUTOMATICALLY GENERATED by `shtab`
+
+
+_shtab_ahriman_commands() {
+  local _commands=(
+    "add:add existing or new package to the build queue"
+    "aur-search:search for package in AUR using API"
+    "check:check for packages updates. Same as repo-update --dry-run --no-manual"
+    "clean:remove local caches"
+    "config:dump configuration for the specified architecture"
+    "daemon:start process which periodically will run update process"
+    "help:show help message for application or command and exit"
+    "help-commands-unsafe:list unsafe commands as defined in default args"
+    "init:create initial service configuration, requires root"
+    "key-import:import PGP key from public sources to the repository user"
+    "package-add:add existing or new package to the build queue"
+    "package-remove:remove package from the repository"
+    "package-status:request status of the package"
+    "package-status-remove:remove the package from the status page"
+    "package-status-update:update package status on the status page"
+    "package-update:add existing or new package to the build queue"
+    "patch-add:create or update patched PKGBUILD function or variable"
+    "patch-list:list available patches for the package"
+    "patch-remove:remove patches for the package"
+    "patch-set-add:create or update source patches"
+    "rebuild:force rebuild whole repository"
+    "remove:remove package from the repository"
+    "remove-unknown:remove packages which are missing in AUR and do not have local PKGBUILDs"
+    "repo-backup:backup repository settings and database"
+    "repo-check:check for packages updates. Same as repo-update --dry-run --no-manual"
+    "repo-clean:remove local caches"
+    "repo-config:dump configuration for the specified architecture"
+    "repo-init:create initial service configuration, requires root"
+    "repo-rebuild:force rebuild whole repository"
+    "repo-remove-unknown:remove packages which are missing in AUR and do not have local PKGBUILDs"
+    "repo-report:generate repository report according to current settings"
+    "repo-restore:restore settings and database"
+    "repo-setup:create initial service configuration, requires root"
+    "repo-sign:(re-)sign packages and repository database according to current settings"
+    "repo-status-update:update repository status on the status page"
+    "repo-sync:sync repository files to remote server according to current settings"
+    "repo-tree:dump repository tree based on packages dependencies"
+    "repo-triggers:run triggers on empty build result as configured by settings"
+    "repo-update:check for packages updates and run build process if requested"
+    "report:generate repository report according to current settings"
+    "search:search for package in AUR using API"
+    "setup:create initial service configuration, requires root"
+    "shell:drop into python shell while having created application"
+    "sign:(re-)sign packages and repository database according to current settings"
+    "status:request status of the package"
+    "status-update:update package status on the status page"
+    "sync:sync repository files to remote server according to current settings"
+    "update:check for packages updates and run build process if requested"
+    "user-add:update user for web services with the given password and role. In case if password was not entered it will be asked interactively"
+    "user-list:list users from the user mapping and their roles"
+    "user-remove:remove user from the user mapping and update the configuration"
+    "version:print application and its dependencies versions"
+    "web:start web server"
+  )
+  _describe 'ahriman commands' _commands
+}
+
+_shtab_ahriman_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "*"{-a,--architecture}"[target architectures. For several subcommands it can be used multiple times]:architecture:"
+  {-c,--configuration}"[configuration path]:configuration:"
+  "--force[force run, remove file lock]"
+  {-l,--lock}"[lock file]:lock:"
+  {--report,--no-report}"[force enable or disable reporting to web service (default\: \%(default)s)]:report:"
+  {-q,--quiet}"[force disable any logging]"
+  "--unsafe[allow to run ahriman as non-ahriman user. Some actions might be unavailable]"
+  "(- : *)"{-V,--version}"[show program\'s version number and exit]"
+)
+
+_shtab_ahriman_add_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {-n,--now}"[run update function after]"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  {-s,--source}"[explicitly specify the package source for this command]:source:(auto archive aur directory local remote repository)"
+  "--without-dependencies[do not add dependencies]"
+  "(*):package source (base name, path to local files, remote URL):"
+)
+
+_shtab_ahriman_aur_search_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--info,--no-info}"[show additional package information (default\: \%(default)s)]:info:"
+  "--sort-by[sort field by this field. In case if two packages have the same value of the specified field, they will be always sorted by name]:sort_by:(description first_submitted id last_modified maintainer name num_votes out_of_date package_base package_base_id popularity repository url url_path version)"
+  "(*):search terms, can be specified multiple times, the result will match all terms:"
+)
+
+_shtab_ahriman_check_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--vcs,--no-vcs}"[enable or disable checking of VCS packages (default\: \%(default)s)]:vcs:"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  "(*)::filter check by package base:"
+)
+
+_shtab_ahriman_clean_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {--cache,--no-cache}"[clear directory with package caches (default\: \%(default)s)]:cache:"
+  {--chroot,--no-chroot}"[clear build chroot (default\: \%(default)s)]:chroot:"
+  {--manual,--no-manual}"[clear manually added packages queue (default\: \%(default)s)]:manual:"
+  {--packages,--no-packages}"[clear directory with built packages (default\: \%(default)s)]:packages:"
+  {--pacman,--no-pacman}"[clear directory with pacman local database cache (default\: \%(default)s)]:pacman:"
+)
+
+_shtab_ahriman_config_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_daemon_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-i,--interval}"[interval between runs in seconds]:interval:"
+  {--aur,--no-aur}"[enable or disable checking for AUR updates. Implies --no-vcs (default\: \%(default)s)]:aur:"
+  {--local,--no-local}"[enable or disable checking of local packages for updates (default\: \%(default)s)]:local:"
+  {--manual,--no-manual}"[include or exclude manual updates (default\: \%(default)s)]:manual:"
+  {--vcs,--no-vcs}"[enable or disable checking of VCS packages (default\: \%(default)s)]:vcs:"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+)
+
+_shtab_ahriman_help_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  ":show help message for specific command:"
+)
+
+_shtab_ahriman_help_commands_unsafe_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--command[instead of showing commands, just test command line for unsafe subcommand and return 0 in case if command is safe and 1 otherwise]:command:"
+)
+
+_shtab_ahriman_init_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--build-as-user[force makepkg user to the specific one]:build_as_user:"
+  "--build-command[build command prefix]:build_command:"
+  "--from-configuration[path to default devtools pacman configuration]:from_configuration:"
+  {--makeflags-jobs,--no-makeflags-jobs}"[append MAKEFLAGS variable with parallelism set to number of cores (default\: \%(default)s)]:makeflags_jobs:"
+  {--multilib,--no-multilib}"[add or do not multilib repository (default\: \%(default)s)]:multilib:"
+  "--packager[packager name and email]:packager:"
+  "--repository[repository name]:repository:"
+  "--sign-key[sign key id]:sign_key:"
+  "*--sign-target[sign options]:sign_target:(disabled packages repository)"
+  "--web-port[port of the web service]:web_port:"
+  "--web-unix-socket[path to unix socket used for interprocess communications]:web_unix_socket:"
+)
+
+_shtab_ahriman_key_import_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--key-server[key server for key import]:key_server:"
+  ":PGP key to import from public server:"
+)
+
+_shtab_ahriman_package_add_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {-n,--now}"[run update function after]"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  {-s,--source}"[explicitly specify the package source for this command]:source:(auto archive aur directory local remote repository)"
+  "--without-dependencies[do not add dependencies]"
+  "(*):package source (base name, path to local files, remote URL):"
+)
+
+_shtab_ahriman_package_remove_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*):package name or base:"
+)
+
+_shtab_ahriman_package_status_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--ahriman[get service status itself]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--info,--no-info}"[show additional package information (default\: \%(default)s)]:info:"
+  {-s,--status}"[filter packages by status]:status:(unknown pending building failed success)"
+  "(*)::filter status by package base:"
+)
+
+_shtab_ahriman_package_status_remove_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*):remove specified packages from status page:"
+)
+
+_shtab_ahriman_package_status_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-s,--status}"[new package build status]:status:(unknown pending building failed success)"
+  "(*)::set status for specified packages. If no packages supplied, service status will be updated:"
+)
+
+_shtab_ahriman_package_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {-n,--now}"[run update function after]"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  {-s,--source}"[explicitly specify the package source for this command]:source:(auto archive aur directory local remote repository)"
+  "--without-dependencies[do not add dependencies]"
+  "(*):package source (base name, path to local files, remote URL):"
+)
+
+_shtab_ahriman_patch_add_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  ":package base:"
+  ":PKGBUILD variable or function name. If variable is a function, it must end with ():"
+  ":path to file which contains function or variable value. If not set, the value will be read from stdin:"
+)
+
+_shtab_ahriman_patch_list_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  "*"{-v,--variable}"[if set, show only patches for specified PKGBUILD variables]:variable:"
+  ":package base:"
+)
+
+_shtab_ahriman_patch_remove_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "*"{-v,--variable}"[should be used for single-function patches in case if you wold like to remove only specified PKGBUILD variables. In case if not set, it will remove all patches related to the package]:variable:"
+  ":package base:"
+)
+
+_shtab_ahriman_patch_set_add_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "*"{-t,--track}"[files which has to be tracked]:track:"
+  ":path to directory with changed files for patch addition\/update:"
+)
+
+_shtab_ahriman_rebuild_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "*--depends-on[only rebuild packages that depend on specified packages]:depends_on:"
+  "--dry-run[just perform check for packages without rebuild process itself]"
+  "--from-database[read packages from database instead of filesystem. This feature in particular is required in case if you would like to restore repository from another repository instance. Note, however, that in order to restore packages you need to have original ahriman instance run with web service and have run repo-update at least once.]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+)
+
+_shtab_ahriman_remove_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*):package name or base:"
+)
+
+_shtab_ahriman_remove_unknown_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--dry-run[just perform check for packages without removal]"
+)
+
+_shtab_ahriman_repo_backup_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  ":path of the output archive:"
+)
+
+_shtab_ahriman_repo_check_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--vcs,--no-vcs}"[enable or disable checking of VCS packages (default\: \%(default)s)]:vcs:"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  "(*)::filter check by package base:"
+)
+
+_shtab_ahriman_repo_clean_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {--cache,--no-cache}"[clear directory with package caches (default\: \%(default)s)]:cache:"
+  {--chroot,--no-chroot}"[clear build chroot (default\: \%(default)s)]:chroot:"
+  {--manual,--no-manual}"[clear manually added packages queue (default\: \%(default)s)]:manual:"
+  {--packages,--no-packages}"[clear directory with built packages (default\: \%(default)s)]:packages:"
+  {--pacman,--no-pacman}"[clear directory with pacman local database cache (default\: \%(default)s)]:pacman:"
+)
+
+_shtab_ahriman_repo_config_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_repo_init_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--build-as-user[force makepkg user to the specific one]:build_as_user:"
+  "--build-command[build command prefix]:build_command:"
+  "--from-configuration[path to default devtools pacman configuration]:from_configuration:"
+  {--makeflags-jobs,--no-makeflags-jobs}"[append MAKEFLAGS variable with parallelism set to number of cores (default\: \%(default)s)]:makeflags_jobs:"
+  {--multilib,--no-multilib}"[add or do not multilib repository (default\: \%(default)s)]:multilib:"
+  "--packager[packager name and email]:packager:"
+  "--repository[repository name]:repository:"
+  "--sign-key[sign key id]:sign_key:"
+  "*--sign-target[sign options]:sign_target:(disabled packages repository)"
+  "--web-port[port of the web service]:web_port:"
+  "--web-unix-socket[path to unix socket used for interprocess communications]:web_unix_socket:"
+)
+
+_shtab_ahriman_repo_rebuild_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "*--depends-on[only rebuild packages that depend on specified packages]:depends_on:"
+  "--dry-run[just perform check for packages without rebuild process itself]"
+  "--from-database[read packages from database instead of filesystem. This feature in particular is required in case if you would like to restore repository from another repository instance. Note, however, that in order to restore packages you need to have original ahriman instance run with web service and have run repo-update at least once.]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+)
+
+_shtab_ahriman_repo_remove_unknown_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--dry-run[just perform check for packages without removal]"
+)
+
+_shtab_ahriman_repo_report_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_repo_restore_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-o,--output}"[root path of the extracted files]:output:"
+  ":path of the input archive:"
+)
+
+_shtab_ahriman_repo_setup_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--build-as-user[force makepkg user to the specific one]:build_as_user:"
+  "--build-command[build command prefix]:build_command:"
+  "--from-configuration[path to default devtools pacman configuration]:from_configuration:"
+  {--makeflags-jobs,--no-makeflags-jobs}"[append MAKEFLAGS variable with parallelism set to number of cores (default\: \%(default)s)]:makeflags_jobs:"
+  {--multilib,--no-multilib}"[add or do not multilib repository (default\: \%(default)s)]:multilib:"
+  "--packager[packager name and email]:packager:"
+  "--repository[repository name]:repository:"
+  "--sign-key[sign key id]:sign_key:"
+  "*--sign-target[sign options]:sign_target:(disabled packages repository)"
+  "--web-port[port of the web service]:web_port:"
+  "--web-unix-socket[path to unix socket used for interprocess communications]:web_unix_socket:"
+)
+
+_shtab_ahriman_repo_sign_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*)::sign only specified packages:"
+)
+
+_shtab_ahriman_repo_status_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-s,--status}"[new status]:status:(unknown pending building failed success)"
+)
+
+_shtab_ahriman_repo_sync_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_repo_tree_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_repo_triggers_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*)::instead of running all triggers as set by configuration, just process specified ones in order of mention:"
+)
+
+_shtab_ahriman_repo_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--dry-run[just perform check for updates, same as check command]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--aur,--no-aur}"[enable or disable checking for AUR updates. Implies --no-vcs (default\: \%(default)s)]:aur:"
+  {--local,--no-local}"[enable or disable checking of local packages for updates (default\: \%(default)s)]:local:"
+  {--manual,--no-manual}"[include or exclude manual updates (default\: \%(default)s)]:manual:"
+  {--vcs,--no-vcs}"[enable or disable checking of VCS packages (default\: \%(default)s)]:vcs:"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  "(*)::filter check by package base:"
+)
+
+_shtab_ahriman_report_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_search_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--info,--no-info}"[show additional package information (default\: \%(default)s)]:info:"
+  "--sort-by[sort field by this field. In case if two packages have the same value of the specified field, they will be always sorted by name]:sort_by:(description first_submitted id last_modified maintainer name num_votes out_of_date package_base package_base_id popularity repository url url_path version)"
+  "(*):search terms, can be specified multiple times, the result will match all terms:"
+)
+
+_shtab_ahriman_setup_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--build-as-user[force makepkg user to the specific one]:build_as_user:"
+  "--build-command[build command prefix]:build_command:"
+  "--from-configuration[path to default devtools pacman configuration]:from_configuration:"
+  {--makeflags-jobs,--no-makeflags-jobs}"[append MAKEFLAGS variable with parallelism set to number of cores (default\: \%(default)s)]:makeflags_jobs:"
+  {--multilib,--no-multilib}"[add or do not multilib repository (default\: \%(default)s)]:multilib:"
+  "--packager[packager name and email]:packager:"
+  "--repository[repository name]:repository:"
+  "--sign-key[sign key id]:sign_key:"
+  "*--sign-target[sign options]:sign_target:(disabled packages repository)"
+  "--web-port[port of the web service]:web_port:"
+  "--web-unix-socket[path to unix socket used for interprocess communications]:web_unix_socket:"
+)
+
+_shtab_ahriman_shell_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  ":instead of dropping into shell, just execute the specified code:"
+)
+
+_shtab_ahriman_sign_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "(*)::sign only specified packages:"
+)
+
+_shtab_ahriman_status_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--ahriman[get service status itself]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--info,--no-info}"[show additional package information (default\: \%(default)s)]:info:"
+  {-s,--status}"[filter packages by status]:status:(unknown pending building failed success)"
+  "(*)::filter status by package base:"
+)
+
+_shtab_ahriman_status_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-s,--status}"[new package build status]:status:(unknown pending building failed success)"
+  "(*)::set status for specified packages. If no packages supplied, service status will be updated:"
+)
+
+_shtab_ahriman_sync_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_update_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  "--dry-run[just perform check for updates, same as check command]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {--aur,--no-aur}"[enable or disable checking for AUR updates. Implies --no-vcs (default\: \%(default)s)]:aur:"
+  {--local,--no-local}"[enable or disable checking of local packages for updates (default\: \%(default)s)]:local:"
+  {--manual,--no-manual}"[include or exclude manual updates (default\: \%(default)s)]:manual:"
+  {--vcs,--no-vcs}"[enable or disable checking of VCS packages (default\: \%(default)s)]:vcs:"
+  "*"{-y,--refresh}"[download fresh package databases from the mirror before actions, -yy to force refresh even if up to date]"
+  "(*)::filter check by package base:"
+)
+
+_shtab_ahriman_user_add_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-p,--password}"[user password. Blank password will be treated as empty password, which is in particular must be used for OAuth2 authorization type.]:password:"
+  {-r,--role}"[user access level]:role:(unauthorized read reporter full)"
+  {-s,--secure}"[set file permissions to user-only]"
+  ":username for web service:"
+)
+
+_shtab_ahriman_user_list_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  {-e,--exit-code}"[return non-zero exit status if result is empty]"
+  {-r,--role}"[filter users by role]:role:(unauthorized read reporter full)"
+  ":filter users by username:"
+)
+
+_shtab_ahriman_user_remove_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+  ":username for web service:"
+)
+
+_shtab_ahriman_version_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+_shtab_ahriman_web_options=(
+  "(- : *)"{-h,--help}"[show this help message and exit]"
+)
+
+
+_shtab_ahriman() {
+  local context state line curcontext="$curcontext" one_or_more='(-)*' remainder='(*)'
+
+  if ((${_shtab_ahriman_options[(I)${(q)one_or_more}*]} + ${_shtab_ahriman_options[(I)${(q)remainder}*]} == 0)); then  # noqa: E501
+    _shtab_ahriman_options+=(': :_shtab_ahriman_commands' '*::: :->ahriman')
+  fi
+  _arguments -C $_shtab_ahriman_options
+
+  case $state in
+    ahriman)
+      words=($line[1] "${words[@]}")
+      (( CURRENT += 1 ))
+      curcontext="${curcontext%:*:*}:_shtab_ahriman-$line[1]:"
+      case $line[1] in
+        add) _arguments -C $_shtab_ahriman_add_options ;;
+        aur-search) _arguments -C $_shtab_ahriman_aur_search_options ;;
+        check) _arguments -C $_shtab_ahriman_check_options ;;
+        clean) _arguments -C $_shtab_ahriman_clean_options ;;
+        config) _arguments -C $_shtab_ahriman_config_options ;;
+        daemon) _arguments -C $_shtab_ahriman_daemon_options ;;
+        help) _arguments -C $_shtab_ahriman_help_options ;;
+        help-commands-unsafe) _arguments -C $_shtab_ahriman_help_commands_unsafe_options ;;
+        init) _arguments -C $_shtab_ahriman_init_options ;;
+        key-import) _arguments -C $_shtab_ahriman_key_import_options ;;
+        package-add) _arguments -C $_shtab_ahriman_package_add_options ;;
+        package-remove) _arguments -C $_shtab_ahriman_package_remove_options ;;
+        package-status) _arguments -C $_shtab_ahriman_package_status_options ;;
+        package-status-remove) _arguments -C $_shtab_ahriman_package_status_remove_options ;;
+        package-status-update) _arguments -C $_shtab_ahriman_package_status_update_options ;;
+        package-update) _arguments -C $_shtab_ahriman_package_update_options ;;
+        patch-add) _arguments -C $_shtab_ahriman_patch_add_options ;;
+        patch-list) _arguments -C $_shtab_ahriman_patch_list_options ;;
+        patch-remove) _arguments -C $_shtab_ahriman_patch_remove_options ;;
+        patch-set-add) _arguments -C $_shtab_ahriman_patch_set_add_options ;;
+        rebuild) _arguments -C $_shtab_ahriman_rebuild_options ;;
+        remove) _arguments -C $_shtab_ahriman_remove_options ;;
+        remove-unknown) _arguments -C $_shtab_ahriman_remove_unknown_options ;;
+        repo-backup) _arguments -C $_shtab_ahriman_repo_backup_options ;;
+        repo-check) _arguments -C $_shtab_ahriman_repo_check_options ;;
+        repo-clean) _arguments -C $_shtab_ahriman_repo_clean_options ;;
+        repo-config) _arguments -C $_shtab_ahriman_repo_config_options ;;
+        repo-init) _arguments -C $_shtab_ahriman_repo_init_options ;;
+        repo-rebuild) _arguments -C $_shtab_ahriman_repo_rebuild_options ;;
+        repo-remove-unknown) _arguments -C $_shtab_ahriman_repo_remove_unknown_options ;;
+        repo-report) _arguments -C $_shtab_ahriman_repo_report_options ;;
+        repo-restore) _arguments -C $_shtab_ahriman_repo_restore_options ;;
+        repo-setup) _arguments -C $_shtab_ahriman_repo_setup_options ;;
+        repo-sign) _arguments -C $_shtab_ahriman_repo_sign_options ;;
+        repo-status-update) _arguments -C $_shtab_ahriman_repo_status_update_options ;;
+        repo-sync) _arguments -C $_shtab_ahriman_repo_sync_options ;;
+        repo-tree) _arguments -C $_shtab_ahriman_repo_tree_options ;;
+        repo-triggers) _arguments -C $_shtab_ahriman_repo_triggers_options ;;
+        repo-update) _arguments -C $_shtab_ahriman_repo_update_options ;;
+        report) _arguments -C $_shtab_ahriman_report_options ;;
+        search) _arguments -C $_shtab_ahriman_search_options ;;
+        setup) _arguments -C $_shtab_ahriman_setup_options ;;
+        shell) _arguments -C $_shtab_ahriman_shell_options ;;
+        sign) _arguments -C $_shtab_ahriman_sign_options ;;
+        status) _arguments -C $_shtab_ahriman_status_options ;;
+        status-update) _arguments -C $_shtab_ahriman_status_update_options ;;
+        sync) _arguments -C $_shtab_ahriman_sync_options ;;
+        update) _arguments -C $_shtab_ahriman_update_options ;;
+        user-add) _arguments -C $_shtab_ahriman_user_add_options ;;
+        user-list) _arguments -C $_shtab_ahriman_user_list_options ;;
+        user-remove) _arguments -C $_shtab_ahriman_user_remove_options ;;
+        version) _arguments -C $_shtab_ahriman_version_options ;;
+        web) _arguments -C $_shtab_ahriman_web_options ;;
+      esac
+  esac
+}
+
+
+
+typeset -A opt_args
+_shtab_ahriman "$@"

docs/conf.py

@@ -0,0 +1,97 @@
+# Configuration file for the Sphinx documentation builder.
+#
+# This file only contains a selection of the most common options. For a full
+# list see the documentation:
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Path setup --------------------------------------------------------------
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#
+import os
+import sys
+
+from pathlib import Path
+from unittest import mock
+
+from ahriman.version import __version__
+
+
+basedir = Path(__file__).resolve().parent.parent / "src"
+sys.path.insert(0, str(basedir))
+
+on_rtd = os.environ.get("READTHEDOCS", None) == "True"
+
+for module in (
+        "pyalpm",
+):
+    if module in sys.modules:
+        continue
+    sys.modules[module] = mock.Mock()
+
+
+# -- Project information -----------------------------------------------------
+
+project = "ahriman"
+copyright = "2021-2022, ahriman team"
+author = "ahriman team"
+
+# The full version, including alpha/beta/rc tags
+release = __version__
+
+
+# -- General configuration ---------------------------------------------------
+
+# Add any Sphinx extension module names here, as strings. They can be
+# extensions coming with Sphinx (named "sphinx.ext.*") or your custom
+# ones.
+extensions = [
+    "sphinx.ext.autodoc",
+    "sphinx.ext.napoleon",
+    "sphinxarg.ext",
+]
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ["_templates"]
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#
+# This is also used if you do content translation via gettext catalogs.
+# Usually you set "language" from the command line for these cases.
+language = "en"
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+# This pattern also affects html_static_path and html_extra_path.
+exclude_patterns = []
+
+
+# -- Options for HTML output -------------------------------------------------
+
+# The theme to use for HTML and HTML Help pages.  See the documentation for
+# a list of builtin themes.
+#
+html_theme = "default" if on_rtd else "alabaster"
+
+# Add any paths that contain custom static files (such as style sheets) here,
+# relative to this directory. They are copied after the builtin static files,
+# so a file named "default.css" will overwrite the builtin "default.css".
+html_static_path = []
+
+add_module_names = False
+
+modindex_common_prefix = ["ahriman.application.", "ahriman.core.", "ahriman.models.", "ahriman.web."]
+
+
+# -- Extension configuration -------------------------------------------------
+
+autoclass_content = "both"
+
+autodoc_member_order = "groupwise"
+
+autodoc_default_options = {
+    "no-undoc-members": True,
+}

