#!/usr/bin/env bash set -euo pipefail SCRIPT_VERSION="0.1.0-preflight" LOG_FILE="/var/log/kitms-install.log" NEEDS_ROOT=1 MIN_FREE_GB=10 REQUIRED_PORTS=(25 80 443) log() { local level="$1" shift local msg="$*" local ts ts="$(date -u +"%Y-%m-%dT%H:%M:%SZ")" echo "[$ts] [$level] $msg" | tee -a "$LOG_FILE" } usage() { cat <<'EOF' KITMS install.sh (preflight profile) Usage: sudo ./install.sh [--preflight-only] Current behavior: - Runs host preflight checks for KITMS installation. - Prints a clear summary and exits with status 0 on success. Notes: - Full automatic stack installation is tracked in M6 (Installer MVP). - This script currently validates readiness and does not change system mail services. EOF } check_root() { if [[ "$NEEDS_ROOT" -eq 1 && "${EUID:-$(id -u)}" -ne 0 ]]; then log "ERROR" "Run this script as root (sudo)." exit 100 fi } check_os() { if [[ ! -f /etc/os-release ]]; then log "ERROR" "/etc/os-release not found." exit 101 fi # shellcheck disable=SC1091 . /etc/os-release local os="${ID:-unknown}" local ver="${VERSION_ID:-unknown}" if [[ "$os" != "ubuntu" ]]; then log "ERROR" "Unsupported OS: $os. Expected ubuntu." exit 102 fi case "$ver" in 22.04|24.04) log "INFO" "OS check passed: Ubuntu $ver" ;; *) log "WARN" "Ubuntu $ver is not in the primary support set (22.04/24.04)." ;; esac } check_disk_space() { local avail_kb avail_kb="$(df --output=avail / | tail -n1 | tr -d ' ')" local avail_gb=$((avail_kb / 1024 / 1024)) if (( avail_gb < MIN_FREE_GB )); then log "ERROR" "Insufficient disk space on '/': ${avail_gb}GB available, need >= ${MIN_FREE_GB}GB." exit 103 fi log "INFO" "Disk check passed: ${avail_gb}GB free on '/'." } check_network_tools() { local missing=0 for tool in curl apt-get systemctl ss; do if ! command -v "$tool" >/dev/null 2>&1; then log "ERROR" "Required tool not found: $tool" missing=1 fi done if (( missing == 1 )); then exit 104 fi log "INFO" "Tool check passed." } check_ports() { local busy=0 for port in "${REQUIRED_PORTS[@]}"; do if ss -ltn "( sport = :$port )" | grep -q ":$port"; then log "WARN" "Port $port is already in use." busy=1 fi done if (( busy == 1 )); then log "WARN" "Some target ports are busy. Manual review is required before full install." else log "INFO" "Port check passed: target ports are free." fi } check_outbound() { if curl -fsSL --max-time 8 https://license.kitms.ru/api/license/check >/dev/null 2>&1; then log "INFO" "Outbound connectivity check passed: license.kitms.ru reachable." else log "WARN" "Outbound connectivity check could not reach license.kitms.ru/api/license/check." fi } main() { local preflight_only=1 while [[ $# -gt 0 ]]; do case "$1" in --preflight-only) preflight_only=1 shift ;; -h|--help) usage exit 0 ;; *) log "ERROR" "Unknown argument: $1" usage exit 2 ;; esac done touch "$LOG_FILE" chmod 600 "$LOG_FILE" log "INFO" "Starting KITMS install preflight (version=$SCRIPT_VERSION)." check_root check_os check_disk_space check_network_tools check_ports check_outbound log "INFO" "Preflight checks completed successfully." if (( preflight_only == 1 )); then log "INFO" "Current profile: preflight-only. Full automatic installation is tracked in M6." fi log "INFO" "Next step: obtain signed license.json after installation and run activation in KITMS UI." } main "$@"