From db421f2691098f6d799ad6dcf2c8412dad922d97 Mon Sep 17 00:00:00 2001
From: Sarah Jamie Lewis <sarah@openprivacy.ca>
Date: Tue, 4 Apr 2023 19:57:35 -0700
Subject: [PATCH] Initial Tails Support / Center align profile attributes /
 biotext

---
 lib/views/peersettingsview.dart |  6 ++--
 linux/cwtch-tails.yml           | 55 +++++++++++++++++++++++++++++++++
 linux/cwtch.tails.sh            |  3 ++
 linux/install-tails.sh          | 27 ++++++++++++++++
 4 files changed, 88 insertions(+), 3 deletions(-)
 create mode 100644 linux/cwtch-tails.yml
 create mode 100755 linux/cwtch.tails.sh
 create mode 100755 linux/install-tails.sh

diff --git a/lib/views/peersettingsview.dart b/lib/views/peersettingsview.dart
index 50a1b619..a066a315 100644
--- a/lib/views/peersettingsview.dart
+++ b/lib/views/peersettingsview.dart
@@ -113,15 +113,15 @@ class _PeerSettingsViewState extends State<PeerSettingsView> {
                                 child: Column(children: [
                                   Padding(
                                     padding: EdgeInsets.all(1),
-                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[0] ?? ""),
+                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[0] ?? "", textAlign: TextAlign.center,),
                                   ),
                                   Padding(
                                     padding: EdgeInsets.all(1),
-                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[1] ?? ""),
+                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[1] ?? "", textAlign: TextAlign.center,),
                                   ),
                                   Padding(
                                     padding: EdgeInsets.all(1),
-                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[2] ?? ""),
+                                    child: SelectableText(Provider.of<ContactInfoState>(context, listen: false).attributes[2] ?? "", textAlign: TextAlign.center,),
                                   )
                                 ]))
                           ]),
diff --git a/linux/cwtch-tails.yml b/linux/cwtch-tails.yml
new file mode 100644
index 00000000..36260efe
--- /dev/null
+++ b/linux/cwtch-tails.yml
@@ -0,0 +1,55 @@
+---
+# TODO: This can likely be restricted even further, especially in regards to the ADD_ONION pattern
+- apparmor-profiles:
+    - '/home/amnesia/.local/lib/cwtch/cwtch'
+  users:
+    - 'amnesia'
+  commands:
+    AUTHCHALLENGE:
+      - 'SAFECOOKIE .*'
+    SETEVENTS:
+      - 'CIRC WARN ERR'
+      - 'CIRC ORCONN INFO NOTICE WARN ERR HS_DESC HS_DESC_CONTENT'
+    GETINFO:
+      - 'net/listeners/socks'
+    GETCONF:
+      - 'DisableNetwork'
+    SETCONF:
+      - 'DisableNetwork.*'
+    ADD_ONION:
+      - '.*'
+    DEL_ONION:
+      - '.+'
+    HSFETCH:
+      - '.+'
+  events:
+    CIRC:
+      suppress: true
+    ORCONN:
+      suppress: true
+    INFO:
+      suppress: true
+    NOTICE:
+      suppress: true
+    WARN:
+      suppress: true
+    ERR:
+      suppress: true
+    HS_DESC:
+      response:
+        - pattern:     '650 HS_DESC CREATED (\S+) (\S+) (\S+) \S+ (.+)'
+          replacement: '650 HS_DESC CREATED {} {} {} redacted {}'
+        - pattern:     '650 HS_DESC UPLOAD (\S+) (\S+) .*'
+          replacement: '650 HS_DESC UPLOAD {} {} redacted redacted'
+        - pattern:     '650 HS_DESC UPLOADED (\S+) (\S+) .+'
+          replacement: '650 HS_DESC UPLOADED {} {} redacted'
+        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH'
+          replacement: '650 HS_DESC REQUESTED {} NO_AUTH'
+        - pattern:     '650 HS_DESC REQUESTED (\S+) NO_AUTH \S+ \S+'
+          replacement: '650 HS_DESC REQUESTED {} NO_AUTH redacted redacted'
+        - pattern:     '650 HS_DESC RECEIVED (\S+) NO_AUTH \S+ \S+'
+          replacement: '650 HS_DESC RECEIVED {} NO_AUTH redacted redacted'
+        - pattern:     '.*'
+          replacement: ''
+    HS_DESC_CONTENT:
+      suppress: true
\ No newline at end of file
diff --git a/linux/cwtch.tails.sh b/linux/cwtch.tails.sh
new file mode 100755
index 00000000..ee3f419b
--- /dev/null
+++ b/linux/cwtch.tails.sh
@@ -0,0 +1,3 @@
+#!/bin/sh
+# Start Cwtch with Tails
+exec env CWTCH_TAILS=true LD_LIBRARY_PATH=~/.local/lib/cwtch/:~/.local/lib/cwtch/Tor ~/.local/lib/cwtch/cwtch
\ No newline at end of file
diff --git a/linux/install-tails.sh b/linux/install-tails.sh
new file mode 100755
index 00000000..3835cd6b
--- /dev/null
+++ b/linux/install-tails.sh
@@ -0,0 +1,27 @@
+#!/bin/sh
+
+mkdir -p ~/.local/bin
+sed "s|~|$HOME|g" cwtch.home.sh > ~/.local/bin/cwtch
+chmod a+x ~/.local/bin/cwtch
+
+mkdir -p ~/.local/share/icons
+cp cwtch.png ~/.local/share/icons
+
+mkdir -p ~/.local/share/cwtch
+cp -r data ~/.local/share/cwtch
+
+mkdir -p ~/.local/lib/cwtch
+cp -r lib/* ~/.local/lib/cwtch
+
+mkdir -p ~/.local/share/applications
+sed "s|~|$HOME|g" cwtch.home.desktop > $HOME/.local/share/applications/cwtch.desktop
+chmod a+x $HOME/.local/share/applications/cwtch.desktop
+
+# Tails needs to be have been setup up with an Administration account
+# https://tails.boum.org/doc/first_steps/welcome_screen/administration_password/
+# Make Auth Cookie Readable
+sudo chmod o+r /var/run/tor/control.authcookie
+# Copy Onion Grater Config
+sudo cp cwtch-tails.yml /etc/onion-grater.d/cwtch.yml
+# Restart Onion Grater so the Config Takes effect
+sudo systemctl restart onion-grater.service
\ No newline at end of file