docs/configuration.md

@@ -1,188 +0,0 @@
-# ahriman configuration
-
-Some groups can be specified for each architecture separately. E.g. if there are `build` and `build:x86_64` groups it will use the option from `build:x86_64` for the `x86_64` architecture and `build` for any other (architecture specific group has higher priority). In case if both groups are presented, architecture specific options will be merged into global ones overriding them.
-
-There are two variable types which have been added to default ones, they are paths and lists. List values will be read in the same way as shell does:
-
-* By default, it splits value by spaces excluding empty elements. 
-* In case if quotation mark (`"` or `'`) will be found, any spaces inside will be ignored.
-* In order to use quotation mark inside value it is required to put it to another quotation mark, e.g. `wor"'"d "with quote"` will be parsed as `["wor'd", "with quote"]` and vice versa.
-* Unclosed quotation mark is not allowed and will rise an exception.
-
-Path values, except for casting to `pathlib.Path` type, will be also expanded to absolute paths relative to the configuration path. E.g. if path is set to `ahriman.ini.d/logging.ini` and root configuration path is `/etc/ahriman.ini`, the value will be expanded to `/etc/ahriman.ini.d/logging.ini`. In order to disable path expand, use the full path, e.g. `/etc/ahriman.ini.d/logging.ini`. 
-
-## `settings` group
-
-Base configuration settings.
-
-* `include` - path to directory with configuration files overrides, string, required.
-* `database` - path to SQLite database, string, required.
-* `logging` - path to logging configuration, string, required. Check `logging.ini` for reference.
-
-## `alpm` group
-
-libalpm and AUR related configuration.
-
-* `aur_url` - base url for AUR, string, required.
-* `database` - path to pacman local database cache, string, required.
-* `repositories` - list of pacman repositories, space separated list of strings, required.
-* `root` - root for alpm library, string, required.
-
-## `auth` group
-
-Base authorization settings. `OAuth` provider requires `aioauth-client` library to be installed.
-
-* `target` - specifies authorization provider, string, optional, default `disabled`. Allowed values are `disabled`, `configuration`, `oauth`.
-* `client_id` - OAuth2 application client ID, string, required in case if `oauth` is used.
-* `client_secret` - OAuth2 application client secret key, string, required in case if `oauth` is used.
-* `max_age` - parameter which controls both cookie expiration and token expiration inside the service, integer, optional, default is 7 days.
-* `oauth_provider` - OAuth2 provider class name as is in `aioauth-client` (e.g. `GoogleClient`, `GithubClient` etc), string, required in case if `oauth` is used.
-* `oauth_scopes` - scopes list for OAuth2 provider, which will allow retrieving user email (which is used for checking user permissions), e.g. `https://www.googleapis.com/auth/userinfo.email` for `GoogleClient` or `user:email` for `GithubClient`, space separated list of strings, required in case if `oauth` is used.
-* `safe_build_status` - allow requesting status page without authorization, boolean, required.
-* `salt` - password hash salt, string, required in case if authorization enabled (automatically generated by `create-user` subcommand).
-
-Authorized users are stored inside internal database, if any of external provides are used the password field for non-service users must be empty. 
-
-## `build:*` groups
-
-Build related configuration. Group name can refer to architecture, e.g. `build:x86_64` can be used for x86_64 architecture specific settings.
-
-* `archbuild_flags` - additional flags passed to `archbuild` command, space separated list of strings, optional.
-* `build_command` - default build command, string, required.
-* `ignore_packages` - list packages to ignore during a regular update (manual update will still work), space separated list of strings, optional.
-* `makepkg_flags` - additional flags passed to `makepkg` command, space separated list of strings, optional.
-* `makechrootpkg_flags` - additional flags passed to `makechrootpkg` command, space separated list of strings, optional.
-
-## `repository` group
-
-Base repository settings.
-
-* `name` - repository name, string, required.
-* `root` - root path for application, string, required.
-
-## `sign:*` groups
-
-Settings for signing packages or repository. Group name can refer to architecture, e.g. `sign:x86_64` can be used for x86_64 architecture specific settings.
-
-* `target` - configuration flag to enable signing, space separated list of strings, required. Allowed values are `package` (sign each package separately), `repository` (sign repository database file).
-* `key` - default PGP key, string, required. This key will also be used for database signing if enabled.
-* `key_*` settings - PGP key which will be used for specific packages, string, optional. For example, if there is `key_yay` option the specified key will be used for yay package and default key for others.
-
-## `report` group
-
-Report generation settings.
-
-* `target` - list of reports to be generated, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. `somerandomname` must point to existing section, `email` must point to one of `email` of `email:x86_64` (the one with architecture has higher priority). 
-
-Type will be read from several ways:
-
-* In case if `type` option set inside the section, it will be used.
-* Otherwise, it will look for type from section name removing architecture name.
-* And finally, it will use section name as type.
-
-### `console` type
-
-Section name must be either `console` (plus optional architecture name, e.g. `console:x86_64`) or random name with `type` set.
-
-* `use_utf` - use utf8 symbols in output if set and ascii otherwise, boolean, optional, default `yes`.
-
-### `email` type
-
-Section name must be either `email` (plus optional architecture name, e.g. `email:x86_64`) or random name with `type` set.
-
-* `type` - type of the report, string, optional, must be set to `email` if exists.
-* `full_template_path` - path to Jinja2 template for full package description index, string, optional.
-* `homepage` - link to homepage, string, optional.
-* `host` - SMTP host for sending emails, string, required.
-* `link_path` - prefix for HTML links, string, required.
-* `no_empty_report` - skip report generation for empty packages list, boolean, optional, default `yes`.
-* `password` - SMTP password to authenticate, string, optional.
-* `port` - SMTP port for sending emails, int, required.
-* `receivers` - SMTP receiver addresses, space separated list of strings, required.
-* `sender` - SMTP sender address, string, required.
-* `ssl` - SSL mode for SMTP connection, one of `ssl`, `starttls`, `disabled`, optional, default `disabled`.
-* `template_path` - path to Jinja2 template, string, required.
-* `user` - SMTP user to authenticate, string, optional.
-
-### `html` type
-
-Section name must be either `html` (plus optional architecture name, e.g. `html:x86_64`) or random name with `type` set.
-
-* `type` - type of the report, string, optional, must be set to `html` if exists.
-* `path` - path to html report file, string, required.
-* `homepage` - link to homepage, string, optional.
-* `link_path` - prefix for HTML links, string, required.
-* `template_path` - path to Jinja2 template, string, required.
-
-### `telegram` type
-
-Section name must be either `telegram` (plus optional architecture name, e.g. `telegram:x86_64`) or random name with `type` set.
-
-* `type` - type of the report, string, optional, must be set to `telegram` if exists.
-* `api_key` - telegram bot API key, string, required. Please refer FAQ about how to create chat and bot
-* `chat_id` - telegram chat id, either string with `@` or integer value, required.
-* `homepage` - link to homepage, string, optional.
-* `link_path` - prefix for HTML links, string, required.
-* `template_path` - path to Jinja2 template, string, required.
-* `template_type` - `parse_mode` to be passed to telegram API, one of `MarkdownV2`, `HTML`, `Markdown`, string, optional, default `HTML`.
-
-## `upload` group
-
-Remote synchronization settings.
-
-* `target` - list of synchronizations to be used, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. `somerandomname` must point to existing section, `github` must point to one of `github` of `github:x86_64` (with architecture it has higher priority).
-
-Type will be read from several ways:
-
-* In case if `type` option set inside the section, it will be used.
-* Otherwise, it will look for type from section name removing architecture name.
-* And finally, it will use section name as type.
-
-### `github` type
-
-This feature requires Github key creation (see below). Section name must be either `github` (plus optional architecture name, e.g. `github:x86_64`) or random name with `type` set.
-
-* `type` - type of the upload, string, optional, must be set to `github` if exists.
-* `owner` - Github repository owner, string, required.
-* `password` - created Github API key. In order to create it do the following:
-  1. Go to [settings page](https://github.com/settings/profile).
-  2. Switch to [developers settings](https://github.com/settings/apps).
-  3. Switch to [personal access tokens](https://github.com/settings/tokens).
-  4. Generate new token. Required scope is `public_repo` (or `repo` for private repository support).
-* `repository` - Github repository name, string, required. Repository must be created before any action and must have active branch (e.g. with readme).
-* `username` - Github authorization user, string, required. Basically the same as `owner`.
-
-### `rsync` type
-
-Requires `rsync` package to be installed. Do not forget to configure ssh for user `ahriman`. Section name must be either `rsync` (plus optional architecture name, e.g. `rsync:x86_64`) or random name with `type` set.
-
-* `type` - type of the upload, string, optional, must be set to `rsync` if exists.
-* `command` - rsync command to run, space separated list of string, required.
-* `remote` - remote server to rsync (e.g. `1.2.3.4:path/to/sync`), string, required.
-
-### `s3` type
-
-Requires `boto3` library to be installed. Section name must be either `s3` (plus optional architecture name, e.g. `s3:x86_64`) or random name with `type` set.
-
-* `type` - type of the upload, string, optional, must be set to `github` if exists.
-* `access_key` - AWS access key ID, string, required.
-* `bucket` - bucket name (e.g. `bucket`), string, required.
-* `chunk_size` - chunk size for calculating entity tags, int, optional, default 8 * 1024 * 1024.
-* `region` - bucket region (e.g. `eu-central-1`), string, required.
-* `secret_key` - AWS secret access key, string, required.
-
-## `web:*` groups
-
-Web server settings. If any of `host`/`port` is not set, web integration will be disabled. Group name can refer to architecture, e.g. `web:x86_64` can be used for x86_64 architecture specific settings. This feature requires `aiohttp` libraries to be installed.
-
-* `address` - optional address in form `proto://host:port` (`port` can be omitted in case of default `proto` ports), will be used instead of `http://{host}:{port}` in case if set, string, optional. This option is required in case if `OAuth` provider is used.
-* `debug` - enable debug toolbar, boolean, optional, default `no`.
-* `debug_check_host` - check hosts to access debug toolbar, boolean, optional, default `no`.
-* `debug_allowed_hosts` - allowed hosts to get access to debug toolbar, space separated list of string, optional.
-* `host` - host to bind, string, optional.
-* `index_url` - full url of the repository index page, string, optional.
-* `password` - password to authorize in web service in order to update service status, string, required in case if authorization enabled.  
-* `port` - port to bind, int, optional.
-* `static_path` - path to directory with static files, string, required.
-* `templates` - path to templates directory, string, required.
-* `username` - username to authorize in web service in order to update service status, string, required in case if authorization enabled.  

docs/configuration.rst

@@ -0,0 +1,245 @@
+Configuration
+=============
+
+Some groups can be specified for each architecture separately. E.g. if there are ``build`` and ``build:x86_64`` groups it will use an option from ``build:x86_64`` for the ``x86_64`` architecture and ``build`` for any other (architecture specific group has higher priority). In case if both groups are presented, architecture specific options will be merged into global ones overriding them.
+
+There are two variable types which have been added to default ones, they are paths and lists. List values will be read in the same way as shell does:
+
+* By default, it splits value by spaces excluding empty elements. 
+* In case if quotation mark (``"`` or ``'``) will be found, any spaces inside will be ignored.
+* In order to use quotation mark inside value it is required to put it to another quotation mark, e.g. ``wor"'"d "with quote"`` will be parsed as ``["wor'd", "with quote"]`` and vice versa.
+* Unclosed quotation mark is not allowed and will rise an exception.
+
+Path values, except for casting to ``pathlib.Path`` type, will be also expanded to absolute paths relative to the configuration path. E.g. if path is set to ``ahriman.ini.d/logging.ini`` and root configuration path is ``/etc/ahriman.ini``, the value will be expanded to ``/etc/ahriman.ini.d/logging.ini``. In order to disable path expand, use the full path, e.g. ``/etc/ahriman.ini.d/logging.ini``.
+
+``settings`` group
+------------------
+
+Base configuration settings.
+
+* ``include`` - path to directory with configuration files overrides, string, required.
+* ``database`` - path to SQLite database, string, required.
+* ``logging`` - path to logging configuration, string, required. Check ``logging.ini`` for reference.
+
+``alpm`` group
+--------------
+
+libalpm and AUR related configuration.
+
+* ``database`` - path to pacman system database cache, string, required.
+* ``mirror`` - package database mirror used by pacman for syncronization, string, required. This option supports standard pacman substitutions with ``$arch`` and ``$repo``. Note that the mentioned mirror should contain all repositories which are set by ``alpm.repositories`` option.
+* ``repositories`` - list of pacman repositories, space separated list of strings, required.
+* ``root`` - root for alpm library, string, required.
+* ``use_ahriman_cache`` - use local pacman package cache instead of system one, boolean, required. With this option enabled you might want to refresh database periodically (available as additional flag for some subcommands).
+
+``auth`` group
+--------------
+
+Base authorization settings. ``OAuth`` provider requires ``aioauth-client`` library to be installed.
+
+* ``target`` - specifies authorization provider, string, optional, default ``disabled``. Allowed values are ``disabled``, ``configuration``, ``oauth``.
+* ``allow_read_only`` - allow requesting status APIs without authorization, boolean, required.
+* ``client_id`` - OAuth2 application client ID, string, required in case if ``oauth`` is used.
+* ``client_secret`` - OAuth2 application client secret key, string, required in case if ``oauth`` is used.
+* ``max_age`` - parameter which controls both cookie expiration and token expiration inside the service, integer, optional, default is 7 days.
+* ``oauth_provider`` - OAuth2 provider class name as is in ``aioauth-client`` (e.g. ``GoogleClient``, ``GithubClient`` etc), string, required in case if ``oauth`` is used.
+* ``oauth_scopes`` - scopes list for OAuth2 provider, which will allow retrieving user email (which is used for checking user permissions), e.g. ``https://www.googleapis.com/auth/userinfo.email`` for ``GoogleClient`` or ``user:email`` for ``GithubClient``, space separated list of strings, required in case if ``oauth`` is used.
+* ``salt`` - password hash salt, string, required in case if authorization enabled (automatically generated by ``user-add`` subcommand).
+
+Authorized users are stored inside internal database, if any of external provides are used the password field for non-service users must be empty. 
+
+``build:*`` groups
+------------------
+
+Build related configuration. Group name can refer to architecture, e.g. ``build:x86_64`` can be used for x86_64 architecture specific settings.
+
+* ``archbuild_flags`` - additional flags passed to ``archbuild`` command, space separated list of strings, optional.
+* ``build_command`` - default build command, string, required.
+* ``ignore_packages`` - list packages to ignore during a regular update (manual update will still work), space separated list of strings, optional.
+* ``makepkg_flags`` - additional flags passed to ``makepkg`` command, space separated list of strings, optional.
+* ``makechrootpkg_flags`` - additional flags passed to ``makechrootpkg`` command, space separated list of strings, optional.
+* ``triggers`` - list of ``ahriman.core.triggers.Trigger`` class implementation (e.g. ``ahriman.core.report.ReportTrigger ahriman.core.upload.UploadTrigger``) which will be loaded and run at the end of processing, space separated list of strings, optional. You can also specify triggers by their paths, e.g. ``/usr/lib/python3.10/site-packages/ahriman/core/report/report.py.ReportTrigger``. Triggers are run in the order of mention.
+* ``vcs_allowed_age`` - maximal age in seconds of the VCS packages before their version will be updated with its remote source, int, optional, default ``0``.
+
+``repository`` group
+--------------------
+
+Base repository settings.
+
+* ``name`` - repository name, string, required.
+* ``root`` - root path for application, string, required.
+
+``sign:*`` groups
+-----------------
+
+Settings for signing packages or repository. Group name can refer to architecture, e.g. ``sign:x86_64`` can be used for x86_64 architecture specific settings.
+
+* ``target`` - configuration flag to enable signing, space separated list of strings, required. Allowed values are ``package`` (sign each package separately), ``repository`` (sign repository database file).
+* ``key`` - default PGP key, string, required. This key will also be used for database signing if enabled.
+* ``key_*`` settings - PGP key which will be used for specific packages, string, optional. For example, if there is ``key_yay`` option the specified key will be used for yay package and default key for others.
+
+``remote-pull`` group
+---------------------
+
+Remote git source synchronization settings. Unlike ``Upload`` triggers those triggers are used for PKGBUILD synchronization - fetch from remote repository PKGBUILDs before updating process.
+
+It supports authorization; to do so you'd need to prefix the url with authorization part, e.g. ``https://key:token@github.com/arcan1s/ahriman.git``. It is highly recommended to use application tokens instead of your user authorization details.
+
+* ``target`` - list of remote pull triggers to be used, space separated list of strings, optional, defaults to ``gitremote``. It must point to valid section (or to section with architecture), e.g. ``gitremote`` must point to either ``gitremote`` or ``gitremote:x86_64`` (the one with architecture has higher priority).
+
+Remote pull trigger
+^^^^^^^^^^^^^^^^^^^
+
+* ``pull_url`` - url of the remote repository from which PKGBUILDs can be pulled before build process, string, required.
+* ``pull_branch`` - branch of the remote repository from which PKGBUILDs can be pulled before build process, string, optional, default is ``master``.
+
+``remote-push`` group
+---------------------
+
+Remote git source synchronization settings. Same as remote pull triggers those triggers are used for PKGBUILD synchronization - push updated PKGBUILDs to the remote repository after build process.
+
+It supports authorization; to do so you'd need to prefix the url with authorization part, e.g. ``https://key:token@github.com/arcan1s/ahriman.git``. It is highly recommended to use application tokens instead of your user authorization details.
+
+* ``target`` - list of remote push triggers to be used, space separated list of strings, optional, defaults to ``gitremote``. It must point to valid section (or to section with architecture), e.g. ``gitremote`` must point to either ``gitremote`` or ``gitremote:x86_64`` (the one with architecture has higher priority).
+
+Remote push trigger
+^^^^^^^^^^^^^^^^^^^
+
+* ``commit_author`` - git commit author, string, optional. In case if not set, the git will generate author for you. Note, however, that in this case it will disclosure your hostname.
+* ``push_url`` - url of the remote repository to which PKGBUILDs should be pushed after build process, string, required.
+* ``push_branch`` - branch of the remote repository to which PKGBUILDs should be pushed after build process, string, optional, default is ``master``.
+
+``report`` group
+----------------
+
+Report generation settings.
+
+* ``target`` - list of reports to be generated, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. ``somerandomname`` must point to existing section, ``email`` must point to either ``email`` or ``email:x86_64`` (the one with architecture has higher priority).
+
+Type will be read from several sources:
+
+* In case if ``type`` option set inside the section, it will be used.
+* Otherwise, it will look for type from section name removing architecture name.
+* And finally, it will use section name as type.
+
+``console`` type
+^^^^^^^^^^^^^^^^
+
+Section name must be either ``console`` (plus optional architecture name, e.g. ``console:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the report, string, optional, must be set to ``console`` if exists.
+* ``use_utf`` - use utf8 symbols in output if set and ascii otherwise, boolean, optional, default ``yes``.
+
+``email`` type
+^^^^^^^^^^^^^^
+
+Section name must be either ``email`` (plus optional architecture name, e.g. ``email:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the report, string, optional, must be set to ``email`` if exists.
+* ``full_template_path`` - path to Jinja2 template for full package description index, string, optional.
+* ``homepage`` - link to homepage, string, optional.
+* ``host`` - SMTP host for sending emails, string, required.
+* ``link_path`` - prefix for HTML links, string, required.
+* ``no_empty_report`` - skip report generation for empty packages list, boolean, optional, default ``yes``.
+* ``password`` - SMTP password to authenticate, string, optional.
+* ``port`` - SMTP port for sending emails, int, required.
+* ``receivers`` - SMTP receiver addresses, space separated list of strings, required.
+* ``sender`` - SMTP sender address, string, required.
+* ``ssl`` - SSL mode for SMTP connection, one of ``ssl``, ``starttls``, ``disabled``, optional, default ``disabled``.
+* ``template_path`` - path to Jinja2 template, string, required.
+* ``user`` - SMTP user to authenticate, string, optional.
+
+``html`` type
+^^^^^^^^^^^^^
+
+Section name must be either ``html`` (plus optional architecture name, e.g. ``html:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the report, string, optional, must be set to ``html`` if exists.
+* ``homepage`` - link to homepage, string, optional.
+* ``link_path`` - prefix for HTML links, string, required.
+* ``path`` - path to html report file, string, required.
+* ``template_path`` - path to Jinja2 template, string, required.
+
+``telegram`` type
+^^^^^^^^^^^^^^^^^
+
+Section name must be either ``telegram`` (plus optional architecture name, e.g. ``telegram:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the report, string, optional, must be set to ``telegram`` if exists.
+* ``api_key`` - telegram bot API key, string, required. Please refer FAQ about how to create chat and bot
+* ``chat_id`` - telegram chat id, either string with ``@`` or integer value, required.
+* ``homepage`` - link to homepage, string, optional.
+* ``link_path`` - prefix for HTML links, string, required.
+* ``template_path`` - path to Jinja2 template, string, required.
+* ``template_type`` - ``parse_mode`` to be passed to telegram API, one of ``MarkdownV2``, ``HTML``, ``Markdown``, string, optional, default ``HTML``.
+* ``timeout`` - HTTP request timeout in seconds, int, optional, default is ``30``.
+
+``upload`` group
+----------------
+
+Remote synchronization settings.
+
+* ``target`` - list of synchronizations to be used, space separated list of strings, required. It must point to valid section (or to section with architecture), e.g. ``somerandomname`` must point to existing section, ``github`` must point to one of ``github`` of ``github:x86_64`` (with architecture it has higher priority).
+
+Type will be read from several sources:
+
+* In case if ``type`` option set inside the section, it will be used.
+* Otherwise, it will look for type from section name removing architecture name.
+* And finally, it will use section name as type.
+
+``github`` type
+^^^^^^^^^^^^^^^
+
+This feature requires Github key creation (see below). Section name must be either ``github`` (plus optional architecture name, e.g. ``github:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the upload, string, optional, must be set to ``github`` if exists.
+* ``owner`` - Github repository owner, string, required.
+* ``password`` - created Github API key. In order to create it do the following:
+
+  #. Go to `settings page <https://github.com/settings/profile>`_.
+  #. Switch to `developers settings <https://github.com/settings/apps>`_.
+  #. Switch to `personal access tokens <https://github.com/settings/tokens>`_.
+  #. Generate new token. Required scope is ``public_repo`` (or ``repo`` for private repository support).
+
+* ``repository`` - Github repository name, string, required. Repository must be created before any action and must have active branch (e.g. with readme).
+* ``timeout`` - HTTP request timeout in seconds, int, optional, default is ``30``.
+* ``username`` - Github authorization user, string, required. Basically the same as ``owner``.
+
+``rsync`` type
+^^^^^^^^^^^^^^
+
+Requires ``rsync`` package to be installed. Do not forget to configure ssh for user ``ahriman``. Section name must be either ``rsync`` (plus optional architecture name, e.g. ``rsync:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the upload, string, optional, must be set to ``rsync`` if exists.
+* ``command`` - rsync command to run, space separated list of string, required.
+* ``remote`` - remote server to rsync (e.g. ``1.2.3.4:path/to/sync``), string, required.
+
+``s3`` type
+^^^^^^^^^^^
+
+Requires ``boto3`` library to be installed. Section name must be either ``s3`` (plus optional architecture name, e.g. ``s3:x86_64``) or random name with ``type`` set.
+
+* ``type`` - type of the upload, string, optional, must be set to ``github`` if exists.
+* ``access_key`` - AWS access key ID, string, required.
+* ``bucket`` - bucket name (e.g. ``bucket``), string, required.
+* ``chunk_size`` - chunk size for calculating entity tags, int, optional, default 8 * 1024 * 1024.
+* ``region`` - bucket region (e.g. ``eu-central-1``), string, required.
+* ``secret_key`` - AWS secret access key, string, required.
+
+``web:*`` groups
+----------------
+
+Web server settings. If any of ``host``/``port`` is not set, web integration will be disabled. Group name can refer to architecture, e.g. ``web:x86_64`` can be used for x86_64 architecture specific settings. This feature requires ``aiohttp`` libraries to be installed.
+
+* ``address`` - optional address in form ``proto://host:port`` (``port`` can be omitted in case of default ``proto`` ports), will be used instead of ``http://{host}:{port}`` in case if set, string, optional. This option is required in case if ``OAuth`` provider is used.
+* ``debug`` - enable debug toolbar, boolean, optional, default ``no``.
+* ``debug_check_host`` - check hosts to access debug toolbar, boolean, optional, default ``no``.
+* ``debug_allowed_hosts`` - allowed hosts to get access to debug toolbar, space separated list of string, optional.
+* ``host`` - host to bind, string, optional.
+* ``index_url`` - full url of the repository index page, string, optional.
+* ``password`` - password to authorize in web service in order to update service status, string, required in case if authorization enabled.  
+* ``port`` - port to bind, int, optional.
+* ``static_path`` - path to directory with static files, string, required.
+* ``templates`` - path to templates directory, string, required.
+* ``unix_socket`` - path to the listening unix socket, string, optional. If set, server will create the socket on the specified address which can (and will) be used by application. Note, that unlike usual host/port configuration, unix socket allows to perform requests without authorization.
+* ``username`` - username to authorize in web service in order to update service status, string, required in case if authorization enabled.  

