bad2a6f130
install.sh now computes and displays the SHA-3-256 hash of /etc/machine-id at the end of every run so the customer can share it with the vendor when requesting an offline .lic bound to this host. The hash is stable — it never changes after OS installation, so re-running install.sh or restarting the container will always show the same value. compose.yaml now mounts /etc/machine-id:ro into the manage-server container so ReadMachineID() can verify the offline .lic binding at startup. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com> |
||
|---|---|---|
| manage-server | ||
| get.sh | ||
| README.md | ||
Triton Manage Server Installer
Production installer for the Triton Manage Server. Container-based (Docker or Podman), idempotent — safe to re-run.
Install
Your vendor provides a licence bundle — a single file:
license.lic # signed offline licence token
The vendor's public key is baked into the image at build time — nothing else to configure.
Point the installer at the bundle:
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --license-file /path/to/triton-bundle/license.lic
Setup wizard
After install, open http://localhost:8082 and complete the wizard:
- Set your manage server name
- Create the admin account
Optional flags
Pass flags after --:
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --license-file /path/to/license.lic [flags]
| Flag | Description |
|---|---|
--license-file PATH |
Path to license.lic from your vendor bundle. Required. |
--license-server-url URL |
License Server URL for ongoing heartbeats (optional, omit for air-gap). |
--gateway-hostname HOST |
Agent mTLS hostname (defaults to current FQDN). |
--manage-host-ip IP |
Host LAN IP for "+ This machine" auto-registration. |
--port PORT |
Host port for the web UI (default: 8082). |
--image TAG |
Pin a specific image tag (e.g. 1.0.0-rc.2). |
--no-tls |
Skip TLS sanity check (dev only). |
Upgrade
Pull the latest image and restart (keeps all data, runs DB migrations automatically):
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --upgrade
Pin a specific version:
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --upgrade --image ghcr.io/primatekuntech/triton-manage-server:1.2.0
Uninstall
Stop containers and remove them, but keep all data (PostgreSQL volume, credentials vault):
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --uninstall
Also delete all data (irreversible):
curl -fsSL https://raw.githubusercontent.com/primatekuntech/triton-install/main/get.sh | sudo bash -s -- --uninstall --purge-data
Host-bound licences (optional)
Your vendor can issue an offline .lic file that is cryptographically bound to a specific host
so it cannot be installed on any other machine.
To get a host-bound licence:
- Run
install.shon the target server — the output prints a Machine ID line:[manage-server] Machine ID (SHA-3-256): <64-hex-chars> - Share that value with your vendor when requesting the
.licfile. - The vendor enters it in the License Portal when generating the offline token.
- Install as usual — the Manage Server verifies the binding at every startup.
For air-gapped deployments without host binding the .lic file is portable but anyone who
obtains the file can run a second instance. Host binding removes that risk.
Requirements
- Linux (amd64 or arm64) or macOS
- Docker or Podman with Compose (auto-installed if missing)
- Port 443 open (HTTPS)