Skip to content

Commit

Permalink
feat(install): add installation script for Pareto Security on multipl…
Browse files Browse the repository at this point in the history 
…e distributions
  • Loading branch information
@dz0ny
dz0ny committed Jan 22, 2025
1 parent c6b3537 commit b9e3c2e
Show file tree
Hide file tree
Showing 3 changed files with 147 additions and 57 deletions.
109 changes: 69 additions & 40 deletions apt/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,11 +91,20 @@ <h2 class="text-2xl font-semibold text-slate-800 mb-4">Linux</h2>
</div>
</div>
</div>
<div class="mt-4">
<h3 class="text-lg font-semibold text-blue-600 mb-2">Automatic installation</h3>
<p class="text-slate-500 mb-4">You can automatically install ParetoSecurity with:</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
curl -sl pkg.paretosecurity.com/install.sh | sudo bash
</div>
</div>
</div>
</div>

<!-- Debian- and Ubuntu-based distributions -->
<div class="mt-12 max-w-5xl mx-auto">
<div class="mt-12 max-w-5xl mx-auto" x-data="{ showManualDebian: false }">
<h2 class="text-2xl font-semibold text-center text-slate-800 mb-4">Debian- and Ubuntu-based distributions
</h2>
<div class="bg-white border border-slate-200 p-6 rounded-lg shadow-sm">
Expand All @@ -114,19 +123,26 @@ <h3 class="text-lg font-semibold text-blue-600 mb-4">Installing</h3>
signing key needed to automatically update ParetoSecurity and verify the integrity of the
downloaded packages.
</p>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity APT repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
sudo apt-get install wget gpg<br>
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | sudo tee
/usr/share/keyrings/paretosecurity.gpg >/dev/null<br>
echo 'deb [signed-by=/usr/share/keyrings/paretosecurity.gpg] https://pkg.paretosecurity.com/debian
stable main' | sudo tee /etc/apt/sources.list.d/pareto.list<br>
sudo apt update && sudo apt install paretosecurity
<button @click="showManualDebian = !showManualDebian"
class="bg-gray-300 hover:bg-gray-400 text-black py-1 px-3 rounded text-sm">
Show manual installation
</button>
<div x-show="showManualDebian" x-cloak>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity APT repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
sudo apt-get install wget gpg<br>
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | sudo tee
/usr/share/keyrings/paretosecurity.gpg >/dev/null<br>
echo 'deb [signed-by=/usr/share/keyrings/paretosecurity.gpg]
https://pkg.paretosecurity.com/debian
stable main' | sudo tee /etc/apt/sources.list.d/pareto.list<br>
sudo apt update && sudo apt install paretosecurity
</div>
</div>
<h3 class="text-lg font-semibold text-blue-600 my-4">Quick Start</h3>
<div class="bg-black text-green-400 font-mono p-4 rounded text-sm">
Expand All @@ -140,7 +156,7 @@ <h3 class="text-lg font-semibold text-blue-600 my-4">Quick Start</h3>
</div>

<!-- RHEL-, Fedora-, and CentOS-based distributions -->
<div class="mt-12 max-w-5xl mx-auto">
<div class="mt-12 max-w-5xl mx-auto" x-data="{ showManualRhel: false }">
<h2 class="text-2xl font-semibold text-center text-slate-800 mb-4">RHEL-, Fedora-, and CentOS-based
distributions</h2>
<div class="bg-white border border-slate-200 p-6 rounded-lg shadow-sm">
Expand All @@ -159,17 +175,23 @@ <h3 class="text-lg font-semibold text-blue-600 mb-4">Installing</h3>
first update, dnf will retrieve the signing key needed to verify the integrity of the downloaded
packages.
</p>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity yum repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
sudo rpm --import https://pkg.paretosecurity.com/paretosecurity.gpg<br>
curl -fsSl https://pkg.paretosecurity.com/rpm/paretosecurity.repo | sudo tee<br>
/etc/yum.repos.d/paretosecurity.repo<br>
sudo dnf install paretosecurity
<button @click="showManualRhel = !showManualRhel"
class="bg-gray-300 hover:bg-gray-400 text-black py-1 px-3 rounded text-sm">
Show manual installation
</button>
<div x-show="showManualRhel" x-cloak>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity yum repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
sudo rpm --import https://pkg.paretosecurity.com/paretosecurity.gpg<br>
curl -fsSl https://pkg.paretosecurity.com/rpm/paretosecurity.repo | sudo tee<br>
/etc/yum.repos.d/paretosecurity.repo<br>
sudo dnf install paretosecurity
</div>
</div>
<h3 class="text-lg font-semibold text-blue-600 my-4">Quick Start</h3>
<div class="bg-black text-green-400 font-mono p-4 rounded text-sm">
Expand All @@ -183,7 +205,7 @@ <h3 class="text-lg font-semibold text-blue-600 my-4">Quick Start</h3>
</div>