docs/faq.md

@@ -1,579 +0,0 @@
-# FAQ
-
-## General topics
-
-### What is the purpose of the project?
-
-This project has been created in order to maintain self-hosted Arch Linux user repository without manual intervention - checking for updates and building packages.
-
-### How do I install it?
-
-TL;DR
-
-```shell
-yay -S ahriman
-sudo ahriman -a x86_64 repo-setup --packager "ahriman bot <ahriman@example.com>" --repository "repository"
-systemctl enable --now ahriman@x86_64.timer
-```
-
-#### Long answer
-
-The idea is to install the package as usual, create working directory tree, create configuration for `sudo` and `devtools`. Detailed description of the setup instruction can be found [here](setup.md).
-
-### What does "architecture specific" mean? / How to configure for different architectures?
-
-Some sections can be configured per architecture. The service will merge architecture specific values into common settings. In order to specify settings for specific architecture you must point it in section name.
-
-For example, the section
-
-```ini
-[build]
-build_command = extra-x86_64-build
-```
-
-states that default build command is `extra-x86_64-build`. But if there is section
-
-```ini
-[build:i686]
-build_command = extra-i686-build
-```
-
-the `extra-i686-build` command will be used for `i686` architecture.
-
-### How to use reporter/upload settings?
-
-Normally you probably like to generate only one report for the specific type, e.g. only one email report. In order to do it you will need to have the following configuration:
-
-```ini
-[report]
-target = email
-
-[email]
-...
-```
-
-or in case of multiple architectures and _different_ reporting settings:
-
-```ini
-[report]
-target = email
-
-[email:i686]
-...
-
-[email:x86_64]
-...
-```
-
-But for some cases you would like to have multiple different reports with the same type (e.g. sending different templates to different addresses). For these cases you will need to specify section name in target and type in section, e.g. the following configuration can be used:
-
-```ini
-[report]
-target = email_1 email_2
-
-[email_1]
-type = email
-...
-
-[email_2]
-type = email
-...
-```
-
-### Okay, I've installed ahriman, how do I add new package?
-
-```shell
-sudo -u ahriman ahriman package-add ahriman --now
-```
-
-`--now` flag is totally optional and just run `repo-update` subcommand after the registering the new package, Thus the extended flow is the following:
-
-```shell
-sudo -u ahriman ahriman package-add ahriman
-sudo -u ahriman ahriman repo-update
-```
-
-### AUR is fine, but I would like to create package from local PKGBUILD
-
-TL;DR
-
-```shell
-sudo -u ahriman ahriman package-add /path/to/local/directory/with/PKGBUILD --now
-```
-
-Before using this command you will need to create local directory, put `PKGBUILD` there and generate `.SRCINFO` by using `makepkg --printsrcinfo > .SRCINFO` command. These packages will be stored locally and _will be ignored_ during automatic update; in order to update the package you will need to run `package-add` command again.
-
-### But I just wanted to change PKGBUILD from AUR a bit!
-
-Well it is supported also.
-
-1. Clone sources from AUR.
-2. Make changes you would like to (e.g. edit `PKGBUILD`, add external patches).
-3. Run `sudo -u ahriman ahriman patch-add /path/to/local/directory/with/PKGBUILD`.
-
-The last command will calculate diff from current tree to the `HEAD` and will store it locally. Patches will be applied on any package actions (e.g. it can be used for dependency management).
-
-### Package build fails because it cannot validate PGP signature of source files
-
-TL;DR
-
-```shell
-sudo -u ahriman ahriman key-import ...
-```
-
-### How do I check if there are new commits for VCS packages?
-
-Normally the service handles VCS packages correctly, but it requires additional dependencies:
-
-```shell
-pacman -S breezy darcs mercurial subversion
-```
-
-### I would like to remove package because it is no longer needed/moved to official repositories
-
-```shell
-sudo -u ahriman ahriman package-remove ahriman
-```
-
-Also, there is command `repo-remove-unknown` which checks packages in AUR and local storage and removes ones which have been removed.
-
-Remove commands also remove any package files (patches, caches etc).
-
-### There is new major release of %library-name%, how do I rebuild packages?
-
-TL;DR
-
-```shell
-sudo -u ahriman ahriman repo-rebuild --depends-on python
-```
-
-You can even rebuild the whole repository (which is particular useful in case if you would like to change packager) if you do not supply `--depends-on` option.
-
-However, note that you do not need to rebuild repository in case if you just changed signing option, just use `repo-sign` command instead. 
-
-### Hmm, I have packages built, but how can I use it?
-
-Add the following lines to your `pacman.conf`:
-
-```ini
-[repository]
-Server = file:///var/lib/ahriman/repository/x86_64
-```
-
-(You might need to add `SigLevel` option according to the pacman documentation.)
-
-
-### I would like to serve the repository
-
-Easy. For example, nginx configuration (without SSL) will look like:
-
-```
-server {
-    listen 80;
-    server_name repo.example.com;
-
-    location / {
-        autoindex on;
-        root /var/lib/ahriman/repository;
-    }
-}
-```
-
-Example of the status page configuration is the following (status service is using 8080 port):
-
-```
-server {
-    listen 80;
-    server_name builds.example.com;
-
-    location / {
-        proxy_set_header Host $host;
-        proxy_set_header X-Real-IP $remote_addr;
-        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-        proxy_set_header X-Forwarder-Proto $scheme;
-
-        proxy_pass http://127.0.0.1:8080;
-    }
-}
-```
-
-## Docker image
-
-We provide official images which can be found under `arcan1s/ahriman` repository. Docker image is being updated on each master commit as well as on each version. If you would like to use last (probably unstable build) you can use `latest` tag; otherwise you can use any version tag available. 
-
-The default action (in case if no arguments provided) is `repo-update`. Basically the idea is to run container, e.g.:
-
-```shell
-docker run --privileged -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
-```
-
-`--privileged` flag is required to make mount possible inside container. In addition, you can pass own configuration overrides by using the same `-v` flag, e.g.:
-
-```shell
-docker run -v /path/to/local/repo:/var/lib/ahriman -v /etc/ahriman.ini:/etc/ahriman.ini.d/10-overrides.ini arcan1s/ahriman:latest
-```
-
-By default, it runs `repo-update`, but it can be overwritten to any other command you would like to, e.g.:
-
-```shell
-docker run arcan1s/ahriman:latest package-add ahriman --now
-```
-
-For more details please refer to docker FAQ.
-
-### Environment variables
-
-The following environment variables are supported:
-
-* `AHRIMAN_ARCHITECTURE` - architecture of the repository, default is `x86_64`.
-* `AHRIMAN_DEBUG` - if set all commands will be logged to console.
-* `AHRIMAN_FORCE_ROOT` - force run ahriman as root instead of guessing by subcommand.
-* `AHRIMAN_HOST` - host for the web interface, default is `0.0.0.0`.
-* `AHRIMAN_OUTPUT` - controls logging handler, e.g. `syslog`, `console`. The name must be found in logging configuration. Note that if `syslog` (the default) handler is used you will need to mount `/dev/log` inside container because it is not available there.
-* `AHRIMAN_PACKAGER` - packager name from which packages will be built, default is `ahriman bot <ahriman@example.com>`.
-* `AHRIMAN_PORT` - HTTP server port if any, default is empty.
-* `AHRIMAN_REPOSITORY` - repository name, default is `aur-clone`.
-* `AHRIMAN_REPOSITORY_ROOT` - repository root. Because of filesystem rights it is required to override default repository root. By default, it uses `ahriman` directory inside ahriman's home, which can be passed as mount volume.
-* `AHRIMAN_USER` - ahriman user, usually must not be overwritten, default is `ahriman`. 
-
-You can pass any of these variables by using `-e` argument, e.g.:
-
-```shell
-docker run -e AHRIMAN_PORT=8080 arcan1s/ahriman:latest
-```
-
-### Working with web service
-
-Well for that you would need to have web container instance running forever; it can be achieved by the following command:
-
-```shell
-docker run -p 8080:8080 -e AHRIMAN_PORT=8080 -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
-```
-
-Note about `AHRIMAN_PORT` environment variable which is required in order to enable web service. An additional port bind by `-p 8080:8080` is required to pass docker port outside of container.
-
-For every next container run use arguments `-e AHRIMAN_PORT=8080 --net=host`, e.g.:
-
-```shell
-docker run --privileged -e AHRIMAN_PORT=8080 --net=host -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
-```
-
-## Remote synchronization
-
-### Wait I would like to use the repository from another server
-
-There are several choices:
-
-1. Easy and cheap, just share your local files through the internet, e.g. for `nginx`:
-   
-    ```
-    server {
-        location /x86_64 {
-            root /var/lib/ahriman/repository/x86_64;
-            autoindex on;
-        }
-    }
-    ```
-   
-2. You can also upload your packages using `rsync` to any available server. In order to use it you would need to configure ahriman first:
-    
-    ```ini
-    [upload]
-    target = rsync
-    
-    [rsync]
-    remote = 192.168.0.1:/srv/repo
-    ```
-   
-    After that just add `/srv/repo` to the `pacman.conf` as usual. You can also upload to S3 (e.g. `Server = https://s3.eu-central-1.amazonaws.com/repository/x86_64`) or to Github (e.g. `Server = https://github.com/ahriman/repository/releases/download/x86_64`).
-
-### How do I configure S3?
-
-1. Install dependencies:
-
-   ```shell
-   pacman -S python-boto3
-   ```
-
-3. Create a bucket.
-4. Create user with write access to the bucket:
-
-    ```
-    {
-        "Version": "2012-10-17",
-        "Statement": [
-            {
-                "Sid": "ListObjectsInBucket",
-                "Effect": "Allow",
-                "Action": [
-                    "s3:ListBucket"
-                ],
-                "Resource": [
-                    "arn:aws:s3:::repository"
-                ]
-            },
-            {
-                "Sid": "AllObjectActions",
-                "Effect": "Allow",
-                "Action": "s3:*Object",
-                "Resource": [
-                    "arn:aws:s3:::repository/*"
-                ]
-            }
-        ]
-    }
-    ```
-
-5. Create an API key for the user and store it.
-6. Configure the service as following:
-
-    ```ini
-    [upload]
-    target = s3
-
-    [s3]
-    access_key = ...
-    bucket = repository
-    region = eu-central-1
-    secret_key = ...
-    ```
-   
-### How do I configure Github?
-
-1. Create a repository.
-2. [Create API key](https://github.com/settings/tokens) with scope `public_repo`.
-3. Configure the service as following:
-
-    ```ini
-    [upload]
-    target = github
-
-    [github]
-    owner = ahriman
-    password = ...
-    repository = repository
-    username = ahriman
-    ```
-
-## Reporting
-
-### I would like to get report to email
-
-1. Install dependencies:
-
-   ```shell
-   yay -S python-jinja
-   ```
-   
-2. Configure the service:
-
-   ```ini
-   [report]
-   target = email
-   
-   [email]
-   host = smtp.example.com
-   link_path = http://example.com/x86_64
-   password = ...
-   port = 465
-   receivers = me@example.com
-   sender = me@example.com
-   user = me@example.com
-   ```
-   
-### I'm using synchronization to S3 and would like to generate index page
-
-1. Install dependencies:
-
-   ```shell
-   yay -S python-jinja
-   ```
-   
-2. Configure the service:
-   
-   ```ini
-   [report]
-   target = html
-   
-   [html]
-   path = /var/lib/ahriman/repository/x86_64/index.html
-   link_path = http://example.com/x86_64
-   ```
-   
-After these steps `index.html` file will be automatically synced to S3
-
-### I would like to get messages to my telegram account/channel
-
-1. It still requires additional dependencies:
-
-   ```shell
-   yay -S python-jinja
-   ```
-
-2. Register bot in telegram. You can do it by using by talking with [@BotFather](https://t.me/botfather). For more details please refer to [official documentation](https://core.telegram.org/bots).
-
-3. Optionally (if you want to post message in chat):
-
-   1. Create telegram channel. 
-   2. Invite your bot into the channel.
-   3. Make your channel public
-
-4. Get chat id if you want to use by numerical id or just use id prefixed with `@` (e.g. `@ahriman`). If you are not using chat the chat id is your user id. If you don't want to make channel public you can use [this guide](https://stackoverflow.com/a/33862907).
-
-5. Configure the service:
-
-   ```ini
-   [report]
-   target = telegram
-   
-   [telegram]
-   api_key = aaAAbbBBccCC
-   chat_id = @ahriman
-   link_path = http://example.com/x86_64
-   ```
-   
-   `api_key` is the one sent by [@BotFather](https://t.me/botfather), `chat_id` is the value retrieved from previous step.
-
-If you did everything fine you should receive the message with the next update. Quick credentials check can be done by using the following command:
-
-```shell
-curl 'https://api.telegram.org/bot${CHAT_ID}/sendMessage?chat_id=${API_KEY}&text=hello'
-```
-
-(replace `${CHAT_ID}` and `${API_KEY}` with the values from configuration).
-
-## Web service
-
-### Readme mentions web interface, how do I use it?
-
-1. Install dependencies:
-
-   ```shell
-   yay -S python-aiohttp python-aiohttp-jinja2
-   ```
-
-2. Configure service:
-
-   ```ini
-   [web]
-   port = 8080
-   ```
-
-3. Start the web service `systemctl enable --now ahriman-web@x86_64`.
-
-### I would like to limit user access to the status page
-
-1. Install dependencies 😊:
-   
-   ```shell
-   yay -S python-aiohttp-security python-aiohttp-session python-cryptography
-   ```
-
-2. Configure the service to enable authorization:
-
-   ```ini
-   [auth]
-   target = configuration
-   ```
-   
-3. Create user for the service:
-
-   ```shell
-   sudo -u ahriman ahriman user-add --as-service -r write api
-   ```
-   
-   This command will ask for the password, just type it in stdin; _do not_ leave the field blank, user will not be able to authorize.
-
-4. Create end-user `sudo -u ahriman ahriman user-add -r write my-first-user` with password.
-5. Restart web service `systemctl restart ahriman-web@x86_64`.
-
-### I would like to use OAuth
-
-1. Create OAuth web application, download its `client_id` and `client_secret`.
-2. Guess what? Install dependencies:
-
-   ```shell
-   yay -S python-aiohttp-security python-aiohttp-session python-cryptography python-aioauth-client
-   ```
-   
-3. Configure the service:
-
-   ```ini
-   [auth]
-   target = oauth
-   client_id = ...
-   client_secret = ...
-   
-   [web]
-   address = https://example.com
-   ```
-   
-   Configure `oauth_provider` and `oauth_scopes` in case if you would like to use different from Google provider. Scope must grant access to user email. `web.address` is required to make callback URL available from internet.
-
-4. Create service user:
-
-   ```shell
-   sudo -u ahriman ahriman user-add --as-service -r write api
-   ```
-
-5. Create end-user `sudo -u ahriman ahriman user-add -r write my-first-user`. When it will ask for the password leave it blank.
-6. Restart web service `systemctl restart ahriman-web@x86_64`.
-
-## Other topics
-
-### How does it differ from %another-manager%?
-
-Short answer - I do not know.
-
-#### [archrepo2](https://github.com/lilydjwg/archrepo2)
-
-Don't know, haven't tried it. But it lacks of documentation at least.
-
-* Web interface.
-* No synchronization and reporting.
-* `archrepo2` actively uses direct shell calls and `yaourt` components.
-* It has constantly running process instead of timer process (it is not pro or con).
-
-#### [repoctl](https://github.com/cassava/repoctl)
-
-* Web interface.
-* No reporting.
-* Local packages and patches support.
-* Some actions are not fully automated (e.g. package update still requires manual intervention for the build itself). 
-* `repoctl` has better AUR interaction features. With colors!
-* `repoctl` has much easier configuration and even completion.
-* `repoctl` is able to store old packages.
-* Ability to host repository from same command vs external services (e.g. nginx) in `ahriman`.
-
-#### [repo-scripts](https://github.com/arcan1s/repo-scripts)
-
-Though originally I've created ahriman by trying to improve the project, it still lacks a lot of features:
-
-* Web interface.
-* Better reporting with template support.
-* Synchronization features (there was only `rsync` based).
-* Local packages and patches support.
-* No dependency management.
-* And so on.
-
-`repo-scripts` also have bad architecture and bad quality code and uses out-of-dated `yaourt` and `package-query`.
-
-### I would like to check service logs
-
-By default, the service writes logs to `/dev/log` which can be accessed by using `journalctl` command (logs are written to the journal of the user under which command is run).
-
-You can also edit configuration and forward logs to `stderr`, just change `handlers` value, e.g.:
-
-```shell
-sed -i 's/handlers = syslog_handler/handlers = console_handler/g' /etc/ahriman.ini.d/logging.ini
-```
-
-You can even configure logging as you wish, but kindly refer to python `logging` module configuration.
-
-### Html customization
-
-It is possible to customize html templates. In order to do so, create files somewhere (refer to Jinja2 documentation and the service source code for available parameters) and put `template_path` to configuration pointing to this directory.
-
-### I did not find my question
-
-[Create an issue](https://github.com/arcan1s/ahriman/issues) with type **Question**.

docs/faq.rst

@@ -0,0 +1,887 @@
+
+FAQ
+===
+
+General topics
+--------------
+
+What is the purpose of the project
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This project has been created in order to maintain self-hosted Arch Linux user repository without manual intervention - checking for updates and building packages.
+
+How to install ahriman
+^^^^^^^^^^^^^^^^^^^^^^
+
+TL;DR
+
+.. code-block:: shell
+
+   yay -S ahriman
+   sudo ahriman -a x86_64 repo-setup --packager "ahriman bot <ahriman@example.com>" --repository "repository"
+   systemctl enable --now ahriman@x86_64.timer
+
+Long answer
+"""""""""""
+
+The idea is to install the package as usual, create working directory tree, create configuration for ``sudo`` and ``devtools``. Detailed description of the setup instruction can be found :doc:`here <setup>`.
+
+What does "architecture specific" mean / How to configure for different architectures
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Some sections can be configured per architecture. The service will merge architecture specific values into common settings. In order to specify settings for specific architecture you must point it in section name.
+
+For example, the section
+
+.. code-block:: ini
+
+   [build]
+   build_command = extra-x86_64-build
+
+states that default build command is ``extra-x86_64-build``. But if there is section
+
+.. code-block:: ini
+
+   [build:i686]
+   build_command = extra-i686-build
+
+the ``extra-i686-build`` command will be used for ``i686`` architecture.
+
+How to generate build reports
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Normally you probably like to generate only one report for the specific type, e.g. only one email report. In order to do it you will need to have the following configuration:
+
+.. code-block:: ini
+
+   [report]
+   target = email
+
+   [email]
+   ...
+
+or in case of multiple architectures and *different* reporting settings:
+
+.. code-block:: ini
+
+   [report]
+   target = email
+
+   [email:i686]
+   ...
+
+   [email:x86_64]
+   ...
+
+But for some cases you would like to have multiple different reports with the same type (e.g. sending different templates to different addresses). For these cases you will need to specify section name in target and type in section, e.g. the following configuration can be used:
+
+.. code-block:: ini
+
+   [report]
+   target = email_1 email_2
+
+   [email_1]
+   type = email
+   ...
+
+   [email_2]
+   type = email
+   ...
+
+How do I add new package
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman package-add ahriman --now
+
+``--now`` flag is totally optional and just run ``repo-update`` subcommand after the registering the new package, Thus the extended flow is the following:
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman package-add ahriman
+   sudo -u ahriman ahriman repo-update
+
+How to build package from local PKGBUILD
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TL;DR
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman package-add /path/to/local/directory/with/PKGBUILD --now
+
+Before using this command you will need to create local directory, put ``PKGBUILD`` there and generate ``.SRCINFO`` by using ``makepkg --printsrcinfo > .SRCINFO`` command. These packages will be stored locally and *will be ignored* during automatic update; in order to update the package you will need to run ``package-add`` command again.
+
+
+How to fetch PKGBUILDs from remote repository
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+For that purpose you could use ``RemotePullTrigger`` trigger. To do so you will need:
+
+#.
+   Append ``triggers`` option in ``build`` section with the following line:
+
+   .. code-block:: ini
+
+      [build]
+      triggers = ahriman.core.gitremote.RemotePullTrigger
+
+#.
+   Configure trigger as following:
+
+   .. code-block:: ini
+
+      [remote-pull]
+      target = gitremote
+
+      [gitremote]
+      pull_url = https://github.com/username/repository
+
+During the next application run it will fetch repository from the specified url and will try to find packages there which can be used as local sources.
+
+How to push updated PKGBUILDs to remote repository
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+For that purpose you'd need to use another trigger called ``RemotePushTrigger``. Configure it as following:
+
+#.
+   Append ``triggers`` option in ``build`` section with the trigger name:
+
+   .. code-block:: ini
+
+      [build]
+      triggers = ahriman.core.gitremote.RemotePushTrigger
+
+#.
+   Configure trigger as following:
+
+   .. code-block:: ini
+
+      [remote-push]
+      target = gitremote
+
+      [gitremote]
+      push_url = https://github.com/username/repository
+
+Unlike ``RemotePullTrigger`` trigger, the ``RemotePushTrigger`` more likely will require authorization. It is highly recommended to use application tokens for that instead of using your password (e.g. for Github you can generate tokens `here <https://github.com/settings/tokens>`_ with scope ``public_repo``). Authorization can be supplied by using authorization part of the url, e.g. ``https://key:token@github.com/username/repository``.
+
+How to change PKGBUILDs before build
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Well it is supported also. The recommended way is to patch specific function, e.g. by running
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman patch-add ahriman version
+
+This command will prompt for new value of the PKGBUILD variable ``version``. You can also write it to file and read from it:
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman patch-add ahriman version version.patch
+
+Alternatively you can create full-diff patches, which are calculated by using ``git diff`` from current PKGBUILD master branch:
+
+#.
+   Clone sources from AUR.
+#.
+   Make changes you would like to (e.g. edit ``PKGBUILD``, add external patches).
+#.
+   Run command
+
+   .. code-block:: shell
+
+   sudo -u ahriman ahriman patch-set-add /path/to/local/directory/with/PKGBUILD
+
+The last command will calculate diff from current tree to the ``HEAD`` and will store it locally. Patches will be applied on any package actions (e.g. it can be used for dependency management).
+
+How to build package from official repository
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+So it is the same as adding any other package, but due to restrictions you must specify source explicitly, e.g.:
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman package-add pacman -s repository
+
+This feature is heavily depends on local pacman cache. In order to use this feature it is recommended to either run ``pacman -Sy`` before the interaction or configure timer for this.
+
+Package build fails because it cannot validate PGP signature of source files
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TL;DR
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman key-import ...
+
+How to update VCS packages
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Normally the service handles VCS packages correctly, however it requires additional dependencies:
+
+.. code-block:: shell
+
+   pacman -S breezy darcs mercurial subversion
+
+How to remove package
+^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman package-remove ahriman
+
+Also, there is command ``repo-remove-unknown`` which checks packages in AUR and local storage and removes ones which have been removed.
+
+Remove commands also remove any package files (patches, caches etc).
+
+How to sign repository
+^^^^^^^^^^^^^^^^^^^^^^
+
+Repository sign feature is available in several configurations. The recommended way is just to sign repository database file by single key instead of trying to sign each package. However, the steps are pretty same, just configuration is a bit differ. For more details about options kindly refer to :doc:`configuration reference <configuration>`.
+
+#.
+   First you would need to create the key on your local machine:
+
+   .. code-block:: shell
+
+      gpg --full-generate-key
+
+   This command will prompt you for several questions. Most of them may be left default, but you will need to fill real name and email address with some data. Because at the moment the service doesn't support passphrases, it must be left blank.
+
+#.
+   The command above will generate key and print its hash, something like ``8BE91E5A773FB48AC05CC1EDBED105AED6246B39``. Copy it.
+
+#.
+   Export your private key by using the hash above:
+
+   .. code-block:: shell
+
+      gpg --export-secret-keys -a 8BE91E5A773FB48AC05CC1EDBED105AED6246B39 > repository-key.gpg
+
+#.
+
+   Copy the specified key to the build machine (i.e. where the service is running).
+
+#.
+   Import the specified key to the service user:
+
+   .. code-block:: shell
+
+      sudo -u ahriman gpg --import repository-key.gpg
+
+   Don't forget to remove the key from filesystem after import.
+
+#.
+   Change trust level to ``ultimate``:
+
+   .. code-block:: shell
+
+      sudo -u ahriman gpg --edit-key 8BE91E5A773FB48AC05CC1EDBED105AED6246B39
+
+   The command above will drop you into gpg shell, in which you will need to type ``trust``, choose ``5 = I trust ultimately``, confirm and exit ``quit``.
+
+#.
+   Proceed with service configuration according to the :doc:`configuration <configuration>`:
+
+   .. code-block:: ini
+
+      [sign]
+      target = repository
+      key = 8BE91E5A773FB48AC05CC1EDBED105AED6246B39
+
+
+How to rebuild packages after library update
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+TL;DR
+
+.. code-block:: shell
+
+   sudo -u ahriman ahriman repo-rebuild --depends-on python
+
+You can even rebuild the whole repository (which is particular useful in case if you would like to change packager) if you do not supply ``--depends-on`` option.
+
+However, note that you do not need to rebuild repository in case if you just changed signing option, just use ``repo-sign`` command instead. 
+
+How to install built packages
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Add the following lines to your ``pacman.conf``:
+
+.. code-block:: ini
+
+   [repository]
+   Server = file:///var/lib/ahriman/repository/x86_64
+
+(You might need to add ``SigLevel`` option according to the pacman documentation.)
+
+How to serve repository
+^^^^^^^^^^^^^^^^^^^^^^^
+
+Easy. For example, nginx configuration (without SSL) will look like:
+
+.. code-block::
+
+   server {
+       listen 80;
+       server_name repo.example.com;
+
+       location / {
+           autoindex on;
+           root /var/lib/ahriman/repository;
+       }
+   }
+
+Example of the status page configuration is the following (status service is using 8080 port):
+
+.. code-block::
+
+   server {
+       listen 80;
+       server_name builds.example.com;
+
+       location / {
+           proxy_set_header Host $host;
+           proxy_set_header X-Real-IP $remote_addr;
+           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+           proxy_set_header X-Forwarder-Proto $scheme;
+
+           proxy_pass http://127.0.0.1:8080;
+       }
+   }
+
+Docker image
+------------
+
+We provide official images which can be found under ``arcan1s/ahriman`` repository. Docker image is being updated on each commit to master as well as on each version. If you would like to use last (probably unstable) build you can use ``edge`` tag or ``latest`` for any tagged versions; otherwise you can use any version tag available.
+
+The default action (in case if no arguments provided) is ``repo-update``. Basically the idea is to run container, e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
+
+``--privileged`` flag is required to make mount possible inside container. In order to make data available outside of container, you would need to mount local (parent) directory inside container by using ``-v /path/to/local/repo:/var/lib/ahriman`` argument, where ``/path/to/local/repo`` is a path to repository on local machine. In addition, you can pass own configuration overrides by using the same ``-v`` flag, e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged -v /path/to/local/repo:/var/lib/ahriman -v /path/to/overrides/overrides.ini:/etc/ahriman.ini.d/10-overrides.ini arcan1s/ahriman:latest
+
+The action can be specified during run, e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest package-add ahriman --now
+
+For more details please refer to docker FAQ.
+
+Environment variables
+^^^^^^^^^^^^^^^^^^^^^
+
+The following environment variables are supported:
+
+* ``AHRIMAN_ARCHITECTURE`` - architecture of the repository, default is ``x86_64``.
+* ``AHRIMAN_DEBUG`` - if set all commands will be logged to console.
+* ``AHRIMAN_FORCE_ROOT`` - force run ahriman as root instead of guessing by subcommand.
+* ``AHRIMAN_HOST`` - host for the web interface, default is ``0.0.0.0``.
+* ``AHRIMAN_OUTPUT`` - controls logging handler, e.g. ``syslog``, ``console``. The name must be found in logging configuration. Note that if ``syslog`` (the default) handler is used you will need to mount ``/dev/log`` inside container because it is not available there.
+* ``AHRIMAN_PACKAGER`` - packager name from which packages will be built, default is ``ahriman bot <ahriman@example.com>``.
+* ``AHRIMAN_PORT`` - HTTP server port if any, default is empty.
+* ``AHRIMAN_REPOSITORY`` - repository name, default is ``aur-clone``.
+* ``AHRIMAN_REPOSITORY_ROOT`` - repository root. Because of filesystem rights it is required to override default repository root. By default, it uses ``ahriman`` directory inside ahriman's home, which can be passed as mount volume.
+* ``AHRIMAN_UNIX_SOCKET`` - full path to unix socket which is used by web server, default is empty. Note that more likely you would like to put it inside ``AHRIMAN_REPOSITORY_ROOT`` directory (e.g. ``/var/lib/ahriman/ahriman/ahriman-web.sock``) or to ``/tmp``.
+* ``AHRIMAN_USER`` - ahriman user, usually must not be overwritten, default is ``ahriman``. 
+
+You can pass any of these variables by using ``-e`` argument, e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged -e AHRIMAN_PORT=8080 -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
+
+Daemon service
+^^^^^^^^^^^^^^
+
+There is special ``daemon`` subcommand which emulates systemd timer and will perform repository update periodically:
+
+.. code-block:: shell
+
+   docker run --privileged -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest daemon
+
+This command uses same rules as ``repo-update``, thus, e.g. requires ``--privileged`` flag.
+
+Web service setup
+^^^^^^^^^^^^^^^^^
+
+Well for that you would need to have web container instance running forever; it can be achieved by the following command:
+
+.. code-block:: shell
+
+   docker run --privileged -p 8080:8080 -e AHRIMAN_PORT=8080 -e AHRIMAN_UNIX_SOCKET=/var/lib/ahriman/ahriman/ahriman-web.sock -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
+
+Note about ``AHRIMAN_PORT`` environment variable which is required in order to enable web service. An additional port bind by ``-p 8080:8080`` is required to pass docker port outside of container.
+
+The ``AHRIMAN_UNIX_SOCKET`` variable is not required, however, highly recommended as it can be used for interprocess communications. If you set this variable you would like to be sure that this path is available outside of container if you are going to use multiple docker instances.
+
+If you are using ``AHRIMAN_UNIX_SOCKET`` variable, for every next container run it has to be passed also, e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged -e AHRIMAN_UNIX_SOCKET=/var/lib/ahriman/ahriman/ahriman-web.sock -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
+
+Otherwise, you would need to pass ``AHRIMAN_PORT`` and mount container network to the host system (``--net=host``), e.g.:
+
+.. code-block:: shell
+
+   docker run --privileged --net=host -e AHRIMAN_PORT=8080 -v /path/to/local/repo:/var/lib/ahriman arcan1s/ahriman:latest
+
+Remote synchronization
+----------------------
+
+How to sync repository to another server
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+There are several choices:
+
+#. 
+   Easy and cheap, just share your local files through the internet, e.g. for ``nginx``:
+
+   .. code-block::
+
+       server {
+           location /x86_64 {
+               root /var/lib/ahriman/repository/x86_64;
+               autoindex on;
+           }
+       }
+
+#. 
+   You can also upload your packages using ``rsync`` to any available server. In order to use it you would need to configure ahriman first:
+
+   .. code-block:: ini
+
+       [upload]
+       target = rsync
+
+       [rsync]
+       remote = 192.168.0.1:/srv/repo
+
+   After that just add ``/srv/repo`` to the ``pacman.conf`` as usual. You can also upload to S3 (e.g. ``Server = https://s3.eu-central-1.amazonaws.com/repository/x86_64``) or to Github (e.g. ``Server = https://github.com/ahriman/repository/releases/download/x86_64``).
+
+How to sync to S3
+^^^^^^^^^^^^^^^^^
+
+#. 
+   Install dependencies:
+
+   .. code-block:: shell
+
+      pacman -S python-boto3
+
+#. 
+   Create a bucket.
+
+#. 
+   Create user with write access to the bucket:
+
+   .. code-block::
+
+       {
+           "Version": "2012-10-17",
+           "Statement": [
+               {
+                   "Sid": "ListObjectsInBucket",
+                   "Effect": "Allow",
+                   "Action": [
+                       "s3:ListBucket"
+                   ],
+                   "Resource": [
+                       "arn:aws:s3:::repository"
+                   ]
+               },
+               {
+                   "Sid": "AllObjectActions",
+                   "Effect": "Allow",
+                   "Action": "s3:*Object",
+                   "Resource": [
+                       "arn:aws:s3:::repository/*"
+                   ]
+               }
+           ]
+       }
+
+#. 
+   Create an API key for the user and store it.
+
+#. 
+   Configure the service as following:
+
+   .. code-block:: ini
+
+       [upload]
+       target = s3
+
+       [s3]
+       access_key = ...
+       bucket = repository
+       region = eu-central-1
+       secret_key = ...
+
+How to sync to Github releases
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Create a repository.
+#. 
+   `Create API key <https://github.com/settings/tokens>`_ with scope ``public_repo``.
+#. 
+   Configure the service as following:
+
+   .. code-block:: ini
+
+       [upload]
+       target = github
+
+       [github]
+       owner = ahriman
+       password = ...
+       repository = repository
+       username = ahriman
+
+Reporting
+---------
+
+How to report by email
+^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Install dependencies:
+
+   .. code-block:: shell
+
+      yay -S python-jinja
+
+#. 
+   Configure the service:
+
+   .. code-block:: ini
+
+      [report]
+      target = email
+
+      [email]
+      host = smtp.example.com
+      link_path = http://example.com/x86_64
+      password = ...
+      port = 465
+      receivers = me@example.com
+      sender = me@example.com
+      user = me@example.com
+
+How to generate index page for S3
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Install dependencies:
+
+   .. code-block:: shell
+
+      yay -S python-jinja
+
+#. 
+   Configure the service:
+
+   .. code-block:: ini
+
+      [report]
+      target = html
+
+      [html]
+      path = /var/lib/ahriman/repository/x86_64/index.html
+      link_path = http://example.com/x86_64
+
+After these steps ``index.html`` file will be automatically synced to S3
+
+How to post build report to telegram
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   It still requires additional dependencies:
+
+   .. code-block:: shell
+
+      yay -S python-jinja
+
+#. 
+   Register bot in telegram. You can do it by talking with `@BotFather <https://t.me/botfather>`_. For more details please refer to `official documentation <https://core.telegram.org/bots>`_.
+
+#. 
+   Optionally (if you want to post message in chat):
+
+
+   #. Create telegram channel. 
+   #. Invite your bot into the channel.
+   #. Make your channel public
+
+#. 
+   Get chat id if you want to use by numerical id or just use id prefixed with ``@`` (e.g. ``@ahriman``). If you are not using chat the chat id is your user id. If you don't want to make channel public you can use `this guide <https://stackoverflow.com/a/33862907>`_.
+
+#. 
+   Configure the service:
+
+   .. code-block:: ini
+
+      [report]
+      target = telegram
+
+      [telegram]
+      api_key = aaAAbbBBccCC
+      chat_id = @ahriman
+      link_path = http://example.com/x86_64
+
+   ``api_key`` is the one sent by `@BotFather <https://t.me/botfather>`_, ``chat_id`` is the value retrieved from previous step.
+
+If you did everything fine you should receive the message with the next update. Quick credentials check can be done by using the following command:
+
+.. code-block:: shell
+
+   curl 'https://api.telegram.org/bot${CHAT_ID}/sendMessage?chat_id=${API_KEY}&text=hello'
+
+(replace ``${CHAT_ID}`` and ``${API_KEY}`` with the values from configuration).
+
+Web service
+-----------
+
+How to setup web service
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Install dependencies:
+
+   .. code-block:: shell
+
+      yay -S python-aiohttp python-aiohttp-jinja2
+
+#. 
+   Configure service:
+
+   .. code-block:: ini
+
+      [web]
+      port = 8080
+
+#. 
+   Start the web service ``systemctl enable --now ahriman-web@x86_64``.
+
+How to enable basic authorization
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Install dependencies 😊:
+
+   .. code-block:: shell
+
+      yay -S python-aiohttp-security python-aiohttp-session python-cryptography
+
+#. 
+   Configure the service to enable authorization:
+
+   .. code-block:: ini
+
+      [auth]
+      target = configuration
+
+#.
+   In order to provide access for reporting from application instances you can (recommended way) use unix sockets by configuring the following (note, that it requires ``python-requests-unixsocket`` package to be installed):
+
+   .. code-block:: ini
+
+      [web]
+      unix_socket = /var/lib/ahriman/ahriman-web.sock
+
+   This socket path must be available for web service instance and must be available for application instances (e.g. in case if you are using docker container, see above, you need to be sure that the socket is passed to the root filesystem).
+
+   By the way, unix socket variable will be automatically set in case if ``--web-unix-socket`` argument is supplied to the ``setup`` subcommand.
+
+   Alternatively, you need to create user for the service:
+
+   .. code-block:: shell
+
+      sudo -u ahriman ahriman user-add -r full api
+
+   This command will ask for the password, just type it in stdin; *do not* leave the field blank, user will not be able to authorize, and finally configure the application:
+
+   .. code-block:: ini
+
+      [web]
+      username = api
+      password = pa55w0rd
+
+#.
+   Create end-user with password:
+
+   .. code-block:: shell
+
+      sudo -u ahriman ahriman user-add -r full my-first-user
+
+#.
+   Restart web service ``systemctl restart ahriman-web@x86_64``.
+
+How to enable OAuth authorization
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+#. 
+   Create OAuth web application, download its ``client_id`` and ``client_secret``.
+#. 
+   Guess what? Install dependencies:
+
+   .. code-block:: shell
+
+      yay -S python-aiohttp-security python-aiohttp-session python-cryptography python-aioauth-client
+
+#. 
+   Configure the service:
+
+   .. code-block:: ini
+
+      [auth]
+      target = oauth
+      client_id = ...
+      client_secret = ...
+
+      [web]
+      address = https://example.com
+
+   Configure ``oauth_provider`` and ``oauth_scopes`` in case if you would like to use different from Google provider. Scope must grant access to user email. ``web.address`` is required to make callback URL available from internet.
+
+#. 
+   Create service user:
+
+   .. code-block:: shell
+
+      sudo -u ahriman ahriman user-add --as-service -r full api
+
+#. 
+   Create end-user:
+
+   .. code-block:: shell
+
+      sudo -u ahriman ahriman user-add -r full my-first-user
+
+   When it will ask for the password leave it blank.
+
+#.
+   Restart web service ``systemctl restart ahriman-web@x86_64``.
+
+Backup and restore
+------------------
+
+The service provides several commands aim to do easy repository backup and restore. If you would like to move repository from the server ``server1.example.com`` to another ``server2.example.com`` you have to perform the following steps:
+
+#. 
+   On the source server ``server1.example.com`` run ``repo-backup`` command, e.g.:
+
+   .. code-block:: shell
+
+      sudo ahriman repo-backup /tmp/repo.tar.gz
+
+   This command will pack all configuration files together with database file into the archive specified as command line argument (i.e. ``/tmp/repo.tar.gz``). In addition it will also archive ``cache`` directory (the one which contains local clones used by e.g. local packages) and ``.gnupg`` of the ``ahriman`` user.
+
+#. 
+   Copy created archive from source server ``server1.example.com`` to target ``server2.example.com``.
+
+#. 
+   Install package as usual on the target server ``server2.example.com`` if you didn't yet.
+
+#. 
+   Extract archive e.g. by using subcommand:
+
+   .. code-block:: shell
+
+      sudo ahriman repo-restore /tmp/repo.tar.gz
+
+   An additional argument ``-o``/``--output`` can be used to specify extraction root (``/`` by default).
+
+#. 
+   Rebuild repository:
+
+   .. code-block:: shell
+
+      sudo -u ahriman ahriman repo-rebuild --from-database
+
+Other topics
+------------
+
+How does it differ from %another-manager%?
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Short answer - I do not know. Also for some references credits to `Alad <https://github.com/AladW>`_, he `did <https://wiki.archlinux.org/title/User:Alad/Local_repo_tools>`_ really good investigation of existing alternatives.
+
+`arch-repo-manager <https://github.com/Martchus/arch-repo-manager>`_
+""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+
+Looks actually pretty good, in case if I would find it, I would probably didn't start this project, most of features (like web interface or additional helpers) are already implemented or planned to be. However, this project seems to be at early alpha stage (as for Nov 2022), written in C++ (not pro or con) and misses code documentation.
+
+`archrepo2 <https://github.com/lilydjwg/archrepo2>`_
+""""""""""""""""""""""""""""""""""""""""""""""""""""
+
+Don't know, haven't tried it. But it lacks of documentation at least.
+
+* ``ahriman`` has web interface.
+* ``archrepo2`` doesn't have synchronization and reporting.
+* ``archrepo2`` actively uses direct shell calls and ``yaourt`` components.
+* ``archrepo2`` has constantly running process instead of timer process (it is not pro or con).
+
+`repoctl <https://github.com/cassava/repoctl>`_
+"""""""""""""""""""""""""""""""""""""""""""""""
+
+* ``ahriman`` has web interface.
+* ``repoctl`` does not have reporting feature.
+* ``repoctl`` does not support local packages and patches.
+* Some actions are not fully automated in ``repoctl`` (e.g. package update still requires manual intervention for the build itself).
+* ``repoctl`` has better AUR interaction features. With colors!
+* ``repoctl`` has much easier configuration and even completion.
+* ``repoctl`` is able to store old packages.
+* Ability to host repository from same command in ``repoctl`` vs external services (e.g. nginx) in ``ahriman``.
+
+`repo-scripts <https://github.com/arcan1s/repo-scripts>`_
+"""""""""""""""""""""""""""""""""""""""""""""""""""""""""
+
+Though originally I've created ahriman by trying to improve the project, it still lacks a lot of features:
+
+* ``ahriman`` has web interface.
+* ``ahriman`` has better reporting with template support.
+* ``ahriman`` has more synchronization features (there was only ``rsync`` based).
+* ``ahriman`` supports local packages and patches.
+* ``repo-scripts`` doesn't have dependency management.
+
+...and so on. ``repo-scripts`` also has bad architecture and bad quality code and uses out-of-dated ``yaourt`` and ``package-query``.
+
+`toolbox <https://github.com/chaotic-aur/toolbox>`_
+"""""""""""""""""""""""""""""""""""""""""""""""""""
+
+It is automation tools for ``repoctl`` mentioned above. Except for using shell it looks pretty cool and also offers some additional features like patches, remote synchronization (isn't it?) and reporting.
+
+How to check service logs
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+By default, the service writes logs to ``/dev/log`` which can be accessed by using ``journalctl`` command (logs are written to the journal of the user under which command is run).
+
+You can also edit configuration and forward logs to ``stderr``, just change ``handlers`` value, e.g.:
+
+.. code-block:: shell
+
+   sed -i 's/handlers = syslog_handler/handlers = console_handler/g' /etc/ahriman.ini.d/logging.ini
+
+You can even configure logging as you wish, but kindly refer to python ``logging`` module `configuration <https://docs.python.org/3/library/logging.config.html>`_. The application uses java concept to log messages, e.g. class ``Application`` imported from ``ahriman.application.application`` package will have logger called ``ahriman.application.application.Application``. In order to e.g. change logger name for whole application package it is possible to change values for ``ahriman.application`` package; thus editing ``ahriman`` logger configuration will change logging for whole application (unless there are overrides for another logger).
+
+Html customization
+^^^^^^^^^^^^^^^^^^
+
+It is possible to customize html templates. In order to do so, create files somewhere (refer to Jinja2 documentation and the service source code for available parameters) and put ``template_path`` to configuration pointing to this directory.
+
+I did not find my question
+^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+`Create an issue <https://github.com/arcan1s/ahriman/issues>`_ with type **Question**.

