From 91d85105792e1bbb0671ee2cdbb89af609cf4d41 Mon Sep 17 00:00:00 2001 From: Ben Radey Date: Thu, 7 May 2026 15:06:01 -0400 Subject: [PATCH] Attempt at adding brave-browser --- Containerfile-workstation-nvidia-base | 10 ++- gpg-keys/brave-core.asc | 90 +++++++++++++++++++++++++++ 2 files changed, 98 insertions(+), 2 deletions(-) create mode 100644 gpg-keys/brave-core.asc diff --git a/Containerfile-workstation-nvidia-base b/Containerfile-workstation-nvidia-base index 9712466..a5277c7 100644 --- a/Containerfile-workstation-nvidia-base +++ b/Containerfile-workstation-nvidia-base @@ -8,15 +8,21 @@ RUN rpm --import \ /keys/public_key_proton.asc \ /keys/RPM-GPG-KEY-rpmfusion-free-fedora-2020 \ /keys/RPM-GPG-KEY-rpmfusion-nonfree-fedora-2020 \ + /keys/brave-core.asc \ /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-43-x86_64 && \ rm -rf /keys && \ dnf5 install -y https://mirrors.rpmfusion.org/free/fedora/rpmfusion-free-release-$(rpm -E %fedora).noarch.rpm \ https://mirrors.rpmfusion.org/nonfree/fedora/rpmfusion-nonfree-release-$(rpm -E %fedora).noarch.rpm \ https://repo.protonvpn.com/fedora-$(cat /etc/fedora-release | cut -d' ' -f 3)-stable/protonvpn-stable-release/protonvpn-stable-release-1.0.3-1.noarch.rpm && \ + curl -fsSLo /etc/yum.repos.d/brave-browser.repo https://brave-browser-rpm-release.s3.brave.com/brave-browser.repo && \ + mkdir /var/opt /usr/brave.com && \ + ln -s /usr/brave.com /var/opt/brave.com && \ + echo "L /var/opt/brave.com - - - - /usr/brave.com" >> /usr/lib/tmpfiles.d/brave.conf && \ dnf5 install -y \ akmods \ android-tools \ ansible \ + brave-browser \ cinnamon \ distrobox \ fuse-sshfs \ @@ -56,11 +62,11 @@ RUN rpm -q akmod-nvidia && \ rpm -q xorg-x11-drv-nvidia-cuda && \ rpm -q proton-vpn-gnome-desktop -# The first check makes sure that we have exactly 4 gpg pubkeys trusted in the rpmdb (the ones manually imported above). +# The first check makes sure that we have exactly 10 gpg pubkeys trusted in the rpmdb (the ones manually imported above) (Brave