junso-browser 0.2.12 → 0.3.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "junso-browser",
-  "version": "0.2.12",
+  "version": "0.3.0",
   "description": "Standalone CloakBrowser host — runs fingerprinted stealth-Chromium per profile, exposes each over a token-authed CDP gateway + interactive viewport, and ships an optional MCP server so any client gets browser tools with no local browser.",
   "type": "module",
   "bin": {
@@ -10,6 +10,7 @@
   "files": [
     "bin",
     "dist",
+    "scripts",
     "README.md"
   ],
   "engines": {

package/scripts/install.sh

@@ -0,0 +1,216 @@
+#!/usr/bin/env bash
+# junso-browser installer — one command installs everything the host needs.
+#
+#   curl -fsSL https://raw.githubusercontent.com/<you>/junso-browser/master/scripts/install.sh | bash
+#   # or, from a clone:  bash scripts/install.sh [flags]
+#
+# Automates DEPLOY.md: Bun → Chromium system libs → the package (both bins) →
+# cloak browser prefetch → token → (optional) systemd service. Idempotent: re-running
+# upgrades/repairs in place. Linux (apt/dnf/yum/pacman/zypper/apk) + macOS.
+#
+# Flags / env (flags win):
+#   --version <v>        package version to install (default: latest)         JB_VERSION
+#   --token <t>          host token (default: generated)                      JUNSO_BROWSER_TOKEN
+#   --host <h>           bind host (default: 127.0.0.1)                        JUNSO_BROWSER_HOST
+#   --port <p>           bind port (default: 8790)                            JUNSO_BROWSER_PORT
+#   --public-url <u>     CDP URL handed to clients, e.g. ws://IP:8790         JUNSO_BROWSER_PUBLIC_URL
+#   --twocaptcha <k>     2captcha key (enables browser_solve_captcha)         TWOCAPTCHA_KEY
+#   --systemd            install + enable a systemd service (needs root/sudo) JB_SYSTEMD=1
+#   --service-user <u>   user the service runs as (default: current/root)     JB_SERVICE_USER
+#   --local              install from the current checkout instead of npm     JB_LOCAL=1
+#   --no-cloak           skip the ~200MB cloak browser prefetch               JB_NO_CLOAK=1
+#   --no-libs            skip apt/dnf Chromium system libs                     JB_NO_LIBS=1
+set -euo pipefail
+
+# ---- defaults / arg parse ------------------------------------------------
+VERSION="${JB_VERSION:-latest}"
+TOKEN="${JUNSO_BROWSER_TOKEN:-}"
+HOST="${JUNSO_BROWSER_HOST:-127.0.0.1}"
+PORT="${JUNSO_BROWSER_PORT:-8790}"
+PUBLIC_URL="${JUNSO_BROWSER_PUBLIC_URL:-}"
+TWOCAPTCHA="${TWOCAPTCHA_KEY:-}"
+DO_SYSTEMD="${JB_SYSTEMD:-0}"
+SERVICE_USER="${JB_SERVICE_USER:-}"
+LOCAL="${JB_LOCAL:-0}"
+NO_CLOAK="${JB_NO_CLOAK:-0}"
+NO_LIBS="${JB_NO_LIBS:-0}"
+NO_INSTALL="${JB_NO_INSTALL:-0}"
+
+while [ $# -gt 0 ]; do
+  case "$1" in
+    --version) VERSION="$2"; shift 2;;
+    --token) TOKEN="$2"; shift 2;;
+    --host) HOST="$2"; shift 2;;
+    --port) PORT="$2"; shift 2;;
+    --public-url) PUBLIC_URL="$2"; shift 2;;
+    --twocaptcha) TWOCAPTCHA="$2"; shift 2;;
+    --systemd) DO_SYSTEMD=1; shift;;
+    --service-user) SERVICE_USER="$2"; shift 2;;
+    --local) LOCAL=1; shift;;
+    --no-install) NO_INSTALL=1; shift;;
+    --no-cloak) NO_CLOAK=1; shift;;
+    --no-libs) NO_LIBS=1; shift;;
+    -h|--help) sed -n '2,30p' "$0"; exit 0;;
+    *) echo "unknown flag: $1" >&2; exit 1;;
+  esac
+done
+
+say() { printf '\033[1;36m[junso-browser]\033[0m %s\n' "$*"; }
+warn() { printf '\033[1;33m[junso-browser]\033[0m %s\n' "$*" >&2; }
+die() { printf '\033[1;31m[junso-browser]\033[0m %s\n' "$*" >&2; exit 1; }
+
+SUDO=""
+if [ "$(id -u)" -ne 0 ]; then
+  if command -v sudo >/dev/null 2>&1; then SUDO="sudo"; fi
+fi
+OS="$(uname -s)"
+