docs/index.rst

@@ -0,0 +1,39 @@
+Welcome to ahriman's documentation!
+===================================
+
+Wrapper for managing custom repository inspired by `repo-scripts <https://github.com/arcan1s/repo-scripts>`_.
+
+Features
+--------
+
+* Install-configure-forget manager for the very own repository.
+* Multi-architecture support.
+* Dependency manager.
+* VCS packages support.
+* Official repository support.
+* Ability to patch AUR packages and even create package from local PKGBUILDs.
+* Sign support with gpg (repository, package, per package settings).
+* Triggers for repository updates, e.g. synchronization to remote services (rsync, s3 and github) and report generation (email, html, telegram).
+* Repository status interface with optional authorization and control options.
+
+Live demos
+----------
+
+* `Build status page <https://ahriman-demo.arcanis.me>`_. You can login as ``demo`` user by using ``demo`` password. Note, however, you will not be able to run tasks.
+* `Repository index <http://repo.arcanis.me/x86_64/index.html>`_.
+* `Telegram feed <https://t.me/arcanisrepo>`_.
+
+Contents
+--------
+
+.. toctree::
+   :maxdepth: 2
+
+   setup
+   configuration
+   command-line
+   faq
+   architecture
+   advanced-usage
+   triggers
+   modules

docs/modules.rst

@@ -0,0 +1,7 @@
+Modules
+=======
+
+.. toctree::
+   :maxdepth: 4
+
+   ahriman

docs/setup.md

@@ -1,66 +0,0 @@
-# Setup instructions
-
-1. Install package as usual.
-2. Change settings if required, see [configuration reference](configuration.md) for more details.
-3. TL;DR
-
-   ```shell
-   sudo ahriman -a x86_64 repo-setup ...
-   ```
-   
-   `repo-setup` literally does the following steps:
-
-   1. Create `/var/lib/ahriman/.makepkg.conf` with `makepkg.conf` overrides if required (at least you might want to set `PACKAGER`):
-
-       ```shell
-       echo 'PACKAGER="John Doe <john@doe.com>"' | sudo -u ahriman tee -a /var/lib/ahriman/.makepkg.conf
-       ```
-
-   2. Configure build tools (it is required for correct dependency management system):
-
-       1. Create build command, e.g. `ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build` (you can choose any name for command, basically it should be `{name}-{arch}-build`).
-       2. Create configuration file, e.g. `cp /usr/share/devtools/pacman-{extra,ahriman}.conf` (same as previous `pacman-{name}.conf`).
-       3. Change configuration file, add your own repository, add multilib repository etc;
-       4. Set `build_command` option to point to your command.
-       5. Configure `/etc/sudoers.d/ahriman` to allow running command without a password.
-
-       ```shell
-       ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build
-       cp /usr/share/devtools/pacman-{extra,ahriman}.conf
-
-       echo '[multilib]' | tee -a /usr/share/devtools/pacman-ahriman.conf
-       echo 'Include = /etc/pacman.d/mirrorlist' | tee -a /usr/share/devtools/pacman-ahriman.conf
-
-       echo '[aur-clone]' | tee -a /usr/share/devtools/pacman-ahriman.conf
-       echo 'SigLevel = Optional TrustAll' | tee -a /usr/share/devtools/pacman-ahriman.conf
-       echo 'Server = file:///var/lib/ahriman/repository/$arch' | tee -a /usr/share/devtools/pacman-ahriman.conf
-
-       echo '[build]' | tee -a /etc/ahriman.ini.d/build.ini
-       echo 'build_command = ahriman-x86_64-build' | tee -a /etc/ahriman.ini.d/build.ini
-
-       echo 'Cmnd_Alias CARCHBUILD_CMD = /usr/local/bin/ahriman-x86_64-build *' | tee -a /etc/sudoers.d/ahriman
-       echo 'ahriman ALL=(ALL) NOPASSWD: CARCHBUILD_CMD' | tee -a /etc/sudoers.d/ahriman
-       chmod 400 /etc/sudoers.d/ahriman
-       ```
-
-4. Start and enable `ahriman@.timer` via `systemctl`:
-
-    ```shell
-    systemctl enable --now ahriman@x86_64.timer
-    ```
-
-5. Start and enable status page:
-
-    ```shell
-    systemctl enable --now ahriman-web@x86_64
-    ```
-
-6. Add packages by using `ahriman package-add {package}` command:
-
-    ```shell
-    sudo -u ahriman ahriman -a x86_64 package-add ahriman --now
-    ```
-
-## User creation
-
-`user-add` subcommand is recommended for new user creation.

docs/setup.rst

@@ -0,0 +1,91 @@
+Initial setup
+=============
+
+#. 
+   Install package as usual.
+#. 
+   Change settings if required, see :doc:`configuration reference <configuration>` for more details.
+#.
+   Perform initial setup:
+
+   .. code-block:: shell
+
+      sudo ahriman -a x86_64 repo-setup ...
+
+   ``repo-setup`` literally does the following steps:
+
+   #.
+      Create ``/var/lib/ahriman/.makepkg.conf`` with ``makepkg.conf`` overrides if required (at least you might want to set ``PACKAGER``):
+
+      .. code-block:: shell
+
+          echo 'PACKAGER="John Doe <john@doe.com>"' | sudo -u ahriman tee -a /var/lib/ahriman/.makepkg.conf
+
+   #.
+      Configure build tools (it is required for correct dependency management system):
+
+      #. 
+         Create build command (you can choose any name for command, basically it should be ``{name}-{arch}-build``):
+
+         .. code-block:: shell
+
+            ln -s /usr/bin/archbuild /usr/local/bin/ahriman-x86_64-build
+
+      #. 
+         Create configuration file (same as previous ``pacman-{name}.conf``):
+
+         .. code-block:: shell
+
+            cp /usr/share/devtools/pacman-{extra,ahriman}.conf
+
+      #. 
+         Change configuration file, add your own repository, add multilib repository etc:
+
+         .. code-block:: shell
+
+            echo '[multilib]' | tee -a /usr/share/devtools/pacman-ahriman.conf
+            echo 'Include = /etc/pacman.d/mirrorlist' | tee -a /usr/share/devtools/pacman-ahriman.conf
+
+            echo '[aur-clone]' | tee -a /usr/share/devtools/pacman-ahriman.conf
+            echo 'SigLevel = Optional TrustAll' | tee -a /usr/share/devtools/pacman-ahriman.conf
+            echo 'Server = file:///var/lib/ahriman/repository/$arch' | tee -a /usr/share/devtools/pacman-ahriman.conf
+
+      #. 
+         Set ``build_command`` option to point to your command:
+
+         .. code-block:: shell
+
+            echo '[build]' | tee -a /etc/ahriman.ini.d/build.ini
+            echo 'build_command = ahriman-x86_64-build' | tee -a /etc/ahriman.ini.d/build.ini
+
+      #.
+         Configure ``/etc/sudoers.d/ahriman`` to allow running command without a password:
+
+         .. code-block:: shell
+
+            echo 'Cmnd_Alias CARCHBUILD_CMD = /usr/local/bin/ahriman-x86_64-build *' | tee -a /etc/sudoers.d/ahriman
+            echo 'ahriman ALL=(ALL) NOPASSWD: CARCHBUILD_CMD' | tee -a /etc/sudoers.d/ahriman
+            chmod 400 /etc/sudoers.d/ahriman
+
+      This command supports several arguments, kindly refer to its help message.
+
+#. 
+   Start and enable ``ahriman@.timer`` via ``systemctl``:
+
+   .. code-block:: shell
+
+       systemctl enable --now ahriman@x86_64.timer
+
+#. 
+   Start and enable status page:
+
+   .. code-block:: shell
+
+       systemctl enable --now ahriman-web@x86_64
+
+#. 
+   Add packages by using ``ahriman package-add {package}`` command:
+
+   .. code-block:: shell
+
+       sudo -u ahriman ahriman -a x86_64 package-add ahriman --now

docs/triggers.rst

@@ -0,0 +1,127 @@
+Triggers
+========
+
+The package provides ability to write custom extensions which will be run on (the most) actions, e.g. after updates. By default ahriman provides three types of extensions - reporting, files uploading and PKGBUILD syncronization. Each extension must derive from the ``ahriman.core.triggers.Trigger`` class and should implement at least one of the abstract methods:
+
+* ``on_result`` - trigger action which will be called after build process, the build result and the list of repository packages will be supplied as arguments.
+* ``on_start`` - trigger action which will be called right before the start of the application process.
+* ``on_stop`` - action which will be called right before the exit.
+
+Note, it isn't required to implement all of those methods (or even one of them), however, it is highly recommended to avoid trigger actions in ``__init__`` method as it will be run on any application start (e.g. even if you are just searching in AUR).
+
+Built-in triggers
+-----------------
+
+For the configuration details and settings explanation kindly refer to the :doc:`documentation <configuration>`.
+
+``ahriman.core.gitremote.RemotePullTrigger``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This trigger will be called before any action (``on_start``) and pulls remote PKGBUILD repository locally; after that it copies found PKGBUILDs from the cloned repository to the local cache. It is useful in case if you have patched PGKBUILDs (or even missing in AUR) which you would like to use for package building and, technically, just simplifies the local package building.
+
+In order to update those packages you would need to clone your repository separately, make changes in PKGBUILD (e.g. bump version and update checksums), commit them and push back. On the next ahriman's repository update, it will pull changes you committed and will perform package update.
+
+``ahriman.core.gitremote.RemotePushTrigger``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This trigger will be called right after build process (``on_result``). It will pick PKGBUILDs for the updated packages, pull them (together with any other files) and commit and push changes to remote repository. No real use cases, but the most of user repositories do it.
+
+``ahriman.core.report.ReportTrigger``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+Trigger which can be used for reporting. It implements ``on_result`` method and thus being called on each build update and generates report (e.g. html, telegram etc) according to the current settings.
+
+``ahriman.core.upload.UploadTrigger``
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+This trigger takes build result (``on_result``) and performs syncing of the local packages to the remote mirror (e.g. S3 or just by rsync).
+
+Context variables
+-----------------
+
+By default, only configuration and architecture are passed to triggers. However, some triggers might want to have access to other high-level wrappers. In order to provide such ability and avoid (double) initialization, the service provides a global context variables, which can be accessed from ``ahriman.core`` package:
+
+.. code-block:: python
+
+   from ahriman.core import context
+
+   ctx = context.get()
+
+Just because context is wrapped inside ``contexvars.ContextVar``, you need to explicitly extract variable by ``get()`` method. Later you can extract any variable if it is set, e.g.:
+
+.. code-block:: python
+
+   from ahriman.core.database import SQLite
+   from ahriman.models.context_key import ContextKey
+
+   database = ctx.get(ContextKey("database", SQLite))
+
+In order to provide typed API, all variables are stored together with their type. The ``get(ContextKey)`` method will throw ``KeyError`` in case if key is missing. Alternatively you can set your own variable inside context:
+
+.. code-block:: python
+
+   ctx.set(ContextKey("answer", int), 42)
+   context.set(ctx)
+
+Note, however, that there are several limitations:
+
+* Context variables are immutable, thus you cannot override value if the key already presented.
+* The ``return_type`` of ``ContextKey`` should match the value type, otherwise exception will be thrown.
+
+The ``context`` also implements collection methods such as ``__iter__`` and ``__len__``.
+
+Trigger example
+---------------
+
+Lets consider example of reporting trigger (e.g. `slack <https://slack.com/>`_, which provides easy HTTP API for integration triggers).gre
+
+In order to post message to slack we will need a specific trigger url (something like ``https://hooks.slack.com/services/company_id/trigger_id``), channel (e.g. ``#archrepo``) and username (``repo-bot``).
+
+As it has been mentioned, our trigger must derive from specific class:
+
+.. code-block:: python
+
+   from ahriman.core.triggers import Trigger
+
+   class SlackReporter(Trigger):
+
+       def __init__(self, architecture, configuration):
+           Trigger.__init__(self, architecture, configuration)
+           self.slack_url = configuration.get("slack", "url")
+           self.channel = configuration.get("slack", "channel")
+           self.username = configuration.get("slack", "username")
+
+By now we have class with all required variables. Lets implement run method. Slack API requires positing data with specific payload by HTTP, thus:
+
+.. code-block:: python
+
+   import json
+   import requests
+
+   def notify(result, slack_url, channel, username):
+       text = f"""Build has been completed with packages: {", ".join([package.name for package in result.success])}"""
+       payload = {"channel": channel, "username": username, "text": text}
+       response = requests.post(slack_url, data={"payload": json.dumps(payload)})
+       response.raise_for_status()
+
+Obviously you can implement the specified method in class, but for guide purpose it has been done as separated method. Now we can merge this method into the class:
+
+.. code-block:: python
+
+   class SlackReporter(Trigger):
+
+       def __init__(self, architecture, configuration):
+           Trigger.__init__(self, architecture, configuration)
+           self.slack_url = configuration.get("slack", "url")
+           self.channel = configuration.get("slack", "channel")
+           self.username = configuration.get("slack", "username")
+
+       def on_result(self, result, packages):
+           notify(result, self.slack_url, self.channel, self.username)
+
+Setup the trigger
+^^^^^^^^^^^^^^^^^
+
+First, put the trigger in any path it can be exported, e.g. by packing the resource into python package (which will lead to import path as ``package.slack_reporter.SlackReporter``) or just put file somewhere it can be accessed by application (e.g. ``/usr/local/lib/slack_reporter.py.SlackReporter``).
+
+After that run application as usual and receive notification in your slack channel.

package/archlinux/PKGBUILD

@@ -1,13 +1,13 @@
 # Maintainer: Evgeniy Alekseev
 
 pkgname='ahriman'
-pkgver=2.0.0rc5
+pkgver=2.5.2
 pkgrel=1
-pkgdesc="ArcH Linux ReposItory MANager"
+pkgdesc="ArcH linux ReposItory MANager"
 arch=('any')
 url="https://github.com/arcan1s/ahriman"
 license=('GPL3')
-depends=('devtools' 'git' 'pyalpm' 'python-inflection' 'python-passlib' 'python-requests' 'python-srcinfo')
+depends=('devtools' 'git' 'pyalpm' 'python-inflection' 'python-passlib' 'python-requests' 'python-setuptools' 'python-srcinfo')
 makedepends=('python-build' 'python-installer' 'python-wheel')
 optdepends=('breezy: -bzr packages support'
             'darcs: -darcs packages support'
@@ -20,6 +20,7 @@ optdepends=('breezy: -bzr packages support'
             'python-aiohttp-session: web server with authorization'
             'python-boto3: sync to s3'
             'python-cryptography: web server with authorization'
+            'python-requests-unixsocket: client report to web server by unix socket'
             'python-jinja: html report generation'
             'rsync: sync by using rsync'
             'subversion: -svn packages support')
@@ -38,7 +39,7 @@ build() {
 package() {
   cd "$pkgname"
 
