check gpg sig and add README
This commit is contained in:
parent
756a8210d2
commit
45ac4c3960
|
@ -0,0 +1,6 @@
|
|||
# gopass download and install script
|
||||
|
||||
As I cherish the tool but my distro does not provide a recent version,
|
||||
this script shall download and install the latest release of gopass.
|
||||
|
||||
simply run `./get.sh` or maybe go through it step by step to verify.
|
8
get.sh
8
get.sh
|
@ -1,4 +1,5 @@
|
|||
#!/usr/bin/env sh
|
||||
dependencies="gpg cut test curl grep"
|
||||
#~ if ! "$1" = "run"; then
|
||||
#~ printf "stilly buggy!\n" ; exit 0;
|
||||
#~ fi
|
||||
|
@ -6,6 +7,10 @@
|
|||
#~ wget -q -O- https://api.bintray.com/orgs/gopasspw/keys/gpg/public.key | sudo apt-key add -
|
||||
#~ echo "deb https://dl.bintray.com/gopasspw/gopass buster main" | sudo tee /etc/apt/sources.list.d/gopass.list
|
||||
|
||||
gopass_fpr="79713E81C71FB7967B5185D02F752B2CA00248FC"
|
||||
echo "check for PGP key based on fingerprint "${gopass_fpr}
|
||||
gpg -q --recv-keys ${gopass_fpr} || { echo "error retreiving pgp public key"; exit 1; }
|
||||
|
||||
echo "collecting system information"
|
||||
arch=$(uname --machine)
|
||||
if test "${arch}" = "x86_64"; then
|
||||
|
@ -17,7 +22,7 @@ echo $uname|grep -i "debian" >/dev/null && { fn_suffix="linux_${arch}.deb"; }
|
|||
echo $uname|grep -i "openbsd" >/dev/null && { fn_suffix="openbsd_${arch}.tar.gz"; }
|
||||
echo $uname|grep -i "freebsd" >/dev/null && { fn_suffix="freebsd_${arch}.tar.gz"; }
|
||||
test -z $fn_suffix && { echo "operating system not supported."; exit 1; }
|
||||
echo "fn_suffix: "${fn_suffix}
|
||||
#~ echo "fn_suffix: "${fn_suffix}
|
||||
|
||||
echo "check online resources"
|
||||
url_effective=$(curl -sLI -o /dev/null -w %{url_effective} https://github.com/gopasspw/gopass/releases/latest)
|
||||
|
@ -36,6 +41,7 @@ curl -s --progress-bar -L $url$fn_SHA256 -o $fn_SHA256 || { echo "download faile
|
|||
curl -s --progress-bar -L $url$fn_SHA256".sig" -o $fn_SHA256".sig" || { echo "download failed"; exit 1; }
|
||||
|
||||
test $(du $fn_package|cut -f1) -gt 1024 || { echo "manually check small file before installation."; exit 1; }
|
||||
gpg -q --verify "${fn_SHA256}.sig" || { echo "verification for signature failed."; exit 2; }
|
||||
|
||||
|
||||
# test checksums
|
||||
|
|
Loading…
Reference in New Issue