You really should do this on the raspberry pi itself vs. over the network. An unscrupulous person (if not you, someone could grab the domain or do MitM since you're not using https in the command) could save the password along with the requesting IP and potentially do some harm to someone installing the package (either by directly accessing the pi or by abusing people who use the same password all over the place (... it happens....)
In your installer (https://raw.githubusercontent.com/albedozero/fluidpatcher/master/assets/squishbox-install.bash), where you tell people to -
curl -L git.io/squishbox | bash
The script does:
You really should do this on the raspberry pi itself vs. over the network. An unscrupulous person (if not you, someone could grab the domain or do MitM since you're not using
https
in the command) could save the password along with the requesting IP and potentially do some harm to someone installing the package (either by directly accessing the pi or by abusing people who use the same password all over the place (... it happens....)E.g. It'd be easy to do something like (or w/e) -