diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index 86779f33..0c9dfb32 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -255,7 +255,6 @@ jobs:
env:
# Keep compat with MacOS 10.15 aka Catalina by Qt 6.4
QT_VERSION: 6.4.3
- QIF_VERSION: 4.6
PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
@@ -283,11 +282,6 @@ jobs:
set-env: 'true'
extra: '--external 7z --base ${{ env.QT_MIRROR }}'
- - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}'
- run: |
- mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework
- wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip
- unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/
- name: 'Get sources'
uses: actions/checkout@v4
@@ -301,14 +295,13 @@ jobs:
- name: 'Build project'
run: |
export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin"
- export QIF_BIN_DIR="${{ runner.temp }}/Qt/Tools/QtInstallerFramework/${{ env.QIF_VERSION }}/bin"
bash deploy/build_macos.sh
- name: 'Upload installer artifact'
uses: actions/upload-artifact@v4
with:
name: AmneziaVPN_MacOS_old_installer
- path: AmneziaVPN.dmg
+ path: deploy/build/pkg/AmneziaVPN.pkg
retention-days: 7
- name: 'Upload unpacked artifact'
@@ -325,7 +318,6 @@ jobs:
env:
QT_VERSION: 6.8.0
- QIF_VERSION: 4.8.1
PROD_AGW_PUBLIC_KEY: ${{ secrets.PROD_AGW_PUBLIC_KEY }}
PROD_S3_ENDPOINT: ${{ secrets.PROD_S3_ENDPOINT }}
DEV_AGW_PUBLIC_KEY: ${{ secrets.DEV_AGW_PUBLIC_KEY }}
@@ -353,11 +345,6 @@ jobs:
set-env: 'true'
extra: '--external 7z --base ${{ env.QT_MIRROR }}'
- - name: 'Install Qt Installer Framework ${{ env.QIF_VERSION }}'
- run: |
- mkdir -pv ${{ runner.temp }}/Qt/Tools/QtInstallerFramework
- wget https://qt.amzsvc.com/tools/ifw/${{ env.QIF_VERSION }}.zip
- unzip ${{ env.QIF_VERSION }}.zip -d ${{ runner.temp }}/Qt/Tools/QtInstallerFramework/
- name: 'Get sources'
uses: actions/checkout@v4
@@ -371,14 +358,13 @@ jobs:
- name: 'Build project'
run: |
export QT_BIN_DIR="${{ runner.temp }}/Qt/${{ env.QT_VERSION }}/macos/bin"
- export QIF_BIN_DIR="${{ runner.temp }}/Qt/Tools/QtInstallerFramework/${{ env.QIF_VERSION }}/bin"
bash deploy/build_macos.sh
- name: 'Upload installer artifact'
uses: actions/upload-artifact@v4
with:
name: AmneziaVPN_MacOS_installer
- path: AmneziaVPN.dmg
+ path: deploy/build/pkg/AmneziaVPN.pkg
retention-days: 7
- name: 'Upload unpacked artifact'
diff --git a/deploy/build_macos.sh b/deploy/build_macos.sh
index 5f6e9786..70e2cc5f 100755
--- a/deploy/build_macos.sh
+++ b/deploy/build_macos.sh
@@ -31,20 +31,14 @@ BUNDLE_DIR=$OUT_APP_DIR/$APP_FILENAME
PREBUILT_DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/deploy-prebuilt/macos
DEPLOY_DATA_DIR=$PROJECT_DIR/deploy/data/macos
-INSTALLER_DATA_DIR=$BUILD_DIR/installer/packages/$APP_DOMAIN/data
-INSTALLER_BUNDLE_DIR=$BUILD_DIR/installer/$APP_FILENAME
-DMG_FILENAME=$PROJECT_DIR/${APP_NAME}.dmg
# Search Qt
if [ -z "${QT_VERSION+x}" ]; then
QT_VERSION=6.4.3;
-QIF_VERSION=4.6
QT_BIN_DIR=$HOME/Qt/$QT_VERSION/macos/bin
-QIF_BIN_DIR=$QT_BIN_DIR/../../../Tools/QtInstallerFramework/$QIF_VERSION/bin
fi
echo "Using Qt in $QT_BIN_DIR"
-echo "Using QIF in $QIF_BIN_DIR"
# Checking env
@@ -113,58 +107,90 @@ if [ "${MAC_CERT_PW+x}" ]; then
fi
echo "Packaging installer..."