-  python -m installer --destdir="$pkgdir" dist/*.whl
+  python -m installer --destdir="$pkgdir" "dist/$pkgname-$pkgver-py3-none-any.whl"
 
   # python-installer actually thinks that you cannot just copy files to root
   # thus we need to copy them manually

package/archlinux/ahriman.sysusers

@@ -1 +1 @@
-u ahriman 643 "ArcH Linux ReposItory MANager" /var/lib/ahriman
+u ahriman 643 "ArcH linux ReposItory MANager" /var/lib/ahriman

package/lib/systemd/system/ahriman-web@.service

@@ -1,5 +1,5 @@
 [Unit]
-Description=ArcH Linux ReposItory MANager web server (%I architecture)
+Description=ArcH linux ReposItory MANager web server (%I architecture)
 After=network.target
 
 [Service]

package/lib/systemd/system/ahriman@.service

@@ -1,7 +1,7 @@
 [Unit]
-Description=ArcH Linux ReposItory MANager (%I architecture)
+Description=ArcH linux ReposItory MANager (%I architecture)
 
 [Service]
-ExecStart=/usr/bin/ahriman --architecture %i update
+ExecStart=/usr/bin/ahriman --architecture %i repo-update --refresh
 User=ahriman
 Group=ahriman

package/lib/systemd/system/ahriman@.timer

@@ -1,5 +1,5 @@
 [Unit]
-Description=ArcH Linux ReposItory MANager timer (%I architecture)
+Description=ArcH linux ReposItory MANager timer (%I architecture)
 
 [Timer]
 OnCalendar=daily

package/share/ahriman/settings/ahriman.ini

@@ -4,24 +4,27 @@ logging = ahriman.ini.d/logging.ini
 database = /var/lib/ahriman/ahriman.db
 
 [alpm]
-aur_url = https://aur.archlinux.org
 database = /var/lib/pacman
+mirror = https://geo.mirror.pkgbuild.com/$repo/os/$arch
 repositories = core extra community multilib
 root = /
+use_ahriman_cache = yes
 
 [auth]
 target = disabled
 max_age = 604800
 oauth_provider = GoogleClient
 oauth_scopes = https://www.googleapis.com/auth/userinfo.email
-safe_build_status = yes
+allow_read_only = yes
 
 [build]
 archbuild_flags =
 build_command = extra-x86_64-build
 ignore_packages =
 makechrootpkg_flags =
-makepkg_flags = --nocolor
+makepkg_flags = --nocolor --ignorearch
+triggers = ahriman.core.report.ReportTrigger ahriman.core.upload.UploadTrigger
+vcs_allowed_age = 604800
 
 [repository]
 name = aur-clone
@@ -37,7 +40,6 @@ target = console
 use_utf = yes
 
 [email]
-full_template_path = /usr/share/ahriman/templates/repo-index.jinja2
 no_empty_report = yes
 template_path = /usr/share/ahriman/templates/email-index.jinja2
 ssl = disabled

package/share/ahriman/settings/ahriman.ini.d/logging.ini

@@ -1,5 +1,5 @@
 [loggers]
-keys = root,build_details,database,http,stderr,boto3,botocore,nose,s3transfer
+keys = root,http,stderr,boto3,botocore,nose,s3transfer
 
 [handlers]
 keys = console_handler,syslog_handler
@@ -20,11 +20,11 @@ formatter = syslog_format
 args = ("/dev/log",)
 
 [formatter_generic_format]
-format = [%(levelname)s %(asctime)s] [%(filename)s:%(lineno)d %(funcName)s]: %(message)s
+format = [%(levelname)s %(asctime)s] [%(name)s]: %(message)s
 datefmt =
 
 [formatter_syslog_format]
-format = [%(levelname)s] [%(name)s] [%(filename)s:%(lineno)d] [%(funcName)s]: %(message)s
+format = [%(levelname)s] [%(name)s]: %(message)s
 datefmt =
 
 [logger_root]
@@ -32,18 +32,6 @@ level = DEBUG
 handlers = syslog_handler
 qualname = root
 
-[logger_build_details]
-level = DEBUG
-handlers = syslog_handler
-qualname = build_details
-propagate = 0
-
-[logger_database]
-level = DEBUG
-handlers = syslog_handler
-qualname = database
-propagate = 0
-
 [logger_http]
 level = DEBUG
 handlers = syslog_handler

package/share/ahriman/templates/build-status.jinja2

@@ -12,34 +12,56 @@
 
     <body>
 
-        <div class="container">
-            <h1>ahriman
-                {% if auth.authenticated %}
-                    <img src="https://img.shields.io/badge/version-{{ version }}-informational" alt="{{ version }}">
-                    <img src="https://img.shields.io/badge/repository-{{ repository | replace("-", "--") }}-informational" alt="{{ repository }}">
-                    <img src="https://img.shields.io/badge/architecture-{{ architecture }}-informational" alt="{{ architecture }}">
-                    <img src="https://img.shields.io/badge/service%20status-{{ service.status }}-{{ service.status_color }}" alt="{{ service.status }}" title="{{ service.timestamp }}">
-                {% endif %}
-            </h1>
-        </div>
+        {% include "utils/bootstrap-scripts.jinja2" %}
 
         <div class="container">
-            <div id="toolbar">
+            <h1 id="badge-repository">ahriman</h1>
+        </div>
+
+        <div id="alert-placeholder" class="toast-container p3 top-0 start-50 translate-middle-x"></div>
+
+        <div class="container">
+            <div id="toolbar" class="dropdown">
+                <a id="badge-status" tabindex="0" role="button" class="btn btn-outline-secondary" data-bs-toggle="popover" data-bs-trigger="focus" data-bs-content="no run data"><i class="bi bi-info-circle"></i></a>
+
                 {% if not auth.enabled or auth.username is not none %}
-                    <button id="add" class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#addForm">
-                        <i class="fa fa-plus"></i> add
+                    <button type="button" class="btn btn-primary dropdown-toggle" data-bs-toggle="dropdown" aria-expanded="false">
+                        <i class="bi bi-box"></i> packages
                     </button>
-                    <button id="update" class="btn btn-secondary" onclick="updatePackages()" disabled>
-                        <i class="fa fa-play"></i> update
-                    </button>
-                    <button id="remove" class="btn btn-danger" onclick="removePackages()" disabled>
-                        <i class="fa fa-trash"></i> remove
+                    <ul class="dropdown-menu">
+                        <li>
+                            <button id="package-add-btn" class="btn dropdown-item" data-bs-toggle="modal" data-bs-target="#package-add-modal" hidden>
+                                <i class="bi bi-plus"></i> add
+                            </button>
+                        </li>
+                        <li>
+                            <button id="package-update-btn" class="btn dropdown-item" onclick="updatePackages()" hidden>
+                                <i class="bi bi-play"></i> update
+                            </button>
+                        </li>
+                        <li>
+                            <button id="package-rebuild-btn" class="btn dropdown-item" data-bs-toggle="modal" data-bs-target="#package-rebuild-modal" hidden>
+                                <i class="bi bi-arrow-clockwise"></i> rebuild
+                            </button>
+                        </li>
+                        <li>
+                            <button id="package-remove-btn" class="btn dropdown-item" onclick="removePackages()" disabled hidden>
+                                <i class="bi bi-trash"></i> remove
+                            </button>
+                        </li>
+                    </ul>
+
+                    <button id="key-import-btn" type="button" class="btn btn-info" data-bs-toggle="modal" data-bs-target="#key-import-modal" hidden>
+                        <i class="bi bi-key"></i> import key
                     </button>
                 {% endif %}
+
+                <button type="button" class="btn btn-secondary" onclick="reload()">
+                    <i class="bi bi-arrow-clockwise"></i> reload
+                </button>
             </div>
 
             <table id="packages" class="table table-striped table-hover"
-                   data-click-to-select="true"
                    data-export-options='{"fileName": "packages"}'
                    data-page-list="[10, 25, 50, 100, all]"
                    data-page-size="10"
@@ -53,67 +75,51 @@
                    data-show-fullscreen="true"
                    data-show-search-clear-button="true"
                    data-sortable="true"
-                   data-sort-reset="true"
+                   data-sort-name="base"
+                   data-sort-order="asc"
                    data-toggle="table"
                    data-toolbar="#toolbar">
                 <thead class="table-primary">
                     <tr>
                         <th data-checkbox="true"></th>
-                        <th data-sortable="true" data-switchable="false">package base</th>
-                        <th data-sortable="true">version</th>
-                        <th data-sortable="true">packages</th>
-                        <th data-sortable="true" data-visible="false">groups</th>
-                        <th data-sortable="true" data-visible="false">licenses</th>
-                        <th data-sortable="true">last update</th>
-                        <th data-sortable="true">status</th>
+                        <th data-sortable="true" data-switchable="false" data-field="base">package base</th>
+                        <th data-sortable="true" data-field="version">version</th>
+                        <th data-sortable="true" data-field="packages">packages</th>
+                        <th data-sortable="true" data-visible="false" data-field="groups">groups</th>
+                        <th data-sortable="true" data-visible="false" data-field="licenses">licenses</th>
+                        <th data-sortable="true" data-field="timestamp">last update</th>
+                        <th data-sortable="true" data-cell-style="statusFormat" data-field="status">status</th>
                     </tr>
                 </thead>
-
-                <tbody>
-                {% if auth.authenticated %}
-                    {% for package in packages %}
-                        <tr data-package-base="{{ package.base }}">
-                            <td data-checkbox="true"></td>
-                            <td><a href="{{ package.web_url }}" title="{{ package.base }}">{{ package.base }}</a></td>
-                            <td>{{ package.version }}</td>
-                            <td>{{ package.packages|join("<br>"|safe) }}</td>
-                            <td>{{ package.groups|join("<br>"|safe) }}</td>
-                            <td>{{ package.licenses|join("<br>"|safe) }}</td>
-                            <td>{{ package.timestamp }}</td>
-                            <td class="table-{{ package.status_color }}">{{ package.status }}</td>
-                        </tr>
-                    {% endfor %}
-                {% else %}
-                    <tr>
-                        <td colspan="100%">In order to see statuses you must login first.</td>
-                    </tr>
-                {% endif %}
-                </tbody>
             </table>
         </div>
 
         <div class="container">
             <footer class="d-flex flex-wrap justify-content-between align-items-center border-top">
                 <ul class="nav">
-                    <li><a class="nav-link" href="https://github.com/arcan1s/ahriman" title="sources">ahriman</a></li>
+                    <li><a id="badge-version" class="nav-link" href="https://github.com/arcan1s/ahriman" title="sources"><i class="bi bi-github"></i> ahriman</a></li>
                     <li><a class="nav-link" href="https://github.com/arcan1s/ahriman/releases" title="releases list">releases</a></li>
                     <li><a class="nav-link" href="https://github.com/arcan1s/ahriman/issues" title="issues tracker">report a bug</a></li>
                 </ul>
 
                 {% if index_url is not none %}
                     <ul class="nav">
-                        <li><a class="nav-link" href="{{ index_url }}" title="repo index">repo index</a></li>
+                        <li><a class="nav-link" href="{{ index_url }}" title="repo index"><i class="bi bi-house"></i> repo index</a></li>
                     </ul>
                 {% endif %}
 
                 {% if auth.enabled %}
-                    {% if auth.username is none %}
-                        {{ auth.control|safe }}
-                    {% else %}
-                        <form action="/user-api/v1/logout" method="post">
-                            <button class="btn btn-link" style="text-decoration: none">logout ({{ auth.username }})</button>
-                        </form>
-                    {% endif %}
+                    <ul class="nav">
+                        {% if auth.username is none %}
+                            <li>{{ auth.control|safe }}</li>
+                        {% else %}
+                            <li>
+                                <form action="/api/v1/logout" method="post">
+                                    <button class="btn btn-link" style="text-decoration: none"><i class="bi bi-box-arrow-right"></i> logout ({{ auth.username }})</button>
+                                </form>
+                            </li>
+                        {% endif %}
+                    </ul>
                 {% endif %}
             </footer>
         </div>
@@ -122,11 +128,15 @@
             {% include "build-status/login-modal.jinja2" %}
         {% endif %}
 
-        {% include "build-status/package-actions-modals.jinja2" %}
+        {% include "build-status/alerts.jinja2" %}
 
-        {% include "utils/bootstrap-scripts.jinja2" %}
+        {% include "build-status/package-add-modal.jinja2" %}
+        {% include "build-status/package-rebuild-modal.jinja2" %}
+        {% include "build-status/key-import-modal.jinja2" %}
 
-        {% include "build-status/package-actions-script.jinja2" %}
+        {% include "build-status/package-info-modal.jinja2" %}
+
+        {% include "build-status/table.jinja2" %}
 
     </body>
 

package/share/ahriman/templates/build-status/alerts.jinja2

@@ -0,0 +1,45 @@
+<script>
+    const alertPlaceholder = $("#alert-placeholder");
+
+    function createAlert(title, message, clz) {
+        const wrapper = document.createElement("div");
+        wrapper.classList.add("toast", clz);
+        wrapper.role = "alert";
+        wrapper.ariaLive = "assertive";
+        wrapper.ariaAtomic = "true";
+        wrapper.style.width = "500px"; // 500px is default modal size
+
+        const header = document.createElement("div");
+        header.classList.add("toast-header");
+        header.innerHTML = `<strong class="me-auto">${safe(title)}</strong> <button type="button" class="btn-close" data-bs-dismiss="toast" aria-label="close"></button>`;
+        wrapper.appendChild(header);
+
+        const body = document.createElement("div");
+        body.classList.add("toast-body", "text-bg-light");
+        body.innerText = message;
+        wrapper.appendChild(body);
+
+        alertPlaceholder.append(wrapper);
+        const toast = new bootstrap.Toast(wrapper);
+        wrapper.addEventListener("hidden.bs.toast", () => {
+            wrapper.remove();  // bootstrap doesn't remove elements
+            reload();
+        });
+        toast.show();
+    }
+
+    function showFailure(title, description, jqXHR, errorThrown) {
+        let details;
+        try {
+            details = $.parseJSON(jqXHR.responseText).error; // execution handler json error response
+        } catch (_) {
+            details = errorThrown;
+        }
+        createAlert(title, description(details), "text-bg-danger");
+    }
+
+    function showSuccess(title, description) {
+        createAlert(title, description, "text-bg-success");
+    }
+
+</script>

package/share/ahriman/templates/build-status/key-import-modal.jinja2

@@ -0,0 +1,93 @@
+<div id="key-import-modal" tabindex="-1" role="dialog" class="modal fade">
+    <div class="modal-dialog modal-xl" role="document">
+        <div class="modal-content">
+            <form id="key-import-form" onsubmit="return false">
+                <div class="modal-header">
+                    <h4 class="modal-title">Import key from PGP server</h4>
+                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
+                </div>
+                <div class="modal-body">
+                    <div class="form-group row">
+                        <label for="key-fingerprint-input" class="col-sm-2 col-form-label">fingerprint</label>
+                        <div class="col-sm-10">
+                            <input id="key-fingerprint-input" type="text" class="form-control" placeholder="PGP key fingerprint" name="key" required>
+                        </div>
+                    </div>
+                    <div class="form-group row">
+                        <label for="key-server-input" class="col-sm-2 col-form-label">key server</label>
+                        <div class="col-sm-10">
+                            <input id="key-server-input" type="text" class="form-control" placeholder="PGP key server" name="server" value="keyserver.ubuntu.com" required>
+                        </div>
+                    </div>
+                    <div class="form-group row">
+                        <div class="col-sm-2"></div>
+                        <div class="col-sm-10">
+                            <pre class="language-less"><samp id="key-body-input" class="pre-scrollable language-less"></samp><button id="key-copy-btn" type="button" class="btn language-less" onclick="copyPgpKey()"><i class="bi bi-clipboard"></i> copy</button></pre>
+                        </div>
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button type="submit" class="btn btn-primary" onclick="importPgpKey()"><i class="bi bi-play"></i> import</button>
+                    <button type="submit" class="btn btn-success" onclick="fetchPgpKey()"><i class="bi bi-arrow-clockwise"></i> fetch</button>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+
+<script>
+    const keyImportModal = $("#key-import-modal");
+    const keyImportForm = $("#key-import-form");
+    keyImportModal.on("hidden.bs.modal", () => {
+        keyBodyInput.text("");
+        keyImportForm.trigger("reset");
+    });
+
+    const keyBodyInput = $("#key-body-input");
+    const keyCopyButton = $("#key-copy-btn");
+
+    const keyFingerprintInput = $("#key-fingerprint-input");
+    const keyServerInput = $("#key-server-input");
+
+    async function copyPgpKey() {
+        const logs = keyBodyInput.text();
+        await copyToClipboard(logs, keyCopyButton);
+    }
+
+    function fetchPgpKey() {
+        const key = keyFingerprintInput.val();
+        const server = keyServerInput.val();
+
+        if (key && server) {
+            $.ajax({
+                url: "/api/v1/service/pgp",
+                data: {"key": key, "server": server},
+                type: "GET",
+                dataType: "json",
+                success: response => { keyBodyInput.text(response.key); },
+            });
+        }
+    }
+
+    function importPgpKey() {
+        const key = keyFingerprintInput.val();
+        const server = keyServerInput.val();
+
+        if (key && server) {
+            $.ajax({
+                url: "/api/v1/service/pgp",
+                data: JSON.stringify({key: key, server: server}),
+                type: "POST",
+                contentType: "application/json",
+                success: _ => {
+                    keyImportModal.modal("hide");
+                    showSuccess("Success", `Key ${key} has been imported`);
+                },
+                error: (jqXHR, _, errorThrown) => {
+                    const message = _ => { return `Could not import key ${key} from ${server}`; };
+                    showFailure("Action failed", message, jqXHR, errorThrown);
+                },
+            });
+        }
+    }
+</script>

package/share/ahriman/templates/build-status/login-modal.jinja2

@@ -1,9 +1,9 @@
-<div id="loginForm" tabindex="-1" role="dialog" class="modal fade">
+<div id="login-modal" tabindex="-1" role="dialog" class="modal fade">
     <div class="modal-dialog" role="document">
         <div class="modal-content">
-            <form action="/user-api/v1/login" method="post">
+            <form action="/api/v1/login" method="post">
                 <div class="modal-header">
-                    <h4 class="modal-title">login</h4>
+                    <h4 class="modal-title">Login</h4>
                     <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
                 </div>
                 <div class="modal-body">
@@ -16,14 +16,36 @@
                     <div class="form-group row">
                         <label for="password" class="col-sm-2 col-form-label">password</label>
                         <div class="col-sm-10">
-                            <input id="password" type="password" class="form-control" placeholder="enter password" name="password" required>
+                            <div class="input-group">
+                                <input id="password" type="password" class="form-control" placeholder="enter password" name="password" required>
+                                <div class="input-group-append">
+                                    <button class="btn btn-outline-secondary" type="button" onclick="showPassword()"><i id="show-hide-password-btn" class="bi bi-eye"></i></button>
+                                </div>
+                            </div>
                         </div>
                     </div>
                 </div>
                 <div class="modal-footer">
-                    <button class="btn btn-primary">login</button>
+                    <button class="btn btn-primary"><i class="bi bi-person"></i> login</button>
                 </div>
             </form>
         </div>
     </div>
-</div>
+</div>
+
+<script>
+    const passwordInput = $("#password");
+    const showHidePasswordButton = $("#show-hide-password-btn");
+
+    function showPassword() {
+        if (passwordInput.attr("type") === "password") {
+            passwordInput.attr("type", "text");
+            showHidePasswordButton.removeClass("bi-eye");
+            showHidePasswordButton.addClass("bi-eye-slash");
+        } else {
+            passwordInput.attr("type", "password");
+            showHidePasswordButton.removeClass("bi-eye-slash");
+            showHidePasswordButton.addClass("bi-eye");
+        }
+    }
+</script>

package/share/ahriman/templates/build-status/package-actions-modals.jinja2

@@ -1,60 +0,0 @@
-<div id="addForm" tabindex="-1" role="dialog" class="modal fade">
-    <div class="modal-dialog" role="document">
-        <div class="modal-content">
-            <div class="modal-header">
-                <h4 class="modal-title">add new packages</h4>
-                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
-            </div>
-            <div class="modal-body">
-                <div class="form-group row">
-                    <label for="package" class="col-sm-2 col-form-label">package</label>
-                    <div class="col-sm-10">
-                        <input id="package" type="text" list="knownPackages" class="form-control" placeholder="AUR package" name="package" required>
-                        <datalist id="knownPackages"></datalist>
-                    </div>
-                </div>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-secondary" data-bs-dismiss="modal">close</button>
-                <button type="button" class="btn btn-success" data-bs-dismiss="modal" onclick="requestPackages()">request</button>
-                <button type="button" class="btn btn-primary" data-bs-dismiss="modal" onclick="addPackages()">add</button>
-            </div>
-        </div>
-    </div>
-</div>
-
-<div id="failedForm" tabindex="-1" role="dialog" class="modal fade">
-    <div class="modal-dialog" role="document">
-        <div class="modal-content">
-            <div class="modal-header bg-danger">
-                <h4 class="modal-title">failed</h4>
-                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
-            </div>
-            <div class="modal-body">
-                <p>Packages update has failed.</p>
-                <p id="errorDetails"></p>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-primary" data-bs-dismiss="modal">close</button>
-            </div>
-        </div>
-    </div>
-</div>
-
-<div id="successForm" tabindex="-1" role="dialog" class="modal fade">
-    <div class="modal-dialog" role="document">
-        <div class="modal-content">
-            <div class="modal-header bg-success">
-                <h4 class="modal-title">success</h4>
-                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
-            </div>
-            <div class="modal-body">
-                <p>Packages update has been run.</p>
-                <ul id="successDetails"></ul>
-            </div>
-            <div class="modal-footer">
-                <button type="button" class="btn btn-primary" data-bs-dismiss="modal">close</button>
-            </div>
-        </div>
-    </div>
-</div>

package/share/ahriman/templates/build-status/package-actions-script.jinja2

@@ -1,95 +0,0 @@
-<script>
-    const $remove = $("#remove");
-    const $update = $("#update");
-
-    const $table = $("#packages");
-    $table.on("check.bs.table uncheck.bs.table check-all.bs.table uncheck-all.bs.table",
-        function () {
-            $remove.prop("disabled", !$table.bootstrapTable("getSelections").length);
-            $update.prop("disabled", !$table.bootstrapTable("getSelections").length);
-        })
-
-    const $successForm = $("#successForm");
-    const $successDetails = $("#successDetails");
-    $successForm.on("hidden.bs.modal", function() { window.location.reload(); });
-
-    const $failedForm = $("#failedForm");
-    const $errorDetails = $("#errorDetails");
-    $failedForm.on("hidden.bs.modal", function() { window.location.reload(); });
-
-    const $package = $("#package");
-    const $knownPackages = $("#knownPackages");
-    $package.keyup(function () {
-        const $this = $(this);
-        clearTimeout($this.data("timeout"));
-
-        $this.data("timeout", setTimeout($.proxy(function () {
-            const $value = $package.val();
-
-            $.ajax({
-                url: "/service-api/v1/search",
-                data: {"for": $value},
-                type: "GET",
-                dataType: "json",
-                success: function (resp) {
-                    const $options = resp.map(function (pkg) {
-                        const $option = document.createElement("option");
-                        $option.value = pkg.package;
-                        $option.innerText = `${pkg.package} (${pkg.description})`;
-                        return $option;
-                    });
-                    $knownPackages.empty().append($options);
-                    $this.focus();
-                },
-            })
-        }, this), 500));
-    })
-
-    function doPackageAction($uri, $packages) {
-        if ($packages.length === 0)
-            return;
-        $.ajax({
-            url: $uri,
-            data: JSON.stringify({packages: $packages}),
-            type: "POST",
-            contentType: "application/json",
-            success: function (_) {
-                const $details = $packages.map(function (pkg) {
-                    const $li = document.createElement("li");
-                    $li.innerText = pkg;
-                    return $li;
-                });
-                $successDetails.empty().append($details);
-                $successForm.modal("show");
-            },
-            error: function (jqXHR, textStatus, errorThrown) {
-                $errorDetails.text(errorThrown);
-                $failedForm.modal("show");
-            },
-        })
-    }
-
-    function getSelection() {
-        return $.map($table.bootstrapTable("getSelections"), function(row) {
-            return row._data["package-base"];
-        })
-    }
-
-    function addPackages() {
-        const $packages = [$package.val()]
-        doPackageAction("/service-api/v1/add", $packages);
-    }
-
-    function requestPackages() {
-        const $packages = [$package.val()]
-        doPackageAction("/service-api/v1/request", $packages);
-    }
-
-    function removePackages() { doPackageAction("/service-api/v1/remove", getSelection()); }
-
-    function updatePackages() { doPackageAction("/service-api/v1/add", getSelection()); }
-
-    $(function () {
-        $table.bootstrapTable("uncheckAll");
-    })
-</script>

package/share/ahriman/templates/build-status/package-add-modal.jinja2

@@ -0,0 +1,78 @@
+<div id="package-add-modal" tabindex="-1" role="dialog" class="modal fade">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <form id="package-add-form" onsubmit="return false">
+                <div class="modal-header">
+                    <h4 class="modal-title">Add new packages</h4>
+                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
+                </div>
+                <div class="modal-body">
+                    <div class="form-group row">
+                        <label for="package-input" class="col-sm-2 col-form-label">package</label>
+                        <div class="col-sm-10">
+                            <input id="package-input" type="text" list="known-packages-dlist" autocomplete="off" class="form-control" placeholder="AUR package" name="package" required>
+                            <datalist id="known-packages-dlist"></datalist>
+                        </div>
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button type="submit" class="btn btn-primary" onclick="packagesAdd()"><i class="bi bi-play"></i> add</button>
+                    <button type="submit" class="btn btn-success" onclick="packagesRequest()"><i class="bi bi-plus"></i> request</button>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+
+<script>
+    const packageAddModal = $("#package-add-modal");
+    const packageAddForm = $("#package-add-form");
+    packageAddModal.on("hidden.bs.modal", () => { packageAddForm.trigger("reset"); });
+
+    const packageInput = $("#package-input");
+    const knownPackagesList = $("#known-packages-dlist");
+    packageInput.keyup(() => {
+        clearTimeout(packageInput.data("timeout"));
+        packageInput.data("timeout", setTimeout($.proxy(() => {
+            const value = packageInput.val();
+
+            if (value.length >= 3) {
+                $.ajax({
+                    url: "/api/v1/service/search",
+                    data: {"for": value},
+                    type: "GET",
+                    dataType: "json",
+                    success: response => {
+                        const options = response.map(pkg => {
+                            const option = document.createElement("option");
+                            option.value = pkg.package;
+                            option.innerText = `${pkg.package} (${pkg.description})`;
+                            return option;
+                        });
+                        knownPackagesList.empty().append(options);
+                    },
+                });
+            }
+        }, this), 500));
+    });
+
+    function packagesAdd() {
+        const packages = packageInput.val();
+        if (packages) {
+            packageAddModal.modal("hide");
+            const onSuccess = update => { return `Packages ${update} have been added`; };
+            const onFailure = error => { return `Package addition failed: ${error}`; };
+            doPackageAction("/api/v1/service/add", [packages], onSuccess, onFailure);
+        }
+    }
+
+    function packagesRequest() {
+        const packages = packageInput.val();
+        if (packages) {
+            packageAddModal.modal("hide");
+            const onSuccess = update => { return `Packages ${update} have been requested`; };
+            const onFailure = error => { return `Package request failed: ${error}`; };
+            doPackageAction("/api/v1/service/request", [packages], onSuccess, onFailure);
+        }
+    }
+</script>

