Updated and corrected.
The usual round of changing to deb822 and changing the keyring location.
This commit is contained in:
parent
28018ff26b
commit
1cdb869a19
|
|
@ -1,53 +1,72 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# 1. Detect Architecture
|
||||
machine=$(uname -m)
|
||||
if [[ ${machine} == x86_64 ]]; then
|
||||
ARCH=amd64
|
||||
elif
|
||||
[[ ${machine} == aarch64 ]]; then
|
||||
ARCH=arm64
|
||||
if [[ ${machine} == x86_64 ]]; then
|
||||
arch=amd64
|
||||
elif [[ ${machine} == aarch64 ]]; then
|
||||
arch=arm64
|
||||
fi
|
||||
|
||||
# UBUNTU_CODENAME=bionic
|
||||
UBUNTU_CODENAME=stable
|
||||
BRANCH="-beta"
|
||||
# 2. Variables & Configuration
|
||||
APP="brave-browser"
|
||||
BRANCH="-dev" # Change to "" for release, "-beta" for beta
|
||||
UBUNTU_CODENAME="stable"
|
||||
URL="brave-browser-apt${BRANCH}.s3.brave.com"
|
||||
|
||||
TYPES=(deb)
|
||||
URIs="https://${URL}/"
|
||||
SUITES="${UBUNTU_CODENAME}"
|
||||
COMPONENTS=(main)
|
||||
ARCHITECTURES="($arch)"
|
||||
|
||||
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg
|
||||
# Debian standard directory for third-party keys
|
||||
KEY_DIR="/usr/share/keyrings"
|
||||
KEY="${KEY_DIR}/brave-browser-archive-keyring.gpg"
|
||||
|
||||
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list
|
||||
# KEY_DIR=/usr/share/keyrings
|
||||
# KEY_DIR=/etc/apt/keyrings
|
||||
KEY=${KEY_DIR}/brave-browser${BRANCH}-archive-keyring.gpg
|
||||
# KEY=${KEY_DIR}/brave-browser-keyring.gpg
|
||||
# 3. Download Key to /usr/share/keyrings
|
||||
sudo mkdir -p "${KEY_DIR}"
|
||||
sudo curl -fsSLo "${KEY}" "https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg"
|
||||
|
||||
sudo curl -fsSLo ${KEY} https://brave-browser-apt-nightly.s3.brave.com/brave-browser${BRANCH}-archive-keyring.gpg
|
||||
|
||||
## no data
|
||||
# RECV_KEYS="C3DE1DD4F661CDCB"
|
||||
# gpg --keyserver keyserver.ubuntu.com --recv-keys "${RECV_KEYS}"
|
||||
# gpg --export --armor "${RECV_KEYS}" > ${KEY}
|
||||
|
||||
|
||||
cat <<-EOF | sudo tee /etc/apt/sources.list.d/brave-browser${BRANCH}.list
|
||||
deb [arch=${ARCH} signed-by=${KEY}] https://${URL}/ $UBUNTU_CODENAME main
|
||||
# 4. Define deb822 Source Template
|
||||
conf_print_brave_sources() {
|
||||
cat <<EOF
|
||||
Enabled: yes
|
||||
Types: ${TYPES[*]}
|
||||
URIs: ${URIs}
|
||||
Suites: ${SUITES}
|
||||
Components: ${COMPONENTS[*]}
|
||||
Architectures: ${ARCHITECTURES[*]}
|
||||
Signed-By: ${KEY}
|
||||
EOF
|
||||
}
|
||||
|
||||
ln -sf /etc/apt/sources.list-available/brave-browser${BRANCH}.list /etc/apt/sources.list.d/brave-browser${BRANCH}.list
|
||||
# 5. Deploy Sources File (Available -> Enabled Symlink Pattern)
|
||||
SOURCES_NAME="${APP}${BRANCH}-${UBUNTU_CODENAME}.sources"
|
||||
|
||||
apt update
|
||||
# Ensure available directory exists
|
||||
sudo mkdir -p /etc/apt/sources.list-available
|
||||
|
||||
apt install brave-browser${BRANCH}
|
||||
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
|
||||
|
||||
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
|
||||
#service procps restart
|
||||
# Create the symlink to enable the repo
|
||||
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
|
||||
|
||||
# Bypass apt-proxy for brave packages
|
||||
