#!/usr/bin/env bash # DECNET bootstrap installer for agent {{ agent_name }} -> master {{ master_host }}. # Fetches the code+certs payload, installs, and starts the agent daemon. # Generated by the master at {{ generated_at }}. Expires {{ expires_at }}. set -euo pipefail [[ $EUID -eq 0 ]] || { echo "decnet-install: must run as root (use sudo)"; exit 1; } for bin in python3 curl tar; do command -v "$bin" >/dev/null || { echo "decnet-install: $bin required"; exit 1; } done WORK="$(mktemp -d)" trap 'rm -rf "$WORK"' EXIT echo "[DECNET] fetching payload..." curl -fsSL "{{ tarball_url }}" | tar -xz -C "$WORK" INSTALL_DIR=/opt/decnet mkdir -p "$INSTALL_DIR" cp -a "$WORK/." "$INSTALL_DIR/" cd "$INSTALL_DIR" echo "[DECNET] building venv..." python3 -m venv .venv .venv/bin/pip install -q --upgrade pip .venv/bin/pip install -q -e . install -Dm0644 etc/decnet/decnet.ini /etc/decnet/decnet.ini [[ -f services.ini ]] && install -Dm0644 services.ini /etc/decnet/services.ini # Log directory the baked-in INI points at — must exist before `decnet` imports config. install -d -m0755 /var/log/decnet REAL_USER="${SUDO_USER:-root}" REAL_HOME="$(getent passwd "$REAL_USER" | cut -d: -f6)" for f in ca.crt worker.crt worker.key; do install -Dm0600 -o "$REAL_USER" -g "$REAL_USER" \ "home/.decnet/agent/$f" "$REAL_HOME/.decnet/agent/$f" done WITH_UPDATER="{{ with_updater }}" if [[ "$WITH_UPDATER" == "true" && -d home/.decnet/updater ]]; then for f in ca.crt updater.crt updater.key; do install -Dm0600 -o "$REAL_USER" -g "$REAL_USER" \ "home/.decnet/updater/$f" "$REAL_HOME/.decnet/updater/$f" done fi # Guarantee the pip-installed entrypoint is executable (some setuptools+editable # combos drop it with mode 0644) and expose it on PATH. chmod 0755 "$INSTALL_DIR/.venv/bin/decnet" ln -sf "$INSTALL_DIR/.venv/bin/decnet" /usr/local/bin/decnet sudo -u "$REAL_USER" /usr/local/bin/decnet agent --daemon if [[ "$WITH_UPDATER" == "true" ]]; then sudo -u "$REAL_USER" /usr/local/bin/decnet updater --daemon fi echo "[DECNET] agent {{ agent_name }} enrolled -> {{ master_host }}. Forwarder auto-spawned."