<!-- Archlinux-based distributions -->
<div class="mt-12 max-w-5xl mx-auto">
<div class="mt-12 max-w-5xl mx-auto" x-data="{ showManualArch: false }">
<h2 class="text-2xl font-semibold text-center text-slate-800 mb-4">Archlinux-based
distributions</h2>
<div class="bg-white border border-slate-200 p-6 rounded-lg shadow-sm">
Expand All @@ -203,19 +225,26 @@ <h3 class="text-lg font-semibold text-blue-600 mb-4">Installing</h3>
first update, pacman will retrieve the signing key needed to verify the integrity of the downloaded
packages.
</p>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity pacman repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | sudo pacman-key --add -<br>
sudo pacman-key --lsign-key [email protected]<br>
echo '[paretosecurity]' | sudo tee -a /etc/pacman.conf >/dev/null<br>
echo "Server = https://pkg.paretosecurity.com/aur/stable/$(uname -m)" | sudo tee -a /etc/pacman.conf
>/dev/null<br>
sudo pacman -Syu paretosecurity
<button @click="showManualArch = !showManualArch"
class="bg-gray-300 hover:bg-gray-400 text-black py-1 px-3 rounded text-sm">
Show manual installation
</button>
<div x-show="showManualArch" x-cloak>
<p class="text-slate-500 mb-4">
Alternatively, you can manually configure the ParetoSecurity pacman repository and install
ParetoSecurity by running the following commands:
</p>
<div class="relative bg-black text-green-400 font-mono p-4 rounded text-sm mb-4">
<button @click="navigator.clipboard.writeText($el.parentElement.innerText.replace('Copy', ''))"
class="absolute top-2 right-2 bg-blue-600 hover:bg-blue-700 text-white py-1 px-2 rounded text-xs">Copy</button>
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | sudo pacman-key --add -<br>
sudo pacman-key --lsign-key [email protected]<br>
echo '[paretosecurity]' | sudo tee -a /etc/pacman.conf >/dev/null<br>
echo "Server = https://pkg.paretosecurity.com/aur/stable/$(uname -m)" | sudo tee -a
/etc/pacman.conf
>/dev/null<br>
sudo pacman -Syu paretosecurity
</div>
</div>
<h3 class="text-lg font-semibold text-blue-600 my-4">Quick Start</h3>
<div class="bg-black text-green-400 font-mono p-4 rounded text-sm">
Expand Down
69 changes: 69 additions & 0 deletions apt/install.sh
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,69 @@
#!/bin/bash

BASE_URL="https://github.com/ParetoSecurity/pareto-linux/releases/latest/download/paretosecurity_"

if [ "$EUID" -ne 0 ]; then
echo "Please run as root"
exit
fi
ARCH=$(uname -m)

echo "Starting installation of Pareto Security..."

# Check if the script is running on Ubuntu, Debian, or Pop!_OS
if [[ -f /etc/os-release ]]; then
. /etc/os-release
if [[ "$ID_LIKE" == *"debian"* ]]; then
TEMP_DIR=$(mktemp -d)
echo "Downloading Pareto Security package for $ARCH..."
if [[ "$ARCH" == "amd64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_amd64.deb" "${BASE_URL}amd64.deb"
echo "Installing package..."
dpkg -i "$TEMP_DIR/paretosecurity_amd64.deb"
elif [[ "$ARCH" == "aarch64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_arm64.deb" "${BASE_URL}arm64.deb"
echo "Installing package..."
dpkg -i "$TEMP_DIR/paretosecurity_arm64.deb"
else
echo "Unsupported architecture: $ARCH"
exit 1
fi
echo "Cleaning up..."
rm -rf "$TEMP_DIR"