package/share/ahriman/templates/build-status/package-info-modal.jinja2

@@ -0,0 +1,70 @@
+<div id="package-info-modal" tabindex="-1" role="dialog" class="modal fade">
+    <div class="modal-dialog modal-xl" role="document">
+        <div class="modal-content">
+            <div id="package-info-modal-header" class="modal-header">
+                <h4 id="package-info" class="modal-title"></h4>
+                <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
+            </div>
+            <div class="modal-body">
+                <pre class="language-logs"><samp id="package-info-logs-input" class="pre-scrollable language-logs"></samp><button id="logs-copy-btn" type="button" class="btn language-logs" onclick="copyLogs()"><i class="bi bi-clipboard"></i> copy</button></pre>
+            </div>
+            <div class="modal-footer">
+                <button type="button" class="btn btn-secondary" onclick="showLogs()"><i class="bi bi-arrow-clockwise"></i> reload</button>
+                <button type="button" class="btn btn-primary" data-bs-dismiss="modal"><i class="bi bi-x"></i> close</button>
+            </div>
+        </div>
+    </div>
+</div>
+
+<script>
+    const packageInfoModal = $("#package-info-modal");
+    const packageInfoModalHeader = $("#package-info-modal-header");
+    const packageInfo = $("#package-info");
+
+    const packageInfoLogsInput = $("#package-info-logs-input");
+    const packageInfoLogsCopyButton = $("#logs-copy-btn");
+
+    async function copyLogs() {
+        const logs = packageInfoLogsInput.text();
+        await copyToClipboard(logs, packageInfoLogsCopyButton);
+    }
+
+    function showLogs(packageBase) {
+        const isPackageBaseSet = packageBase !== undefined;
+        if (isPackageBaseSet)
+            packageInfoModal.data("package", packageBase); // set package base as currently used
+        else
+            packageBase = packageInfoModal.data("package"); // read package base from the current window attribute
+
+        const headerClass = status => {
+            if (status === "pending") return ["bg-warning"];
+            if (status === "building") return ["bg-warning"];
+            if (status === "failed") return ["bg-danger", "text-white"];
+            if (status === "success") return ["bg-success", "text-white"];
+            return ["bg-secondary", "text-white"];
+        };
+
+        $.ajax({
+            url: `/api/v1/packages/${packageBase}/logs`,
+            type: "GET",
+            dataType: "json",
+            success: response => {
+                packageInfo.text(`${response.package_base} ${response.status.status} at ${new Date(1000 * response.status.timestamp).toISOString()}`);
+                packageInfoLogsInput.text(response.logs);
+
+                packageInfoModalHeader.removeClass();
+                packageInfoModalHeader.addClass("modal-header");
+                headerClass(response.status.status).forEach((clz) => packageInfoModalHeader.addClass(clz));
+
+                if (isPackageBaseSet) packageInfoModal.modal("show"); // we don't need to show window again
+            },
+            error: (jqXHR, _, errorThrown) => {
+                // show failed modal in case if first time loading
+                if (isPackageBaseSet) {
+                    const message = error => { return `Could not load package ${packageBase} logs: ${error}`; };
+                    showFailure("Load failure", message, jqXHR, errorThrown);
+                }
+            },
+        });
+    }
+</script>

package/share/ahriman/templates/build-status/package-rebuild-modal.jinja2

@@ -0,0 +1,41 @@
+<div id="package-rebuild-modal" tabindex="-1" role="dialog" class="modal fade">
+    <div class="modal-dialog" role="document">
+        <div class="modal-content">
+            <form id="package-rebuild-form" onsubmit="return false">
+                <div class="modal-header">
+                    <h4 class="modal-title">Rebuild depending packages</h4>
+                    <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="close"></button>
+                </div>
+                <div class="modal-body">
+                    <div class="form-group row">
+                        <label for="dependency-input" class="col-sm-4 col-form-label">dependency</label>
+                        <div class="col-sm-8">
+                            <input id="dependency-input" type="text" class="form-control" placeholder="packages dependency" name="package" required>
+                        </div>
+                    </div>
+                </div>
+                <div class="modal-footer">
+                    <button type="submit" class="btn btn-primary" onclick="packagesRebuild()"><i class="bi bi-play"></i> rebuild</button>
+                </div>
+            </form>
+        </div>
+    </div>
+</div>
+
+<script>
+    const packageRebuildModal = $("#package-rebuild-modal");
+    const packageRebuildForm = $("#package-rebuild-form");
+    packageRebuildModal.on("hidden.bs.modal", () => { packageRebuildForm.trigger("reset"); });
+
+    const dependencyInput = $("#dependency-input");
+
+    function packagesRebuild() {
+        const packages = dependencyInput.val();
+        if (packages) {
+            packageRebuildModal.modal("hide");
+            const onSuccess = update => { return `Repository rebuild has been run for packages which depend on ${update}`; };
+            const onFailure = error => { return `Repository rebuild failed: ${error}`; };
+            doPackageAction("/api/v1/service/rebuild", [packages], onSuccess, onFailure);
+        }
+    }
+</script>

package/share/ahriman/templates/build-status/table.jinja2

@@ -0,0 +1,165 @@
+<script>
+    const keyImportButton = $("#key-import-btn");
+    const packageAddButton = $("#package-add-btn");
+    const packageRebuildButton = $("#package-rebuild-btn");
+    const packageRemoveButton = $("#package-remove-btn");
+    const packageUpdateButton = $("#package-update-btn");
+
+    const table = $("#packages");
+    table.on("check.bs.table uncheck.bs.table check-all.bs.table uncheck-all.bs.table", () => {
+        packageRemoveButton.prop("disabled", !table.bootstrapTable("getSelections").length);
+    });
+    table.on("click-row.bs.table", (self, data, row, cell) => {
+        if (0 === cell || "base" === cell) {
+            const method = data[0] === true ? "uncheckBy" : "checkBy"; // fck javascript
+            table.bootstrapTable(method, {field: "id", values: [data.id]});
+        } else showLogs(data.id);
+    });
+
+    const repositoryBadge = $("#badge-repository");
+    const statusBadge = $("#badge-status");
+    const versionBadge = $("#badge-version");
+
+    function doPackageAction(uri, packages, successText, failureText) {
+        $.ajax({
+            url: uri,
+            data: JSON.stringify({packages: packages}),
+            type: "POST",
+            contentType: "application/json",
+            success: _ => {
+                const message = successText(packages.join(", "));
+                showSuccess("Success", message);
+            },
+            error: (jqXHR, _, errorThrown) => {
+                showFailure("Action failed", failureText, jqXHR, errorThrown);
+            },
+        });
+    }
+
+    function getSelection() {
+        return table.bootstrapTable("getSelections").map(row => { return row.id; });
+    }
+
+    function removePackages() {
+        const onSuccess = update => { return `Packages ${update} have been removed`; };
+        const onFailure = error => { return `Could not remove packages: ${error}`; };
+        doPackageAction("/api/v1/service/remove", getSelection(), onSuccess, onFailure);
+    }
+
+    function updatePackages() {
+        const currentSelection = getSelection();
+        const [url, onSuccess] = currentSelection.length === 0
+            ? ["/api/v1/service/update", _ => { return "Repository update has been run"; }]
+            : ["/api/v1/service/add", update => { return `Run update for packages ${update}`; }];
+        const onFailure = error => { return `Packages update failed: ${error}`; };
+        doPackageAction(url, currentSelection, onSuccess, onFailure);
+    }
+
+    function hideControls(hidden) {
+        keyImportButton.attr("hidden", hidden);
+        packageAddButton.attr("hidden", hidden);
+        packageRebuildButton.attr("hidden", hidden);
+        packageRemoveButton.attr("hidden", hidden);
+        packageUpdateButton.attr("hidden", hidden);
+    }
+
+    function reload() {
+        table.bootstrapTable("showLoading");
+
+        const badgeClass = status => {
+            if (status === "pending") return "btn-outline-warning";
+            if (status === "building") return "btn-outline-warning";
+            if (status === "failed") return "btn-outline-danger";
+            if (status === "success") return "btn-outline-success";
+            return "btn-outline-secondary";
+        };
+
+        $.ajax({
+            url: "/api/v1/packages",
+            type: "GET",
+            dataType: "json",
+            success: response => {
+                const extractListProperties = (description, property) => {
+                    return Object.values(description.packages)
+                        .map(pkg => { return pkg[property]; })
+                        .reduce((left, right) => { return left.concat(right); }, []);
+                };
+                const listToTable = data => {
+                    return Array.from(new Set(data))
+                        .sort()
+                        .map(entry => { return safe(entry); })
+                        .join("<br>");
+                };
+
+                const payload = response.map(description => {
+                    const package_base = description.package.base;
+                    const web_url = description.package.remote?.web_url;
+                    return {
+                        id: package_base,
+                        base: web_url ? `<a href="${safe(web_url)}" title="${safe(package_base)}">${safe(package_base)}</a>` : safe(package_base),
+                        version: safe(description.package.version),
+                        packages: listToTable(Object.keys(description.package.packages)),
+                        groups: listToTable(extractListProperties(description.package, "groups")),
+                        licenses: listToTable(extractListProperties(description.package, "licenses")),
+                        timestamp: new Date(1000 * description.status.timestamp).toISOString(),
+                        status: description.status.status,
+                    };
+                });
+
+                table.bootstrapTable("load", payload);
+                table.bootstrapTable("uncheckAll");
+                table.bootstrapTable("hideLoading");
+                hideControls(false);
+            },
+            error: (jqXHR, _, errorThrown) => {
+                if ((jqXHR.status === 401) || (jqXHR.status === 403)) {
+                    // authorization error
+                    const text = "In order to see statuses you must login first.";
+                    table.find("tr.unauthorized").remove();
+                    table.find("tbody").append(`<tr class="unauthorized"><td colspan="100%">${safe(text)}</td></tr>`);
+                    table.bootstrapTable("hideLoading");
+                } else {
+                    // other errors
+                    const messaga = error => { return `Could not load list of packages: ${error}`; };
+                    showFailure("Load failure", messaga, jqXHR, errorThrown);
+                }
+                hideControls(true);
+            },
+        });
+
+        $.ajax({
+            url: "/api/v1/status",
+            type: "GET",
+            dataType: "json",
+            success: response => {
+                repositoryBadge.text(`${response.repository} ${response.architecture}`);
+                versionBadge.html(`<i class="bi bi-github"></i> ahriman ${safe(response.version)}`);
+
+                statusBadge
+                    .popover("dispose")
+                    .attr("data-bs-content", `${response.status.status} at ${new Date(1000 * response.status.timestamp).toISOString()}`)
+                    .popover();
+                statusBadge.removeClass();
+                statusBadge.addClass("btn");
+                statusBadge.addClass(badgeClass(response.status.status));
+            },
+        });
+    }
+
+    function statusFormat(value) {
+        const cellClass = status => {
+            if (status === "pending") return "table-warning";
+            if (status === "building") return "table-warning";
+            if (status === "failed") return "table-danger";
+            if (status === "success") return "table-success";
+            return "table-secondary";
+        };
+        return {classes: cellClass(value)};
+    }
+
+    $(() => {
+        table.bootstrapTable({});
+        statusBadge.popover();
+        reload();
+    });
+</script>

package/share/ahriman/templates/error.jinja2

@@ -0,0 +1,31 @@
+<!doctype html>
+<html lang="en">
+    <head>
+        <title>Error</title>
+
+        <meta name="viewport" content="width=device-width, initial-scale=1">
+
+        <link rel="shortcut icon" href="/static/favicon.ico">
+
+        {% include "utils/style.jinja2" %}
+    </head>
+
+    <body>
+
+        {% include "utils/bootstrap-scripts.jinja2" %}
+
+        <div class="d-flex flex-row align-items-center">
+            <div class="container">
+                <div class="row justify-content-center">
+                    <div class="col-md-12 text-center">
+                        <span class="display-1 d-block">{{ code }}</span>
+                        <div class="mb-4 lead">{{ reason }}</div>
+                        <a class="btn btn-link" style="text-decoration: none" href="/" title="home"><i class="bi bi-house"></i> home</a>
+                    </div>
+                </div>
+            </div>
+        </div>
+
+    </body>
+
+</html>

package/share/ahriman/templates/repo-index.jinja2

@@ -10,19 +10,22 @@
 
     <body>
 
+        {% include "utils/bootstrap-scripts.jinja2" %}
+
         <div class="container">
-            <h1>Arch Linux user repository</h1>
+            <h1>Arch linux user repository</h1>
         </div>
 
         <div class="container">
             {% if pgp_key is not none %}
-                <p>This repository is signed with <a href="https://pgp.mit.edu/pks/lookup?search=0x{{ pgp_key }}&fingerprint=on&op=index" title="key search">{{ pgp_key }}</a> by default.</p>
+                <p>This repository is signed with <a href="https://keyserver.ubuntu.com/pks/lookup?search=0x{{ pgp_key }}&fingerprint=on&op=index" title="key search">{{ pgp_key }}</a> by default.</p>
             {% endif %}
 
-<pre>$ cat /etc/pacman.conf
-[{{ repository }}]
+            <p>In order to use this repository edit your <code>/etc/pacman.conf</code> as following:</p>
+
+            <pre class="language-ini"><code id="pacman-conf" class="language-ini">[{{ repository }}]
 Server = {{ link_path }}
-SigLevel = Database{% if has_repo_signed %}Required{% else %}Never{% endif %} Package{% if has_package_signed %}Required{% else %}Never{% endif %} TrustedOnly</pre>
+SigLevel = Database{% if has_repo_signed %}Required{% else %}Never{% endif %} Package{% if has_package_signed %}Required{% else %}Never{% endif %} TrustedOnly</code><button id="copy-btn" type="button" class="btn language-ini" onclick="copyPacmanConf()"><i class="bi bi-clipboard"></i> copy</button></pre>
         </div>
 
         <div class="container">
@@ -40,7 +43,8 @@ SigLevel = Database{% if has_repo_signed %}Required{% else %}Never{% endif %} Pa
                    data-show-fullscreen="true"
                    data-show-search-clear-button="true"
                    data-sortable="true"
-                   data-sort-reset="true"
+                   data-sort-name="base"
+                   data-sort-order="asc"
                    data-toggle="table">
                 <thead class="table-primary">
                     <tr>
@@ -82,13 +86,24 @@ SigLevel = Database{% if has_repo_signed %}Required{% else %}Never{% endif %} Pa
             <footer class="d-flex flex-wrap justify-content-between align-items-center border-top">
                 <ul class="nav">
                     {% if homepage is not none %}
-                        <li><a class="nav-link" href="{{ homepage }}" title="homepage">homepage</a></li>
+                        <li><a class="nav-link" href="{{ homepage }}" title="homepage"><i class="bi bi-house"></i> homepage</a></li>
                     {% endif %}
                 </ul>
+                <ul class="nav">
+                    <li><a class="nav-link" href="https://github.com/arcan1s/ahriman" title="sources"><i class="bi bi-github"></i> ahriman</a></li>
+                </ul>
             </footer>
         </div>
 
-        {% include "utils/bootstrap-scripts.jinja2" %}
+        <script>
+            const pacmanConf = $("#pacman-conf");
+            const pacmanConfCopyButton = $("#copy-btn");
+
+            async function copyPacmanConf() {
+                const conf = pacmanConf.text();
+                await copyToClipboard(conf, pacmanConfCopyButton);
+            }
+        </script>
 
     </body>
 

package/share/ahriman/templates/shell

@@ -0,0 +1,18 @@
+                                              
+                         ▄▄▄    ▄▄▄▄▄▄█▀      
+                       ▄▄▄▄▄▄▄▄▄██▄▄▄█▄▄      
+                       ██▄▄███▄▄▄▄▄██▄▄█▄▄    
+                       █▄██████▄▄▄████▄▄█▄▄  ▄
+                       █▄▄▄█████████▄▄▄▄▀▄█▄█▀
+                      █▄▀▄████▄█▄▄▄▄███▄▄ ▀▀  
+                      █▄▄▄████▄██████████     
+         ▄▄▄▄▄▄▄▄▄     ▀█▄█████▄▄▄▄█▄███▄     
+       ▄▄███▄▄▄▄▄▄▄▄▄    ▀ ▀▄█████▄▄█▄███     
+       ███▄▄████▄▄█▄██▄▄▄   ███▄▄▄▄▄▄█▀▀      
+       ███████▄▀    ▄▄▄██▄▄▄█████             
+       ██▄▄████    █▄█▄▄█████████             
+      ▄▄█▄▄██▄▀    ▀▄████▄██▄██▄▄             
+      ████████      ▄███▄▄▄█▄████             
+     ▄▄▄▄███▄▀     ▄▄█████ ███▄▄▄▄            
+ ▄▄▄██▄▄█▄▄▄▀      █████▄█ █████▄█            
+  ▀▀▀▀▀▀▀           ▀▀▀▀    ▀▀▀▀              

package/share/ahriman/templates/telegram-index.jinja2

@@ -1,5 +1,4 @@
 {#simplified version of full report#}
 <b>{{ repository }} update</b>
 {% for package in packages %}
-<a href="{{ link_path }}/{{ package.filename }}">{{ package.name }}</a> {{ package.version }} at {{ package.build_date }}
-{% endfor %}
+<a href="{{ link_path }}/{{ package.filename }}">{{ package.name }}</a> {{ package.version }}{% endfor %}

package/share/ahriman/templates/utils/bootstrap-scripts.jinja2

@@ -4,20 +4,38 @@
 
 <script src="https://unpkg.com/jquery-resizable-columns@0.2.3/dist/jquery.resizableColumns.min.js"></script>
 
-<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/js/bootstrap.bundle.min.js" integrity="sha384-U1DAWAznBHeqEIlVSCgzq+c9gqGAJn5c/t99JyeKa9xxaYpSvHU5awsuZVVFIhvj" crossorigin="anonymous"></script>
-<script src="https://unpkg.com/bootstrap-table@1.18.3/dist/bootstrap-table.min.js"></script>
+<script src="https://cdn.jsdelivr.net/npm/@popperjs/core@2.11.6/dist/umd/popper.min.js" integrity="sha384-oBqDVmMz9ATKxIep9tiCxS/Z9fNfEXiDAYTujMAeBAsjFuCZSmKbSSUnQlmh/jp3" crossorigin="anonymous"></script>
+<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/js/bootstrap.min.js" integrity="sha384-IDwe1+LCz02ROU9k972gdyvl+AESN10+x7tBKgc9I5HFtuNz0wWnPclzo6p9vxnk" crossorigin="anonymous"></script>
+<script src="https://unpkg.com/bootstrap-table@1.21.1/dist/bootstrap-table.min.js"></script>
 
-<script src="https://unpkg.com/bootstrap-table@1.18.3/dist/extensions/export/bootstrap-table-export.min.js"></script>
+<script src="https://unpkg.com/bootstrap-table@1.21.1/dist/extensions/export/bootstrap-table-export.min.js"></script>
 
-<script src="https://unpkg.com/bootstrap-table@1.18.3/dist/extensions/resizable/bootstrap-table-resizable.js"></script>
+<script src="https://unpkg.com/bootstrap-table@1.21.1/dist/extensions/resizable/bootstrap-table-resizable.js"></script>
 
 <script>
-    $("#packages").bootstrapTable({
-        formatClearSearch: function () {
-            return "Clear search";
-        },
-        formatSearch: function () {
-            return "search";
+    async function copyToClipboard(text, button) {
+        if (navigator.clipboard === undefined) {
+            const input = document.createElement("textarea");
+            input.innerHTML = text;
+            document.body.appendChild(input);
+            input.select();
+            document.execCommand("copy");
+            document.body.removeChild(input);
+        } else {
+            await navigator.clipboard.writeText(text);
         }
-    })
+
+        button.html("<i class=\"bi bi-clipboard-check\"></i> copied");
+        setTimeout(()=> {
+            button.html("<i class=\"bi bi-clipboard\"></i> copy");
+        }, 2000);
+    }
+
+    function safe(string) {
+        return String(string)
+            .replace(/&/g, "&amp;")
+            .replace(/</g, "&lt;")
+            .replace(/>/g, "&gt;")
+            .replace(/"/g, "&quot;");
+    }
 </script>

package/share/ahriman/templates/utils/style.jinja2

@@ -1,9 +1,26 @@
-<script src="https://kit.fontawesome.com/0d6d6d5226.js" crossorigin="anonymous"></script>
-<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.1.0/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-KyZXEAg3QhqLMpG8r+8fhAXLRk2vvoC2f3B09zVXn8CA5QIVfZOJ3BCsw2P0p/We" crossorigin="anonymous">
+<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap@5.2.2/dist/css/bootstrap.min.css" integrity="sha384-Zenh87qX5JnK2Jl0vWa8Ck2rdkQ2Bzep5IDxbcnCeuOxjzrPF/et3URy9Bv1WTRi" crossorigin="anonymous" type="text/css">
+<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootstrap-icons@1.10.2/font/bootstrap-icons.css" type="text/css">
 
-<link href="https://unpkg.com/bootstrap-table@1.18.3/dist/bootstrap-table.min.css" rel="stylesheet">
+<link rel="stylesheet" href="https://unpkg.com/bootstrap-table@1.21.1/dist/bootstrap-table.min.css" type="text/css">
 
-<link href="https://unpkg.com/jquery-resizable-columns@0.2.3/dist/jquery.resizableColumns.css" rel="stylesheet">
+<link rel="stylesheet" href="https://unpkg.com/jquery-resizable-columns@0.2.3/dist/jquery.resizableColumns.css" type="text/css">
+
+<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/bootswatch@5.2.2/dist/cosmo/bootstrap.min.css" integrity="sha256-5t++JZpgVLzo9vF7snO5Qw0y3fA5/NkoJENWB7kpg0E=" crossorigin="anonymous" type="text/css">
 
 <style>
+    .pre-scrollable {
+        display: block;
+        max-height: 680px;
+        overflow-y: scroll;
+    }
+
+    pre[class*="language-"] {
+        position: relative;
+    }
+
+    pre[class*="language-"] button {
+        position: absolute;
+        top: 0;
+        right: 5px;
+    }
 </style>

setup.py

@@ -1,5 +1,5 @@
 from pathlib import Path
-from setuptools import setup, find_packages
+from setuptools import find_packages, setup
 from typing import Any, Dict
 
 
@@ -15,7 +15,7 @@ setup(
     version=metadata["__version__"],
     zip_safe=False,
 
-    description="ArcH Linux ReposItory MANager",
+    description="ArcH linux ReposItory MANager",
 
     author="ahriman team",
     author_email="",
@@ -31,8 +31,8 @@ setup(
     install_requires=[
         "inflection",
         "passlib",
-        "pyalpm",
         "requests",
+        "setuptools",
         "srcinfo",
     ],
     setup_requires=[
@@ -52,27 +52,36 @@ setup(
         "package/bin/ahriman",
     ],
     data_files=[
+        # configuration
         ("share/ahriman/settings", [
             "package/share/ahriman/settings/ahriman.ini",
         ]),
         ("share/ahriman/settings/ahriman.ini.d", [
             "package/share/ahriman/settings/ahriman.ini.d/logging.ini",
         ]),
+        # systemd files
         ("lib/systemd/system", [
             "package/lib/systemd/system/ahriman@.service",
             "package/lib/systemd/system/ahriman@.timer",
             "package/lib/systemd/system/ahriman-web@.service",
         ]),
+        # templates
         ("share/ahriman/templates", [
             "package/share/ahriman/templates/build-status.jinja2",
             "package/share/ahriman/templates/email-index.jinja2",
+            "package/share/ahriman/templates/error.jinja2",
             "package/share/ahriman/templates/repo-index.jinja2",
+            "package/share/ahriman/templates/shell",
             "package/share/ahriman/templates/telegram-index.jinja2",
         ]),
         ("share/ahriman/templates/build-status", [
+            "package/share/ahriman/templates/build-status/alerts.jinja2",
+            "package/share/ahriman/templates/build-status/key-import-modal.jinja2",
             "package/share/ahriman/templates/build-status/login-modal.jinja2",
-            "package/share/ahriman/templates/build-status/package-actions-modals.jinja2",
-            "package/share/ahriman/templates/build-status/package-actions-script.jinja2",
+            "package/share/ahriman/templates/build-status/package-add-modal.jinja2",
+            "package/share/ahriman/templates/build-status/package-info-modal.jinja2",
+            "package/share/ahriman/templates/build-status/package-rebuild-modal.jinja2",
+            "package/share/ahriman/templates/build-status/table.jinja2",
         ]),
         ("share/ahriman/templates/static", [
             "package/share/ahriman/templates/static/favicon.ico",
@@ -81,9 +90,17 @@ setup(
             "package/share/ahriman/templates/utils/bootstrap-scripts.jinja2",
             "package/share/ahriman/templates/utils/style.jinja2",
         ]),
+        # man pages
         ("share/man/man1", [
             "docs/ahriman.1",
-        ])
+        ]),
+        # shell completions
+        ("share/bash-completion/completions", [
+            "docs/completions/bash/_ahriman",
+        ]),
+        ("share/zsh/site-functions", [
+            "docs/completions/zsh/_ahriman",
+        ]),
     ],
 
     extras_require={
@@ -93,6 +110,21 @@ setup(
             "mypy",
             "pylint",
         ],
+        "docs": [
+            "Sphinx",
+            "argparse-manpage",
+            "pydeps",
+            "shtab",
+            "sphinx-argparse",
+            "sphinx-rtd-theme>=1.1.1",  # https://stackoverflow.com/a/74355734
+            "sphinxcontrib-napoleon",
+        ],
+        # FIXME technically this dependency is required, but in some cases we do not have access to
+        # the libalpm which is required in order to install the package. Thus in case if we do not
+        # really need to run the application we can move it to "optional" dependencies
+        "pacman": [
+            "pyalpm",
+        ],
         "s3": [
             "boto3",
         ],
@@ -114,6 +146,7 @@ setup(
             "aiohttp_session",
             "aiohttp_security",
             "cryptography",
+            "requests-unixsocket",  # required by unix socket support
         ],
     },
 )

src/ahriman/application/ahriman.py

@@ -17,15 +17,17 @@
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 #
+# pylint: disable=too-many-lines
 import argparse
 import sys
 import tempfile
 
 from pathlib import Path
-from typing import TypeVar
+from typing import List, TypeVar
 
 from ahriman import version
 from ahriman.application import handlers
+from ahriman.core.util import enum_values
 from ahriman.models.action import Action
 from ahriman.models.build_status import BuildStatusEnum
 from ahriman.models.package_source import PackageSource
@@ -33,6 +35,9 @@ from ahriman.models.sign_settings import SignSettings
 from ahriman.models.user_access import UserAccess
 
