milliways-infosec/AikidoSec-safe-chain
7
0
Fork 0
mirror of https://github.com/AikidoSec/safe-chain.git synced 2026-05-26 12:10:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
AikidoSec-safe-chain/installer/scripts/templates/postinstall.sh
Reinier Criel 3fe62d4606 Push up some local changes
2025-11-25 15:29:30 -08:00

68 lines
1.9 KiB
Bash
Raw Blame History

#!/bin/bash
set -e
INSTALL_DIR="/Library/Application Support/AikidoSafety"
LAUNCHD_PLIST="/Library/LaunchDaemons/dev.aikido.safe-chain.plist"
LOG_DIR="/var/log/aikido-safe-chain"
echo "Installing Aikido Safe Chain Agent..."
# Create log directory
mkdir -p "$LOG_DIR"
chmod 755 "$LOG_DIR"
# Install certificate to system keychain
echo "Installing CA certificate to system keychain..."
security add-trusted-cert -d -r trustRoot \
-k /Library/Keychains/System.keychain \
"$INSTALL_DIR/certs/ca-cert.pem" || true
# Load and start the LaunchDaemon FIRST (before configuring proxy)
echo "Starting Aikido Safe Chain Agent..."
launchctl load -w "$LAUNCHD_PLIST" || {
echo "ERROR: Failed to start agent."
exit 1
}
# Wait for agent to be ready (check if port is listening)
echo "Waiting for agent to start..."
for i in {1..10}; do
if lsof -Pi :8765 -sTCP:LISTEN -t >/dev/null 2>&1; then
echo "Agent is running on port 8765"
break
fi
if [ $i -eq 10 ]; then
echo "ERROR: Agent failed to start within 10 seconds"
launchctl unload "$LAUNCHD_PLIST" 2>/dev/null || true
exit 1
fi
sleep 1
done
# Now configure system proxy (agent is confirmed running)
echo "Configuring system proxy settings..."
"$INSTALL_DIR/bin/node" "$INSTALL_DIR/agent/configure-proxy.js" --install || {
echo "ERROR: Failed to configure system proxy."
launchctl unload "$LAUNCHD_PLIST" 2>/dev/null || true
exit 1
}
# Configure pip to trust the CA certificate
echo "Configuring pip to trust Aikido CA certificate..."
PIP_CONFIG_DIR="/Library/Application Support/pip"
mkdir -p "$PIP_CONFIG_DIR"
cat > "$PIP_CONFIG_DIR/pip.conf" << EOF
[global]
cert = $INSTALL_DIR/certs/ca-cert.pem
EOF
chmod 644 "$PIP_CONFIG_DIR/pip.conf"
echo "Aikido Safe Chain Agent installed successfully!"
echo ""
echo "The agent is now running in the background and will protect"
echo "all package installations on this system."
echo ""
echo "To uninstall, run:"
echo " sudo bash '$INSTALL_DIR/uninstall.sh'"
exit 0
Reference in a new issue View git blame Copy permalink