#!/bin/bash source "${AGENT_PATH}/common.sh" SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" # Check required environment variables _check_required_env_vars "CONTAINER_NAME" "IMAGE_REGISTRY" "IMAGE_REPO" "IMAGE_TAG" "LOGSERVER_HOST" "LOGSERVER_PORT" "AUTH_MODE" # Validate authentication configuration case "$AUTH_MODE" in mtls) _check_required_env_vars "CLIENT_CERT_PATH" "CLIENT_KEY_PATH" "CA_CERT_PATH" if [ ! -f "$CLIENT_CERT_PATH" ]; then _die "Client certificate not found at $CLIENT_CERT_PATH" fi if [ ! -f "$CLIENT_KEY_PATH" ]; then _die "Client key not found at $CLIENT_KEY_PATH" fi if [ ! -f "$CA_CERT_PATH" ]; then _die "CA certificate not found at $CA_CERT_PATH" fi ;; apikey) _check_required_env_vars "API_KEY" if [ -z "$API_KEY" ]; then _die "API_KEY is empty. Please get an API key from the logserver administrator" fi ;; basic) _check_required_env_vars "USERNAME" "PASSWORD" echo "WARNING: Basic authentication is not recommended for production" ;; *) _die "Invalid AUTH_MODE: $AUTH_MODE. Must be one of: mtls, apikey, basic" ;; esac # Check Docker is available _check_docker_installed || _die "Docker test failed" # Test connectivity to logserver echo "Testing connectivity to logserver at ${LOGSERVER_HOST}:${LOGSERVER_PORT}..." nc -zv "$LOGSERVER_HOST" "$LOGSERVER_PORT" 2>/dev/null || echo "WARNING: Cannot connect to logserver. Will retry when container starts." # Pull the Docker image docker pull "$IMAGE_REGISTRY/$IMAGE_REPO:$IMAGE_TAG" || _die "Failed to pull Filebeat image" # Stop any existing container bash ./stop.sh || true # Remove old container _remove_container "$CONTAINER_NAME" || true # Generate Filebeat configuration echo "Generating Filebeat configuration..." bash ./scripts/generate-config.sh || _die "Failed to generate configuration" # Start the new container bash ./start.sh || _die "Failed to start Filebeat" echo "Installation of ${CONTAINER_NAME} complete" echo "Collecting logs from Docker API and shipping to ${LOGSERVER_HOST}:${LOGSERVER_PORT}" echo "Authentication mode: ${AUTH_MODE}"