fix installation gopass bridge and gopass-jsonapi

2023-04-30 20:25:30 +02:00 · 2023-04-30 20:25:30 +02:00 · 479bc8cd8d
commit 479bc8cd8d
parent 9a018ae3aa
5 changed files with 43 additions and 39 deletions
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/domain/DesktopService.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/domain/DesktopService.kt
@ -152,7 +152,7 @@ fun Prov.provisionBasicDesktop(
        installFirefox()
        installGopass()
        configureGopass(publicGpgKey = gpg?.publicKey)
-        installGopassBridgeJsonApi()
+        installGopassJsonApi()
        downloadGopassBridge()

        installRedshift()
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridge.kt
@ -6,7 +6,6 @@ import org.domaindrivenarchitecture.provs.framework.ubuntu.filesystem.base.*
 import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.aptInstall
 import org.domaindrivenarchitecture.provs.framework.ubuntu.install.base.isPackageInstalled
 import org.domaindrivenarchitecture.provs.framework.ubuntu.web.base.downloadFromURL
-import java.io.File


 fun Prov.downloadGopassBridge() = task {
@ -22,10 +21,10 @@ fun Prov.downloadGopassBridge() = task {
    // needs manual installation with: firefox Downloads/gopass_bridge-0.8.0-fx.xpi
 }

-fun Prov.installGopassBridgeJsonApi() = task {
+fun Prov.installGopassJsonApi() = taskWithResult {
    // see https://github.com/gopasspw/gopass-jsonapi
    val gopassJsonApiVersion = "1.11.1"
-    val requiredGopassVersion = "1.14.4"
+    val requiredGopassVersion = "1.12.7"
    val filename = "gopass-jsonapi_${gopassJsonApiVersion}_linux_amd64.deb"
    val downloadUrl = "-L https://github.com/gopasspw/gopass-jsonapi/releases/download/v$gopassJsonApiVersion/$filename"
    val downloadDir = "${userHome()}Downloads"
@ -46,51 +45,56 @@ fun Prov.installGopassBridgeJsonApi() = task {
                )
            }
        } else {
-            addResultToEval(
            ProvResult(
                false,
                "gopass not initialized correctly. You can initialize gopass with: \"gopass init\""
            )
-            )
        }
    } else {
        if (installedJsonApiVersion.startsWith("gopass-jsonapi version $gopassJsonApiVersion")) {
-            addResultToEval(ProvResult(true, out = "Version $gopassJsonApiVersion of gopass-jsonapi is already installed"))
+            ProvResult(true, out = "Version $gopassJsonApiVersion of gopass-jsonapi is already installed")
        } else {
-            addResultToEval(
            ProvResult(
                false,
                err = "gopass-jsonapi (version $gopassJsonApiVersion) cannot be installed as version $installedJsonApiVersion is already installed." +
                        " Upgrading gopass-jsonapi is currently not supported by provs."
            )
-            )
        }
    }
 }

-fun Prov.configureGopassWrapperShForFirefox() = task {
+/**
+ * Configures apparmor to allow firefox to access to gopass_wrapper.sh in avoid
+ * the error "An unexpected error occurred - Is your browser correctly set up for gopass? ..."
+ * when trying to use gopass bridge.
+ * This error appears in spite of having already set up gopass-jsonapi correctly.
+ */
+fun Prov.configureApparmorForGopassWrapperShForFirefox() = task {

    val appArmorFile = "/etc/apparmor.d/usr.bin.firefox"
+    val gopassAccessPermission = "owner @{HOME}/.config/gopass/gopass_wrapper.sh Ux,"
+    val insertAfterText = "# per-user firefox configuration\n"

