#!/usr/bin/env bash set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" SERIAL="" API_URL="" ROOTFS_DIR="" usage() { echo "Usage: provision_device.sh --serial --api-url --rootfs-dir " >&2 } while [[ $# -gt 0 ]]; do case "$1" in --serial) SERIAL="${2:-}" shift 2 ;; --api-url) API_URL="${2:-}" shift 2 ;; --rootfs-dir) ROOTFS_DIR="${2:-}" shift 2 ;; --help|-h) usage exit 0 ;; *) echo "Unknown option: $1" >&2 usage exit 1 ;; esac done if [[ -z "$SERIAL" || -z "$API_URL" || -z "$ROOTFS_DIR" ]]; then echo "Missing required arguments." >&2 usage exit 1 fi API_URL="${API_URL%/}" normalize_serial_suffix() { local s s="$(printf '%s' "$1" | tr '[:upper:]' '[:lower:]')" if [[ "$s" == *-* ]]; then printf '%s' "${s##*-}" else printf '%s' "${s//-/}" fi } EMAIL_SUFFIX="$(normalize_serial_suffix "$SERIAL")" EMAIL="azaion-jetson-${EMAIL_SUFFIX}@azaion.com" PASSWORD="$(openssl rand -hex 16)" echo "Provisioning device identity for serial: $SERIAL" echo "Target admin API: $API_URL" echo "Device email: $EMAIL" build_post_json() { python3 -c 'import json,sys; print(json.dumps({"email":sys.argv[1],"password":sys.argv[2],"role":"CompanionPC"}))' "$1" "$2" } POST_JSON="$(build_post_json "$EMAIL" "$PASSWORD")" TMP_BODY="$(mktemp)" trap 'rm -f "$TMP_BODY"' EXIT HTTP_CODE="$( curl -sS -o "$TMP_BODY" -w "%{http_code}" \ -X POST "${API_URL}/users" \ -H "Content-Type: application/json" \ -d "$POST_JSON" )" if [[ "$HTTP_CODE" == "409" ]]; then echo "User already exists; updating password for re-provision" PATCH_JSON="$(build_post_json "$EMAIL" "$PASSWORD")" HTTP_CODE="$( curl -sS -o "$TMP_BODY" -w "%{http_code}" \ -X PATCH "${API_URL}/users/password" \ -H "Content-Type: application/json" \ -d "$PATCH_JSON" )" fi if [[ "$HTTP_CODE" != "200" && "$HTTP_CODE" != "201" ]]; then echo "Admin API error HTTP $HTTP_CODE" >&2 cat "$TMP_BODY" >&2 echo >&2 exit 1 fi CONF_DIR="${ROOTFS_DIR}/etc/azaion" mkdir -p "$CONF_DIR" CONF_PATH="${CONF_DIR}/device.conf" { printf 'AZAION_DEVICE_EMAIL=%s\n' "$EMAIL" printf 'AZAION_DEVICE_PASSWORD=%s\n' "$PASSWORD" } > "$CONF_PATH" chmod 600 "$CONF_PATH" echo "Wrote $CONF_PATH" echo "Provisioning finished successfully"