#!/usr/bin/env bash # # install.sh — co.nr CLI installer # Version : 0.1.0 # Released : 2026-04-26 # Checksum : sha256:b3e6527d4ab7eb15fdb4559f5b59a4fa604a9e8e9d0d1d74063f4397ab6c8851 - # # ┌─ What this script does ──────────────────────────────────────────────────── # │ 1. Detects OS, architecture, KVM availability, and Docker status # │ 2. Downloads the appropriate conr-cli binary from install.co.nr # │ 3. Verifies the binary checksum # │ 4. Installs to ~/.local/bin (user) or /usr/local/bin (system) # └──────────────────────────────────────────────────────────────────────────── # # Quick install: # curl -fsSL https://install.co.nr | bash # # Options (append after --): # curl -fsSL https://install.co.nr | bash -s -- [OPTIONS] # # --system Install system-wide to /usr/local/bin (requires sudo) # --user Install to ~/.local/bin (default) # --prefix Install to a custom directory # --version Install a specific version instead of latest # --no-verify Skip binary checksum verification # --interactive Prompt for all options interactively # -y, --yes Non-interactive; accept all defaults # # Examples: # curl -fsSL https://install.co.nr | bash -s -- --system # curl -fsSL https://install.co.nr | bash -s -- --version 1.2.3 --user # curl -fsSL https://install.co.nr | bash -s -- --interactive # # To verify this script's integrity after downloading: # sed '1,/^[^#]/d' install.sh | sha256sum # # Note: This deletes lines 1–N until the first non-comment line, leaving all # executable code and inline comments for hashing. Allows header updates # without invalidating the checksum. # ───────────────────────────────────────────────────────────────────────────── set -euo pipefail readonly BASE_URL="https://install.co.nr" readonly BINARY_NAME="conr-cli" readonly INSTALLER_VERSION="0.1.0" if [[ -t 1 ]] && [[ "${NO_COLOR:-}" == "" ]]; then BOLD='\033[1m' DIM='\033[2m' RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[0;33m' CYAN='\033[0;36m' WHITE='\033[0;37m' RESET='\033[0m' else BOLD='' DIM='' RED='' GREEN='' YELLOW='' CYAN='' WHITE='' RESET='' fi log_step() { echo -e "${BOLD}${CYAN} ▸${RESET} $*"; } log_info() { echo -e "${WHITE} $*${RESET}"; } log_ok() { echo -e "${GREEN} ✓${RESET} $*"; } log_warn() { echo -e "${YELLOW} ⚠${RESET} $*"; } log_error() { echo -e "${RED} ✗${RESET} $*" >&2; } log_detail() { echo -e "${DIM} $*${RESET}"; } die() { log_error "$*" exit 1 } banner() { echo echo -e "${BOLD}${CYAN} ╭───────────────────────────────╮${RESET}" echo -e "${BOLD}${CYAN} │ 🚀 co.nr CLI installer │${RESET}" echo -e "${BOLD}${CYAN} │ v${INSTALLER_VERSION} │${RESET}" echo -e "${BOLD}${CYAN} ╰───────────────────────────────╯${RESET}" echo } OPT_SCOPE="" # "user" | "system" | "" OPT_PREFIX="" # custom install prefix OPT_VERSION="latest" OPT_NO_VERIFY=false OPT_INTERACTIVE=false OPT_YES=false parse_args() { while [[ $# -gt 0 ]]; do case "$1" in --system) OPT_SCOPE="system" ;; --user) OPT_SCOPE="user" ;; --prefix) OPT_PREFIX="${2:?--prefix requires a path}"; shift ;; --prefix=*) OPT_PREFIX="${1#*=}" ;; --version) OPT_VERSION="${2:?