 
+__all__: List[str] = []
+
+
 # this workaround is for several things
 # firstly python devs don't think that is it error and asking you for workarounds https://bugs.python.org/issue41592
 # secondly linters don't like when you are importing private members
@@ -43,8 +48,12 @@ SubParserAction = TypeVar("SubParserAction", bound="argparse._SubParsersAction[a
 def _formatter(prog: str) -> argparse.HelpFormatter:
     """
     formatter for the help message
-    :param prog: application name
-    :return: formatter used by default
+
+    Args:
+        prog(str): application name
+
+    Returns:
+        argparse.HelpFormatter: formatter used by default
     """
     return argparse.ArgumentDefaultsHelpFormatter(prog, width=120)
 
@@ -52,26 +61,30 @@ def _formatter(prog: str) -> argparse.HelpFormatter:
 def _parser() -> argparse.ArgumentParser:
     """
     command line parser generator
-    :return: command line parser for the application
+
+    Returns:
+        argparse.ArgumentParser: command line parser for the application
     """
-    parser = argparse.ArgumentParser(prog="ahriman", description="ArcH Linux ReposItory MANager",
+    parser = argparse.ArgumentParser(prog="ahriman", description="ArcH linux ReposItory MANager",
                                      epilog="Argument list can also be read from file by using @ prefix.",
                                      fromfile_prefix_chars="@", formatter_class=_formatter)
-    parser.add_argument("-a", "--architecture", help="target architectures (can be used multiple times)",
-                        action="append")
+    parser.add_argument("-a", "--architecture", help="target architectures. For several subcommands it can be used "
+                                                     "multiple times", action="append")
     parser.add_argument("-c", "--configuration", help="configuration path", type=Path, default=Path("/etc/ahriman.ini"))
     parser.add_argument("--force", help="force run, remove file lock", action="store_true")
     parser.add_argument("-l", "--lock", help="lock file", type=Path,
                         default=Path(tempfile.gettempdir()) / "ahriman.lock")
-    parser.add_argument("--no-report", help="force disable reporting to web service", action="store_true")
+    parser.add_argument("--report", help="force enable or disable reporting to web service",
+                        action=argparse.BooleanOptionalAction, default=True)
     parser.add_argument("-q", "--quiet", help="force disable any logging", action="store_true")
     parser.add_argument("--unsafe", help="allow to run ahriman as non-ahriman user. Some actions might be unavailable",
                         action="store_true")
-    parser.add_argument("-v", "--version", action="version", version=version.__version__)
+    parser.add_argument("-V", "--version", action="version", version=version.__version__)
 
     subparsers = parser.add_subparsers(title="command", help="command to run", dest="command", required=True)
 
     _set_aur_search_parser(subparsers)
+    _set_daemon_parser(subparsers)
     _set_help_parser(subparsers)
     _set_help_commands_unsafe_parser(subparsers)
     _set_key_import_parser(subparsers)
@@ -83,6 +96,8 @@ def _parser() -> argparse.ArgumentParser:
     _set_patch_add_parser(subparsers)
     _set_patch_list_parser(subparsers)
     _set_patch_remove_parser(subparsers)
+    _set_patch_set_add_parser(subparsers)
+    _set_repo_backup_parser(subparsers)
     _set_repo_check_parser(subparsers)
     _set_repo_clean_parser(subparsers)
     _set_repo_config_parser(subparsers)
@@ -94,10 +109,14 @@ def _parser() -> argparse.ArgumentParser:
     _set_repo_sign_parser(subparsers)
     _set_repo_status_update_parser(subparsers)
     _set_repo_sync_parser(subparsers)
+    _set_repo_tree_parser(subparsers)
+    _set_repo_triggers_parser(subparsers)
     _set_repo_update_parser(subparsers)
+    _set_shell_parser(subparsers)
     _set_user_add_parser(subparsers)
     _set_user_list_parser(subparsers)
     _set_user_remove_parser(subparsers)
+    _set_version_parser(subparsers)
     _set_web_parser(subparsers)
 
     return parser
@@ -106,33 +125,71 @@ def _parser() -> argparse.ArgumentParser:
 def _set_aur_search_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for AUR search subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("aur-search", aliases=["search"], help="search for package",
                              description="search for package in AUR using API", formatter_class=_formatter)
-    parser.add_argument("search", help="search terms, can be specified multiple times, result will match all terms",
+    parser.add_argument("search", help="search terms, can be specified multiple times, the result will match all terms",
                         nargs="+")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("-i", "--info", help="show additional package information", action="store_true")
+    parser.add_argument("--info", help="show additional package information",
+                        action=argparse.BooleanOptionalAction, default=False)
     parser.add_argument("--sort-by", help="sort field by this field. In case if two packages have the same value of "
                                           "the specified field, they will be always sorted by name",
                         default="name", choices=sorted(handlers.Search.SORT_FIELDS))
-    parser.set_defaults(handler=handlers.Search, architecture=[""], lock=None, no_report=True, quiet=True, unsafe=True)
+    parser.set_defaults(handler=handlers.Search, architecture=[""], lock=None, report=False, quiet=True, unsafe=True)
+    return parser
+
+
+def _set_daemon_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for daemon subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("daemon", help="run application as daemon",
+                             description="start process which periodically will run update process",
+                             formatter_class=_formatter)
+    parser.add_argument("-i", "--interval", help="interval between runs in seconds", type=int, default=60 * 60 * 12)
+    parser.add_argument("--aur", help="enable or disable checking for AUR updates. Implies --no-vcs",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--local", help="enable or disable checking of local packages for updates",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--manual", help="include or exclude manual updates",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--vcs", help="enable or disable checking of VCS packages",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("-y", "--refresh", help="download fresh package databases from the mirror before actions, "
+                                                "-yy to force refresh even if up to date",
+                        action="count", default=False)
+    parser.set_defaults(handler=handlers.Daemon, dry_run=False, exit_code=False, package=[])
     return parser
 
 
 def _set_help_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for listing help subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("help", help="show help message",
                              description="show help message for application or command and exit",
                              formatter_class=_formatter)
     parser.add_argument("command", help="show help message for specific command", nargs="?")
-    parser.set_defaults(handler=handlers.Help, architecture=[""], lock=None, no_report=True, quiet=True,
+    parser.set_defaults(handler=handlers.Help, architecture=[""], lock=None, report=False, quiet=True,
                         unsafe=True, parser=_parser)
     return parser
 
@@ -140,14 +197,18 @@ def _set_help_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_help_commands_unsafe_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for listing unsafe commands
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("help-commands-unsafe", help="list unsafe commands",
                              description="list unsafe commands as defined in default args", formatter_class=_formatter)
     parser.add_argument("--command", help="instead of showing commands, just test command line for unsafe subcommand "
                                           "and return 0 in case if command is safe and 1 otherwise")
-    parser.set_defaults(handler=handlers.UnsafeCommands, architecture=[""], lock=None, no_report=True, quiet=True,
+    parser.set_defaults(handler=handlers.UnsafeCommands, architecture=[""], lock=None, report=False, quiet=True,
                         unsafe=True, parser=_parser)
     return parser
 
@@ -155,8 +216,12 @@ def _set_help_commands_unsafe_parser(root: SubParserAction) -> argparse.Argument
 def _set_key_import_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for key import subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("key-import", help="import PGP key",
                              description="import PGP key from public sources to the repository user",
@@ -165,17 +230,21 @@ def _set_key_import_parser(root: SubParserAction) -> argparse.ArgumentParser:
                                     "fail in case if key is not known for build user. This subcommand can be used "
                                     "in order to import the PGP key to user keychain.",
                              formatter_class=_formatter)
-    parser.add_argument("--key-server", help="key server for key import", default="pgp.mit.edu")
+    parser.add_argument("--key-server", help="key server for key import", default="keyserver.ubuntu.com")
     parser.add_argument("key", help="PGP key to import from public server")
-    parser.set_defaults(handler=handlers.KeyImport, architecture=[""], lock=None, no_report=True)
+    parser.set_defaults(handler=handlers.KeyImport, architecture=[""], lock=None, report=False)
     return parser
 
 
 def _set_package_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for package addition subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("package-add", aliases=["add", "package-update"], help="add package",
                              description="add existing or new package to the build queue",
@@ -193,8 +262,11 @@ def _set_package_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
     parser.add_argument("package", help="package source (base name, path to local files, remote URL)", nargs="+")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
     parser.add_argument("-n", "--now", help="run update function after", action="store_true")
+    parser.add_argument("-y", "--refresh", help="download fresh package databases from the mirror before actions, "
+                                                "-yy to force refresh even if up to date",
+                        action="count", default=False)
     parser.add_argument("-s", "--source", help="explicitly specify the package source for this command",
-                        type=PackageSource, choices=PackageSource, default=PackageSource.Auto)
+                        type=PackageSource, choices=enum_values(PackageSource), default=PackageSource.Auto)
     parser.add_argument("--without-dependencies", help="do not add dependencies", action="store_true")
     parser.set_defaults(handler=handlers.Add)
     return parser
@@ -203,8 +275,12 @@ def _set_package_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_package_remove_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for package removal subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("package-remove", aliases=["remove"], help="remove package",
                              description="remove package from the repository", formatter_class=_formatter)
@@ -216,8 +292,12 @@ def _set_package_remove_parser(root: SubParserAction) -> argparse.ArgumentParser
 def _set_package_status_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for package status subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("package-status", aliases=["status"], help="get package status",
                              description="request status of the package",
@@ -226,26 +306,31 @@ def _set_package_status_parser(root: SubParserAction) -> argparse.ArgumentParser
     parser.add_argument("package", help="filter status by package base", nargs="*")
     parser.add_argument("--ahriman", help="get service status itself", action="store_true")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("-i", "--info", help="show additional package information", action="store_true")
+    parser.add_argument("--info", help="show additional package information",
+                        action=argparse.BooleanOptionalAction, default=False)
     parser.add_argument("-s", "--status", help="filter packages by status",
-                        type=BuildStatusEnum, choices=BuildStatusEnum)
-    parser.set_defaults(handler=handlers.Status, lock=None, no_report=True, quiet=True, unsafe=True)
+                        type=BuildStatusEnum, choices=enum_values(BuildStatusEnum))
+    parser.set_defaults(handler=handlers.Status, lock=None, report=False, quiet=True, unsafe=True)
     return parser
 
 
 def _set_package_status_remove_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for package status remove subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("package-status-remove", help="remove package status",
                              description="remove the package from the status page",
                              epilog="Please note that this subcommand does not remove the package itself, it just "
                                     "clears the status page.",
                              formatter_class=_formatter)
-    parser.add_argument("package", help="remove specified packages", nargs="+")
-    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Remove, lock=None, no_report=True, quiet=True,
+    parser.add_argument("package", help="remove specified packages from status page", nargs="+")
+    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Remove, lock=None, report=False, quiet=True,
                         unsafe=True)
     return parser
 
@@ -253,89 +338,167 @@ def _set_package_status_remove_parser(root: SubParserAction) -> argparse.Argumen
 def _set_package_status_update_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for package status update subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("package-status-update", aliases=["status-update"], help="update package status",
                              description="update package status on the status page", formatter_class=_formatter)
     parser.add_argument("package", help="set status for specified packages. "
                                         "If no packages supplied, service status will be updated",
                         nargs="*")
-    parser.add_argument("-s", "--status", help="new status",
-                        type=BuildStatusEnum, choices=BuildStatusEnum, default=BuildStatusEnum.Success)
-    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Update, lock=None, no_report=True, quiet=True,
+    parser.add_argument("-s", "--status", help="new package build status",
+                        type=BuildStatusEnum, choices=enum_values(BuildStatusEnum), default=BuildStatusEnum.Success)
+    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Update, lock=None, report=False, quiet=True,
                         unsafe=True)
     return parser
 
 
 def _set_patch_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
-    add parser for new patch subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+    add parser for new single-function patch subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
-    parser = root.add_parser("patch-add", help="add patch set", description="create or update source patches",
-                             epilog="In order to add a patch set for the package you will need to clone "
-                                    "the AUR package manually, add required changes (e.g. external patches, "
-                                    "edit PKGBUILD) and run command, e.g. `ahriman patch path/to/directory`. "
-                                    "By default it tracks *.patch and *.diff files, but this behavior can be changed "
-                                    "by using --track option",
+    parser = root.add_parser("patch-add", help="add patch for PKGBUILD function",
+                             description="create or update patched PKGBUILD function or variable",
+                             epilog="Unlike ``patch-set-add``, this function allows to patch only one PKGBUILD "
+                                    "function, e.g. typing ``ahriman patch-add ahriman pkgver`` it will change the "
+                                    "``pkgver`` inside PKGBUILD, typing ``ahriman patch-add ahriman build()`` "
+                                    "it will change ``build()`` function inside PKGBUILD",
                              formatter_class=_formatter)
-    parser.add_argument("package", help="path to directory with changed files for patch addition/update")
-    parser.add_argument("-t", "--track", help="files which has to be tracked", action="append",
-                        default=["*.diff", "*.patch"])
-    parser.set_defaults(handler=handlers.Patch, action=Action.Update, architecture=[""], lock=None, no_report=True)
+    parser.add_argument("package", help="package base")
+    parser.add_argument("variable", help="PKGBUILD variable or function name. If variable is a function, "
+                                         "it must end with ()")
+    parser.add_argument("patch", help="path to file which contains function or variable value. If not set, "
+                                      "the value will be read from stdin", type=Path, nargs="?")
+    parser.set_defaults(handler=handlers.Patch, action=Action.Update, architecture=[""], lock=None, report=False)
     return parser
 
 
 def _set_patch_list_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for list patches subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("patch-list", help="list patch sets",
                              description="list available patches for the package", formatter_class=_formatter)
     parser.add_argument("package", help="package base", nargs="?")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.set_defaults(handler=handlers.Patch, action=Action.List, architecture=[""], lock=None, no_report=True)
+    parser.add_argument("-v", "--variable", help="if set, show only patches for specified PKGBUILD variables",
+                        action="append")
+    parser.set_defaults(handler=handlers.Patch, action=Action.List, architecture=[""], lock=None, report=False)
     return parser
 
 
 def _set_patch_remove_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for remove patches subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("patch-remove", help="remove patch set", description="remove patches for the package",
                              formatter_class=_formatter)
     parser.add_argument("package", help="package base")
-    parser.set_defaults(handler=handlers.Patch, action=Action.Remove, architecture=[""], lock=None, no_report=True)
+    parser.add_argument("-v", "--variable", help="should be used for single-function patches in case if you wold like "
+                                                 "to remove only specified PKGBUILD variables. In case if not set, "
+                                                 "it will remove all patches related to the package",
+                        action="append")
+    parser.set_defaults(handler=handlers.Patch, action=Action.Remove, architecture=[""], lock=None, report=False)
+    return parser
+
+
+def _set_patch_set_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for new full-diff patch subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("patch-set-add", help="add patch set", description="create or update source patches",
+                             epilog="In order to add a patch set for the package you will need to clone "
+                                    "the AUR package manually, add required changes (e.g. external patches, "
+                                    "edit PKGBUILD) and run command, e.g. ``ahriman patch-set-add path/to/directory``. "
+                                    "By default it tracks *.patch and *.diff files, but this behavior can be changed "
+                                    "by using --track option",
+                             formatter_class=_formatter)
+    parser.add_argument("package", help="path to directory with changed files for patch addition/update", type=Path)
+    parser.add_argument("-t", "--track", help="files which has to be tracked", action="append",
+                        default=["*.diff", "*.patch"])
+    parser.set_defaults(handler=handlers.Patch, action=Action.Update, architecture=[""], lock=None, report=False,
+                        variable=None)
+    return parser
+
+
+def _set_repo_backup_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for repository backup subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("repo-backup", help="backup repository data",
+                             description="backup repository settings and database", formatter_class=_formatter)
+    parser.add_argument("path", help="path of the output archive", type=Path)
+    parser.set_defaults(handler=handlers.Backup, architecture=[""], lock=None, report=False, unsafe=True)
     return parser
 
 
 def _set_repo_check_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository check subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-check", aliases=["check"], help="check for updates",
-                             description="check for packages updates. Same as update --dry-run --no-manual",
+                             description="check for packages updates. Same as repo-update --dry-run --no-manual",
                              formatter_class=_formatter)
     parser.add_argument("package", help="filter check by package base", nargs="*")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("--no-vcs", help="do not check VCS packages", action="store_true")
-    parser.set_defaults(handler=handlers.Update, dry_run=True, no_aur=False, no_local=False, no_manual=True)
+    parser.add_argument("--vcs", help="enable or disable checking of VCS packages",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("-y", "--refresh", help="download fresh package databases from the mirror before actions, "
+                                                "-yy to force refresh even if up to date",
+                        action="count", default=False)
+    parser.set_defaults(handler=handlers.Update, dry_run=True, aur=True, local=True, manual=False)
     return parser
 
 
 def _set_repo_clean_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository clean subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-clean", aliases=["clean"], help="clean local caches",
                              description="remove local caches",
@@ -343,10 +506,15 @@ def _set_repo_clean_parser(root: SubParserAction) -> argparse.ArgumentParser:
                                     "you should not run this command manually. Also in case if you are going to clear "
                                     "the chroot directories you will need root privileges.",
                              formatter_class=_formatter)
-    parser.add_argument("--cache", help="clear directory with package caches", action="store_true")
-    parser.add_argument("--chroot", help="clear build chroot", action="store_true")
-    parser.add_argument("--manual", help="clear manually added packages queue", action="store_true")
-    parser.add_argument("--packages", help="clear directory with built packages", action="store_true")
+    parser.add_argument("--cache", help="clear directory with package caches",
+                        action=argparse.BooleanOptionalAction, default=False)
+    parser.add_argument("--chroot", help="clear build chroot", action=argparse.BooleanOptionalAction, default=False)
+    parser.add_argument("--manual", help="clear manually added packages queue",
+                        action=argparse.BooleanOptionalAction, default=False)
+    parser.add_argument("--packages", help="clear directory with built packages",
+                        action=argparse.BooleanOptionalAction, default=False)
+    parser.add_argument("--pacman", help="clear directory with pacman local database cache",
+                        action=argparse.BooleanOptionalAction, default=False)
     parser.set_defaults(handler=handlers.Clean, quiet=True, unsafe=True)
     return parser
 
@@ -354,27 +522,41 @@ def _set_repo_clean_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_repo_config_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for config subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-config", aliases=["config"], help="dump configuration",
                              description="dump configuration for the specified architecture",
                              formatter_class=_formatter)
-    parser.set_defaults(handler=handlers.Dump, lock=None, no_report=True, quiet=True, unsafe=True)
+    parser.set_defaults(handler=handlers.Dump, lock=None, report=False, quiet=True, unsafe=True)
     return parser
 
 
 def _set_repo_rebuild_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository rebuild subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-rebuild", aliases=["rebuild"], help="rebuild repository",
                              description="force rebuild whole repository", formatter_class=_formatter)
-    parser.add_argument("--depends-on", help="only rebuild packages that depend on specified package", action="append")
+    parser.add_argument("--depends-on", help="only rebuild packages that depend on specified packages", action="append")
     parser.add_argument("--dry-run", help="just perform check for packages without rebuild process itself",
                         action="store_true")
+    parser.add_argument("--from-database",
+                        help="read packages from database instead of filesystem. This feature in particular is "
+                             "required in case if you would like to restore repository from another repository "
+                             "instance. Note, however, that in order to restore packages you need to have original "
+                             "ahriman instance run with web service and have run repo-update at least once.",
+                        action="store_true")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
     parser.set_defaults(handler=handlers.Rebuild)
     return parser
@@ -383,14 +565,17 @@ def _set_repo_rebuild_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_repo_remove_unknown_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for remove unknown packages subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-remove-unknown", aliases=["remove-unknown"], help="remove unknown packages",
                              description="remove packages which are missing in AUR and do not have local PKGBUILDs",
                              formatter_class=_formatter)
     parser.add_argument("--dry-run", help="just perform check for packages without removal", action="store_true")
-    parser.add_argument("-i", "--info", help="show additional package information", action="store_true")
     parser.set_defaults(handler=handlers.RemoveUnknown)
     return parser
 
@@ -398,38 +583,48 @@ def _set_repo_remove_unknown_parser(root: SubParserAction) -> argparse.ArgumentP
 def _set_repo_report_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for report subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-report", aliases=["report"], help="generate report",
                              description="generate repository report according to current settings",
                              epilog="Create and/or update repository report as configured.",
                              formatter_class=_formatter)
-    parser.add_argument("target", help="target to generate report", nargs="*")
-    parser.set_defaults(handler=handlers.Report)
+    parser.set_defaults(handler=handlers.Triggers, trigger=["ahriman.core.report.ReportTrigger"])
     return parser
 
 
 def _set_repo_restore_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
-    add parser for package addition subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+    add parser for repository restore subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
-    parser = root.add_parser("repo-restore", aliases=["restore"], help="restore repository",
-                             description="restore repository from database file", formatter_class=_formatter)
-    parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("-n", "--now", help="run update function after", action="store_true")
-    parser.add_argument("--without-dependencies", help="do not add dependencies", action="store_true")
-    parser.set_defaults(handler=handlers.Add, package=None, source=PackageSource.AUR)
+    parser = root.add_parser("repo-restore", help="restore repository data",
+                             description="restore settings and database", formatter_class=_formatter)
+    parser.add_argument("path", help="path of the input archive", type=Path)
+    parser.add_argument("-o", "--output", help="root path of the extracted files", type=Path, default=Path("/"))
+    parser.set_defaults(handler=handlers.Restore, architecture=[""], lock=None, report=False, unsafe=True)
     return parser
 
 
 def _set_repo_setup_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for setup subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-setup", aliases=["init", "repo-init", "setup"], help="initial service configuration",
                              description="create initial service configuration, requires root",
@@ -439,22 +634,30 @@ def _set_repo_setup_parser(root: SubParserAction) -> argparse.ArgumentParser:
     parser.add_argument("--build-command", help="build command prefix", default="ahriman")
     parser.add_argument("--from-configuration", help="path to default devtools pacman configuration",
                         type=Path, default=Path("/usr/share/devtools/pacman-extra.conf"))
-    parser.add_argument("--no-multilib", help="do not add multilib repository", action="store_true")
+    parser.add_argument("--makeflags-jobs", help="append MAKEFLAGS variable with parallelism set to number of cores",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--multilib", help="add or do not multilib repository",
+                        action=argparse.BooleanOptionalAction, default=True)
     parser.add_argument("--packager", help="packager name and email", required=True)
     parser.add_argument("--repository", help="repository name", required=True)
     parser.add_argument("--sign-key", help="sign key id")
     parser.add_argument("--sign-target", help="sign options", action="append",
-                        type=SignSettings.from_option, choices=SignSettings)
+                        type=SignSettings.from_option, choices=enum_values(SignSettings))
     parser.add_argument("--web-port", help="port of the web service", type=int)
-    parser.set_defaults(handler=handlers.Setup, lock=None, no_report=True, quiet=True, unsafe=True)
+    parser.add_argument("--web-unix-socket", help="path to unix socket used for interprocess communications", type=Path)
+    parser.set_defaults(handler=handlers.Setup, lock=None, report=False, quiet=True, unsafe=True)
     return parser
 
 
 def _set_repo_sign_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for sign subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-sign", aliases=["sign"], help="sign packages",
                              description="(re-)sign packages and repository database according to current settings",
@@ -468,14 +671,18 @@ def _set_repo_sign_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_repo_status_update_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository status update subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-status-update", help="update repository status",
                              description="update repository status on the status page", formatter_class=_formatter)
     parser.add_argument("-s", "--status", help="new status",
-                        type=BuildStatusEnum, choices=BuildStatusEnum, default=BuildStatusEnum.Success)
-    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Update, lock=None, no_report=True, package=[],
+                        type=BuildStatusEnum, choices=enum_values(BuildStatusEnum), default=BuildStatusEnum.Success)
+    parser.set_defaults(handler=handlers.StatusUpdate, action=Action.Update, lock=None, report=False, package=[],
                         quiet=True, unsafe=True)
     return parser
 
@@ -483,23 +690,66 @@ def _set_repo_status_update_parser(root: SubParserAction) -> argparse.ArgumentPa
 def _set_repo_sync_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository sync subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-sync", aliases=["sync"], help="sync repository",
                              description="sync repository files to remote server according to current settings",
                              epilog="Synchronize the repository to remote services as configured.",
                              formatter_class=_formatter)
-    parser.add_argument("target", help="target to sync", nargs="*")
-    parser.set_defaults(handler=handlers.Sync)
+    parser.set_defaults(handler=handlers.Triggers, trigger=["ahriman.core.upload.UploadTrigger"])
+    return parser
+
+
+def _set_repo_tree_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for repository tree subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("repo-tree", help="dump repository tree",
+                             description="dump repository tree based on packages dependencies",
+                             formatter_class=_formatter)
+    parser.set_defaults(handler=handlers.Structure, lock=None, report=False, quiet=True)
+    return parser
+
+
+def _set_repo_triggers_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for repository triggers subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("repo-triggers", help="run triggers",
+                             description="run triggers on empty build result as configured by settings",
+                             formatter_class=_formatter)
+    parser.add_argument("trigger", help="instead of running all triggers as set by configuration, just process "
+                                        "specified ones in order of mention", nargs="*")
+    parser.set_defaults(handler=handlers.Triggers)
     return parser
 
 
 def _set_repo_update_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for repository update subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("repo-update", aliases=["update"], help="update packages",
                              description="check for packages updates and run build process if requested",
@@ -507,32 +757,63 @@ def _set_repo_update_parser(root: SubParserAction) -> argparse.ArgumentParser:
     parser.add_argument("package", help="filter check by package base", nargs="*")
     parser.add_argument("--dry-run", help="just perform check for updates, same as check command", action="store_true")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("--no-aur", help="do not check for AUR updates. Implies --no-vcs", action="store_true")
-    parser.add_argument("--no-local", help="do not check local packages for updates", action="store_true")
-    parser.add_argument("--no-manual", help="do not include manual updates", action="store_true")
-    parser.add_argument("--no-vcs", help="do not check VCS packages", action="store_true")
+    parser.add_argument("--aur", help="enable or disable checking for AUR updates. Implies --no-vcs",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--local", help="enable or disable checking of local packages for updates",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--manual", help="include or exclude manual updates",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("--vcs", help="enable or disable checking of VCS packages",
+                        action=argparse.BooleanOptionalAction, default=True)
+    parser.add_argument("-y", "--refresh", help="download fresh package databases from the mirror before actions, "
+                                                "-yy to force refresh even if up to date",
+                        action="count", default=False)
     parser.set_defaults(handler=handlers.Update)
     return parser
 
