diff --git a/Containerfile b/Containerfile index c68363a..3a4705b 100644 --- a/Containerfile +++ b/Containerfile @@ -6,8 +6,7 @@ ADD --chmod=0755 scripts/* /tmp/ RUN /tmp/cleanup.sh -# 1Password is disabled for now. Install it as an overlay. -RUN /tmp/1password2.sh +RUN /tmp/1password.sh RUN /tmp/bat.sh RUN /tmp/delta.sh RUN /tmp/getfirefox.sh diff --git a/scripts/1password.sh b/scripts/1password.sh index 282a9c3..04d7e9b 100755 --- a/scripts/1password.sh +++ b/scripts/1password.sh @@ -1,63 +1,46 @@ -#!/bin/sh -# -# ripped and hacked by bri from 1password's official after-install.sh -# -set -eu -mkdir /tmp/1p -pushd /tmp/1p -curl -LO https://downloads.1password.com/linux/tar/stable/x86_64/1password-latest.tar.gz -tar -xf 1password-latest.tar.gz - cd 1password-*.x64 - - # Fill in policy kit file with bri # a list of (the first 10) human users of the system. - export POLICY_OWNERS - POLICY_OWNERS="unix-user:bri " - #POLICY_OWNERS="$(cut -d: -f1,3 /etc/passwd | grep -E ':[0-9]{4}$' | cut -d: -f1 | head -n 10 | sed 's/^/unix-user:/' | tr '\n' ' ')" - eval "cat < ./com.1password.1Password.policy - - # Install policy kit file for system unlock - install -Dm0644 ./com.1password.1Password.policy -t /usr/share/polkit-1/actions/ - - # Install examples - install -Dm0644 ./resources/custom_allowed_browsers -t /usr/share/doc/1password/examples/ - - # chrome-sandbox requires the setuid bit to be specifically set. - # See https://github.com/electron/electron/issues/17972 -# chmod 4755 ./chrome-sandbox -# -# GROUP_NAME="onepassword" -# -# # Setup the Core App Integration helper binary with the correct permissions and group -# if [ ! "$(getent group "${GROUP_NAME}")" ]; then -# groupadd "${GROUP_NAME}" -# fi -# -# HELPER_PATH="./1Password-KeyringHelper" -# BROWSER_SUPPORT_PATH="./1Password-BrowserSupport" -# -# chgrp "${GROUP_NAME}" $HELPER_PATH -# # The binary requires setuid so it may interact with the Kernel keyring facilities -# chmod u+s $HELPER_PATH -# chmod g+s $HELPER_PATH -# -# # This gives no extra permissions to the binary. It only hardens it against environmental tampering. -# chgrp "${GROUP_NAME}" $BROWSER_SUPPORT_PATH -# chmod g+s $BROWSER_SUPPORT_PATH -# -# # Restore previous directory -# cd "$CWD" -# -# Register path symlink -ln -sf /opt/1Password/1password /usr/bin/1password -# -#if [ "$(id -u)" -ne 0 ]; then -# echo "You must be running as root to run 1Password's post-installation process" -# exit -#fi -# -#installFiles -#installAutoupdateChannel -# -#exit 0 +#!