+# ---- 1. Bun --------------------------------------------------------------
+if ! command -v bun >/dev/null 2>&1; then
+  say "installing Bun…"
+  curl -fsSL https://bun.sh/install | bash >/dev/null
+fi
+export BUN_INSTALL="${BUN_INSTALL:-$HOME/.bun}"
+export PATH="$BUN_INSTALL/bin:$PATH"
+command -v bun >/dev/null 2>&1 || die "Bun install failed — see https://bun.sh"
+say "Bun $(bun --version)"
+
+# ---- 2. Chromium system libs (Linux) -------------------------------------
+install_libs() {
+  [ "$NO_LIBS" = "1" ] && { say "skipping system libs (--no-libs)"; return; }
+  [ "$OS" != "Linux" ] && return
+  if command -v apt-get >/dev/null 2>&1; then
+    say "installing Chromium libs (apt)…"
+    $SUDO apt-get update -qq
+    $SUDO apt-get install -y -qq \
+      libnss3 libatk1.0-0 libatk-bridge2.0-0 libcups2 libdrm2 libgbm1 \
+      libxkbcommon0 libxcomposite1 libxdamage1 libxfixes3 libxrandr2 \
+      libgtk-3-0 libasound2 libpangocairo-1.0-0 libxss1 fonts-liberation ca-certificates >/dev/null
+  elif command -v dnf >/dev/null 2>&1; then
+    say "installing Chromium libs (dnf)…"
+    $SUDO dnf install -y -q nss atk at-spi2-atk cups-libs libdrm mesa-libgbm \
+      libxkbcommon libXcomposite libXdamage libXfixes libXrandr gtk3 alsa-lib \
+      pango libXScrnSaver liberation-fonts ca-certificates >/dev/null
+  elif command -v pacman >/dev/null 2>&1; then
+    say "installing Chromium libs (pacman)…"
+    $SUDO pacman -Sy --noconfirm --needed nss atk at-spi2-atk cups libdrm mesa \
+      libxkbcommon libxcomposite libxdamage libxfixes libxrandr gtk3 alsa-lib \
+      pango libxss ttf-liberation ca-certificates >/dev/null
+  elif command -v zypper >/dev/null 2>&1; then
+    say "installing Chromium libs (zypper)…"
+    $SUDO zypper -q install -y mozilla-nss libatk-1_0-0 libcups2 libdrm2 libgbm1 \
+      libxkbcommon0 libXcomposite1 libXdamage1 libXfixes3 libXrandr2 gtk3-tools \
+      libasound2 libpango-1_0-0 libXss1 liberation-fonts ca-certificates >/dev/null || true
+  elif command -v apk >/dev/null 2>&1; then
+    say "installing Chromium libs (apk)…"
+    $SUDO apk add --no-progress nss atk at-spi2-atk cups-libs libdrm mesa-gbm \
+      libxkbcommon libxcomposite libxdamage libxfixes libxrandr gtk+3.0 alsa-lib \
+      pango libxscrnsaver ttf-liberation ca-certificates >/dev/null
+  else
+    warn "no known package manager — install Chromium libs manually (see docs/DEPLOY.md)"
+  fi
+}
+install_libs
+
+# ---- 3. The package (both bins) ------------------------------------------
+if [ "$NO_INSTALL" = "1" ]; then
+  say "skipping package install (--no-install; configuring the existing install)"
+elif [ "$LOCAL" = "1" ]; then
+  SRC_DIR="$(cd "$(dirname "$0")/.." && pwd)"
+  say "installing from local checkout: $SRC_DIR"
+  ( cd "$SRC_DIR" && bun install >/dev/null && bun run build >/dev/null )
+  bun add -g "$SRC_DIR" >/dev/null
+else
+  say "installing junso-browser@$VERSION (global)…"
+  bun add -g "junso-browser@$VERSION" >/dev/null
+fi
+HOST_BIN="$BUN_INSTALL/bin/junso-browser"
+[ -x "$HOST_BIN" ] || HOST_BIN="$(command -v junso-browser || true)"
+[ -n "$HOST_BIN" ] || die "junso-browser bin not found after install"
+say "installed: $($HOST_BIN version 2>/dev/null || echo '?') ($HOST_BIN)"
+
+# ---- 4. Cloak browser prefetch -------------------------------------------
+if [ "$NO_CLOAK" = "1" ]; then
+  say "skipping cloak prefetch (--no-cloak; it self-downloads on first launch)"
+else
+  say "prefetching cloak stealth-Chromium (~200MB)…"
+  bunx cloakbrowser install >/dev/null 2>&1 || warn "cloak prefetch failed — it will self-download on first launch"
+fi
+
+# ---- 5. Token ------------------------------------------------------------