elif [[ "$ID_LIKE" == *"arch"* ]]; then
TEMP_DIR=$(mktemp -d)
echo "Downloading Pareto Security package for $ARCH..."
if [[ "$ARCH" == "amd64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_amd64.rpm" "${BASE_URL}amd64.rpm"
echo "Installing package..."
pacman -U "$TEMP_DIR/paretosecurity_amd64.archlinux.pkg.tar.zst"
elif [[ "$ARCH" == "aarch64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_arm64.rpm" "${BASE_URL}arm64.rpm"
echo "Installing package..."
pacman -U "$TEMP_DIR/paretosecurity_arm64.archlinux.pkg.tar.zst"
else
echo "Unsupported architecture: $ARCH"
exit 1
fi
elif [[ "$ID_LIKE" == *"rhel"* || "$ID_LIKE" == *"fedora"* ]]; then
TEMP_DIR=$(mktemp -d)
echo "Downloading Pareto Security package for $ARCH..."
if [[ "$ARCH" == "amd64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_amd64.rpm" "${BASE_URL}amd64.archlinux.pkg.tar.zst"
echo "Installing package..."
rpm -i "$TEMP_DIR/paretosecurity_amd64.rpm"
elif [[ "$ARCH" == "aarch64" ]]; then
wget -q --show-progress -O "$TEMP_DIR/paretosecurity_arm64.rpm" "${BASE_URL}arm64.archlinux.pkg.tar.zst"
echo "Installing package..."
rpm -i "$TEMP_DIR/paretosecurity_arm64.rpm"
else
echo "Unsupported architecture: $ARCH"
exit 1
fi
echo "Cleaning up..."
rm -rf "$TEMP_DIR"
fi
fi

echo "Pareto Security has been installed successfully."
26 changes: 9 additions & 17 deletions apt/postinstall.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,23 +7,15 @@ if [[ -f /etc/os-release ]]; then
if [[ "$ID" == "ubuntu" || "$ID" == "debian" || "$ID" == "pop" ]]; then
# Create keyrings directory
mkdir -p --mode=0755 /usr/share/keyrings

# Download and install GPG key
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | tee /usr/share/keyrings/paretosecurity.gpg >/dev/null

# Add Pareto repository
echo 'deb [signed-by=/usr/share/keyrings/paretosecurity.gpg] https://pkg.paretosecurity.com/debian stable main' | tee /etc/apt/sources.list.d/pareto.list >/dev/null
elif [[ "$ID_LIKE" == *"rhel"* || "$ID_LIKE" == *"fedora"* ]]; then
# Download and install GPG key
rpm --import https://pkg.paretosecurity.com/paretosecurity.asc
curl -fsSl https://pkg.paretosecurity.com/rpm/paretosecurity.repo | tee /etc/yum.repos.d/paretosecurity.repo >/dev/null
fi
fi

#Arch Linux
if [[ -f /etc/os-release ]]; then
. /etc/os-release
if [[ "$ID_LIKE" == "arch" ]]; then
elif [[ "$ID_LIKE" == "arch" ]]; then
# Download and install GPG key
curl -fsSL https://pkg.paretosecurity.com/paretosecurity.gpg | pacman-key --add -
pacman-key --lsign-key [email protected] >/dev/null
Expand All @@ -38,7 +30,7 @@ fi
# Check for systemd
if command -v systemctl >/dev/null 2>&1; then
# Create socket unit
cat << 'EOF' | tee /etc/systemd/system/pareto-linux.socket > /dev/null
cat <<'EOF' | tee /etc/systemd/system/pareto-linux.socket >/dev/null
[Unit]
Description=Socket for pareto-linux
Expand All @@ -52,7 +44,7 @@ WantedBy=sockets.target
EOF

# Create service unit
cat << 'EOF' | tee /etc/systemd/system/pareto-linux.service > /dev/null
cat <<'EOF' | tee /etc/systemd/system/pareto-linux.service >/dev/null
[Unit]
Description=Service for pareto-linux
Requires=pareto-linux.socket
Expand All @@ -67,7 +59,7 @@ RemainAfterExit=no
StartLimitInterval=1
StartLimitBurst=100
# Disabled to allow cehcking firewall rules
# Disabled to allow checking firewall rules
#ReadOnlyPaths=/
ProtectSystem=full
Expand All @@ -79,8 +71,8 @@ StandardError=journal
WantedBy=multi-user.target
EOF

# Reload systemd and enable socket
systemctl daemon-reload
systemctl enable pareto-linux.socket
systemctl start pareto-linux.socket
fi
# Reload systemd and enable socket
systemctl daemon-reload
systemctl enable pareto-linux.socket
systemctl start pareto-linux.socket
fi

0 comments on commit b9e3c2e

Please sign in to comment.