if [ -f /etc/apt/apt.conf.d/02proxy ]; then
|
||||
if ! grep -q "${URL}" /etc/apt/apt.conf.d/02proxy; then
|
||||
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
fi
|
||||
# 6. System Updates and Installation
|
||||
sudo apt update
|
||||
sudo apt install "${APP}${BRANCH}" -y
|
||||
|
||||
# 7. Post-Install Configurations
|
||||
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
|
||||
# 8. Bypass apt-proxy for Brave URLs
|
||||
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
|
||||
PROXY_LINE="Acquire::http::Proxy { \"${URL}\" DIRECT; };"
|
||||
|
||||
if [ -f "$PROXY_CONF" ]; then
|
||||
if ! grep -q "${URL}" "$PROXY_CONF"; then
|
||||
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
else
|
||||
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,45 +1,77 @@
|
|||
#!/bin/ bash
|
||||
#!/usr/bin/env bash
|
||||
|
||||
# 1. Architecture Detection
|
||||
machine=$(uname -m)
|
||||
if [[ ${machine} == x86_64 ]]; then
|
||||
arch=amd64
|
||||
elif
|
||||
[[ ${machine} == aarch64 ]]; then
|
||||
arch=arm64
|
||||
fi
|
||||
|
||||
# UBUNTU_CODENAME=bionic
|
||||
UBUNTU_CODENAME=stable
|
||||
BRANCH="-dev"
|
||||
URL=brave-browser-apt${BRANCH}.s3.brave.com
|
||||
|
||||
|
||||
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg
|
||||
|
||||
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list
|
||||
# KEY_DIR=/usr/share/keyrings
|
||||
KEY_DIR=/etc/apt/keyrings
|
||||
|
||||
sudo curl -fsSLo ${KEY_DIR}/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg
|
||||
|
||||
|
||||
echo "deb [[signed-by=${KEY_DIR}/brave-browser-archive-keyring.gpg arch=${arch}] https://${URL}/ $UBUNTU_CODENAME main" | tee /etc/apt/sources.list-available/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list
|
||||
|
||||
ln -s /etc/apt/sources.list-available/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list /etc/apt/sources.list.d/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list
|
||||
|
||||
apt update
|
||||
|
||||
apt install brave-browser${BRANCH}
|
||||
|
||||
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
|
||||
#service procps restart
|
||||
|
||||
# Bypass apt-proxy for brave packages
|
||||
if [ -f /etc/apt/apt.conf.d/02proxy ]; then
|
||||
cat /etc/apt/apt.conf.d/02proxy
|
||||
if [ ! -z $(grep ${URL}) ]; then
|
||||
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
fi
|
||||
if [[ ${machine} == "x86_64" ]]; then
|
||||
ARCH="amd64"
|
||||
elif [[ ${machine} == "aarch64" ]]; then
|
||||
ARCH="arm64"
|
||||
else
|
||||
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
echo "Unsupported architecture: ${machine}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 2. Variables & Configuration
|
||||
APP="brave-browser"
|
||||
BRANCH="-dev" # Options: "", "-beta", "-nightly", "-dev"
|
||||
UBUNTU_CODENAME="stable"
|
||||
URL="brave-browser-apt${BRANCH}.s3.brave.com"
|
||||
|
||||
# DEB822 Specific Fields
|
||||
TYPES="deb"
|
||||
URIs="https://${URL}/"
|
||||
SUITES="${UBUNTU_CODENAME}"
|
||||
COMPONENTS="main"
|
||||
|
||||
# Directory for modern GPG keyrings
|
||||
KEY_DIR="/usr/share/keyrings"
|
||||
KEY="${KEY_DIR}/${APP}${BRANCH}-archive-keyring.gpg"
|
||||
# Note: DEB822 files must end in .sources
|
||||
SOURCES_NAME="${APP}${BRANCH}-${UBUNTU_CODENAME}.sources"
