#!/usr/bin/env bash

machine=$(uname -m)
if [[  ${machine} == x86_64 ]]; then
	ARCH=amd64
elif
	[[ ${machine} == aarch64 ]]; then
	ARCH=arm64
fi

# UBUNTU_CODENAME=bionic
UBUNTU_CODENAME=stable
BRANCH="-beta"
URL="brave-browser-apt${BRANCH}.s3.brave.com"


#sudo curl -fsSLo /usr/share/keyrings/brave-browser-archive-keyring.gpg https://brave-browser-apt-release.s3.brave4u7jddbv7cyviptqjc7jusxh72uik7zt6adtckl5f4nwy2v72qd.onion/brave-browser-archive-keyring.gpg

KEY_DIR=/etc/apt/trusted.gpg.d  # if you dont want to have signed-by in the sources.list
# KEY_DIR=/usr/share/keyrings
# KEY_DIR=/etc/apt/keyrings
KEY=${KEY_DIR}/brave-browser${BRANCH}-archive-keyring.gpg
# KEY=${KEY_DIR}/brave-browser-keyring.gpg

sudo curl -fsSLo ${KEY} https://brave-browser-apt-nightly.s3.brave.com/brave-browser${BRANCH}-archive-keyring.gpg

## no data 
# RECV_KEYS="C3DE1DD4F661CDCB"
# gpg --keyserver keyserver.ubuntu.com --recv-keys "${RECV_KEYS}"
# gpg --export --armor "${RECV_KEYS}" > ${KEY}


cat <<-EOF | sudo tee /etc/apt/sources.list.d/brave-browser${BRANCH}.list
    deb [arch=${ARCH} signed-by=${KEY}] https://${URL}/ $UBUNTU_CODENAME main
EOF

ln -sf /etc/apt/sources.list-available/brave-browser${BRANCH}.list /etc/apt/sources.list.d/brave-browser${BRANCH}.list

apt update

apt install brave-browser${BRANCH}

echo 'kernel.unprivileged_userns_clone=1' > /etc/sysctl.d/00-local-userns.conf
#service procps restart

# Bypass apt-proxy for brave packages
if [ -f /etc/apt/apt.conf.d/02proxy ]; then
	if ! grep -q "${URL}" /etc/apt/apt.conf.d/02proxy; then
		echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
	fi
else
	echo "Acquire::https::Proxy { \"${URL}\" DIRECT; };" >> /etc/apt/apt.conf.d/02proxy
fi