primatekuntech/triton-install
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: print machine ID hash and mount /etc/machine-id for offline .lic binding

Browse source 
install.sh now computes and displays the SHA-3-256 hash of /etc/machine-id
at the end of every run so the customer can share it with the vendor when
requesting an offline .lic bound to this host. The hash is stable — it
never changes after OS installation, so re-running install.sh or restarting
the container will always show the same value.

compose.yaml now mounts /etc/machine-id:ro into the manage-server container
so ReadMachineID() can verify the offline .lic binding at startup.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Amir Yahaya 2026-05-20 07:29:01 +02:00
parent f869e9c308
commit bad2a6f130
1 changed files with 14 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
manage-server/install.sh
View file

@ -136,11 +136,21 @@ info " 2. Complete the setup wizard"
info " 3. Configure TLS via reverse proxy (see docs)"
info ""
# ── display machine-id for host-bound licence generation ─────────────────────
# ── machine ID ───────────────────────────────────────────────────────────
# Print the SHA-3-256 hash of /etc/machine-id so the customer can share
# it with the vendor when requesting an offline .lic bound to this host.
# The hash is stable: /etc/machine-id never changes after OS installation.
if [[ -f /etc/machine-id ]]; then
RAW_ID="$(cat /etc/machine-id | tr -d '[:space:]')"
MACHINE_ID_HASH="$(echo -n "$RAW_ID" | sha3sum -a 256 2>/dev/null | awk '{print $1}' || \
python3 -c "import hashlib,sys; print(hashlib.sha3_256(sys.stdin.buffer.read()).hexdigest())" <<< "$RAW_ID" 2>/dev/null || echo '')"
MACHINE_ID_RAW=$(cat /etc/machine-id | tr -d '[:space:]')
if command -v python3 >/dev/null 2>&1; then
MACHINE_ID_HASH=$(python3 -c "import hashlib; print(hashlib.sha3_256('${MACHINE_ID_RAW}'.encode()).hexdigest())")
elif command -v sha3sum >/dev/null 2>&1; then
MACHINE_ID_HASH=$(echo -n "$MACHINE_ID_RAW" | sha3sum -a 256 | awk '{print $1}')
elif command -v openssl >/dev/null 2>&1; then
MACHINE_ID_HASH=$(printf '%s' "${MACHINE_ID_RAW}" | openssl dgst -sha3-256 -hex 2>/dev/null | awk '{print $2}')
else
MACHINE_ID_HASH=""
fi
if [[ -n "$MACHINE_ID_HASH" ]]; then
info "── Host Machine ID ──────────────────────────────────────────────────────"
info " Provide this value to your vendor when requesting a host-bound .lic file."