scripts
/
automate
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Updated and corrected. 

The usual round of changing to deb822 and changing the keyring location.
This commit is contained in:
cyteen 2026-03-11 01:36:11 +00:00
parent 28018ff26b
commit 1cdb869a19
4 changed files with 259 additions and 155 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
020_brave_browser-beta.sh
View File

@ -1,53 +1,72 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# 1. Detect Architecture
machine=$(uname -m) machine=$(uname -m)
if [[ ${machine} == x86_64 ]]; then if [[ ${machine} == x86_64 ]]; then
ARCH=amd64 arch=amd64
elif elif [[ ${machine} == aarch64 ]]; then
[[ ${machine} == aarch64 ]]; then arch=arm64
ARCH=arm64
fi fi
# UBUNTU_CODENAME=bionic # 2. Variables & Configuration
UBUNTU_CODENAME=stable APP="brave-browser"
BRANCH="-beta" BRANCH="-dev" # Change to "" for release, "-beta" for beta
UBUNTU_CODENAME="stable"
URL="brave-browser-apt${BRANCH}.s3.brave.com" URL="brave-browser-apt${BRANCH}.s3.brave.com"
TYPES=(deb)
URIs="https://${URL}/"
SUITES="${UBUNTU_CODENAME}"
COMPONENTS=(main)
ARCHITECTURES="($arch)"
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg # Debian standard directory for third-party keys
KEY_DIR="/usr/share/keyrings"
KEY="${KEY_DIR}/brave-browser-archive-keyring.gpg"
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list # 3. Download Key to /usr/share/keyrings
# KEY_DIR=/usr/share/keyrings sudo mkdir -p "${KEY_DIR}"
# KEY_DIR=/etc/apt/keyrings sudo curl -fsSLo "${KEY}" "https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg"
KEY=${KEY_DIR}/brave-browser${BRANCH}-archive-keyring.gpg
# KEY=${KEY_DIR}/brave-browser-keyring.gpg
sudo curl -fsSLo ${KEY} https://brave-browser-apt-nightly.s3.brave.com/brave-browser${BRANCH}-archive-keyring.gpg # 4. Define deb822 Source Template
conf_print_brave_sources() {
## no data cat <<EOF
# RECV_KEYS="C3DE1DD4F661CDCB" Enabled: yes
# gpg --keyserver keyserver.ubuntu.com --recv-keys "${RECV_KEYS}" Types: ${TYPES[*]}
# gpg --export --armor "${RECV_KEYS}" > ${KEY} URIs: ${URIs}
Suites: ${SUITES}
Components: ${COMPONENTS[*]}
cat <<-EOF | sudo tee /etc/apt/sources.list.d/brave-browser${BRANCH}.list Architectures: ${ARCHITECTURES[*]}
deb [arch=${ARCH} signed-by=${KEY}] https://${URL}/ $UBUNTU_CODENAME main Signed-By: ${KEY}
EOF EOF
}
ln -sf /etc/apt/sources.list-available/brave-browser${BRANCH}.list /etc/apt/sources.list.d/brave-browser${BRANCH}.list # 5. Deploy Sources File (Available -> Enabled Symlink Pattern)
SOURCES_NAME="${APP}${BRANCH}-${UBUNTU_CODENAME}.sources"
apt update # Ensure available directory exists
sudo mkdir -p /etc/apt/sources.list-available
apt install brave-browser${BRANCH} conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf # Create the symlink to enable the repo
#service procps restart sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
# Bypass apt-proxy for brave packages # 6. System Updates and Installation
if [ -f /etc/apt/apt.conf.d/02proxy ]; then sudo apt update
if ! grep -q "${URL}" /etc/apt/apt.conf.d/02proxy; then sudo apt install "${APP}${BRANCH}" -y
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
# 7. Post-Install Configurations
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
# 8. Bypass apt-proxy for Brave URLs
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
PROXY_LINE="Acquire::http::Proxy { \"${URL}\" DIRECT; };"
if [ -f "$PROXY_CONF" ]; then
if ! grep -q "${URL}" "$PROXY_CONF"; then
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
fi fi
else else
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
fi fi

