Ah, the fine little details of coding. Not my forte. A few hours at this, and I still can’t get the proxy to work, and/or the sigs to verify. Tried numerous approaches. If you can see an obvious error with my approach, please throw me a bone, cause I’m all but done trying to get this to work:
Ref:
#!/bin/bash
# Downloads, verifies, and installs Libre Office.
# Must be run as root from dom0. Pass target qube as param.
# Set variables
VERSION="7.5.1"
LINK="https://download.documentfoundation.org/libreoffice/stable/${VERSION}/deb/x86_64/"
PACKAGE="LibreOffice_${VERSION}_Linux_x86-64_deb.tar.gz"
SIGNATURE="LibreOffice_${VERSION}_Linux_x86-64_deb.tar.gz.asc"
HASH="sha256sums.asc"
TARGET_TEMPLATE=""
# Check if the qube name was passed as a parameter
if [ $# -eq 0 ]
then
echo "No qube name provided. Please run the script with the qube name as a parameter."
exit 1
else
TARGET_TEMPLATE=$1
fi
# Set the proxy
sudo qvm-run --pass-io -u root "export https_proxy=127.0.0.1:8082"
# Install deps
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} \
"apt update && apt upgrade -y && apt autoremove -y && apt install -y qubes-core-agent-networking curl"
# Download the package, signature, and hash
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} "curl -O ${LINK}${PACKAGE} \
-O ${LINK}${SIGNATURE} \
-O ${LINK}${HASH}"
# Get the public key associated with the signature
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} \
"gpg --keyserver hkp://keys.gnupg.net --recv-keys AFEEAEA3"
# Import the public key associated with the signature
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} \
"curl https://keys.openpgp.org/vks/v1/by-fingerprint/C2839ECAD9408FBE9531C3E9F434A1EFAFEEAEA3 | gpg --import"
# Verify the hash and signature
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} "gpg --verify ${SIGNATURE}"
if [ $? -ne 0 ]
then
echo "Signature verification failed. Aborting installation."
exit 1
fi
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} "sha256sum -c ${HASH}"
if [ $? -ne 0 ]
then
echo "Hash verification failed. Aborting installation."
exit 1
fi
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} "
tar -xzf ${PACKAGE}
sudo qubes-dom0-uninstall libreoffice -y # remove previous version
apt install -y libglu1 libdbus-glib-1-2 libsm6 libxrender1 libxt6 libxrandr2 libxi6
dpkg -i LibreOffice*/DEBS/*.deb"
# Clean up
sudo qvm-run --pass-io -u root ${TARGET_TEMPLATE} "rm ${PACKAGE} ${SIGNATURE} ${HASH}"