-    if (checkFile(appArmorFile)) {
-        addTextToFile(
-            "\nowner @{HOME}/.config/gopass/gopass_wrapper.sh Ux\n",
-            File(appArmorFile),
-            sudo = true
+    if (checkFile(appArmorFile) && !fileContainsText(appArmorFile, gopassAccessPermission, true)) {
+        replaceTextInFile(
+            appArmorFile, insertAfterText, "$insertAfterText  $gopassAccessPermission\n"
        )
-    }
-
        cmd("systemctl reload apparmor", sudo = true)
+    }
 }

-fun Prov.configureGopassBridgeJsonApi() = task {
+fun Prov.configureGopassJsonApi() = taskWithResult {
    if (isPackageInstalled("gopass-jsonapi")) {
-        // configure for firefox and choose default for each:
-        // "Install for all users? [y/N/q]",
-        // "In which path should gopass_wrapper.sh be installed? [/home/testuser/.config/gopass]"
-        // "Wrapper Script for gopass_wrapper.sh ..."
-        configureGopassWrapperShForFirefox()
+        // configures gopass-jsonapi for firefox and chooses default for each:
+        // * "Install for all users? [y/N/q]",
+        // * "In which path should gopass_wrapper.sh be installed? [/home/<user>/.config/gopass]"
+        // * "Wrapper Script for gopass_wrapper.sh ..."
+        //
+        // I.e. creates file "gopass_wrapper.sh" in "/home/<user>/.config/gopass" as well as
+        // the manifest file "/home/<user>/.mozilla/native-messaging-hosts/com.justwatch.gopass.json"
        cmd("printf \"\\n\\n\\n\" | gopass-jsonapi configure --browser firefox")
+
+        configureApparmorForGopassWrapperShForFirefox()
    } else {
        ProvResult(
            false,
--- a/src/main/kotlin/org/domaindrivenarchitecture/provs/framework/ubuntu/filesystem/base/Filesystem.kt
+++ b/src/main/kotlin/org/domaindrivenarchitecture/provs/framework/ubuntu/filesystem/base/Filesystem.kt
@ -251,7 +251,7 @@ fun Prov.replaceTextInFile(file: String, oldText: String, replacement: String) =
 }


-fun Prov.replaceTextInFile(file: String, oldText: Regex, replacement: String) = task {
+fun Prov.replaceTextInFile(file: String, oldText: Regex, replacement: String) = taskWithResult {
    // todo: only use sudo for root or if owner different from current
    val content = fileContent(file, true)
    if (content != null) {
--- a/src/test/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridgeKtTest.kt
+++ b/src/test/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassBridgeKtTest.kt
@ -51,8 +51,8 @@ internal class GopassBridgeKtTest {

        // when
        val res = prov.task {
-            installGopassBridgeJsonApi()
-            configureGopassBridgeJsonApi()
+            installGopassJsonApi()
+            configureGopassJsonApi()
        }

        // then
@ -79,8 +79,8 @@ internal class GopassBridgeKtTest {

        // when
        val res = prov.task {
-            installGopassBridgeJsonApi()
-            configureGopassBridgeJsonApi()
+            installGopassJsonApi()
+            configureGopassJsonApi()
        }

        // then
@ -107,8 +107,8 @@ internal class GopassBridgeKtTest {

        // when
        val res = prov.task {
-            installGopassBridgeJsonApi()
-            configureGopassBridgeJsonApi()
+            installGopassJsonApi()
+            configureGopassJsonApi()
        }

        // then
--- a/src/test/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassKtTest.kt
+++ b/src/test/kotlin/org/domaindrivenarchitecture/provs/desktop/infrastructure/GopassKtTest.kt
@ -80,8 +80,8 @@ internal class GopassKtTest {
                cmd("printf \"\\ntest\\ntest@test.org\\n\" | gopass init " + gpgFingerprint(pubKey.plain())) // gopass init in default location with gpg-key-fingerprint of given key
            }
            downloadGopassBridge()
-            installGopassBridgeJsonApi()
-            configureGopassBridgeJsonApi()
+            installGopassJsonApi()
+            configureGopassJsonApi()
        }

        // then