-mkdir -p $INSTALLER_DATA_DIR
-cp -av $PROJECT_DIR/deploy/installer $BUILD_DIR
-cp -av $DEPLOY_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_install.sh
-cp -av $DEPLOY_DATA_DIR/post_uninstall.sh $INSTALLER_DATA_DIR/post_uninstall.sh
-cp -av $DEPLOY_DATA_DIR/$PLIST_NAME $INSTALLER_DATA_DIR/$PLIST_NAME
+PKG_DIR=$BUILD_DIR/pkg
+PKG_ROOT=$PKG_DIR/root
+SCRIPTS_DIR=$PKG_DIR/scripts
+RESOURCES_DIR=$PKG_DIR/resources
+INSTALL_PKG=$PKG_DIR/${APP_NAME}_install.pkg
+UNINSTALL_PKG=$PKG_DIR/${APP_NAME}_uninstall.pkg
+FINAL_PKG=$PKG_DIR/${APP_NAME}.pkg
+UNINSTALL_SCRIPTS_DIR=$PKG_DIR/uninstall_scripts
-chmod a+x $INSTALLER_DATA_DIR/post_install.sh $INSTALLER_DATA_DIR/post_uninstall.sh
+mkdir -p "$PKG_ROOT/Applications" "$SCRIPTS_DIR" "$RESOURCES_DIR" "$UNINSTALL_SCRIPTS_DIR"
-cd $BUNDLE_DIR
-tar czf $INSTALLER_DATA_DIR/$APP_NAME.tar.gz ./
+cp -R "$BUNDLE_DIR" "$PKG_ROOT/Applications"
+cp "$DEPLOY_DATA_DIR/$PLIST_NAME" "$PKG_ROOT/Applications/$APP_FILENAME/$PLIST_NAME"
+cp "$DEPLOY_DATA_DIR/post_install.sh" "$SCRIPTS_DIR/post_install.sh"
+cp "$DEPLOY_DATA_DIR/post_uninstall.sh" "$UNINSTALL_SCRIPTS_DIR/postinstall"
+mkdir -p "$RESOURCES_DIR/scripts"
+cp "$DEPLOY_DATA_DIR/check_install.sh" "$RESOURCES_DIR/scripts/check_install.sh"
+cp "$DEPLOY_DATA_DIR/check_uninstall.sh" "$RESOURCES_DIR/scripts/check_uninstall.sh"
-echo "Building installer..."
-$QIF_BIN_DIR/binarycreator --offline-only -v -c $BUILD_DIR/installer/config/macos.xml -p $BUILD_DIR/installer/packages -f $INSTALLER_BUNDLE_DIR
+cat > "$SCRIPTS_DIR/postinstall" <<'EOS'
+#!/bin/bash
+SCRIPT_DIR="$(dirname "$0")"
+bash "$SCRIPT_DIR/post_install.sh"
+exit 0
+EOS
+
+chmod +x "$SCRIPTS_DIR"/*
+chmod +x "$UNINSTALL_SCRIPTS_DIR"/*
+chmod +x "$RESOURCES_DIR/scripts"/*
+cp "$PROJECT_DIR/LICENSE" "$RESOURCES_DIR/LICENSE"
+
+APP_VERSION=$(grep -m1 -E 'project\(' "$PROJECT_DIR/CMakeLists.txt" | sed -E 's/.*VERSION ([0-9.]+).*/\1/')
+echo "Building component package $INSTALL_PKG ..."
+pkgbuild --root "$PKG_ROOT" \
+ --identifier "$APP_DOMAIN" \
+ --version "$APP_VERSION" \
+ --install-location "/" \
+ --scripts "$SCRIPTS_DIR" \
+ "$INSTALL_PKG"
+
+# Build uninstaller component package
+UNINSTALL_COMPONENT_PKG=$PKG_DIR/${APP_NAME}_uninstall_component.pkg
+echo "Building uninstaller component package $UNINSTALL_COMPONENT_PKG ..."
+pkgbuild --nopayload \
+ --identifier "$APP_DOMAIN.uninstall" \
+ --version "$APP_VERSION" \
+ --scripts "$UNINSTALL_SCRIPTS_DIR" \
+ "$UNINSTALL_COMPONENT_PKG"
+
+# Wrap uninstaller component in a distribution package for clearer UI
+echo "Building uninstaller distribution package $UNINSTALL_PKG ..."
+UNINSTALL_RESOURCES=$PKG_DIR/uninstall_resources
+rm -rf "$UNINSTALL_RESOURCES"
+mkdir -p "$UNINSTALL_RESOURCES"
+cp "$DEPLOY_DATA_DIR/uninstall_welcome.html" "$UNINSTALL_RESOURCES"
+cp "$DEPLOY_DATA_DIR/uninstall_conclusion.html" "$UNINSTALL_RESOURCES"
+productbuild \
+ --distribution "$DEPLOY_DATA_DIR/distribution_uninstall.xml" \
+ --package-path "$PKG_DIR" \
+ --resources "$UNINSTALL_RESOURCES" \
+ "$UNINSTALL_PKG"
+
+cp "$PROJECT_DIR/deploy/data/macos/distribution.xml" "$PKG_DIR/distribution.xml"
+
+echo "Creating final installer $FINAL_PKG ..."
