vv01f/latest-gopass
vv01f
/
latest-gopass
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

check gpg sig and add README

This commit is contained in:
vv01f 2022-09-29 13:59:04 +02:00
parent 756a8210d2
commit 45ac4c3960
2 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
README.markdown Normal file
View File

@ -0,0 +1,6 @@
# gopass download and install script
As I cherish the tool but my distro does not provide a recent version,
this script shall download and install the latest release of gopass.
simply run `./get.sh` or maybe go through it step by step to verify.

8
get.sh
View File

@ -1,4 +1,5 @@
#!/usr/bin/env sh
dependencies="gpg cut test curl grep"
#~ if ! "$1" = "run"; then
#~ printf "stilly buggy!\n" ; exit 0;
#~ fi
@ -6,6 +7,10 @@
#~ wget -q -O- https://api.bintray.com/orgs/gopasspw/keys/gpg/public.key | sudo apt-key add -
#~ echo "deb https://dl.bintray.com/gopasspw/gopass buster main" | sudo tee /etc/apt/sources.list.d/gopass.list
gopass_fpr="79713E81C71FB7967B5185D02F752B2CA00248FC"
echo "check for PGP key based on fingerprint "${gopass_fpr}
gpg -q --recv-keys ${gopass_fpr} || { echo "error retreiving pgp public key"; exit 1; }
echo "collecting system information"
arch=$(uname --machine)
if test "${arch}" = "x86_64"; then
@ -17,7 +22,7 @@ echo $uname|grep -i "debian" >/dev/null && { fn_suffix="linux_${arch}.deb"; }
echo $uname|grep -i "openbsd" >/dev/null && { fn_suffix="openbsd_${arch}.tar.gz"; }
echo $uname|grep -i "freebsd" >/dev/null && { fn_suffix="freebsd_${arch}.tar.gz"; }
test -z $fn_suffix && { echo "operating system not supported."; exit 1; }
echo "fn_suffix: "${fn_suffix}
#~ echo "fn_suffix: "${fn_suffix}
echo "check online resources"
url_effective=$(curl -sLI -o /dev/null -w %{url_effective} https://github.com/gopasspw/gopass/releases/latest)
@ -36,6 +41,7 @@ curl -s --progress-bar -L $url$fn_SHA256 -o $fn_SHA256 || { echo "download faile
curl -s --progress-bar -L $url$fn_SHA256".sig" -o $fn_SHA256".sig" || { echo "download failed"; exit 1; }
test $(du $fn_package|cut -f1) -gt 1024 || { echo "manually check small file before installation."; exit 1; }
gpg -q --verify "${fn_SHA256}.sig" || { echo "verification for signature failed."; exit 2; }
# test checksums