#!/usr/bin/env bash # ============================================================================= # install.sh — one-step bootstrap for the Copy Fail toolkit # ============================================================================= # Fetches copyfail-setup.sh + check-copy-fail.sh + SHA256SUMS from your VPS, # VERIFIES the checksums (this is what catches a truncated/corrupted download), # then runs copyfail-setup.sh. Any arguments after `-s --` are passed straight # through to it. # # Recommended (runs privileged steps without per-command sudo prompts, and still # writes the banner/aliases to YOUR ~/.bashrc via $SUDO_USER): # # curl -fsSL https://scripts.dot-files.xyz/install.sh | sudo bash # curl -fsSL https://scripts.dot-files.xyz/install.sh | sudo bash -s -- --deep --report-dir /root # # Or as your normal user (copyfail-setup.sh will call sudo itself): # # curl -fsSL https://scripts.dot-files.xyz/install.sh | bash # # The toolkit's security report (and any other output) is written to the # directory you run this from. Override the source host with COPYFAIL_BASE. # ============================================================================= set -euo pipefail BASE_URL="${COPYFAIL_BASE:-https://scripts.dot-files.xyz}" tmp="$(mktemp -d)" trap 'rm -rf "$tmp"' EXIT echo "[install] downloading from $BASE_URL ..." for f in copyfail-setup.sh check-copy-fail.sh SHA256SUMS; do curl -fsSL --proto '=https' --tlsv1.2 -o "$tmp/$f" "$BASE_URL/$f" done echo "[install] verifying checksums ..." # No --ignore-missing: keeps it working on old coreutils (e.g. CentOS 7). Both # files listed in SHA256SUMS were just downloaded, so a plain -c is sufficient. if ! ( cd "$tmp" && sha256sum -c SHA256SUMS ); then echo "[install] CHECKSUM MISMATCH — refusing to run. Re-upload or recheck the host." >&2 exit 1 fi echo "[install] checksums OK — running copyfail-setup.sh (output goes to: $PWD)" # CWD stays where you invoked the one-liner, so the report lands there. # copyfail-setup.sh finds check-copy-fail.sh next to itself (both in $tmp). bash "$tmp/copyfail-setup.sh" "$@"