--version requires a value}"; shift ;; --version=*) OPT_VERSION="${1#*=}" ;; --no-verify) OPT_NO_VERIFY=true ;; --interactive) OPT_INTERACTIVE=true ;; -y|--yes) OPT_YES=true ;; -h|--help) usage; exit 0 ;; *) die "Unknown option: $1 (try --help)" ;; esac shift done } usage() { cat << 'EOF' Quick install: curl -fsSL https://install.co.nr | bash Options (append after --): curl -fsSL https://install.co.nr | bash -s -- [OPTIONS] --system Install system-wide to /usr/local/bin (requires sudo) --user Install to ~/.local/bin (default) --prefix Install to a custom directory --version Install a specific version instead of latest --no-verify Skip binary checksum verification --interactive Prompt for all options interactively -y, --yes Non-interactive; accept all defaults Examples: curl -fsSL https://install.co.nr | bash -s -- --system curl -fsSL https://install.co.nr | bash -s -- --version 1.2.3 --user curl -fsSL https://install.co.nr | bash -s -- --interactive EOF } detect_os() { local os os="$(uname -s)" case "$os" in Linux) echo "linux" ;; Darwin) echo "darwin" ;; *) die "Unsupported operating system: $os" ;; esac } detect_arch() { local arch arch="$(uname -m)" case "$arch" in x86_64) echo "x86_64" ;; aarch64|arm64) echo "aarch64" ;; *) die "Unsupported architecture: $arch" ;; esac } detect_kvm() { if [[ -c /dev/kvm ]]; then if [[ -r /dev/kvm && -w /dev/kvm ]]; then echo "available" else echo "present_no_access" fi elif grep -qE '^flags.*(vmx|svm)' /proc/cpuinfo 2>/dev/null; then echo "cpu_supported" else echo "unavailable" fi } detect_docker() { if command -v docker &>/dev/null; then if docker info &>/dev/null 2>&1; then echo "running" else echo "installed_not_running" fi elif [[ -S /var/run/docker.sock ]]; then echo "socket_present" else echo "unavailable" fi } require_cmd() { command -v "$1" &>/dev/null || die "Required tool not found: $1" } download_file() { local url="$1" local dest="$2" local label="${3:-Downloading}" log_step "${label}" log_detail "${url}" if command -v curl &>/dev/null; then curl -fL --progress-bar -o "$dest" "$url" || die "Download failed: $url" elif command -v wget &>/dev/null; then wget -q --show-progress -O "$dest" "$url" || die "Download failed: $url" else die "Neither curl nor wget found; cannot download files :(" fi } verify_checksum() { local file="$1" local expected="$2" log_step "Verifying checksum" local actual if command -v sha256sum &>/dev/null; then actual="$(sha256sum "$file" | awk '{print $1}')" elif command -v shasum &>/dev/null; then actual="$(shasum -a 256 "$file" | awk '{print $1}')" else log_warn "No sha256 tool found; skipping checksum verification :s" return 0 fi if [[ "$actual" != "$expected" ]]; then die "\nChecksum mismatch!\n expected: $expected\n got: $actual\n\n" fi log_ok "Checksum verified" } resolve_install_dir() { local scope="$1" if [[ -n "$OPT_PREFIX" ]]; then echo "$OPT_PREFIX" return fi case "$scope" in system) echo "/usr/local/bin" ;; user) echo "${HOME}/.local/bin" ;; esac } ensure_dir() { local dir="$1" local scope="$2" if [[ ! -d "$dir" ]]; then log_step "Creating directory ${dir}" if [[ "$scope" == "system" ]]; then sudo mkdir -p "$dir" else mkdir -p "$dir" fi fi } install_binary() { local src="$1" local dest="$2" local scope="$3" chmod +x "$src" if [[ "$scope" == "system" ]]; then log_step "Installing to ${dest} ${DIM}(sudo)${RESET}" sudo mv "$src" "$dest" sudo chmod 755 "$dest" else log_step "Installing to ${dest}" mv "$src" "$dest" chmod 755 "$dest" fi } check_path() { local install_dir="$1" if ! echo "$PATH" | tr ':' '\n' | grep -qxF "$install_dir"; then echo log_warn "${install_dir} is not in your \$PATH" log_info "Add this to your shell profile (e.g. ~/.bashrc, ~/.zshrc):" echo echo -e " ${CYAN}export PATH=\"${install_dir}:\$PATH\"${RESET}" echo fi } prompt_scope() { echo echo -e " ${BOLD}Install location:${RESET}" echo -e " ${CYAN}[1]${RESET} User only ~/.local/bin ${DIM}(default)${RESET}" echo -e " ${CYAN}[2]${RESET} System-wide /usr/local/bin ${DIM}(requires sudo)${RESET}" echo -e " ${CYAN}[3]${RESET} Custom path" echo read -rp " Choice [1]: " choice case "${choice:-1}" in 1) OPT_SCOPE="user" ;; 2) OPT_SCOPE="system" ;; 3) read -rp " Install path: " OPT_PREFIX OPT_SCOPE="user" ;; *) log_warn "Invalid choice — defaulting to user install"; OPT_SCOPE="user" ;; esac } prompt_version() { echo read -rp " Version to install [latest]: " ver OPT_VERSION="${ver:-latest}" } confirm() { local prompt="$1" if [[ "$OPT_YES" == true ]]; then return 0 fi read -rp " ${prompt} [Y/n]: " answer [[ "${answer:-Y}" =~ ^[Yy]$ ]] } # Main main() { parse_args "$@" banner log_step "Detecting environment" local os arch kvm_status docker_status os="$(detect_os)" arch="$(detect_arch)" kvm_status="$(detect_kvm)" docker_status="$(detect_docker)" log_ok "OS: ${os} / ${arch}" case "$kvm_status" in available) log_ok "KVM: available ${DIM}(vmm subcommand enabled)${RESET}" ;; present_no_access) log_warn "KVM: present but not accessible (add user to kvm group)" ;; cpu_supported) log_warn "KVM: CPU supports virtualisation but /dev/kvm not present" ;; unavailable) log_info "KVM: unavailable ${DIM}(vmm subcommand will be disabled)${RESET}" ;; esac case "$docker_status" in running) log_ok "Docker: running ${DIM}(daemon API mode available)${RESET}" ;; installed_not_running) log_warn "Docker: installed but daemon is not running" ;; socket_present) log_info "Docker: socket found ${DIM}(daemon may be accessible)${RESET}" ;; unavailable) log_info "Docker: not found ${DIM}(optional)${RESET}" ;; esac if [[ "$OPT_INTERACTIVE" == true ]]; then prompt_scope prompt_version fi [[ -z "$OPT_SCOPE" ]] && OPT_SCOPE="user" local install_dir install_dir="$(resolve_install_dir "$OPT_SCOPE")" local install_dest="${install_dir}/${BINARY_NAME}" local asset_name="${BINARY_NAME}_${os}_${arch}" local version_path if [[ "$OPT_VERSION" == "latest" ]]; then version_path="" else version_path="v${OPT_VERSION}/" fi local download_url="${BASE_URL}/${version_path}${asset_name}" local checksum_url="${download_url}.sha256" echo echo -e " ${BOLD}Install plan:${RESET}" log_detail "Binary : ${asset_name}" log_detail "Version : ${OPT_VERSION}" log_detail "Location : ${install_dest}" log_detail "Scope : ${OPT_SCOPE}" echo if [[ "$OPT_YES" == false && "$OPT_INTERACTIVE" == false ]]; then confirm "Proceed with installation?" || { echo; log_info "Aborted."; exit 0; } echo fi if [[ "$OPT_SCOPE" == "system" ]]; then if [[ "$EUID" -ne 0 ]]; then log_step "System install requires elevated privileges" sudo -v || die "sudo authorisation failed" fi fi local tmp_dir tmp_dir="$(mktemp -d)" trap 'rm -rf "$tmp_dir"' EXIT local tmp_bin="${tmp_dir}/${BINARY_NAME}" local tmp_sum="${tmp_dir}/${BINARY_NAME}.sha256" download_file "$download_url" "$tmp_bin" "Downloading ${asset_name}" if [[ "$OPT_NO_VERIFY" == false ]]; then download_file "$checksum_url" "$tmp_sum" "Fetching checksum" local expected_sum expected_sum="$(awk '{print $1}' "$tmp_sum")" verify_checksum "$tmp_bin" "$expected_sum" else log_warn "Checksum verification skipped (--no-verify)" fi ensure_dir "$install_dir" "$OPT_SCOPE" install_binary "$tmp_bin" "$install_dest" "$OPT_SCOPE" echo log_ok "${BOLD}conr-cli installed successfully${RESET}" log_detail "Run: ${CYAN}conr-cli --help${RESET}" if [[ "$kvm_status" == "available" ]]; then log_detail "Run: ${CYAN}conr-cli vmm${RESET} — start the local VMM / Docker API bridge" fi check_path "$install_dir" } main "$@"