86
020_brave_browser-dev.sh
View File

@ -1,45 +1,77 @@
#!/bin/ bash #!/usr/bin/env bash
# 1. Architecture Detection
machine=$(uname -m) machine=$(uname -m)
if [[ ${machine} == x86_64 ]]; then if [[ ${machine} == "x86_64" ]]; then
arch=amd64 ARCH="amd64"
elif elif [[ ${machine} == "aarch64" ]]; then
[[ ${machine} == aarch64 ]]; then ARCH="arm64"
arch=arm64 else
echo "Unsupported architecture: ${machine}"
exit 1
fi fi
# UBUNTU_CODENAME=bionic # 2. Variables & Configuration
UBUNTU_CODENAME=stable APP="brave-browser"
BRANCH="-dev" BRANCH="-dev" # Options: "", "-beta", "-nightly", "-dev"
URL=brave-browser-apt${BRANCH}.s3.brave.com UBUNTU_CODENAME="stable"
URL="brave-browser-apt${BRANCH}.s3.brave.com"
# DEB822 Specific Fields
TYPES="deb"
URIs="https://${URL}/"
SUITES="${UBUNTU_CODENAME}"
COMPONENTS="main"
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg # Directory for modern GPG keyrings
KEY_DIR="/usr/share/keyrings"
KEY="${KEY_DIR}/${APP}${BRANCH}-archive-keyring.gpg"
# Note: DEB822 files must end in .sources
SOURCES_NAME="${APP}${BRANCH}-${UBUNTU_CODENAME}.sources"
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list # 3. Ensure directories exist
# KEY_DIR=/usr/share/keyrings sudo mkdir -p "${KEY_DIR}"
KEY_DIR=/etc/apt/keyrings sudo mkdir -p /etc/apt/sources.list-available
sudo curl -fsSLo ${KEY_DIR}/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave.com/brave-browser-archive-keyring.gpg # 4. Fetch GPG Key
sudo curl -fsSLo "${KEY}" "https://${URL}/brave-browser-archive-keyring.gpg"
# 5. Define deb822 Source Template
conf_print_brave_sources() {
cat <<EOF
Enabled: yes
Types: ${TYPES}
URIs: ${URIs}
Suites: ${SUITES}
Components: ${COMPONENTS}
Architectures: ${ARCH}
Signed-By: ${KEY}
EOF
}
echo "deb [[signed-by=${KEY_DIR}/brave-browser-archive-keyring.gpg arch=${arch}] https://${URL}/ $UBUNTU_CODENAME main" | tee /etc/apt/sources.list-available/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list # 6. Deploy Sources File (Available)
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
ln -s /etc/apt/sources.list-available/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list /etc/apt/sources.list.d/brave-browser${BRANCH}-${UBUNTU_CODENAME}.list # 7. Enable via Symlink
# For DEB822, the file in sources.list.d must end in .sources to be recognized
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
apt update # 8. Install
sudo apt update
sudo apt install "${APP}${BRANCH}" -y
apt install brave-browser${BRANCH} # 9. System Hardening / Sandbox Fix
echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf # 10. Bypass apt-proxy for Brave repo
#service procps restart PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
# Bypass apt-proxy for brave packages if [ -f "$PROXY_CONF" ]; then
if [ -f /etc/apt/apt.conf.d/02proxy ]; then if ! grep -q "${URL}" "$PROXY_CONF"; then
cat /etc/apt/apt.conf.d/02proxy echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
if [ ! -z $(grep ${URL}) ]; then
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
fi fi
else else
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
fi fi

90
020_brave_browser-nightly.sh
View File

@ -1,53 +1,77 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# 1. Architecture Detection
machine=$(uname -m) machine=$(uname -m)
if [[ ${machine} == x86_64 ]]; then if [[ ${machine} == "x86_64" ]]; then
ARCH=amd64 ARCH="amd64"
elif elif [[ ${machine} == "aarch64" ]]; then
[[ ${machine} == aarch64 ]]; then ARCH="arm64"
ARCH=arm64 else
echo "Unsupported architecture: ${machine}"
exit 1
fi fi
# UBUNTU_CODENAME=bionic # 2. Configuration
UBUNTU_CODENAME=stable APP="brave-browser"
BRANCH="-nightly" BRANCH="-nightly" # Keeping this specific to your request
UBUNTU_CODENAME="stable"
URL="brave-browser-apt${BRANCH}.s3.brave.com" URL="brave-browser-apt${BRANCH}.s3.brave.com"
# DEB822 Specific Fields
TYPES="deb"
URIs="https://${URL}/"
SUITES="${UBUNTU_CODENAME}"
COMPONENTS="main"
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg # Directory for modern GPG keyrings
KEY_DIR="/usr/share/keyrings"
KEY="${KEY_DIR}/${APP}${BRANCH}-archive-keyring.gpg"
# Note: Extension must be .sources for DEB822
SOURCES_NAME="${APP}${BRANCH}.sources"
KEY_DIR=/etc/apt/trusted.gpg.d # if you dont want to have signed-by in the sources.list # 3. Ensure directories exist
# KEY_DIR=/usr/share/keyrings sudo mkdir -p "${KEY_DIR}"
# KEY_DIR=/etc/apt/keyrings sudo mkdir -p /etc/apt/sources.list-available
KEY=${KEY_DIR}/brave-browser${BRANCH}-archive-keyring.gpg
# KEY=${KEY_DIR}/brave-browser-keyring.gpg
sudo curl -fsSLo ${KEY} https://brave-browser-apt-nightly.s3.brave.com/brave-browser${BRANCH}-archive-keyring.gpg # 4. Fetch GPG Key
sudo curl -fsSLo "${KEY}" "https://${URL}/brave-browser-archive-keyring.gpg"
## no data # 5. Define DEB822 Source Template
# RECV_KEYS="C3DE1DD4F661CDCB" conf_print_brave_sources() {
# gpg --keyserver keyserver.ubuntu.com --recv-keys "${RECV_KEYS}" cat <<EOF
# gpg --export --armor "${RECV_KEYS}" > ${KEY} Enabled: yes
Types: ${TYPES}
URIs: ${URIs}
cat <<-EOF | sudo tee /etc/apt/sources.list.d/brave-browser${BRANCH}.list Suites: ${SUITES}
deb [arch=${ARCH} signed-by=${KEY}] https://${URL}/ $UBUNTU_CODENAME main Components: ${COMPONENTS}
Architectures: ${ARCH}
Signed-By: ${KEY}
EOF EOF
}
ln -sf /etc/apt/sources.list-available/brave-browser${BRANCH}.list /etc/apt/sources.list.d/brave-browser${BRANCH}.list # 6. Deploy Sources File (Available)
conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
apt update # 7. Enable via Symlink
# Ensure the symlink also uses the .sources extension
sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
apt install brave-browser${BRANCH} # 8. Install
sudo apt update
sudo apt install "${APP}${BRANCH}" -y
echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf # 9. System Hardening / Sandbox Fix
#service procps restart echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
# Bypass apt-proxy for brave packages # 10. Bypass apt-proxy for Brave repo
if [ -f /etc/apt/apt.conf.d/02proxy ]; then PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
if ! grep -q "${URL}" /etc/apt/apt.conf.d/02proxy; then PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
if [ -f "$PROXY_CONF" ]; then
if ! grep -q "${URL}" "$PROXY_CONF"; then
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
fi fi
else else
echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
fi fi

