#!/usr/bin/env bash CLN_REGISTER_SERVER="https://cln.cloudlinux.com/cln/api/els/server/register" CLN_UNREGISTER_SERVER="https://cln.cloudlinux.com/cln/api/els/server/unregister" LICENSE="" HOSTNAME=$(hostname) AUTH_CONF_PATH="/etc/yum/vars/elstoken" PACKAGE_URI="https://repo.tuxcare.com/rhel8-els/els-os-release-install.el8.x86_64.rpm" # Temporary files TEMP_RPM="" exec 3>&1 cleanup() { if [[ -f "$TEMP_RPM" ]]; then rm -f "$TEMP_RPM" fi exec 3>&- } trap cleanup EXIT log() { printf "%s\\n" "$1" 1>&3 } show_usage() { echo 'Usage: install-rhel8-els-repo.sh [OPTION]...' echo '' echo ' -l, --license-key User license key' echo ' -f, --force Force re-register if ELS is already installed' echo ' -d, --delete Delete ELS from server' echo ' -v, --validate Check if ELS is installed' echo ' -h, --help Show this message and exit' } do_opts() { if [ $# -eq 0 ]; then log "$(show_usage)" exit 1 fi while [ $# -gt 0 ]; do key="$1" case $key in -h|--help) log "$(show_usage)" exit 0 ;; -l|--license-key) if [[ -z "$2" || "$2" == -* ]]; then log "Error: --license-key requires an argument" log "$(show_usage)" exit 1 fi LICENSE="$2" shift ;; -f|--force) FORCE=true ;; -d|--delete) DELETE=true ;; -v|--validate) VALIDATE=true shift ;; -*|--*) log "Unknown option: $key" log "$(show_usage)" exit 1 ;; esac shift done } els_installed() { log "Checking if els_os_release is already installed... " if rpm -q els-os-release > /dev/null 2>&1; then log "els-os-release package is already installed." return 0 fi log "els-os-release package is not installed" return 1 } extract_token() { if [ ! -f "$AUTH_CONF_PATH" ]; then log "ERROR: Auth config file not found at $AUTH_CONF_PATH" return 1 fi token=$(cat "$AUTH_CONF_PATH") if [[ -z "$token" || "$token" != *SERVER* ]]; then log "ERROR: Invalid token in $AUTH_CONF_PATH (empty or missing SERVER marker)" return 1 fi echo "$token" return 0 } unregister_token() { if ! token=$(extract_token); then return 1 fi log "Unregistering server token..." response=$(curl -i -s -X POST "${CLN_UNREGISTER_SERVER}?token=${token}") curl_exit_code=$? if [ $curl_exit_code -ne 0 ]; then log "ERROR: Failed to connect to unregister server (curl exited with status: $curl_exit_code)" return 1 fi if ! echo "$response" | grep -qi '^HTTP/[0-9.]*[[:space:]]200'; then if [[ -z "$response" ]]; then log "elstoken wasn't found. Server is not registered" else log "Got incorrect status from CLN: $response" fi return 1 fi log "Unregistered successfully" return 0 } remove_els() { log "Removing els-os-release package... " if yum remove -y els-os-release 1>&3; then log "Removed els-os-release package successfully" else log "Error: Could not remove els-os-release package" return 1 fi log "Removing authentication configuration file... " if [[ -f "$AUTH_CONF_PATH" ]]; then if rm -f "$AUTH_CONF_PATH" 1>&3; then log "Removed authentication configuration file successfully" else log "Error: Could not remove auth configuration file: $AUTH_CONF_PATH" return 1 fi else log "Auth configuration file not found" fi log "RHEL8 ELS deleted successfully" return 0 } delete_els() { if els_installed; then if [ "$FORCE" = "true" ]; then unregister_token || log "Warning: Failed to unregister, but continuing with force delete" remove_els else if ! unregister_token; then log "Couldn't deactivate account" return 12 fi remove_els fi else log "ELS is not installed" fi log "ELS removal completed" return 0 } get_auth_token() { log "Request repository token for this server... " local data="{\"key\": \"$3\", \"host_name\": \"$2\"}" local ret ret=$(curl -s -X POST -H "Content-Type: application/json" -H "Accept: application/json" -d "$data" "$1") if [ $? -ne 0 ]; then log "Error (Curl command failed)" return 1 fi local token token=$(echo "$ret" | grep -oP '"token":"\K[^"]*') if [ -n "$token" ]; then log "Ok" echo "$token" return 0 fi log "Error (No token was returned from CLN)" return 1 } install_els() { log "Installing els-os-release..." TEMP_RPM=$(mktemp /tmp/els-os-release-XXXXXX.rpm) if ! curl -fsSL -o "$TEMP_RPM" "$PACKAGE_URI"; then log "Error: Couldn't download els-os-release.rpm" return 1 fi if ! yum install -y "$TEMP_RPM"; then log "Error: Couldn't install els-os-release" return 3 fi log "els-os-release installed successfully" return 0 } check_system_compatibility() { log "Checking system compatibility..." if [[ ! -f /etc/redhat-release ]]; then log "This server is not RHEL based" return 1 fi rhel_release="$(cat /etc/redhat-release)" if [[ ! "${rhel_release}" == *"Red Hat Enterprise Linux"*"release 8"* ]]; then log "This server is not Red Hat Enterprise Linux release 8" exit 1 fi if ! command -v curl &> /dev/null; then log "Error: curl is required but not installed" return 1 fi log "System compatibility check passed" } check_superuser_privileges() { log "Checking for superuser privileges..." if [ "$(id -u)" -ne 0 ]; then log "Error: This script must be run with superuser privileges" return 1 fi log "Superuser privileges confirmed" return 0 } main() { do_opts "$@" if ! check_superuser_privileges; then return 14 fi if ! check_system_compatibility; then return 1 fi if [ "$DELETE" = "true" ]; then delete_els return $? fi if [[ "$VALIDATE" = "true" ]]; then if els_installed; then if token=$(extract_token); then log "Server is registered with token $token" exit 0 else log "els-os-release is installed but token is missing or invalid" exit 1 fi else log "Server is not registered" exit 1 fi fi if [[ -z $LICENSE ]]; then log "License key should be specified with -l, --license-key." log "See -h, --help." return 1 fi if els_installed; then if [ "$FORCE" = "true" ]; then unregister_token remove_els else if ! extract_token > /dev/null 2>&1; then log "els-os-release is installed but token is missing or invalid" log "Run script with --force to repair the installation" else log "This server has installed ELS repo and token" log "For re-registration license run script with --force" fi return 2 fi fi log "Registering in CLN..." local token token=$(get_auth_token "$CLN_REGISTER_SERVER" "$HOSTNAME" "$LICENSE") if [ $? -ne 0 ]; then return 3 fi if ! echo "${token}" > "$AUTH_CONF_PATH"; then log "Error (Could not write to $AUTH_CONF_PATH)" return 10 fi log "Applying repository token for this server..." if ! install_els; then return 9 fi yum clean all if ! yum install -y els-define --disablerepo=* --enablerepo=rhel8-els; then log "Error: Couldn't install els-define" return 1 fi log "ELS installed successfully" } main "$@"