|
||||
|
||||
# 3. Ensure directories exist
|
||||
sudo mkdir -p "${KEY_DIR}"
|
||||
sudo mkdir -p /etc/apt/sources.list-available
|
||||
|
||||
# 4. Fetch GPG Key
|
||||
sudo curl -fsSLo "${KEY}" "https://${URL}/brave-browser-archive-keyring.gpg"
|
||||
|
||||
# 5. Define deb822 Source Template
|
||||
conf_print_brave_sources() {
|
||||
cat <<EOF
|
||||
Enabled: yes
|
||||
Types: ${TYPES}
|
||||
URIs: ${URIs}
|
||||
Suites: ${SUITES}
|
||||
Components: ${COMPONENTS}
|
||||
Architectures: ${ARCH}
|
||||
Signed-By: ${KEY}
|
||||
EOF
|
||||
}
|
||||
|
||||
# 6. Deploy Sources File (Available)
|
||||
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
|
||||
|
||||
# 7. Enable via Symlink
|
||||
# For DEB822, the file in sources.list.d must end in .sources to be recognized
|
||||
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
|
||||
|
||||
# 8. Install
|
||||
sudo apt update
|
||||
sudo apt install "${APP}${BRANCH}" -y
|
||||
|
||||
# 9. System Hardening / Sandbox Fix
|
||||
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
|
||||
# 10. Bypass apt-proxy for Brave repo
|
||||
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
|
||||
PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
|
||||
|
||||
if [ -f "$PROXY_CONF" ]; then
|
||||
if ! grep -q "${URL}" "$PROXY_CONF"; then
|
||||
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
else
|
||||
echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,53 +1,77 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# 1. Architecture Detection
|
||||
machine=$(uname -m)
|
||||
if [[ ${machine} == x86_64 ]]; then
|
||||
ARCH=amd64
|
||||
elif
|
||||
[[ ${machine} == aarch64 ]]; then
|
||||
ARCH=arm64
|
||||
if [[ ${machine} == "x86_64" ]]; then
|
||||
ARCH="amd64"
|
||||
elif [[ ${machine} == "aarch64" ]]; then
|
||||
ARCH="arm64"
|
||||
else
|
||||
echo "Unsupported architecture: ${machine}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# UBUNTU_CODENAME=bionic
|
||||
UBUNTU_CODENAME=stable
|
||||
BRANCH="-nightly"
|
||||
# 2. Configuration
|
||||
APP="brave-browser"
|
||||
BRANCH="-nightly" # Keeping this specific to your request
|
||||
UBUNTU_CODENAME="stable"
|
||||
URL="brave-browser-apt${BRANCH}.s3.brave.com"
|
||||
|
||||
# DEB822 Specific Fields
|
||||
TYPES="deb"
|
||||
URIs="https://${URL}/"
|
||||
SUITES="${UBUNTU_CODENAME}"
|
||||
COMPONENTS="main"
|
||||
|
||||
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg
|
||||
# Directory for modern GPG keyrings
|
||||
KEY_DIR="/usr/share/keyrings"
|
||||
KEY="${KEY_DIR}/${APP}${BRANCH}-archive-keyring.gpg"
|
||||
# Note: Extension must be .sources for DEB822
|
||||
SOURCES_NAME="${APP}${BRANCH}.sources"
|
||||
|
||||
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list
|
||||
# KEY_DIR=/usr/share/keyrings
|
||||
# KEY_DIR=/etc/apt/keyrings
|
||||
KEY=${KEY_DIR}/brave-browser${BRANCH}-archive-keyring.gpg
|
||||
# KEY=${KEY_DIR}/brave-browser-keyring.gpg
|
||||
# 3. Ensure directories exist
|
||||
sudo mkdir -p "${KEY_DIR}"
|
||||
sudo mkdir -p /etc/apt/sources.list-available
|
||||
|
||||
sudo curl -fsSLo ${KEY} https://brave-browser-apt-nightly.s3.brave.com/brave-browser${BRANCH}-archive-keyring.gpg
|
||||
# 4. Fetch GPG Key
|
||||
sudo curl -fsSLo "${KEY}" "https://${URL}/brave-browser-archive-keyring.gpg"
|
||||
|
||||
## no data
|
||||
# RECV_KEYS="C3DE1DD4F661CDCB"
|
||||
# gpg --keyserver keyserver.ubuntu.com --recv-keys "${RECV_KEYS}"
|
||||
# gpg --export --armor "${RECV_KEYS}" > ${KEY}
|
||||
|
||||
|
||||
cat <<-EOF | sudo tee /etc/apt/sources.list.d/brave-browser${BRANCH}.list
|
||||
deb [arch=${ARCH} signed-by=${KEY}] https://${URL}/ $UBUNTU_CODENAME main
|
||||
# 5. Define DEB822 Source Template
|
||||
conf_print_brave_sources() {
|
||||
cat <<EOF
|
||||
Enabled: yes
|
||||
Types: ${TYPES}
|
||||
URIs: ${URIs}
|
||||
Suites: ${SUITES}
|
||||
Components: ${COMPONENTS}
|
||||
Architectures: ${ARCH}
|
||||
Signed-By: ${KEY}
|
||||
EOF
|
||||
}
|
||||
|
||||
ln -sf /etc/apt/sources.list-available/brave-browser${BRANCH}.list /etc/apt/sources.list.d/brave-browser${BRANCH}.list
|
||||
# 6. Deploy Sources File (Available)
|
||||
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
|
||||
|
||||
apt update
|
||||
# 7. Enable via Symlink
|
||||
# Ensure the symlink also uses the .sources extension
|
||||
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
|
||||
|
||||
apt install brave-browser${BRANCH}
|
||||
# 8. Install
|
||||
sudo apt update
|
||||
sudo apt install "${APP}${BRANCH}" -y
|
||||
|
||||
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
|
||||
#service procps restart
|
||||
# 9. System Hardening / Sandbox Fix
|
||||
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
|
||||
# Bypass apt-proxy for brave packages
|
||||
if [ -f /etc/apt/apt.conf.d/02proxy ]; then
|
||||
if ! grep -q "${URL}" /etc/apt/apt.conf.d/02proxy; then
|
||||
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
fi
|
||||
# 10. Bypass apt-proxy for Brave repo
|
||||
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
|
||||
PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
|
||||
|
||||
if [ -f "$PROXY_CONF" ]; then
|
||||
if ! grep -q "${URL}" "$PROXY_CONF"; then
|
||||
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
else
|
||||
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
|
||||
echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
|
|
|
|||
|
|
@ -1,51 +1,80 @@
|
|||
#!/usr/bin/env bash
|
||||
set -x
|
||||
set -e
|
||||
|
||||
# 1. Architecture Detection
|
||||
machine=$(uname -m)
|
||||
if [[ ${machine} == x86_64 ]]; then
|
||||
arch=amd64
|
||||
elif
|
||||
[[ ${machine} == aarch64 ]]
|
||||
then
|
||||
arch=arm64
|
||||
fi
|
||||
|
||||
# UBUNTU_CODENAME=bionic
|
||||
UBUNTU_CODENAME=stable
|
||||
URL="brave-browser-apt-release.s3.brave.com"
|
||||
KEY_URL="brave-browser-apt-release.s3.brave.com"
|
||||
KEY_DIR=/etc/apt/trusted.gpg.d
|
||||
KEY_NAME=brave-browser-archive-keyring.gpg
|
||||
KEY=${KEY_DIR}/${KEY_NAME}
|
||||
#curl -s https://${URL}/brave-core.asc | apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -
|
||||
|
||||
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg
|
||||
|
||||
sudo curl -fsSLo ${KEY_DIR}/${KEY_NAME} https://${KEY_URL}/${KEY_NAME}
|
||||
|
||||
sudo echo "deb [signed-by=${KEY} arch=${arch}] https://${URL} ${UBUNTU_CODENAME} main" | sudo tee /etc/apt/sources.list-available/brave-browser.list
|
||||
|
||||
ln -sf /etc/apt/sources.list-available/brave-browser.list /etc/apt/sources.list.d/brave-browser.list