adds 6, apparently?). # Any more than that means that dnf automatically added a new one, which is shady! # Then: cleanup image for linting # Finally: verify image is good # FIXME - remove the `--skip nonempty-run-tmp` when it's no longer needed -RUN [[ 4 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ +RUN [[ 10 -eq $(rpm -qa gpg-pubkey* | wc -l) ]] && \ rm -rf /var /boot && mkdir /var /boot && \ bootc container lint --fatal-warnings --skip nonempty-run-tmp diff --git a/gpg-keys/brave-core.asc b/gpg-keys/brave-core.asc new file mode 100644 index 0000000..020113f --- /dev/null +++ b/gpg-keys/brave-core.asc @@ -0,0 +1,90 @@ +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGOrCckBEADNcJUEATinOnryWPrc9nC3CrU6sDuJArVki6KMx3lkfSSATFfN +reVv+OcrLtGD1E+jwSlYVX0c+7LhuuMLeJuORD9JqXNSdbalnhEOijmzZ/Efgc3u +HWP3Vp2Ljdrp8YVGLDJwbUwSQv3xEfn5UioSA3FhuOigrpmLTPSTR1TrjT81jQC2 +e6ychAkb0u225yjXuY/fJqx8KV6Qoh17dudt87VAuSatK0Fo93wECfFL9NRs4+fe +4Ddiw5HqOyC6wjqaEnfpDptCKj1M+tptR3BdJhnXPl/uxaNQ9ECpEVMGPJ4EX7pl +H7ReYmWFg2JsRDhtJ0A5jhQ32OUAyOAlHZIvy3X2B2MLSbAz1CSVLCnB4M6q88Xj +fkbIvb9dKy6zcv8Tjg6GXH/sYR0/N6HtX5qhqbEAzq3QSvGwwsQAWOgAfw9BDxPG +3xR8RBpwH5gOXsG8l2519uHlxn1uPkAoK67I/+iHGLS4m4lIQKkgq9zELhf8DxXf +AQJc0c9OU5eVU8tRIX5YU3bGC8cPv7DxFBJLKFNedl5MJTjQnchH0xuJ05Jvrmi7 +CbL5wTX4OmecUU11iWubTVCQcbDgnmpv+hTVc7UNzRAmDGj3TDXxe7oVGkX6iKt5 +JJqGPW0TO6Ge5gJ9BG4IQgFW5kiZvGQyUjRfLQOF/8l3+6+8rC7IloLhaQARAQAB +tElCcmF2ZSBMaW51eCBSZWxlYXNlIChCcmF2ZSBMaW51eCBSZWxlYXNlKSA8YnJh +dmUtbGludXgtcmVsZWFzZUBicmF2ZS5jb20+iQJ9BBMBCABnAhsDBQkSzAMABQsJ +CAcCAiICBhUKCQgLAgQWAgMBAh4HAheAFiEE2/GhFsIguMcWT5gjBoa3hCADglcF +AmdkXH0lFIAAAAAADwANbGFiZWxAYnJhdmUuY29tbGludXhfcmVsZWFzZQAKCRAG +hreEIAOCV7TcD/9AiF5eQtqjaoZ3Pwzof2UqyiK9cm683c8zncpCZb7sKFewHtBk +0i8Ufdc4jrqjHQF5G6DiSdxTqKuAtwzaxE+bl77NcA8cQO6PioIcREjUWSYKGZ4t +1fH9B5Ba45tQI9AgL7idPhRSQCqQmcrTgQKRiMcqD1sySd2zNfPZKJKElR9GDS2y +puzdYeeAXCtNm5PImvFDrbkk1Fv0qNJBLAgtSda9MJytAD+KaHQ3/1DpLQAVOTsD +KBvtowdx2m+H6+6ciYO8VwdT8GGMfWFRAs6Ix/uC7jO2W+k/53vu5TUm7OyxkXQB +sn8b+X70jlLtOAdSPpwb2ML9aoEE6AyqTojqiaM9u2FDNsZP9gYow9P3Owq3tQNB +YUnNRhk3A7lyWWnrkjU9icN73SYJNQcAHJg0GOXG7a2WG0fcgTDwBApjrBE75Fh9 +ltM/7lgEL74y0Lnj614sV9Oet8oew7pXMcE2TdUwm6lKU0SQywamvQpHPngikYD9 +QBoPcqsLOXJUF0jlcK4NlrzVeSqqVXGWtGhpU5jTmp3jlco+PlY3ck99ZnklLOoN +ZIDTyGxzzitu7vrE5drM0Tn2FFTDQ9wG6QuQ7oDk3qT8hSyDu8SF2O9VOrf1SPXo +cdmwtbPfL9dFQ4wQ/IrJIRh7xViYodDvGL8V7ROrWTR5NF1ZavfmM5fGnA== +=9XDs +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGfYXXMBEADoa5Tv7DFt6G4OhrRZCMnE8nGSDez1VW71Qh5OEmSdVHALImmB +3hA3HZg+MOTzy6lBD23+JcCg4ppAkYgeN08AmSJQfsrS9Vrmojifs9TpjQ207ioH +EqQH2/5uU0/8xFz/o8TfFMz7JwjviUmItcXz1MybAgLuRAPmjzlZYNVjJ8XaT2FB +zrxidV9Yr/zUfzFSfX43ERhXx6hUrBCsl/mAUQ8bcOCLPX6pX3A/2ZtdUIxTlYBg +c44/WmGYihI7g0jSvFhLlA5Eo1NIQBydO6pYs6NnRe5YRmZCF29jPC//8bgEQCsn +yfDy/uZCofkTyID9MRSxUncIeLA12yUuxGvgoD6lM4ezdBbQRp91YngzGUQFnEXM +KZHeOAkWIyOrHkzlyB9UtEnI7tAJM7PtXnSWtXT9e3jxULkBOPtm1LFCZKjlG9UJ +WTg1WkpSTo+JlVzZd1Hko3N6AVj3ivCsoL76YL/g0UeWNNNF2HeFqlaBvnxmAuxJ +Hkp7DSydDPvst3/FqO128V5isrOW+z8pI97SpFJAmvoPHYAwM3C6qJdvDS1rRkTF +iIEhKm0X2KetnOLvdbf3jC9gg2Z57V13r7aLWGZJhz4ZPuuQX9/ekYqZxYp0qyb7 +ijr2KzSXywJWK0ilRm4OgEJx+HHqO95XFJDPgIcD+voxjcYxCbwW4FkcNwARAQAB +tENCcmF2ZSBMaW51eCBSZWxlYXNlIChCcmF2ZSBMaW51eCBSZWxlYXNlKSA8bGlu +dXgtcmVsZWFzZUBicmF2ZS5jb20+iQKBBBMBCABrAhsDBQkSzAMABQsJCAcCAiIC +BhUKCQgLAgQWAgMBAh4HAheAFiEER9MqdOmp4BOktJJsaNUT02pzzZYFAmfYXXYp +FIAAAAAADwARbGFiZWxAYnJhdmUuY29tbGludXhfcmVsZWFzZV9tcmsACgkQaNUT +02pzzZYXzhAAjXohBzvsNtVA9olF5tRbQkTi90bbet21LS+gw4OWGsFfNgs1Ze1L +1h81XPFrYDXL6gpMZmfSAK2PbdgcAJvJovxWR/FXvZQhj3je2zrd7JfGwII/1g8m +O5WFgscGP+ZaeddCMSO3zeOodm9EIHpR98Bpaayzl6drwwMrE5rvDma+TfoqvQUd +2LkoSqr0tT/LaRw10m/7geDrMwmWV8tgMlaHEPBZh6P+TNtC5kAm73uqVDzIdKC6 +X4SL6h8mQB8HY4ZsGX5ligiobgb2unMRfqYPeULwL2LmA7+5+k7GZpdDz/6cucUe +sHBU9Ug/7oEiVqE5xnGrA+FH4lBty0TPsVLT9+Ukbv7ogWXkB4eUpH45hvZnR8Dm +w4+FZcu2pC0U/CQYyxpmb6Xd6D3CXfTENyx2ramUDuZzl/bcoSScdm3Mps3QAjGf +OifBzSzm2eYi8QtxTSMPeaH33UjzyEUvjVmsyGKVA7bvA9XwbS6GwIpGQI8Ls02A +ws9D01MB6QxXMuhplOh3ugGlHnnvH2RS63JsD8ZbGWbx8bh1fQCgG+nBNcik4tac +ZpAkRwzZ2G1TR433klJ0s3q/6hGDqhmt/6vWxXAOfrEeBvbzFmjwJvlfq2fftag4 +euPiI1qQbVRqYuIgfDy52WwmIA32XULwHM7deyNKrp8RvX1eHyylocs= +=Mbfv +-----END PGP PUBLIC KEY BLOCK----- +-----BEGIN PGP PUBLIC KEY BLOCK----- + +mQINBGiIh7sBEADZtItMp3ECke3wanwQVDqM7MIiLHm5lXSze7V2RpklOjP04OBB +TKbesDK2651JR4w5eqta80BjhnU5Jn2gAsvS7yie8EXc30Th+gYAsaGdsJMIlqnQ +D9RRbelcJ3GEqx39bimc3Wy8OluC21O6UQ42PEgzd5FfNv2tYHn068WJYoElCjcC +HO5JLTmwBKpK4akd2+q7+GhS6foQ2SfcBFnEy4J4GuMh17cIlNE+yyKpE2eQ2PAV +/XK1LxKybvhGKuRRgIQo29Yo+ZNIe6ThS5XSitrgAk+OBhxqMJL0aSV9m0UONmwp +tpxIgoJeVHDJ69+Vmo5f5hq9XkoHjF6EoOQj+nihtKdmnrvgaVNtBk4R5F85/gjY +fUyeCVpntd4/N5zsiw4ZEN4iKSSvdGeTcoVolB4JA5rmcAfS5sICguColo/JJyEb +jwu1WwYT3OXTG0fgzdEBIddmNhPX/as40vt1vLkXXO9d6D65AG9VbEineZ9DKc7b +IpI1rUzr6KXiIA0eb2Y2oOSyVKo8isINPsIcWpGE0nhJQM3M5xhbq7LXqP80NJyg +TrWPF5wHcyzf5Gw6Ptfm7mYiSvc3VBbXP0zVpZQZgrfgylkH2uelDBw9BcoQM6oZ +N85hfOu1+5Lfr9+r+xacd8auIK62CR7P64rBh93vHUlnZVK0QpfEY7eN/QARAQAB +tENCcmF2ZSBMaW51eCBSZWxlYXNlIChCcmF2ZSBMaW51eCBSZWxlYXNlKSA8bGlu +dXgtcmVsZWFzZUBicmF2ZS5jb20+iQKABBMBCABqAhsDBQkSzAMABQsJCAcCAiIC +BhUKCQgLAgQWAgMBAh4HAheAFiEEsqPco1DmclZ0DfkE3k7Ge+Sw3KAFAmiIh8Ao +FIAAAAAADwAQbGFiZWxAYnJhdmUuY29tbGludXhfcmVsZWFzZV92MgAKCRDeTsZ7 +5LDcoN48D/47TkfnxqmyQ/czOK+lXfMpg8y2hZ/tooYlWAeTuSvx+rwMAp5iUL0w +XxAGynjEU2OBA8KAtdD/ALZSk87R9e8d8d0JMnXuZP0l9zOfyvaCS1CqkFWtFV72 +oSsFet+hJYdGHAnLruMD9AgqHAE9ytm8rm48uppyXY4hhVJqQGWjGbd8VQLU4AM1 +mzojK3M/xVCDXgJ5WN5cyrb8A8nxpdaU0U7zuYhmqrmfg+bAhghq07q+T1sF+kNJ +r/sKRLUomWr7Q8TYmuWgoLY8CiTu6uKcTEfDaopdZvWL82Qn1eoiGAAb73Zztt9c +kKtsUM+Ph2tJ0HBEKjK06TbjEoOd+LsD9jp9mQ27pSLIIGZ+r3I9AMg9WRjclHlU +T97OqwVu+2LRu5t/jvYJeUOmBH0fq9Co6VeNoHAWnkt1xpBhKWvamhUWTuAGdjWh +hs+pcEIBpySuxtwCpAvmrPEylygBnng95pj43GKI1yAkPpsB9YwnZwEfQ4rTXp6S +m8FaSINrnO3JRt9vbpbUSYAj3VCGEkdfb1p8zt+ARVB7UJ90/ZnhPBdHPMa2aeOI +4gMqFIIKVNCc69r5IevM7eHd2pc2N01eR3JsWEkZLQXS+PTCmP/34rpcF45wsidb +rmdktfo7KacwszjHBfKr4us/8epykbRQuVgamiiUQxXFTKl9as07JA== +=0GhZ +-----END PGP PUBLIC KEY BLOCK-----