chore: sync installers from triton v1.0.0-rc.3
This commit is contained in:
github-actions[bot]
parent
5cb8ce2f63
commit
846cfc3973
2 changed files with 22 additions and 52 deletions
|
|
@ -4,12 +4,8 @@
|
|||
# Idempotent. Generates secrets on first run, reuses .env afterwards.
|
||||
# Container-based via Podman or Docker (auto-detected).
|
||||
#
|
||||
# Supported: Linux (amd64/arm64), macOS (Intel/Apple Silicon).
|
||||
# For Windows use install.ps1 instead.
|
||||
#
|
||||
# Usage:
|
||||
# Linux: sudo bash install.sh
|
||||
# macOS: bash install.sh
|
||||
# sudo bash install.sh
|
||||
#
|
||||
# Flags (all optional):
|
||||
# --gateway-hostname HOST Agent mTLS hostname (defaults to current FQDN).
|
||||
|
|
@ -24,14 +20,6 @@ cd "$SCRIPT_DIR"
|
|||
info() { printf '[manage-server] %s\n' "$*"; }
|
||||
die() { printf '[manage-server] error: %s\n' "$*" >&2; exit 1; }
|
||||
|
||||
# Portable in-place sed: BSD sed (macOS) requires an explicit empty backup suffix.
|
||||
OS=$(uname -s)
|
||||
if [[ "$OS" == "Darwin" ]]; then
|
||||
sed_inplace() { sed -i '' "$@"; }
|
||||
else
|
||||
sed_inplace() { sed -i "$@"; }
|
||||
fi
|
||||
|
||||
# ── arg parsing ──────────────────────────────────────────────────────────
|
||||
GATEWAY_HOST=""
|
||||
HOST_IP=""
|
||||
|
|
@ -48,17 +36,7 @@ while [[ $# -gt 0 ]]; do
|
|||
esac
|
||||
done
|
||||
|
||||
# Docker/Podman Desktop on macOS runs rootless; only Linux needs root.
|
||||
[[ "$OS" != "Linux" || $EUID -eq 0 ]] || die "must run as root (on Linux use: sudo bash install.sh)"
|
||||
|
||||
# ── architecture detection ───────────────────────────────────────────────
|
||||
case "$(uname -m)" in
|
||||
x86_64) ARCH=amd64 ;;
|
||||
aarch64|arm64) ARCH=arm64 ;; # aarch64 = Linux, arm64 = macOS Apple Silicon
|
||||
*) die "unsupported architecture: $(uname -m) (supported: x86_64, aarch64, arm64)" ;;
|
||||
esac
|
||||
OS_LABEL=$(echo "$OS" | tr '[:upper:]' '[:lower:]')
|
||||
info "architecture: ${OS_LABEL}/$ARCH"
|
||||
[[ $EUID -eq 0 ]] || die "must run as root"
|
||||
|
||||
# ── runtime detection ────────────────────────────────────────────────────
|
||||
if command -v podman-compose >/dev/null 2>&1; then
|
||||
|
|
@ -71,7 +49,7 @@ elif docker compose version >/dev/null 2>&1; then
|
|||
COMPOSE=(docker compose)
|
||||
RUNTIME=docker
|
||||
else
|
||||
die "no compose runtime found. Install Docker Desktop or podman-compose."
|
||||
die "no compose runtime found. Install podman-compose or docker compose."
|
||||
fi
|
||||
info "using runtime: $RUNTIME"
|
||||
|
||||
|
|
@ -87,7 +65,7 @@ if [[ ! -f "$ENV_FILE" ]]; then
|
|||
WORKER_KEY=$(openssl rand -hex 16)
|
||||
VAULT_KEY=$(openssl rand -hex 32)
|
||||
|
||||
sed_inplace \
|
||||
sed -i \
|
||||
-e "s|^POSTGRES_PASSWORD=.*|POSTGRES_PASSWORD=$PG_PASS|" \
|
||||
-e "s|^TRITON_MANAGE_JWT_SIGNING_KEY=.*|TRITON_MANAGE_JWT_SIGNING_KEY=$JWT_KEY|" \
|
||||
-e "s|^TRITON_MANAGE_WORKER_KEY=.*|TRITON_MANAGE_WORKER_KEY=$WORKER_KEY|" \
|
||||
|
|
@ -95,10 +73,9 @@ if [[ ! -f "$ENV_FILE" ]]; then
|
|||
"$ENV_FILE"
|
||||
info "vault key generated (PostgreSQL AES-256-GCM)"
|
||||
|
||||
[[ -n "$GATEWAY_HOST" ]] && sed_inplace "s|^TRITON_MANAGE_GATEWAY_HOSTNAME=.*|TRITON_MANAGE_GATEWAY_HOSTNAME=$GATEWAY_HOST|" "$ENV_FILE"
|
||||
[[ -n "$HOST_IP" ]] && sed_inplace "s|^TRITON_MANAGE_HOST_IP=.*|TRITON_MANAGE_HOST_IP=$HOST_IP|" "$ENV_FILE"