|
||||
|
||||
apt update
|
||||
|
||||
apt install -y brave-browser brave-keyring
|
||||
|
||||
echo 'kernel.unprivileged_userns_clone=1' >/etc/sysctl.d/00-local-userns.conf
|
||||
#service procps restart
|
||||
|
||||
# Bypass apt-proxy for brave packages
|
||||
# if 02proxy exists check to see if the url is already in it, if so do nothing , if it isn't add it,
|
||||
# if 02proxy doesn't exist create it. successful grep 0, unsuccessful 1
|
||||
if [ -f /etc/apt/apt.conf.d/02proxy ]; then
|
||||
echo "02proxy contains: "
|
||||
cat /etc/apt/apt.conf.d/02proxy
|
||||
if [ ! -z $(grep ${URL} /etc/apt/apt.conf.d/02proxy) ]; then
|
||||
echo "first"
|
||||
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >>/etc/apt/apt.conf.d/02proxy
|
||||
fi
|
||||
if [[ ${machine} == "x86_64" ]]; then
|
||||
ARCH="amd64"
|
||||
elif [[ ${machine} == "aarch64" ]]; then
|
||||
ARCH="arm64"
|
||||
else
|
||||
echo "second"
|
||||
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >>/etc/apt/apt.conf.d/02proxy
|
||||
echo "Unsupported architecture: ${machine}"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# 2. Configuration
|
||||
APP="brave-browser"
|
||||
UBUNTU_CODENAME="stable"
|
||||
URL="brave-browser-apt-release.s3.brave.com"
|
||||
|
||||
# DEB822 Specific Fields
|
||||
TYPES="deb"
|
||||
URIs="https://${URL}/"
|
||||
SUITES="${UBUNTU_CODENAME}"
|
||||
COMPONENTS="main"
|
||||
|
||||
# Directory for modern GPG keyrings (Security Best Practice)
|
||||
KEY_DIR="/usr/share/keyrings"
|
||||
KEY_NAME="${APP}-archive-keyring.gpg"
|
||||
KEY="${KEY_DIR}/${KEY_NAME}"
|
||||
|
||||
# Note: DEB822 files MUST use the .sources extension
|
||||
SOURCES_NAME="${APP}.sources"
|
||||
|
||||
# 3. Ensure directories exist
|
||||
sudo mkdir -p "${KEY_DIR}"
|
||||
sudo mkdir -p /etc/apt/sources.list-available
|
||||
|
||||
# 4. Fetch GPG Key
|
||||
sudo curl -fsSLo "${KEY}" "https://${URL}/${KEY_NAME}"
|
||||
|
||||
# 5. Define DEB822 Source Template
|
||||
conf_print_brave_sources() {
|
||||
cat <<EOF
|
||||
Enabled: yes
|
||||
Types: ${TYPES}
|
||||
URIs: ${URIs}
|
||||
Suites: ${SUITES}
|
||||
Components: ${COMPONENTS}
|
||||
Architectures: ${ARCH}
|
||||
Signed-By: ${KEY}
|
||||
EOF
|
||||
}
|
||||
|
||||
# 6. Deploy Sources File (Available)
|
||||
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
|
||||
|
||||
# 7. Enable via Symlink
|
||||
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
|
||||
|
||||
# 8. Update and Install
|
||||
sudo apt update
|
||||
sudo apt install "${APP}" -y
|
||||
|
||||
# 9. System Hardening / Sandbox Fix
|
||||
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
|
||||
|
||||
# 10. Bypass apt-proxy for Brave repo
|
||||
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
|
||||
PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
|
||||
|
||||
if [ -f "$PROXY_CONF" ]; then
|
||||
# If file exists, only append if the URL isn't already handled
|
||||
if ! grep -q "${URL}" "$PROXY_CONF"; then
|
||||
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
else
|
||||
# Create file if it doesn't exist
|
||||
echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
|
||||
fi
|
||||
|
|
|
|||
Loading…
Reference in New Issue