diff options
Diffstat (limited to 'packaging/installer')
-rw-r--r-- | packaging/installer/README.md | 16 | ||||
-rw-r--r-- | packaging/installer/functions.sh | 31 | ||||
-rwxr-xr-x | packaging/installer/kickstart-static64.sh | 14 | ||||
-rwxr-xr-x | packaging/installer/kickstart.sh | 15 | ||||
-rw-r--r-- | packaging/installer/netdata-updater.sh | 18 |
5 files changed, 75 insertions, 19 deletions
diff --git a/packaging/installer/README.md b/packaging/installer/README.md index f9cd746a..1fa8f14d 100644 --- a/packaging/installer/README.md +++ b/packaging/installer/README.md @@ -42,7 +42,7 @@ bash <(curl -Ss https://my-netdata.io/kickstart.sh) Verify the integrity of the script with this: ```bash -[ "e051d1baed4c69653b5d3e4588696466" = "$(curl -Ss https://my-netdata.io/kickstart.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" +[ "15c688e7228ebee83ace1811273cd089" = "$(curl -Ss https://my-netdata.io/kickstart.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" ``` *It should print `OK, VALID` if the script is the one we ship.* @@ -56,10 +56,13 @@ The `kickstart.sh` script: The `kickstart.sh` script passes all its parameters to `netdata-installer.sh`, so you can add more parameters to change the installation directory, enable/disable plugins, etc (check below). -For automated installs, append a space + `--dont-wait` to the command line. You can also append `--dont-start-it` to prevent the installer from starting Netdata. Example: +For automated installs, append a space + `--dont-wait` to the command line. You can also append `--dont-start-it` to prevent the installer from starting Netdata. +You can also append `--stable-channel` to fetch and install only the official releases from GitHub, instead of the nightly builds. + +Example: ```bash - bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait --dont-start-it + bash <(curl -Ss https://my-netdata.io/kickstart.sh) --dont-wait --dont-start-it --stable-channel ``` If you don't want to receive automatic updates, add `--no-updates` when executing `kickstart.sh` script. @@ -96,18 +99,19 @@ To install Netdata with a binary package on any Linux distro, any kernel version Verify the integrity of the script with this: ```bash -[ "8e6df9b6f6cc7de0d73f6e5e51a3c8c2" = "$(curl -Ss https://my-netdata.io/kickstart-static64.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" +[ "97427a0fc5a52593b603c2ae887d4466" = "$(curl -Ss https://my-netdata.io/kickstart-static64.sh | md5sum | cut -d ' ' -f 1)" ] && echo "OK, VALID" || echo "FAILED, INVALID" ``` *It should print `OK, VALID` if the script is the one we ship.* For automated installs, append a space + `--dont-wait` to the command line. You can also append `--dont-start-it` to prevent the installer from starting Netdata. +You can also append `--stable-channel` to fetch and install only the official releases from GitHub, instead of the nightly builds. Example: ```bash - bash <(curl -Ss https://my-netdata.io/kickstart-static64.sh) --dont-wait --dont-start-it + bash <(curl -Ss https://my-netdata.io/kickstart-static64.sh) --dont-wait --dont-start-it --stable-channel ``` @@ -249,6 +253,8 @@ cd netdata * If you don't want to run it straight-away, add `--dont-start-it` option. +* You can also append `--stable-channel` to fetch and install only the official releases from GitHub, instead of the nightly builds. + * If you don't want to install it on the default directories, you can run the installer like this: `./netdata-installer.sh --install /opt`. This one will install Netdata in `/opt/netdata`. * If your server does not have access to the internet and you have manually put the installation directory on your server, you will need to pass the option `--disable-go` to the installer. The option will prevent the installer from attempting to download and install `go.d.plugin`. diff --git a/packaging/installer/functions.sh b/packaging/installer/functions.sh index 7016b4f3..4270c4ee 100644 --- a/packaging/installer/functions.sh +++ b/packaging/installer/functions.sh @@ -614,11 +614,11 @@ portable_add_user() { portable_add_group() { local groupname="${1}" - # Check if group exist + # Check if group exist if cut -d ':' -f 1 </etc/group | grep "^${groupname}$" 1>/dev/null 2>&1; then - echo >&2 "Group '${groupname}' already exists." - return 0 - fi + echo >&2 "Group '${groupname}' already exists." + return 0 + fi echo >&2 "Adding ${groupname} user group ..." @@ -644,13 +644,13 @@ portable_add_group() { portable_add_user_to_group() { local groupname="${1}" username="${2}" - # Check if group exist + # Check if group exist if ! cut -d ':' -f 1 </etc/group | grep "^${groupname}$" >/dev/null 2>&1; then - echo >&2 "Group '${groupname}' does not exist." - return 1 - fi + echo >&2 "Group '${groupname}' does not exist." + return 1 + fi - # Check if user is in group + # Check if user is in group