/usr/bin/env sh + +set -e + +echo "Installing 1Password" +cd /usr/lib +wget -qO- https://downloads.1password.com/linux/tar/stable/x86_64/1password-latest.tar.gz | tar -zxv +ln -s 1Password 1password-* +cd "$(mktemp -d)" + +mkdir /var/opt +rpm-ostree install https://downloads.1password.com/linux/rpm/stable/x86_64/1password-latest.rpm + +# rpm -ivh ./1password-latest.rpm + +# This is where the mess starts. 1Password is installed to /opt/1Password with +# No way to change it. RIP. So we kinda _hack_ it and hope nothing is hard set +# in the compiled code :( +mv /var/opt/1Password /usr/lib/1Password +cat > /usr/bin/install-1password < /usr/bin/install-1password < /usr/bin/firefox -H4sIAKzWIGUAA6VZbXPaSBL+HH5FR6ayxmfxYnudxCl2FwO2uWCgAMfxbXJYSANoLSSdRjImce63 -X/eMRkiAnWTPlYotTc/TPT093U+Pdl6WIh6UxrZbGht8ltvJ7cBwxsD03JC5IQdvAuHM5jCxHQZG -wIBH47+YGULo4QCDDgu5afgMetHYsU2c3rZN5nIGH1jAbc+FSrECuySqxSNa4R0svQjmxhJcL4QI -hRMdCMAeTOaHYLtoxdx3bMM1GSzscCYUxiBFuIkhvHFooKyB0j4+TRAhJQdGCLMw9E9KpcViUZx7 -X2zHMYpeMC11eu2SWPDAm4QLWptl8zCwx1HILIhciwUZJLQwLYBLM1zQagNEaA00QP/ZfB+uW8OL -7tUQrmv9fq0zvIHuGdQ6N/C+1WnsA8NlICx78APG0bsBTrZpkcwqwoCxjMKJJw3gPjPtiW2CY7jT -yJgymHr3LHBtd4rTA3s6w40yXAsce26HRohe55v2F5PN7eIU2zUcqHuWWFbKK+hFKyXacu3QRskG -u2eO5yOiCIgtGCoQcGLdm88j1zZjS+pe4HuBeCgC9LxAvjYDZpAfx8tVEOEmiPn+UqwKdusFqLx9 -+2Yl8Rx2zXFwdl/6o884C+7RrWItdYxnsXFesMsLJ/gut4Pvd+CKoz9P4oc8hmDAJt5D/DykqORm -YFM4opuY4YrADyKKt9hr4AfeNDDmMAm8ufBNPEAIgT/HQOahgc/CyASZKeAFygJnYeQDSgkA5t7b -gefO8QTCvedZngcuYxY6C5XPjTtGEEr9wgvuirmcObdcY86qtxiHjP6CfPlWrfKDEdjG2GGcni+7 -/xrV+vWLan43EoL6vJAzcRbk1RDanHvx8OZ4dHwEj8AP35Yf6LdvBObxUSH34gUJtluno0arX9VE -CnHs8fGRhkODZr3badT6N5sCNPzuXe7FHjyJ8R0EqQIxGDfMnFjKWavfPOt+xN/tZlWLN1DL5ewJ -/AkvQQ/ksmKoUixQyq/Phc/vyPluDvAnNXnDmh+AeMHMmQdaMwi84ORH9VMunHh4bnGJQr9ubdG+ -0kF2Sj0gf37K1LS2iY0WP9ghVMTi8ZF+ZfZnE1vLoRzJNFqD4ei01UGhLQvVhEy71jnv1ervBzFa -el6J0ppvmHdcyjY/DpudQavbGYx6/S4ZG0+66F42SyqFl9gDViiqMLz0lZlvyoflyWvdPCgb+tHx -0UR/Oy4zvXJoHBpv2dvXh2+Ovkl0hDzv1y7XbdhwkLL7qlO/aG6YjBlAV1mTz7TceRNtPuv26804 -DkXAcqqrU4Z2Yio3maaOY9OlwwjXxtKhtD3GtTPX+p1GceNf4tYrbbVTXP117Qb914DP8OoVjmn5 -+AUJ9Nq1Gy0VuiJwtPzHxvmoftXvNzvDUaM5eD/s9jSoVkE776ATtUysYzHCnCy2u9lJK6xSOOAm -o8XrJmPxe99olgYLY0lWZ/QOmgPavdHwpteUShdy1k+qxX9JkmbQ0E8jDgGbeyEjiuBE3MaatIQF -AhJqwH7hiX1YqH3HWBZjl37HaSlTGqdXg1G/edkdNtGOlQkDJsfP+80RHoQzlUjVc7XEQrM0DVjR -Ev8jgZoozalTIf2RymYpK56BOz6SgGhPytbElqyNrXa7hlH4oTmiAxMbmn25Fs4YmCvYtekx9iVW -HeR+ATEUpFQLRiVLFCvfiZAJgG+EM+WUXvvqvNWRp1YOc5WQpeJYoFcbXqAHcikHpEaq66Inmfyi -8kA+q/Fky7lejeaYw9lTqv4/5OzepMDXQ6jW6yV5RXC8qevNmc6REGI2I+EUTlo4ziqUVFZlboV9 -1u0MKRxa50KtgP44CUsT5D4UPfaUhNekEJMijWT4Sf7rxv5/KyFRLSGMpqxaA1AWXCNHJ3p0Ji0j -pkLEvuszd3aANAJZ0r1tSb53xiwkbcXVTJQU3EaaSVGGxYiONCBlg1aIJ5vCDacKaxGLegU6G3Pf -izUUqX3ZUaxKkLF4I3UvMQIzLfFn11sUoc0I944xP9H2V8RDAlHMO2CmF1jK0PTRu+w9EzhxzJN1 -esrCEl/ykM31mBAyi3Bj7JaLzYBg7B6MWRjiXzzyhT6TBaLDkSvjsMsjcwYGxzkWNgWU7jgGENT/ -+X7lAF7Yj92MLrQdi+MaudqcfdlOIZ2f2yLoVtz1csVdU9x6f9V/9bBYeyBXQkYQbIi1GH1FHQcL -kOML3mzOUFIyVWr02BSRRMLGfsfABhK1o5vnortDC8QSfNwcTgAeZXBRcUgnBRI1djtS+74IhnSF -7CG96FYr1DNiZxlkCPQYV4xb6xiRa85Ey7Sj/CA3FtuDLVi5zH5nBlfdQyNlpKis2NVgG43GG443 -3Sdvwkw4CSPNW4jDLeQSwHq/NrjAp1q7e45KY5VPy2zTPGi36k1qHjxsizByd4PZ+MtOpVw5evPr -m0IqoWBtJtGq4WBF5vpcTFkjJR9t14/CA9jFYCaUg/JrpE+FtbR0NWiOPrY6vavhQVVkjfQbvfIN -QaH7fh/isrwQp0u1N9j4OaJtAeRG2FR7LsspK7bufJJUaIWO/SWOyfUoSEgm7d7ODwXDs5GQwdsW -DYnAKiJq2GLO0T60k0JdnXRIOK64RAkDonwiFxYn4pTqSkBlBwKT6VDciwgDz5qNbr+WqB3JNBwX -8+20ufQUPpWO7YtRG8BX9w3ScnEdg2zWWSaMotG97lTLW1nrCu8zPD4+Paqz/0B5s/nSH+A7DD0z -h34wi3LVwVOPThckvyejSe30bQtDKp9qBuA3KFnsvuRGGKEHv72qJJMy68z/rtojwQvhmpinCk3M -eNRSxWr3Mch5SKE2aLZtN8LQNcbIPURlicuX2FfsyNV5fX1YOXxdKUielE9rBt1lGR8lHlrrO1SL -cLs+cAsvkXfGSWONiO/GpmK0gX4fwH9XPZZqH/fgVSFFyjGvWfZkmY2PpHiL04kpXXHzyVYPIYq4 -ssqGGB0OEopD0Pq+M3Jy5+sOMwLMMJhbrK3nTsjN7yw7AN2HZ05MKgQxSrYfuY3QC+Zwi8n3Kfnb -pyMMZz6l5Mk5O6IPupcZlc39cJnKL7hCSri2zKBLGGPSvMtcQlFGzfpFGkK+eS6VqDl72y2j0JDW -nWNiFqmaSWIh2YIYVE1pu1uvYZ+cb9dHtXZ769DX7IsTnYQvsbmsnTcH3350Cvr0m7JrGCwlkTGk -eXBP92JYFjBEebgvtlQIeMg612QExOCi2x+ih2J9t+L6JZ9VShdlGHgafxx92v3z38XPe58Kxb3H -x6m2GvlUlG9u1UXL3wDUP1WewJS7gRVObLa8Zx2pzRs5tnu3W4CvycbLZaqDWM3vbRmhmdWkhOS/ -Kulvf8SnO32zXnzw7QQjOUkb10ClvALcOE7xwdCDybMBmQBkJmIZkHfUoREgwZCfLjD5GBiHc1q9 -/BwxweNANy/J+gr7azDxmRFYnrrvlmg4golGXYYnUMRk0hhy8bOfX7zwvvL7LSU1YfhzOLcZgImd -eXQwtfPnzfi0YQD8DefLAP6RaZhEnkh82TBgYRS4UE5eplYWj8n0E5/ybeEuDFKH6fEJkezZJrkw -iFhc8E6btcEQVT8k5Lr863EFi3VnMBgNBu1R/bQ+6tc6je7lqPUBE9HW90SMYxq5dZw09QLmUxVE -sjWX33Rc+i4yjYi/8pzs7kb4glc1LecbnNPDyPQiN0QmJhM/lswd0KdYj7IC8Dlneegmcduv5Ssa -XfST1/QpJhJdt9g4mhZi/2ZU5VNPKK3FMmICHoxpVVUnPrMnYfz3u3cS3FqBT1mg8GVpl3ZWNk7B -M9otyB9oK0FSCAfxc3y/s2lLEjaxUXvKDGIz93G34RILmrr2F0ypyufqSydzk/Pu2DwsxtNRrEqe -3LJ86k90Hf38h4b/oaASWtu1W/ocuLFV/4DKbdpk8cVD9krYwGIl94271afBzCej5GsPiTY89xe6 -qQu8BWieYyn6qcVdKoyp/UlfObXb3WtBtZAbN+galL6qReKSFcYIw1mQW218OeZoyRuo0naqS71V -QkjuvDK7meHh5Cpx4tgDM39u1v8AizDFlcoeAAA= -EOF - +ln -s /usr/lib/firefox/firefox /usr/bin/firefox # https://raw.githubusercontent.com/mozilla/sumo-kb/main/install-firefox-linux/firefox.desktop > /usr/share/applications/firefox.desktop <