+gen_token() {
+  if command -v openssl >/dev/null 2>&1; then openssl rand -hex 24
+  else bun -e 'console.log([...crypto.getRandomValues(new Uint8Array(24))].map(b=>b.toString(16).padStart(2,"0")).join(""))'
+  fi
+}
+if [ -z "$TOKEN" ]; then
+  if [ "$HOST" != "127.0.0.1" ] && [ "$HOST" != "localhost" ]; then
+    TOKEN="$(gen_token)"; say "generated token (public host requires one)"
+  else
+    say "no token (loopback host = open in dev; pass --token to require one)"
+  fi
+fi
+
+# ---- 6. systemd service (optional) ---------------------------------------
+if [ "$DO_SYSTEMD" = "1" ]; then
+  [ "$OS" = "Linux" ] || die "--systemd is Linux-only"
+  command -v systemctl >/dev/null 2>&1 || die "systemd not found"
+  [ -n "$TOKEN" ] || { [ "$HOST" = "127.0.0.1" ] || die "a token is required for a non-loopback systemd service"; }
+  SVC_USER="${SERVICE_USER:-$(id -un)}"
+  SVC_HOME="$(eval echo "~$SVC_USER")"
+  UNIT="/etc/systemd/system/junso-browser.service"
+  say "writing $UNIT (user=$SVC_USER)…"
+  {
+    echo "[Unit]"
+    echo "Description=junso-browser"
+    echo "After=network.target"
+    echo ""
+    echo "[Service]"
+    echo "User=$SVC_USER"
+    echo "Environment=HOME=$SVC_HOME"
+    echo "Environment=JUNSO_BROWSER_HOST=$HOST"
+    echo "Environment=JUNSO_BROWSER_PORT=$PORT"
+    [ -n "$TOKEN" ]      && echo "Environment=JUNSO_BROWSER_TOKEN=$TOKEN"
+    [ -n "$PUBLIC_URL" ] && echo "Environment=JUNSO_BROWSER_PUBLIC_URL=$PUBLIC_URL"
+    # NOTE: TWOCAPTCHA_KEY is intentionally NOT written to the host env — the 2captcha key is
+    # supplied per-connection by the client (x-twocaptcha-key header), so the secret stays with
+    # the connector. The --twocaptcha flag only populates the printed client config below.
+    echo "ExecStart=$BUN_INSTALL/bin/bun $HOST_BIN"
+    echo "Restart=always"
+    echo "RestartSec=2"
+    echo ""
+    echo "[Install]"
+    echo "WantedBy=multi-user.target"
+  } | $SUDO tee "$UNIT" >/dev/null
+  $SUDO systemctl daemon-reload
+  $SUDO systemctl enable --now junso-browser >/dev/null 2>&1 || $SUDO systemctl restart junso-browser
+  sleep 2
+  say "service started — $($SUDO systemctl is-active junso-browser 2>/dev/null || echo '?')"
+fi
+
+# ---- 7. Done — print how to use ------------------------------------------
+echo
+say "✅ install complete"
+HEALTH_HOST="$HOST"; [ "$HOST" = "0.0.0.0" ] && HEALTH_HOST="127.0.0.1"
+if [ "$DO_SYSTEMD" = "1" ]; then
+  echo "  health:  curl -s http://$HEALTH_HOST:$PORT/health"
+else
+  echo "  run it:  JUNSO_BROWSER_HOST=$HOST JUNSO_BROWSER_PORT=$PORT \\"
+  [ -n "$TOKEN" ]      && echo "           JUNSO_BROWSER_TOKEN=$TOKEN \\"
+  [ -n "$PUBLIC_URL" ] && echo "           JUNSO_BROWSER_PUBLIC_URL=$PUBLIC_URL \\"
+  [ -n "$TWOCAPTCHA" ] && echo "           TWOCAPTCHA_KEY=$TWOCAPTCHA \\"
+  echo "           junso-browser"
+fi
+[ -n "$TOKEN" ] && echo "  token:   $TOKEN"
+echo
+echo "  Add to an MCP client as a URL (HTTP MCP, no local install — needs >=0.3.0):"
+MCP_BASE="${PUBLIC_URL:-http://$HEALTH_HOST:$PORT}"
+# present the http(s) form of the public URL for the /mcp endpoint
+MCP_URL="$(printf '%s' "$MCP_BASE" | sed -e 's#^ws://#http://#' -e 's#^wss://#https://#')"
+# the 2captcha key (if any) is supplied BY THE CONNECTOR via the x-twocaptcha-key header — not stored on the host
+HDRS=""
+[ -n "$TOKEN" ]      && HDRS="\"Authorization\": \"Bearer $TOKEN\""
+[ -n "$TWOCAPTCHA" ] && HDRS="$HDRS${HDRS:+, }\"x-twocaptcha-key\": \"$TWOCAPTCHA\""
+echo "    { \"type\": \"http\", \"url\": \"$MCP_URL/mcp\"$([ -n "$HDRS" ] && echo ", \"headers\": { $HDRS }") }"
+echo
+echo "  Or the stdio MCP on the client:  npx -y -p junso-browser junso-browser-mcp"