95
020_brave_browser.sh
View File

@ -1,51 +1,80 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -x
set -e set -e
# 1. Architecture Detection
machine=$(uname -m) machine=$(uname -m)
if [[ ${machine} == x86_64 ]]; then if [[ ${machine} == "x86_64" ]]; then
arch=amd64 ARCH="amd64"
elif elif [[ ${machine} == "aarch64" ]]; then
[[ ${machine} == aarch64 ]] ARCH="arm64"
then else
arch=arm64 echo "Unsupported architecture: ${machine}"
exit 1
fi fi
# UBUNTU_CODENAME=bionic # 2. Configuration
UBUNTU_CODENAME=stable APP="brave-browser"
UBUNTU_CODENAME="stable"
URL="brave-browser-apt-release.s3.brave.com" URL="brave-browser-apt-release.s3.brave.com"
KEY_URL="brave-browser-apt-release.s3.brave.com"
KEY_DIR=/etc/apt/trusted.gpg.d
KEY_NAME=brave-browser-archive-keyring.gpg
KEY=${KEY_DIR}/${KEY_NAME}
#curl -s https://${URL}/brave-core.asc | apt-key --keyring /etc/apt/trusted.gpg.d/brave-browser-release.gpg add -
#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg # DEB822 Specific Fields
TYPES="deb"
URIs="https://${URL}/"
SUITES="${UBUNTU_CODENAME}"
COMPONENTS="main"
sudo curl -fsSLo ${KEY_DIR}/${KEY_NAME} https://${KEY_URL}/${KEY_NAME} # Directory for modern GPG keyrings (Security Best Practice)
KEY_DIR="/usr/share/keyrings"
KEY_NAME="${APP}-archive-keyring.gpg"
KEY="${KEY_DIR}/${KEY_NAME}"
sudo echo "deb [signed-by=${KEY} arch=${arch}] https://${URL} ${UBUNTU_CODENAME} main" | sudo tee /etc/apt/sources.list-available/brave-browser.list # Note: DEB822 files MUST use the .sources extension
SOURCES_NAME="${APP}.sources"
ln -sf /etc/apt/sources.list-available/brave-browser.list /etc/apt/sources.list.d/brave-browser.list # 3. Ensure directories exist
sudo mkdir -p "${KEY_DIR}"
sudo mkdir -p /etc/apt/sources.list-available
apt update # 4. Fetch GPG Key
sudo curl -fsSLo "${KEY}" "https://${URL}/${KEY_NAME}"
apt install -y brave-browser brave-keyring # 5. Define DEB822 Source Template
conf_print_brave_sources() {
cat <<EOF
Enabled: yes
Types: ${TYPES}
URIs: ${URIs}
Suites: ${SUITES}
Components: ${COMPONENTS}
Architectures: ${ARCH}
Signed-By: ${KEY}
EOF
}
echo 'kernel.unprivileged_userns_clone=1' >/etc/sysctl.d/00-local-userns.conf # 6. Deploy Sources File (Available)
#service procps restart conf_print_brave_sources | sudo tee "/etc/apt/sources.list-available/${SOURCES_NAME}" >/dev/null
# Bypass apt-proxy for brave packages # 7. Enable via Symlink
# if 02proxy exists check to see if the url is already in it, if so do nothing , if it isn't add it, sudo ln -sf "/etc/apt/sources.list-available/${SOURCES_NAME}" "/etc/apt/sources.list.d/${SOURCES_NAME}"
# if 02proxy doesn't exist create it. successful grep 0, unsuccessful 1
if [ -f /etc/apt/apt.conf.d/02proxy ]; then # 8. Update and Install
echo "02proxy contains: " sudo apt update
cat /etc/apt/apt.conf.d/02proxy sudo apt install "${APP}" -y
if [ ! -z $(grep ${URL} /etc/apt/apt.conf.d/02proxy) ]; then
echo "first" # 9. System Hardening / Sandbox Fix
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >>/etc/apt/apt.conf.d/02proxy echo 'kernel.unprivileged_userns_clone=1' | sudo tee /etc/sysctl.d/00-local-userns.conf >/dev/null
sudo sysctl -p /etc/sysctl.d/00-local-userns.conf >/dev/null
# 10. Bypass apt-proxy for Brave repo
PROXY_CONF="/etc/apt/apt.conf.d/02proxy"
PROXY_LINE="Acquire::https::Proxy { \"${URL}\" DIRECT; };"
if [ -f "$PROXY_CONF" ]; then
# If file exists, only append if the URL isn't already handled
if ! grep -q "${URL}" "$PROXY_CONF"; then
echo "$PROXY_LINE" | sudo tee -a "$PROXY_CONF" >/dev/null
fi fi
else else
echo "second" # Create file if it doesn't exist
echo "Acquire::http::Proxy { \"${URL}\" DIRECT; };" >>/etc/apt/apt.conf.d/02proxy echo "$PROXY_LINE" | sudo tee "$PROXY_CONF" >/dev/null
fi fi