-
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall.sh
executable file
Β·182 lines (154 loc) Β· 5.86 KB
/
install.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
#!/bin/bash
TMP_DIR_PATH="/tmp"
RWZ_RELEASES_URL="https://github.com/nodetec/relaywizard/releases/download"
RWZ_VERSION="v0.3.0-alpha3"
RWZ_TAR_GZ_FILE="rwz-0.3.0-alpha3-x86_64-linux-gnu.tar.gz"
RWZ_DOWNLOAD_URL="$RWZ_RELEASES_URL/$RWZ_VERSION/$RWZ_TAR_GZ_FILE"
TMP_RWZ_TAR_GZ_FILE_PATH="$TMP_DIR_PATH/$RWZ_TAR_GZ_FILE"
PGP_KEYSERVER="keys.openpgp.org"
NODE_TEC_PRIMARY_KEY_FINGERPRINT="04BD8C20598FA5FDDE19BECD8F2469F71314FAD7"
NODE_TEC_SIGNING_SUBKEY_FINGERPRINT="252F57B9DCD920EBF14E6151A8841CC4D10CC288"
RWZ_MANIFEST_SIG_FILE="rwz-0.3.0-alpha3-manifest.sha512sum.asc"
RWZ_MANIFEST_SIG_FILE_URL="$RWZ_RELEASES_URL/$RWZ_VERSION/$RWZ_MANIFEST_SIG_FILE"
TMP_RWZ_MANIFEST_SIG_FILE_PATH="$TMP_DIR_PATH/$RWZ_MANIFEST_SIG_FILE"
RWZ_MANIFEST_FILE="rwz-0.3.0-alpha3-manifest.sha512sum"
RWZ_MANIFEST_FILE_URL="$RWZ_RELEASES_URL/$RWZ_VERSION/$RWZ_MANIFEST_FILE"
TMP_RWZ_MANIFEST_FILE_PATH="$TMP_DIR_PATH/$RWZ_MANIFEST_FILE"
BINARY_DEST_DIR_PATH="/usr/local/bin"
RWZ_BINARY_FILE="rwz"
function file_exists() {
if [ -f "$1" ]; then
return 0
else
return 1
fi
}
function remove_file() {
if file_exists "$1"; then
rm "$1"
if [ $? -ne 0 ]; then
printf "Error: Failed to remove the $1 file\n"
exit 1
fi
fi
}
function download_file() {
curl -L -o "$1" "$2"
if [ $? -ne 0 ]; then
printf "Error: Failed to download the $3 file\n"
exit 1
fi
}
function set_file_permissions() {
chmod "$1" "$2"
if [ $? -ne 0 ]; then
printf "Error: Failed to set the $2 file permissions\n"
exit 1
fi
}
function import_pgp_key() {
gpg --keyserver "$1" --recv-keys "$2"
if [ $? -ne 0 ]; then
printf "Error: Failed to import NODE-TEC PGP key\n"
exit 1
fi
}
function verify_pgp_sig() {
local sig_file="$1" out=
out=$(gpg --status-fd 1 --verify "$sig_file" 2>/dev/null)
if [ $? -ne 0 ]; then
printf "$out\n" >&2
printf "Error: Failed to verify the signature of the $RWZ_MANIFEST_FILE\n"
exit 1
else
echo "$out" | grep -qs "^\[GNUPG:\] VALIDSIG $NODE_TEC_SIGNING_SUBKEY_FINGERPRINT "
if [ $? -ne 0 ]; then
printf "$out\n" >&2
printf "Error: Failed to verify the signature of the $RWZ_MANIFEST_FILE\n"
exit 1
else
return 0
fi
fi
}
function verify_file_hashes() {
local at_least_one_file_exists=false
# Read the manifest file line by line
if file_exists "$2" && [ -s "$2" ] && [ -r "$2" ]; then
while IFS= read -r line; do
# Extract the hash from the manifest file
local hash_in_manifest=$(echo "$line" | cut -d' ' -f1)
# Extract the file name from the manifest file
local file_in_manifest=$(echo "$line" | cut -d'*' -f2)
# Check if the corresponding file exists in the provided directory
if file_exists "$1/$file_in_manifest"; then
at_least_one_file_exists=true
# Calculate and extract the hash for the corresponding file located in the provided directory
local file_hash=$(sha512sum "$1/$file_in_manifest" | cut -d' ' -f1)