+productbuild --distribution "$PKG_DIR/distribution.xml" --package-path "$PKG_DIR" --resources "$RESOURCES_DIR" "$FINAL_PKG"
if [ "${MAC_CERT_PW+x}" ]; then
- echo "Signing installer bundle..."
+ echo "Signing installer package..."
security unlock-keychain -p $TEMP_PASS $KEYCHAIN
- /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" $INSTALLER_BUNDLE_DIR
- /usr/bin/codesign --verify -vvvv $INSTALLER_BUNDLE_DIR || true
+ /usr/bin/codesign --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" "$FINAL_PKG"
+ /usr/bin/codesign --verify -vvvv "$FINAL_PKG" || true
if [ "${NOTARIZE_APP+x}" ]; then
- echo "Notarizing installer bundle..."
- /usr/bin/ditto -c -k --keepParent $INSTALLER_BUNDLE_DIR $PROJECT_DIR/Installer_bundle_to_notarize.zip
- xcrun notarytool submit $PROJECT_DIR/Installer_bundle_to_notarize.zip --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD
- rm $PROJECT_DIR/Installer_bundle_to_notarize.zip
+ echo "Notarizing installer package..."
+ xcrun notarytool submit "$FINAL_PKG" --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD
sleep 300
- xcrun stapler staple $INSTALLER_BUNDLE_DIR
- xcrun stapler validate $INSTALLER_BUNDLE_DIR
- spctl -a -vvvv $INSTALLER_BUNDLE_DIR || true
+ xcrun stapler staple "$FINAL_PKG"
+ xcrun stapler validate "$FINAL_PKG"
+ spctl -a -vvvv "$FINAL_PKG" || true
fi
fi
-echo "Building DMG installer..."
-# Allow Terminal to make changes in Privacy & Security > App Management
-hdiutil create -size 256mb -volname AmneziaVPN -srcfolder $BUILD_DIR/installer/$APP_NAME.app -ov -format UDZO $DMG_FILENAME
-
-if [ "${MAC_CERT_PW+x}" ]; then
- echo "Signing DMG installer..."
- security unlock-keychain -p $TEMP_PASS $KEYCHAIN
- /usr/bin/codesign --deep --force --verbose --timestamp -o runtime --sign "$MAC_SIGNER_ID" $DMG_FILENAME
- /usr/bin/codesign --verify -vvvv $DMG_FILENAME || true
-
- if [ "${NOTARIZE_APP+x}" ]; then
- echo "Notarizing DMG installer..."
- xcrun notarytool submit $DMG_FILENAME --apple-id $APPLE_DEV_EMAIL --team-id $MAC_TEAM_ID --password $APPLE_DEV_PASSWORD
- sleep 300
- xcrun stapler staple $DMG_FILENAME
- xcrun stapler validate $DMG_FILENAME
- fi
-fi
-
-echo "Finished, artifact is $DMG_FILENAME"
+echo "Finished, artifact is $FINAL_PKG"
# restore keychain
security default-keychain -s login.keychain
diff --git a/deploy/data/macos/check_install.sh b/deploy/data/macos/check_install.sh
new file mode 100755
index 00000000..adf63550
--- /dev/null
+++ b/deploy/data/macos/check_install.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+if [ -d "/Applications/AmneziaVPN.app" ] || pgrep -x "AmneziaVPN-service" >/dev/null; then
+ exit 1
+fi
+exit 0
diff --git a/deploy/data/macos/check_uninstall.sh b/deploy/data/macos/check_uninstall.sh
new file mode 100755
index 00000000..e7a6f7e0
--- /dev/null
+++ b/deploy/data/macos/check_uninstall.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+if [ -d "/Applications/AmneziaVPN.app" ] || pgrep -x "AmneziaVPN-service" >/dev/null; then
+ exit 0
+fi
+exit 1
diff --git a/deploy/data/macos/distribution.xml b/deploy/data/macos/distribution.xml
new file mode 100644
index 00000000..c0a1dc68
--- /dev/null
+++ b/deploy/data/macos/distribution.xml
@@ -0,0 +1,17 @@
+
+
+ AmneziaVPN Installer
+
+
+
+
+
+
+
+
+
+
+
+ AmneziaVPN_install.pkg
+ AmneziaVPN_uninstall_component.pkg
+
diff --git a/deploy/data/macos/distribution_uninstall.xml b/deploy/data/macos/distribution_uninstall.xml
