feat(install): add --license-server-pubkey and --license-server-url flags

These were documented but never implemented. Without TRITON_MANAGE_LICENSE_SERVER_PUBKEY
the server refuses to start. Also add both vars to env.template so users
know they exist and what they're for.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

README.md

@@ -28,6 +28,8 @@ curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/
 
 | Flag | Description |
 |------|-------------|
+| `--license-server-pubkey HEX` | Vendor's Ed25519 public key (64 hex chars). Required to start. |
+| `--license-server-url URL` | Vendor's License Server URL. |
 | `--gateway-hostname HOST` | Agent mTLS hostname (defaults to current FQDN). |
 | `--manage-host-ip IP` | Host LAN IP for "+ This machine" auto-registration. |
 | `--port PORT` | Host port for the web UI (default: `8082`). |

manage-server/env.template

@@ -54,5 +54,13 @@ TLS_CERT_HOST_DIR=/etc/triton/tls
 # ─── Sessions ────────────────────────────────────────────────────────────
 TRITON_MANAGE_SESSION_TTL=24h
 
+# ─── License server ──────────────────────────────────────────────────────
+# Vendor's Ed25519 public key (64 hex chars). Required — get this from
+# your Triton vendor. The manage server refuses to start without it.
+TRITON_MANAGE_LICENSE_SERVER_PUBKEY=
+
+# Vendor's License Server URL. Required for activation and heartbeat.
+TRITON_LICENSE_SERVER_URL=
+
 # ─── Image ───────────────────────────────────────────────────────────────
 TRITON_MANAGE_IMAGE=ghcr.io/primatekuntech/triton-manage-server:latest

manage-server/install.sh

@@ -8,6 +8,8 @@
 #   sudo bash install.sh
 #
 # Flags (all optional):
+#   --license-server-pubkey HEX     Vendor's Ed25519 public key (64 hex chars). Required to start.
+#   --license-server-url URL        Vendor's License Server URL.
 #   --gateway-hostname HOST         Agent mTLS hostname (defaults to current FQDN).
 #   --manage-host-ip IP             Host LAN IP — used for "+ This machine".
 #   --port PORT                     Host port for the web UI (default: 8082).
@@ -22,6 +24,8 @@ info() { printf '[manage-server] %s\n' "$*"; }
 die()  { printf '[manage-server] error: %s\n' "$*" >&2; exit 1; }
 
 # ── arg parsing ──────────────────────────────────────────────────────────
+LICENSE_PUBKEY=""
+LICENSE_SERVER_URL=""
 GATEWAY_HOST=""
 HOST_IP=""
 PORT=""
@@ -29,6 +33,8 @@ IMAGE=""
 NO_TLS=0
 while [[ $# -gt 0 ]]; do
     case "$1" in
+        --license-server-pubkey) LICENSE_PUBKEY="$2";     shift 2 ;;
+        --license-server-url)    LICENSE_SERVER_URL="$2"; shift 2 ;;
         --gateway-hostname)      GATEWAY_HOST="$2";       shift 2 ;;
         --manage-host-ip)        HOST_IP="$2";            shift 2 ;;
         --port)                  PORT="$2";               shift 2 ;;
@@ -76,6 +82,8 @@ if [[ ! -f "$ENV_FILE" ]]; then
         "$ENV_FILE"
     info "vault key generated (PostgreSQL AES-256-GCM)"
 
+    [[ -n "$LICENSE_PUBKEY"     ]] && sed -i "s|^TRITON_MANAGE_LICENSE_SERVER_PUBKEY=.*|TRITON_MANAGE_LICENSE_SERVER_PUBKEY=$LICENSE_PUBKEY|" "$ENV_FILE"
+    [[ -n "$LICENSE_SERVER_URL" ]] && sed -i "s|^TRITON_LICENSE_SERVER_URL=.*|TRITON_LICENSE_SERVER_URL=$LICENSE_SERVER_URL|"                 "$ENV_FILE"
     [[ -n "$GATEWAY_HOST"       ]] && sed -i "s|^TRITON_MANAGE_GATEWAY_HOSTNAME=.*|TRITON_MANAGE_GATEWAY_HOSTNAME=$GATEWAY_HOST|"             "$ENV_FILE"
     [[ -n "$HOST_IP"            ]] && sed -i "s|^TRITON_MANAGE_HOST_IP=.*|TRITON_MANAGE_HOST_IP=$HOST_IP|"                                   "$ENV_FILE"
     [[ -n "$PORT"               ]] && sed -i "s|^TRITON_MANAGE_HOST_PORT=.*|TRITON_MANAGE_HOST_PORT=$PORT|"                                  "$ENV_FILE"