# Check if the hash of the file matches the hash in the manifest file
if [ "$file_hash" != "$hash_in_manifest" ]; then
printf "Error: $file_in_manifest hash mismatch with hash in $2\n"
exit 1
fi
fi
if [[ $at_least_one_file_exists == false ]]; then
printf "Error: No files specified in $2 found\n"
exit 1
fi
done < "$2"
else
printf "Error: Unable to verify file hashes in the $2 file\n"
exit 1
fi
}
function extract_file() {
tar -xf "$1" -C "$2"
if [ $? -ne 0 ]; then
printf "Error: Failed to extract $1 file to $2\n"
exit 1
fi
}
function rwz_install() {
"$1" install < /dev/tty
}
# Check if the rwz compressed binary exists and remove it if it does
remove_file "$TMP_RWZ_TAR_GZ_FILE_PATH"
# Download the rwz compressed binary
printf "Downloading Relay Wizard from $RWZ_DOWNLOAD_URL...\n"
download_file "$TMP_RWZ_TAR_GZ_FILE_PATH" "$RWZ_DOWNLOAD_URL" "$RWZ_TAR_GZ_FILE"
# Set rwz compressed binary permissions
set_file_permissions 0644 "$TMP_RWZ_TAR_GZ_FILE_PATH"
# Import NODE-TEC PGP key
printf "Importing NODE-TEC PGP key from $PGP_KEYSERVER...\n"
import_pgp_key "$PGP_KEYSERVER" "$NODE_TEC_PRIMARY_KEY_FINGERPRINT"
# Check if the rwz manifest signature file exists and remove it if it does
remove_file "$TMP_RWZ_MANIFEST_SIG_FILE_PATH"
# Download the rwz manifest signature file
printf "Downloading Relay Wizard manifest signature file from $RWZ_MANIFEST_SIG_FILE_URL...\n"
download_file "$TMP_RWZ_MANIFEST_SIG_FILE_PATH" "$RWZ_MANIFEST_SIG_FILE_URL" "$RWZ_MANIFEST_SIG_FILE"
# Set rwz manifest signature file permissions
set_file_permissions 0644 "$TMP_RWZ_MANIFEST_SIG_FILE_PATH"
# Check if the rwz manifest file exists and remove it if it does
remove_file "$TMP_RWZ_MANIFEST_FILE_PATH"
# Download the rwz manifest file
printf "Downloading Relay Wizard manifest file from $RWZ_MANIFEST_FILE_URL...\n"
download_file "$TMP_RWZ_MANIFEST_FILE_PATH" "$RWZ_MANIFEST_FILE_URL" "$RWZ_MANIFEST_FILE"
# Set rwz manifest file permissions
set_file_permissions 0644 "$TMP_RWZ_MANIFEST_FILE_PATH"
printf "Verifying $RWZ_TAR_GZ_FILE...\n"
if verify_pgp_sig "$TMP_RWZ_MANIFEST_SIG_FILE_PATH"; then
printf "Verified the signature of the $RWZ_MANIFEST_FILE file\n"
verify_file_hashes "$TMP_DIR_PATH" "$TMP_RWZ_MANIFEST_FILE_PATH"
printf "Verified the hash of the $RWZ_TAR_GZ_FILE file\n"
# Extract rwz binary to the binary destination path
printf "Extracting Relay Wizard to $BINARY_DEST_DIR_PATH...\n"
extract_file "$TMP_RWZ_TAR_GZ_FILE_PATH" "$BINARY_DEST_DIR_PATH"
printf "Extracted Relay Wizard to $BINARY_DEST_DIR_PATH\n"
# Make the binary executable
printf "Making $RWZ_BINARY_FILE executable...\n"
set_file_permissions 0755 "$BINARY_DEST_DIR_PATH/$RWZ_BINARY_FILE"
printf "Made $RWZ_BINARY_FILE executable\n"
# Run the rwz install command
printf "Running $RWZ_BINARY_FILE install...\n"
rwz_install "$BINARY_DEST_DIR_PATH/$RWZ_BINARY_FILE"
fi