From b60696b4317f94d9ded9713af05c539a190a27ec Mon Sep 17 00:00:00 2001 From: Nafiul Bari Khan Date: Fri, 12 Sep 2025 01:02:54 +0600 Subject: [PATCH 1/3] updated installation script for linux and windows --- edge/install.ps1 | 44 ++++++++++++++++++++++++++++++++++++++++ edge/install.sh | 52 ++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 92 insertions(+), 4 deletions(-) diff --git a/edge/install.ps1 b/edge/install.ps1 index ccc8c76..64eb81b 100644 --- a/edge/install.ps1 +++ b/edge/install.ps1 @@ -115,6 +115,15 @@ function Parse-EnvironmentVariable { return $false } + # Parse caCertificate parameter + if ($EnvVar -match "caCertificate=([A-Za-z0-9+/=]+)") { + $script:CaCert = $matches[1] + Write-Host "Extracted caCertificate (base64): $CaCert" + } else { + Write-Host "Warning: caCertificate not found in argument" + $script:CaCert = "" + } + return $true } @@ -188,6 +197,38 @@ function Decode-AndExtractConfig { } } +# Function to setup CA certificate +function Setup-CaCertificate { + if ([string]::IsNullOrEmpty($CaCert)) { + Write-Host "No CA certificate provided, skipping certificate setup" + return + } + + Write-Host "Setting up CA certificate..." + + # Create certificate directory if it doesn't exist + $CertDir = "C:\Program Files\Observo\certs" + if (-not (Test-Path -Path $CertDir)) { + Write-Host "Creating certificate directory: $CertDir" + New-Item -ItemType Directory -Path $CertDir -Force | Out-Null + } + + try { + # Decode the base64 certificate and save it + Write-Host "Decoding and saving CA certificate to $CertDir\ca.crt" + $bytes = [Convert]::FromBase64String($CaCert) + $certContent = [System.Text.Encoding]::UTF8.GetString($bytes) + + $CertFile = Join-Path -Path $CertDir -ChildPath "ca.crt" + [System.IO.File]::WriteAllText($CertFile, $certContent, [System.Text.Encoding]::UTF8) + + Write-Host "CA certificate successfully saved to $CertFile" + } catch { + Write-Host "Error: Failed to decode and save CA certificate: $_" -ForegroundColor Red + return + } +} + # Function to download and extract the agent function Download-AndExtractAgent { param ( @@ -643,6 +684,9 @@ Detect-System # Decode and extract configuration Decode-AndExtractConfig +# Setup CA certificate if provided +Setup-CaCertificate + # Download and extract the agent Download-AndExtractAgent diff --git a/edge/install.sh b/edge/install.sh index 11d555e..23445d8 100644 --- a/edge/install.sh +++ b/edge/install.sh @@ -119,6 +119,18 @@ parse_environment_variable() { return 1 # Failure fi + # Parse caCertificate parameter + if [[ "$env_var" =~ caCertificate=([A-Za-z0-9+/=]+) ]]; then + CA_CERT="${BASH_REMATCH[1]}" # Extract the base64-encoded CA certificate + echo "Extracted caCertificate (base64): $CA_CERT" + + export CA_CERT # Make it available to other functions + else + echo "Warning: caCertificate not found in argument" + CA_CERT="" + export CA_CERT + fi + return 0 # Success } @@ -199,6 +211,35 @@ decode_and_extract_config() { export AGENT_ID } +setup_ca_certificate() { + if [[ -z "$CA_CERT" ]]; then + echo "No CA certificate provided, skipping certificate setup" + return 0 + fi + + echo "Setting up CA certificate..." + + # Create /etc/certs directory if it doesn't exist + if [[ ! -d "/etc/certs" ]]; then + echo "Creating /etc/certs directory..." + sudo mkdir -p /etc/certs + sudo chmod 755 /etc/certs + fi + + # Decode the base64 certificate and save it + echo "Decoding and saving CA certificate to /etc/certs/ca.crt" + echo "$CA_CERT" | base64 --decode | sudo tee /etc/certs/ca.crt > /dev/null + + if [[ $? -eq 0 ]]; then + echo "CA certificate successfully saved to /etc/certs/ca.crt" + sudo chmod 644 /etc/certs/ca.crt + sudo chown root:root /etc/certs/ca.crt + else + echo "Error: Failed to decode and save CA certificate" + return 1 + fi +} + download_and_extract_agent() { PACKAGE="${PACKAGE_NAME}_${VERSION}_${OS}_${ARCH}.tar.gz" @@ -393,16 +434,19 @@ detect_system # store the config at $CONFIG_FILE location decode_and_extract_config -#7. construct the download url required for the system and download the tar +#7. setup CA certificate if provided +setup_ca_certificate + +#8. construct the download url required for the system and download the tar # extract binary at $TMP_DIR download_and_extract_agent -#8. move the binary to $INSTALL_DIR and give execution permissions +#9. move the binary to $INSTALL_DIR and give execution permissions move_to_bin_and_make_executable -#9. Start server +#10. Start server start_server -#10 create systemd service +#11. create systemd service create_systemd_service From 6c63561ead73dadd66f94365d50a8f6e037e55b0 Mon Sep 17 00:00:00 2001 From: Nafiul Bari Khan Date: Fri, 12 Sep 2025 04:25:58 +0600 Subject: [PATCH 2/3] add the ca file --- edge/install.ps1 | 2 ++ 1 file changed, 2 insertions(+) diff --git a/edge/install.ps1 b/edge/install.ps1 index 64eb81b..354e1a6 100644 --- a/edge/install.ps1 +++ b/edge/install.ps1 @@ -36,6 +36,7 @@ $ConfigDir = "C:\Program Files\Observo" $ZipFile = "$TmpDir\edge.zip" $ExtractDir = "$ConfigDir\binaries_edge" $ConfigFile = "$ConfigDir\edge-config.json" +$CAFile = "$ConfigDir\ca.crt" $BaseUrl = "https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download" $PackageName = "otelcol-contrib" $DefaultDownloadUrl = "https://example.com" @@ -587,6 +588,7 @@ function Install-AsScheduledTask { set OTEL_LOG_FILE_PATH=$EdgeCollectorLogFile set OTEL_EXECUTABLE_PATH=$OtelExecutablePath set AGENT_ID=$MachineGuid +set GATEWAY_CA_PATH=$CAFile echo Starting Observo Edge Agent at %DATE% %TIME% > "$StdoutLogFile" "$EdgeExe" -config "$ConfigFile" >> "$StdoutLogFile" 2>&1 "@ From 5ddbfc7f9b9f71e3c2a3757ee754181014085556 Mon Sep 17 00:00:00 2001 From: Nafiul Bari Khan Date: Fri, 12 Sep 2025 04:40:54 +0600 Subject: [PATCH 3/3] fixed the cert directory --- edge/install.ps1 | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/edge/install.ps1 b/edge/install.ps1 index 354e1a6..6ebfe18 100644 --- a/edge/install.ps1 +++ b/edge/install.ps1 @@ -36,7 +36,7 @@ $ConfigDir = "C:\Program Files\Observo" $ZipFile = "$TmpDir\edge.zip" $ExtractDir = "$ConfigDir\binaries_edge" $ConfigFile = "$ConfigDir\edge-config.json" -$CAFile = "$ConfigDir\ca.crt" +$CAFile = "$ConfigDir\certs\ca.crt" $BaseUrl = "https://github.com/open-telemetry/opentelemetry-collector-releases/releases/download" $PackageName = "otelcol-contrib" $DefaultDownloadUrl = "https://example.com" @@ -208,7 +208,7 @@ function Setup-CaCertificate { Write-Host "Setting up CA certificate..." # Create certificate directory if it doesn't exist - $CertDir = "C:\Program Files\Observo\certs" + $CertDir = Split-Path -Path $CAFile -Parent if (-not (Test-Path -Path $CertDir)) { Write-Host "Creating certificate directory: $CertDir" New-Item -ItemType Directory -Path $CertDir -Force | Out-Null @@ -216,14 +216,13 @@ function Setup-CaCertificate { try { # Decode the base64 certificate and save it - Write-Host "Decoding and saving CA certificate to $CertDir\ca.crt" + Write-Host "Decoding and saving CA certificate to $CAFile" $bytes = [Convert]::FromBase64String($CaCert) $certContent = [System.Text.Encoding]::UTF8.GetString($bytes) - $CertFile = Join-Path -Path $CertDir -ChildPath "ca.crt" - [System.IO.File]::WriteAllText($CertFile, $certContent, [System.Text.Encoding]::UTF8) + [System.IO.File]::WriteAllText($CAFile, $certContent, [System.Text.Encoding]::UTF8) - Write-Host "CA certificate successfully saved to $CertFile" + Write-Host "CA certificate successfully saved to $CAFile" } catch { Write-Host "Error: Failed to decode and save CA certificate: $_" -ForegroundColor Red return