 
+def _set_shell_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for shell subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("shell", help="invoke python shell",
+                             description="drop into python shell while having created application",
+                             formatter_class=_formatter)
+    parser.add_argument("code", help="instead of dropping into shell, just execute the specified code", nargs="?")
+    parser.add_argument("-v", "--verbose", help=argparse.SUPPRESS, action="store_true")
+    parser.set_defaults(handler=handlers.Shell, lock=None, report=False)
+    return parser
+
+
 def _set_user_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for create user subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("user-add", help="create or update user",
                              description="update user for web services with the given password and role. "
                                          "In case if password was not entered it will be asked interactively",
+                             epilog="In case of first run (i.e. if password salt is not set yet) this action requires "
+                                    "root privileges because it performs write to filesystem configuration.",
                              formatter_class=_formatter)
     parser.add_argument("username", help="username for web service")
-    parser.add_argument("--as-service", help="add user as service user", action="store_true")
     parser.add_argument("-p", "--password", help="user password. Blank password will be treated as empty password, "
                                                  "which is in particular must be used for OAuth2 authorization type.")
     parser.add_argument("-r", "--role", help="user access level",
-                        type=UserAccess, choices=UserAccess, default=UserAccess.Read)
+                        type=UserAccess, choices=enum_values(UserAccess), default=UserAccess.Read)
     parser.add_argument("-s", "--secure", help="set file permissions to user-only", action="store_true")
-    parser.set_defaults(handler=handlers.User, action=Action.Update, architecture=[""], lock=None, no_report=True,
+    parser.set_defaults(handler=handlers.Users, action=Action.Update, architecture=[""], lock=None, report=False,
                         quiet=True, unsafe=True)
     return parser
 
@@ -540,16 +821,20 @@ def _set_user_add_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_user_list_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for user list subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("user-list", help="user known users and their access",
                              description="list users from the user mapping and their roles",
                              formatter_class=_formatter)
     parser.add_argument("username", help="filter users by username", nargs="?")
     parser.add_argument("-e", "--exit-code", help="return non-zero exit status if result is empty", action="store_true")
-    parser.add_argument("-r", "--role", help="filter users by role", type=UserAccess, choices=UserAccess)
-    parser.set_defaults(handler=handlers.User, action=Action.List, architecture=[""], lock=None, no_report=True,  # nosec
+    parser.add_argument("-r", "--role", help="filter users by role", type=UserAccess, choices=enum_values(UserAccess))
+    parser.set_defaults(handler=handlers.Users, action=Action.List, architecture=[""], lock=None, report=False,  # nosec
                         password="", quiet=True, unsafe=True)
     return parser
 
@@ -557,27 +842,51 @@ def _set_user_list_parser(root: SubParserAction) -> argparse.ArgumentParser:
 def _set_user_remove_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for user removal subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("user-remove", help="remove user",
                              description="remove user from the user mapping and update the configuration",
                              formatter_class=_formatter)
     parser.add_argument("username", help="username for web service")
-    parser.add_argument("-s", "--secure", help="set file permissions to user-only", action="store_true")
-    parser.set_defaults(handler=handlers.User, action=Action.Remove, architecture=[""], lock=None, no_report=True,  # nosec
+    parser.set_defaults(handler=handlers.Users, action=Action.Remove, architecture=[""], lock=None, report=False,  # nosec
                         password="", quiet=True, unsafe=True)
     return parser
 
 
+def _set_version_parser(root: SubParserAction) -> argparse.ArgumentParser:
+    """
+    add parser for version subcommand
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
+    """
+    parser = root.add_parser("version", help="application version",
+                             description="print application and its dependencies versions", formatter_class=_formatter)
+    parser.set_defaults(handler=handlers.Versions, architecture=[""], lock=None, report=False, quiet=True,
+                        unsafe=True)
+    return parser
+
+
 def _set_web_parser(root: SubParserAction) -> argparse.ArgumentParser:
     """
     add parser for web subcommand
-    :param root: subparsers for the commands
-    :return: created argument parser
+
+    Args:
+        root(SubParserAction): subparsers for the commands
+
+    Returns:
+        argparse.ArgumentParser: created argument parser
     """
     parser = root.add_parser("web", help="web server", description="start web server", formatter_class=_formatter)
-    parser.set_defaults(handler=handlers.Web, lock=None, no_report=True, parser=_parser)
+    parser.set_defaults(handler=handlers.Web, lock=None, report=False, parser=_parser)
     return parser
 
 

src/ahriman/application/application/application.py

@@ -19,28 +19,42 @@
 #
 from typing import Set
 
-from ahriman.application.application.packages import Packages
-from ahriman.application.application.repository import Repository
+from ahriman.application.application.application_packages import ApplicationPackages
+from ahriman.application.application.application_repository import ApplicationRepository
 from ahriman.models.result import Result
 
 
-class Application(Packages, Repository):
+class Application(ApplicationPackages, ApplicationRepository):
     """
     base application class
-    """
 
-    def _finalize(self, result: Result) -> None:
-        """
-        generate report and sync to remote server
-        :param result: build result
-        """
-        self.report([], result)
-        self.sync([], result.success)
+    Examples:
+        This class groups ``Repository`` methods into specific method which process all supposed actions caused by
+        underlying action. E.g.::
+
+            >>> from ahriman.core.configuration import Configuration
+            >>> from ahriman.models.package_source import PackageSource
+            >>>
+            >>> configuration = Configuration()
+            >>> application = Application("x86_64", configuration, report=True, unsafe=False)
+            >>> # add packages to build queue
+            >>> application.add(["ahriman"], PackageSource.AUR, without_dependencies=False)
+            >>>
+            >>> # check for updates
+            >>> updates = application.updates([], aur=True, local=True, manual=True, vcs=True, log_fn=print)
+            >>> # updates for specified packages
+            >>> application.update(updates)
+
+        In case if specific actions or their order are required, the direct access to ``Repository`` must
+        be used instead.
+    """
 
     def _known_packages(self) -> Set[str]:
         """
         load packages from repository and pacman repositories
-        :return: list of known packages
+
+        Returns:
+            Set[str]: list of known packages
         """
         known_packages: Set[str] = set()
         # local set
@@ -48,5 +62,28 @@ class Application(Packages, Repository):
             for package, properties in base.packages.items():
                 known_packages.add(package)
                 known_packages.update(properties.provides)
-        known_packages.update(self.repository.pacman.all_packages())
+        known_packages.update(self.repository.pacman.packages())
         return known_packages
+
+    def on_result(self, result: Result) -> None:
+        """
+        generate report and sync to remote server
+
+        Args:
+            result(Result): build result
+        """
+        packages = self.repository.packages()
+        self.repository.triggers.on_result(result, packages)
+
+    def on_start(self) -> None:
+        """
+        run triggers on start of the application
+        """
+        self.repository.triggers.on_start()
+
+    def on_stop(self) -> None:
+        """
+        run triggers on stop of the application. Note, however, that in most cases this method should not be called
+        directly as it will be called after on_start action
+        """
+        self.repository.triggers.on_stop()

src/ahriman/application/application/application_packages.py

@@ -21,39 +21,52 @@ import requests
 import shutil
 
 from pathlib import Path
+from tempfile import TemporaryDirectory
 from typing import Any, Iterable, Set
 
-from ahriman.application.application.properties import Properties
+from ahriman.application.application.application_properties import ApplicationProperties
 from ahriman.core.build_tools.sources import Sources
-from ahriman.core.util import package_like, tmpdir
+from ahriman.core.util import package_like
 from ahriman.models.package import Package
 from ahriman.models.package_source import PackageSource
 from ahriman.models.result import Result
 
 
-class Packages(Properties):
+class ApplicationPackages(ApplicationProperties):
     """
     package control class
     """
 
-    def _finalize(self, result: Result) -> None:
-        """
-        generate report and sync to remote server
-        :param result: build result
-        """
-        raise NotImplementedError
-
     def _known_packages(self) -> Set[str]:
         """
         load packages from repository and pacman repositories
-        :return: list of known packages
+
+        Returns:
+            Set[str]: list of known packages
+
+        Raises:
+            NotImplementedError: not implemented method
+        """
+        raise NotImplementedError
+
+    def on_result(self, result: Result) -> None:
+        """
+        generate report and sync to remote server
+
+        Args:
+            result(Result): build result
+
+        Raises:
+            NotImplementedError: not implemented method
         """
         raise NotImplementedError
 
     def _add_archive(self, source: str, *_: Any) -> None:
         """
         add package from archive
-        :param source: path to package archive
+
+        Args:
+            source(str): path to package archive
         """
         local_path = Path(source)
         dst = self.repository.paths.packages / local_path.name
@@ -62,37 +75,45 @@ class Packages(Properties):
     def _add_aur(self, source: str, known_packages: Set[str], without_dependencies: bool) -> None:
         """
         add package from AUR
-        :param source: package base name
-        :param known_packages: list of packages which are known by the service
-        :param without_dependencies: if set, dependency check will be disabled
+
+        Args:
+            source(str): package base name
+            known_packages(Set[str]): list of packages which are known by the service
+            without_dependencies(bool): if set, dependency check will be disabled
         """
-        package = Package.load(source, PackageSource.AUR, self.repository.pacman, self.repository.aur_url)
+        package = Package.from_aur(source, self.repository.pacman)
 
         self.database.build_queue_insert(package)
+        self.database.remote_update(package)
 
-        with tmpdir() as local_path:
-            Sources.load(local_path, package.git_url, self.database.patches_get(package.base))
-            self._process_dependencies(local_path, known_packages, without_dependencies)
+        with TemporaryDirectory(ignore_cleanup_errors=True) as dir_name, (local_dir := Path(dir_name)):
+            Sources.load(local_dir, package, self.database.patches_get(package.base), self.repository.paths)
+            self._process_dependencies(local_dir, known_packages, without_dependencies)
 
     def _add_directory(self, source: str, *_: Any) -> None:
         """
         add packages from directory
-        :param source: path to local directory
+
+        Args:
+            source(str): path to local directory
         """
-        local_path = Path(source)
-        for full_path in filter(package_like, local_path.iterdir()):
+        local_dir = Path(source)
+        for full_path in filter(package_like, local_dir.iterdir()):
             self._add_archive(str(full_path))
 
     def _add_local(self, source: str, known_packages: Set[str], without_dependencies: bool) -> None:
         """
         add package from local PKGBUILDs
-        :param source: path to directory with local source files
-        :param known_packages: list of packages which are known by the service
-        :param without_dependencies: if set, dependency check will be disabled
+
+        Args:
+            source(str): path to directory with local source files
+            known_packages(Set[str]): list of packages which are known by the service
+            without_dependencies(bool): if set, dependency check will be disabled
         """
-        package = Package.load(source, PackageSource.Local, self.repository.pacman, self.repository.aur_url)
+        source_dir = Path(source)
+        package = Package.from_build(source_dir)
         cache_dir = self.repository.paths.cache_for(package.base)
-        shutil.copytree(Path(source), cache_dir)  # copy package to store in caches
+        shutil.copytree(source_dir, cache_dir)  # copy package to store in caches
         Sources.init(cache_dir)  # we need to run init command in directory where we do have permissions
 
         self.database.build_queue_insert(package)
@@ -102,35 +123,53 @@ class Packages(Properties):
     def _add_remote(self, source: str, *_: Any) -> None:
         """
         add package from remote sources (e.g. HTTP)
-        :param remote_url: remote URL to the package archive
+
+        Args:
+            source(str): remote URL of the package archive
         """
         dst = self.repository.paths.packages / Path(source).name  # URL is path, is not it?
-        response = requests.get(source, stream=True)
+        response = requests.get(source, stream=True, timeout=None)  # timeout=None to suppress pylint warns
         response.raise_for_status()
 
         with dst.open("wb") as local_file:
             for chunk in response.iter_content(chunk_size=1024):
                 local_file.write(chunk)
 
-    def _process_dependencies(self, local_path: Path, known_packages: Set[str], without_dependencies: bool) -> None:
+    def _add_repository(self, source: str, *_: Any) -> None:
+        """
+        add package from official repository
+
+        Args:
+            source(str): package base name
+        """
+        package = Package.from_official(source, self.repository.pacman)
+        self.database.build_queue_insert(package)
+        self.database.remote_update(package)
+        # repository packages must not depend on unknown packages, thus we are not going to process dependencies
+
+    def _process_dependencies(self, local_dir: Path, known_packages: Set[str], without_dependencies: bool) -> None:
         """
         process package dependencies
-        :param local_path: path to local package sources (i.e. cloned AUR repository)
-        :param known_packages: list of packages which are known by the service
-        :param without_dependencies: if set, dependency check will be disabled
+
+        Args:
+            local_dir(Path): path to local package sources (i.e. cloned AUR repository)
+            known_packages(Set[str]): list of packages which are known by the service
+            without_dependencies(bool): if set, dependency check will be disabled
         """
         if without_dependencies:
             return
 
-        dependencies = Package.dependencies(local_path)
+        dependencies = Package.dependencies(local_dir)
         self.add(dependencies.difference(known_packages), PackageSource.AUR, without_dependencies)
 
     def add(self, names: Iterable[str], source: PackageSource, without_dependencies: bool) -> None:
         """
         add packages for the next build
-        :param names: list of package bases to add
-        :param source: package source to add
-        :param without_dependencies: if set, dependency check will be disabled
+
+        Args:
+            names(Iterable[str]): list of package bases to add
+            source(PackageSource): package source to add
+            without_dependencies(bool): if set, dependency check will be disabled
         """
         known_packages = self._known_packages()  # speedup dependencies processing
 
@@ -142,7 +181,9 @@ class Packages(Properties):
     def remove(self, names: Iterable[str]) -> None:
         """
         remove packages from repository
-        :param names: list of packages (either base or name) to remove
+
+        Args:
+            names(Iterable[str]): list of packages (either base or name) to remove
         """
         self.repository.process_remove(names)
-        self._finalize(Result())
+        self.on_result(Result())

src/ahriman/application/application/application_properties.py

@@ -17,33 +17,38 @@
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 #
-import logging
-
 from ahriman.core.configuration import Configuration
-from ahriman.core.database.sqlite import SQLite
+from ahriman.core.database import SQLite
+from ahriman.core.log import LazyLogging
 from ahriman.core.repository import Repository
 
 
-class Properties:
+class ApplicationProperties(LazyLogging):
     """
     application base properties class
-    :ivar architecture: repository architecture
-    :ivar configuration: configuration instance
-    :ivar database: database instance
-    :ivar logger: application logger
-    :ivar repository: repository instance
+
+    Attributes:
+        architecture(str): repository architecture
+        configuration(Configuration): configuration instance
+        database(SQLite): database instance
+        repository(Repository): repository instance
     """
 
-    def __init__(self, architecture: str, configuration: Configuration, no_report: bool, unsafe: bool) -> None:
+    def __init__(self, architecture: str, configuration: Configuration, *,
+                 report: bool, unsafe: bool, refresh_pacman_database: int = 0) -> None:
         """
         default constructor
-        :param architecture: repository architecture
-        :param configuration: configuration instance
-        :param no_report: force disable reporting
-        :param unsafe: if set no user check will be performed before path creation
+
+        Args:
+            architecture(str): repository architecture
+            configuration(Configuration): configuration instance
+            report(bool): force enable or disable reporting
+            unsafe(bool): if set no user check will be performed before path creation
+            refresh_pacman_database(int, optional): pacman database syncronization level, ``0`` is disabled
+                (Default value = 0)
         """
-        self.logger = logging.getLogger("root")
         self.configuration = configuration
         self.architecture = architecture
         self.database = SQLite.load(configuration)
-        self.repository = Repository(architecture, configuration, self.database, no_report, unsafe)
+        self.repository = Repository.load(architecture, configuration, self.database, report=report, unsafe=unsafe,
+                                          refresh_pacman_database=refresh_pacman_database)

src/ahriman/application/application/application_repository.py

@@ -17,38 +17,44 @@
 # You should have received a copy of the GNU General Public License
 # along with this program. If not, see <http://www.gnu.org/licenses/>.
 #
-import shutil
-
 from pathlib import Path
 from typing import Callable, Iterable, List
 
-from ahriman.application.application.properties import Properties
+from ahriman.application.application.application_properties import ApplicationProperties
 from ahriman.core.build_tools.sources import Sources
-from ahriman.core.formatters.update_printer import UpdatePrinter
+from ahriman.core.formatters import UpdatePrinter
 from ahriman.core.tree import Tree
 from ahriman.models.package import Package
 from ahriman.models.result import Result
 
 
-class Repository(Properties):
+class ApplicationRepository(ApplicationProperties):
     """
     repository control class
     """
 
-    def _finalize(self, result: Result) -> None:
+    def on_result(self, result: Result) -> None:
         """
         generate report and sync to remote server
-        :param result: build result
+
+        Args:
+            result(Result): build result
+
+        Raises:
+            NotImplementedError: not implemented method
         """
         raise NotImplementedError
 
-    def clean(self, cache: bool, chroot: bool, manual: bool, packages: bool) -> None:
+    def clean(self, *, cache: bool, chroot: bool, manual: bool, packages: bool, pacman: bool) -> None:
         """
         run all clean methods. Warning: some functions might not be available under non-root
-        :param cache: clear directory with package caches
-        :param chroot: clear build chroot
-        :param manual: clear directory with manually added packages
-        :param packages: clear directory with built packages
+
+        Args:
+            cache(bool): clear directory with package caches
+            chroot(bool): clear build chroot
+            manual(bool): clear directory with manually added packages' bases
+            packages(bool): clear directory with built packages
+            pacman(bool): clear directory with pacman databases
         """
         if cache:
             self.repository.clear_cache()
@@ -58,20 +64,15 @@ class Repository(Properties):
             self.repository.clear_queue()
         if packages:
             self.repository.clear_packages()
-
-    def report(self, target: Iterable[str], result: Result) -> None:
-        """
-        generate report
-        :param target: list of targets to run (e.g. html)
-        :param result: build result
-        """
-        targets = target or None
-        self.repository.process_report(targets, result)
+        if pacman:
+            self.repository.clear_pacman()
 
     def sign(self, packages: Iterable[str]) -> None:
         """
         sign packages and repository
-        :param packages: only sign specified packages
+
+        Args:
+            packages(Iterable[str]): only sign specified packages
         """
         # copy to prebuilt directory
         for package in self.repository.packages():
@@ -82,28 +83,18 @@ class Repository(Properties):
                 if archive.filepath is None:
                     self.logger.warning("filepath is empty for %s", package.base)
                     continue  # avoid mypy warning
-                src = self.repository.paths.repository / archive.filepath
-                dst = self.repository.paths.packages / archive.filepath
-                shutil.copy(src, dst)
-        # run generic update function
-        self.update([])
+                self.repository.sign.process_sign_package(archive.filepath, package.base)
         # sign repository database if set
         self.repository.sign.process_sign_repository(self.repository.repo.repo_path)
-        self._finalize(Result())
-
-    def sync(self, target: Iterable[str], built_packages: Iterable[Package]) -> None:
-        """
-        sync to remote server
-        :param target: list of targets to run (e.g. s3)
-        :param built_packages: list of packages which has just been built
-        """
-        targets = target or None
-        self.repository.process_sync(targets, built_packages)
+        # process triggers
+        self.on_result(Result())
 
     def unknown(self) -> List[str]:
         """
         get packages which were not found in AUR
-        :return: unknown package archive list
+
+        Returns:
+            List[str]: unknown package archive list
         """
         def has_local(probe: Package) -> bool:
             cache_dir = self.repository.paths.cache_for(probe.base)
@@ -113,14 +104,14 @@ class Repository(Properties):
             packages: List[str] = []
             for single in probe.packages:
                 try:
-                    _ = Package.from_aur(single, probe.aur_url)
+                    _ = Package.from_aur(single, self.repository.pacman)
                 except Exception:
                     packages.append(single)
             return packages
 
         def unknown_local(probe: Package) -> List[str]:
             cache_dir = self.repository.paths.cache_for(probe.base)
-            local = Package.from_build(cache_dir, probe.aur_url)
+            local = Package.from_build(cache_dir)
             packages = set(probe.packages.keys()).difference(local.packages.keys())
             return list(packages)
 
@@ -135,13 +126,18 @@ class Repository(Properties):
     def update(self, updates: Iterable[Package]) -> Result:
         """
         run package updates
-        :param updates: list of packages to update
+
+        Args:
+            updates(Iterable[Package]): list of packages to update
+
+        Returns:
+            Result: update result
         """
         def process_update(paths: Iterable[Path], result: Result) -> None:
             if not paths:
                 return  # don't need to process if no update supplied
             update_result = self.repository.process_update(paths)
-            self._finalize(result.merge(update_result))
+            self.on_result(result.merge(update_result))
 
         # process built packages
         build_result = Result()
@@ -149,8 +145,8 @@ class Repository(Properties):
         process_update(packages, build_result)
 
         # process manual packages
-        tree = Tree.load(updates, self.database)
-        for num, level in enumerate(tree.levels()):
+        tree = Tree.resolve(updates, self.repository.paths, self.database)
+        for num, level in enumerate(tree):
             self.logger.info("processing level #%i %s", num, [package.base for package in level])
             build_result = self.repository.process_build(level)
             packages = self.repository.packages_built()
@@ -158,31 +154,39 @@ class Repository(Properties):
 
         return build_result
 
-    def updates(self, filter_packages: Iterable[str], no_aur: bool, no_local: bool, no_manual: bool, no_vcs: bool,
-                log_fn: Callable[[str], None]) -> List[Package]:
+    def updates(self, filter_packages: Iterable[str], *,
+                aur: bool, local: bool, manual: bool, vcs: bool, log_fn: Callable[[str], None]) -> List[Package]:
         """
         get list of packages to run update process
-        :param filter_packages: do not check every package just specified in the list
-        :param no_aur: do not check for aur updates
-        :param no_local: do not check local packages for updates
-        :param no_manual: do not check for manual updates
-        :param no_vcs: do not check VCS packages
-        :param log_fn: logger function to log updates
-        :return: list of out-of-dated packages
+
+        Args:
+            filter_packages(Iterable[str]): do not check every package just specified in the list
+            aur(bool): enable or disable checking for AUR updates
+            local(bool): enable or disable checking of local packages for updates
+            manual(bool): include or exclude manual updates
+            vcs(bool): enable or disable checking of VCS packages
+            log_fn(Callable[[str], None]): logger function to log updates
+
+        Returns:
+            List[Package]: list of out-of-dated packages
         """
         updates = {}
 
-        if not no_aur:
-            updates.update({package.base: package for package in self.repository.updates_aur(filter_packages, no_vcs)})
-        if not no_local:
+        if aur:
+            updates.update({package.base: package for package in self.repository.updates_aur(filter_packages, vcs=vcs)})
+        if local:
             updates.update({package.base: package for package in self.repository.updates_local()})
-        if not no_manual:
+        if manual:
             updates.update({package.base: package for package in self.repository.updates_manual()})
 
         local_versions = {package.base: package.version for package in self.repository.packages()}
         updated_packages = [package for _, package in sorted(updates.items())]
-        for package in updated_packages:
-            UpdatePrinter(package, local_versions.get(package.base)).print(
-                verbose=True, log_fn=log_fn, separator=" -> ")
+
+        # reorder updates according to the dependency tree
+        tree = Tree.resolve(updated_packages, self.repository.paths, self.database)
+        for level in tree:
+            for package in level:
+                UpdatePrinter(package, local_versions.get(package.base)).print(
+                    verbose=True, log_fn=log_fn, separator=" -> ")
 
         return updated_packages

src/ahriman/application/handlers/__init__.py

@@ -20,7 +20,9 @@
 from ahriman.application.handlers.handler import Handler
 
 from ahriman.application.handlers.add import Add
+from ahriman.application.handlers.backup import Backup
 from ahriman.application.handlers.clean import Clean
+from ahriman.application.handlers.daemon import Daemon
 from ahriman.application.handlers.dump import Dump
 from ahriman.application.handlers.help import Help
 from ahriman.application.handlers.key_import import KeyImport
@@ -28,14 +30,17 @@ from ahriman.application.handlers.patch import Patch
 from ahriman.application.handlers.rebuild import Rebuild
 from ahriman.application.handlers.remove import Remove
 from ahriman.application.handlers.remove_unknown import RemoveUnknown
-from ahriman.application.handlers.report import Report
+from ahriman.application.handlers.restore import Restore
 from ahriman.application.handlers.search import Search
 from ahriman.application.handlers.setup import Setup
+from ahriman.application.handlers.shell import Shell
 from ahriman.application.handlers.sign import Sign
 from ahriman.application.handlers.status import Status
 from ahriman.application.handlers.status_update import StatusUpdate
-from ahriman.application.handlers.sync import Sync
+from ahriman.application.handlers.structure import Structure
+from ahriman.application.handlers.triggers import Triggers
 from ahriman.application.handlers.unsafe_commands import UnsafeCommands
 from ahriman.application.handlers.update import Update
-from ahriman.application.handlers.user import User
+from ahriman.application.handlers.users import Users
+from ahriman.application.handlers.versions import Versions
 from ahriman.application.handlers.web import Web

src/ahriman/application/handlers/add.py

@@ -19,10 +19,10 @@
 #
 import argparse
 
-from typing import List, Type
+from typing import Type
 
 from ahriman.application.application import Application
-from ahriman.application.handlers.handler import Handler
+from ahriman.application.handlers import Handler
 from ahriman.core.configuration import Configuration
 
 
@@ -32,31 +32,26 @@ class Add(Handler):
     """
 
     @classmethod
-    def run(cls: Type[Handler], args: argparse.Namespace, architecture: str,
-            configuration: Configuration, no_report: bool, unsafe: bool) -> None:
+    def run(cls: Type[Handler], args: argparse.Namespace, architecture: str, configuration: Configuration, *,
+            report: bool, unsafe: bool) -> None:
         """
         callback for command line
-        :param args: command line args
-        :param architecture: repository architecture
-        :param configuration: configuration instance
-        :param no_report: force disable reporting
-        :param unsafe: if set no user check will be performed before path creation
+
+        Args:
+            args(argparse.Namespace): command line args
+            architecture(str): repository architecture
+            configuration(Configuration): configuration instance
+            report(bool): force enable or disable reporting
+            unsafe(bool): if set no user check will be performed before path creation
         """
-        application = Application(architecture, configuration, no_report, unsafe)
-        packages = Add.extract_packages(application) if args.package is None else args.package
-        application.add(packages, args.source, args.without_dependencies)
+        application = Application(architecture, configuration,
+                                  report=report, unsafe=unsafe, refresh_pacman_database=args.refresh)
+        application.on_start()
+        application.add(args.package, args.source, args.without_dependencies)
         if not args.now:
             return
 
-        packages = application.updates(packages, True, True, False, True, application.logger.info)
+        packages = application.updates(args.package, aur=False, local=False, manual=True, vcs=False,
+                                       log_fn=application.logger.info)
         result = application.update(packages)
         Add.check_if_empty(args.exit_code, result.is_empty)
-
-    @staticmethod
-    def extract_packages(application: Application) -> List[str]:
-        """
-        extract packages from database file
-        :param application: application instance
-        :return: list of packages which were stored in database
-        """
-        return [package.base for (package, _) in application.database.packages_get()]