new file mode 100644
index 00000000..cf8932b9
--- /dev/null
+++ b/deploy/data/macos/distribution_uninstall.xml
@@ -0,0 +1,13 @@
+
+ Uninstall AmneziaVPN
+
+
+
+
+
+
+
+
+
+ AmneziaVPN_uninstall_component.pkg
+
diff --git a/deploy/data/macos/post_install.sh b/deploy/data/macos/post_install.sh
index acd3f93f..895c7292 100755
--- a/deploy/data/macos/post_install.sh
+++ b/deploy/data/macos/post_install.sh
@@ -8,15 +8,13 @@ LOG_FILE="$LOG_FOLDER/post-install.log"
APP_PATH=/Applications/$APP_NAME.app
if launchctl list "$APP_NAME-service" &> /dev/null; then
- launchctl unload $LAUNCH_DAEMONS_PLIST_NAME
- rm -f $LAUNCH_DAEMONS_PLIST_NAME
+ launchctl unload "$LAUNCH_DAEMONS_PLIST_NAME"
+ rm -f "$LAUNCH_DAEMONS_PLIST_NAME"
fi
-tar xzf $APP_PATH/$APP_NAME.tar.gz -C $APP_PATH
-rm -f $APP_PATH/$APP_NAME.tar.gz
-sudo chmod -R a-w $APP_PATH/
-sudo chown -R root $APP_PATH/
-sudo chgrp -R wheel $APP_PATH/
+sudo chmod -R a-w "$APP_PATH/"
+sudo chown -R root "$APP_PATH/"
+sudo chgrp -R wheel "$APP_PATH/"
rm -rf $LOG_FOLDER
mkdir -p $LOG_FOLDER
@@ -25,11 +23,9 @@ echo "`date` Script started" > $LOG_FILE
killall -9 $APP_NAME-service 2>> $LOG_FILE
-mv -f $APP_PATH/$PLIST_NAME $LAUNCH_DAEMONS_PLIST_NAME 2>> $LOG_FILE
-chown root:wheel $LAUNCH_DAEMONS_PLIST_NAME
-launchctl load $LAUNCH_DAEMONS_PLIST_NAME
+mv -f "$APP_PATH/$PLIST_NAME" "$LAUNCH_DAEMONS_PLIST_NAME" 2>> $LOG_FILE
+chown root:wheel "$LAUNCH_DAEMONS_PLIST_NAME"
+launchctl load "$LAUNCH_DAEMONS_PLIST_NAME"
echo "`date` Service status: $?" >> $LOG_FILE
echo "`date` Script finished" >> $LOG_FILE
-
-#rm -- "$0"
diff --git a/deploy/data/macos/uninstall_conclusion.html b/deploy/data/macos/uninstall_conclusion.html
new file mode 100644
index 00000000..f5b8bb63
--- /dev/null
+++ b/deploy/data/macos/uninstall_conclusion.html
@@ -0,0 +1,7 @@
+
+Uninstall Complete
+
+AmneziaVPN has been uninstalled
+Thank you for using AmneziaVPN. The application and its components have been removed.
+
+
\ No newline at end of file
diff --git a/deploy/data/macos/uninstall_welcome.html b/deploy/data/macos/uninstall_welcome.html
new file mode 100644
index 00000000..9f3d97cb
--- /dev/null
+++ b/deploy/data/macos/uninstall_welcome.html
@@ -0,0 +1,7 @@
+
+Uninstall AmneziaVPN
+
+Uninstall AmneziaVPN
+This process will remove AmneziaVPN from your system. Click Continue to proceed.
+
+
\ No newline at end of file
diff --git a/deploy/installer/config.cmake b/deploy/installer/config.cmake
index 13f09986..3c33a33c 100644
--- a/deploy/installer/config.cmake
+++ b/deploy/installer/config.cmake
@@ -4,11 +4,6 @@ if(WIN32)
${CMAKE_CURRENT_LIST_DIR}/config/windows.xml.in
${CMAKE_BINARY_DIR}/installer/config/windows.xml
)
-elseif(APPLE AND NOT IOS)
- configure_file(
- ${CMAKE_CURRENT_LIST_DIR}/config/macos.xml.in
- ${CMAKE_BINARY_DIR}/installer/config/macos.xml
- )
elseif(LINUX)
set(ApplicationsDir "@ApplicationsDir@")
configure_file(
diff --git a/deploy/installer/config/macos.xml.in b/deploy/installer/config/macos.xml.in
deleted file mode 100644
index 3888d08d..00000000
--- a/deploy/installer/config/macos.xml.in
+++ /dev/null
@@ -1,27 +0,0 @@
-
-
- AmneziaVPN
- @CMAKE_PROJECT_VERSION@
- AmneziaVPN
- AmneziaVPN
- AmneziaVPN
- /Applications/AmneziaVPN.app
- 600
- 380
- Mac
- true
- true
- false
- controlscript.js
- false
- true
- false
- true
-
-
- https://amneziavpn.org/updates/macos
- true
- AmneziaVPN - repository for macOS
-
-
-