if [[ ",$(grep "^${groupname}:" </etc/group | cut -d ':' -f 4)," =~ ,${username}, ]]; then # username is already there echo >&2 "User '${username}' is already in group '${groupname}'." @@ -678,3 +678,16 @@ portable_add_user_to_group() { return 1 fi } + + +safe_sha256sum() { + # Within the contexct of the installer, we only use -c option that is common between the two commands + # We will have to reconsider if we start non-common options + if command -v sha256sum >/dev/null 2>&1; then + sha256sum $@ + elif command -v shasum >/dev/null 2>&1; then + shasum -a 256 $@ + else + fatal "I could not find a suitable checksum binary to use" + fi +} diff --git a/packaging/installer/kickstart-static64.sh b/packaging/installer/kickstart-static64.sh index f6d0fc69..6ef3a123 100755 --- a/packaging/installer/kickstart-static64.sh +++ b/packaging/installer/kickstart-static64.sh @@ -111,6 +111,18 @@ set_tarball_urls() { fi } +safe_sha256sum() { + # Within the contexct of the installer, we only use -c option that is common between the two commands + # We will have to reconsider if we start non-common options + if command -v sha256sum >/dev/null 2>&1; then + sha256sum $@ + elif command -v shasum >/dev/null 2>&1; then + shasum -a 256 $@ + else + fatal "I could not find a suitable checksum binary to use" + fi +} + # --------------------------------------------------------------------------------------------------------------------- umask 022 @@ -157,7 +169,7 @@ progress "Downloading static netdata binary: ${NETDATA_TARBALL_URL}" download "${NETDATA_TARBALL_CHECKSUM_URL}" "${TMPDIR}/sha256sum.txt" download "${NETDATA_TARBALL_URL}" "${TMPDIR}/netdata-latest.gz.run" -if ! grep netdata-latest.gz.run "${TMPDIR}/sha256sum.txt" | sha256sum --check - >/dev/null 2>&1; then +if ! grep netdata-latest.gz.run "${TMPDIR}/sha256sum.txt" | safe_sha256sum -c - >/dev/null 2>&1; then fatal "Static binary checksum validation failed. Stopping netdata installation and leaving binary in ${TMPDIR}" fi diff --git a/packaging/installer/kickstart.sh b/packaging/installer/kickstart.sh index f5683327..a8057c19 100755 --- a/packaging/installer/kickstart.sh +++ b/packaging/installer/kickstart.sh @@ -204,6 +204,19 @@ dependencies() { fi } +safe_sha256sum() { + # Within the contexct of the installer, we only use -c option that is common between the two commands + # We will have to reconsider if we start non-common options + if command -v sha256sum >/dev/null 2>&1; then + sha256sum $@ + elif command -v shasum >/dev/null 2>&1; then + shasum -a 256 $@ + else + fatal "I could not find a suitable checksum binary to use" + fi +} + +# --------------------------------------------------------------------------------------------------------------------- umask 022 sudo="" @@ -275,7 +288,7 @@ set_tarball_urls "${RELEASE_CHANNEL}" download "${NETDATA_TARBALL_CHECKSUM_URL}" "${TMPDIR}/sha256sum.txt" download "${NETDATA_TARBALL_URL}" "${TMPDIR}/netdata-latest.tar.gz" -if ! grep netdata-latest.tar.gz "${TMPDIR}/sha256sum.txt" | sha256sum --check - >/dev/null 2>&1; then +if ! grep netdata-latest.tar.gz "${TMPDIR}/sha256sum.txt" | safe_sha256sum -c - >/dev/null 2>&1; then fatal "Tarball checksum validation failed. Stopping netdata installation and leaving tarball in ${TMPDIR}" fi run tar -xf netdata-latest.tar.gz diff --git a/packaging/installer/netdata-updater.sh b/packaging/installer/netdata-updater.sh index 071198dd..56c83795 100644 --- a/packaging/installer/netdata-updater.sh +++ b/packaging/installer/netdata-updater.sh @@ -20,6 +20,18 @@ error() { echo >&3 "$(date) : ERROR: " "${@}" } +safe_sha256sum() { + # Within the contexct of the installer, we only use -c option that is common between the two commands + # We will have to reconsider if we start non-common options + if command -v sha256sum >/dev/null 2>&1; then + sha256sum $@ + elif command -v shasum >/dev/null 2>&1; then + shasum -a 256 $@ + else + fatal "I could not find a suitable checksum binary to use" + fi +} + # this is what we will do if it fails (head-less only) fatal() { error "FAILED TO UPDATE NETDATA : ${1}" @@ -79,10 +91,10 @@ update() { info "Newest version is already installed" else download "${NETDATA_TARBALL_URL}" "${dir}/netdata-latest.tar.gz" - if ! grep netdata-latest.tar.gz sha256sum.txt | sha256sum --check - >&3 2>&3; then - failed "Tarball checksum validation failed. Stopping netdata upgrade and leaving tarball in ${dir}" + if ! grep netdata-latest.tar.gz sha256sum.txt | safe_sha256sum -c - >&3 2>&3; then + fatal "Tarball checksum validation failed. Stopping netdata upgrade and leaving tarball in ${dir}" fi - NEW_CHECKSUM="$(sha256sum netdata-latest.tar.gz 2>/dev/null| cut -d' ' -f1)" + NEW_CHECKSUM="$(safe_sha256sum netdata-latest.tar.gz 2>/dev/null| cut -d' ' -f1)" tar -xf netdata-latest.tar.gz >&3 2>&3 rm netdata-latest.tar.gz >&3 2>&3 cd netdata-* |