|
||||
# IMAGE has no placeholder line in env.template — append it directly.
|
||||
[[ -n "$IMAGE" ]] && printf '\nTRITON_MANAGE_IMAGE=%s\n' "$IMAGE" >> "$ENV_FILE"
|
||||
[[ -n "$GATEWAY_HOST" ]] && sed -i "s|^TRITON_MANAGE_GATEWAY_HOSTNAME=.*|TRITON_MANAGE_GATEWAY_HOSTNAME=$GATEWAY_HOST|" "$ENV_FILE"
|
||||
[[ -n "$HOST_IP" ]] && sed -i "s|^TRITON_MANAGE_HOST_IP=.*|TRITON_MANAGE_HOST_IP=$HOST_IP|" "$ENV_FILE"
|
||||
[[ -n "$IMAGE" ]] && sed -i "s|^TRITON_MANAGE_IMAGE=.*|TRITON_MANAGE_IMAGE=$IMAGE|" "$ENV_FILE"
|
||||
|
||||
info ".env created at $ENV_FILE"
|
||||
info " back this up — it contains the JWT signing key, worker key, and vault key"
|
||||
|
|
|
|||
|
|
@ -1,17 +1,12 @@
|
|||
#!/usr/bin/env bash
|
||||
# uninstall.sh — stop and remove Manage Server containers.
|
||||
#
|
||||
# By default, KEEPS the PostgreSQL volume (scan history, hosts, users)
|
||||
# and the installer directory (preserves .env secrets for reinstall).
|
||||
# Pass --purge-data to delete volumes + installer directory — irreversible.
|
||||
#
|
||||
# Supported: Linux (amd64/arm64), macOS (Intel/Apple Silicon).
|
||||
# For Windows use uninstall.ps1 instead.
|
||||
# By default, KEEPS the PostgreSQL volume (scan history, hosts, users).
|
||||
# Pass --purge-data to delete the volumes as well — irreversible.
|
||||
#
|
||||
# Usage:
|
||||
# Linux: sudo bash uninstall.sh # stop + remove containers, keep DB + .env
|
||||
# Linux: sudo bash uninstall.sh --purge-data # also delete DB, volumes, and installer dir
|
||||
# macOS: bash uninstall.sh [--purge-data]
|
||||
# sudo bash uninstall.sh # stop + remove containers, keep DB
|
||||
# sudo bash uninstall.sh --purge-data # also delete DB + binaries volume
|
||||
set -euo pipefail
|
||||
|
||||
SCRIPT_DIR="$(cd -- "$(dirname -- "${BASH_SOURCE[0]}")" &>/dev/null && pwd)"
|
||||
|
|
@ -20,10 +15,7 @@ cd "$SCRIPT_DIR"
|
|||
info() { printf '[manage-server] %s\n' "$*"; }
|
||||
die() { printf '[manage-server] error: %s\n' "$*" >&2; exit 1; }
|
||||
|
||||
OS=$(uname -s)
|
||||
|
||||
# Docker/Podman Desktop on macOS runs rootless; only Linux needs root.
|
||||
[[ "$OS" != "Linux" || $EUID -eq 0 ]] || die "must run as root (on Linux use: sudo bash uninstall.sh)"
|
||||
[[ $EUID -eq 0 ]] || die "must run as root"
|
||||
|
||||
PURGE=0
|
||||
while [[ $# -gt 0 ]]; do
|
||||
|
|
@ -34,9 +26,9 @@ while [[ $# -gt 0 ]]; do
|
|||
esac
|
||||
done
|
||||
|
||||
if command -v podman-compose >/dev/null 2>&1; then COMPOSE=(podman-compose); RUNTIME=podman
|
||||
elif podman compose version >/dev/null 2>&1; then COMPOSE=(podman compose); RUNTIME=podman
|
||||
elif docker compose version >/dev/null 2>&1; then COMPOSE=(docker compose); RUNTIME=docker
|
||||
if command -v podman-compose >/dev/null 2>&1; then COMPOSE=(podman-compose)
|
||||
elif podman compose version >/dev/null 2>&1; then COMPOSE=(podman compose)
|
||||
elif docker compose version >/dev/null 2>&1; then COMPOSE=(docker compose)
|
||||
else die "no compose runtime found"; fi
|
||||
|
||||
if [[ -f .env ]]; then
|
||||
|
|
@ -44,22 +36,23 @@ if [[ -f .env ]]; then
|
|||
"${COMPOSE[@]}" --env-file .env down
|
||||
else
|
||||
info ".env not found, attempting raw container cleanup..."
|
||||
"$RUNTIME" rm -f triton-manageserver triton-manage-db 2>/dev/null || true
|
||||
podman rm -f triton-manageserver triton-manage-db 2>/dev/null || true
|
||||
fi
|
||||
|
||||
if [[ $PURGE -eq 1 ]]; then
|
||||
info "DESTRUCTIVE: removing manage server volumes..."
|
||||
info " this deletes: scan history, hosts, users, worker binaries"
|
||||
read -r -p " Are you sure? Type 'yes' to confirm: " CONFIRM
|
||||
[[ "$CONFIRM" == "yes" ]] || die "aborted"
|
||||
for vol in triton-manage-db-data triton-manage-bins; do
|
||||
"$RUNTIME" volume rm -f "$vol" 2>/dev/null || true
|
||||
podman volume rm -f "$vol" 2>/dev/null \
|
||||
|| docker volume rm -f "$vol" 2>/dev/null \
|
||||
|| true
|
||||
done
|
||||
info " volumes removed"
|
||||
info " removing installer directory $SCRIPT_DIR..."
|
||||
rm -rf "$SCRIPT_DIR"
|
||||
info " installer directory removed"
|
||||
info " .env still on disk at $SCRIPT_DIR/.env — delete manually if desired"
|
||||
else
|
||||
info "DB + bins volumes retained (run with --purge-data to delete)"
|
||||
info ".env preserved at $SCRIPT_DIR/.env — secrets reused on reinstall"
|
||||
fi
|
||||
|
||||
info "uninstall complete"
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue