2023-02-01 19:44:05 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
2023-03-05 16:50:22 +00:00
|
|
|
set -e
|
2023-02-01 19:44:05 +00:00
|
|
|
cd "$(dirname "$0")"
|
|
|
|
|
|
|
|
# NOTE! This script MUST be executed as root.
|
|
|
|
sudo apt-get update
|
2023-03-16 19:50:02 +00:00
|
|
|
sudo apt-get install -y ca-certificates curl gnupg lsb-release htop
|
2023-02-01 19:44:05 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
sudo mkdir -m 0755 -p /etc/apt/keyrings
|
2023-02-01 19:44:05 +00:00
|
|
|
|
|
|
|
# add the docker gpg key to keyring for docker-ce-cli
|
|
|
|
if [ ! -f /etc/apt/keyrings/docker.gpg ]; then
|
|
|
|
cat /home/ubuntu/sovereign-stack/certs/docker.gpg | sudo gpg --dearmor -o /etc/apt/keyrings/docker.gpg
|
|
|
|
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 2>&1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# TODO REVIEW mgmt software requirements
|
|
|
|
sudo apt-get update
|
2023-03-15 23:19:32 +00:00
|
|
|
sudo apt-get install -y wait-for-it dnsutils rsync sshfs apt-transport-https docker-ce-cli libcanberra-gtk-module snapd nano git
|
2023-02-01 19:44:05 +00:00
|
|
|
|
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
sleep 10
|
2023-02-01 19:44:05 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# #apt install python3-pip python3-dev libusb-1.0-0-dev libudev-dev pinentry-curses for trezor stuff
|
|
|
|
# # for trezor installation
|
|
|
|
# #pip3 install setuptools wheel
|
|
|
|
# #pip3 install trezor_agent
|
|
|
|
|
|
|
|
# # ensure the trezor-t udev rules are in place.
|
|
|
|
# # if [ ! -f /etc/udev/rules.d/51-trezor.rules ]; then
|
|
|
|
# # sudo cp ./51-trezor.rules /etc/udev/rules.d/51-trezor.rules
|
|
|
|
# # fi
|
2023-02-01 19:44:05 +00:00
|
|
|
|
|
|
|
# install snap
|
|
|
|
if ! snap list | grep -q lxd; then
|
2023-03-15 23:19:32 +00:00
|
|
|
sudo snap install lxd
|
2023-02-01 19:44:05 +00:00
|
|
|
sleep 6
|
|
|
|
|
|
|
|
# We just do an auto initialization. All we are using is the LXD client inside the management environment.
|
|
|
|
sudo lxd init --auto
|
|
|
|
fi
|
|
|
|
|
|
|
|
# run a lxd command so we don't we a warning upon first invocation
|
|
|
|
lxc list > /dev/null 2>&1
|
|
|
|
|
|
|
|
|
|
|
|
# add groups for docker and lxd
|
2023-03-06 19:44:36 +00:00
|
|
|
if ! groups ubuntu | grep -q docker; then
|
|
|
|
sudo addgroup docker
|
|
|
|
sudo usermod -aG docker ubuntu
|
|
|
|
sudo usermod -aG lxd ubuntu
|
|
|
|
fi
|
2023-02-01 19:44:05 +00:00
|
|
|
|
|
|
|
|
|
|
|
# if an SSH pubkey does not exist, we create one.
|
|
|
|
if [ ! -f /home/ubuntu/.ssh/id_rsa.pub ]; then
|
|
|
|
# generate a new SSH key for the base vm image.
|
|
|
|
ssh-keygen -f /home/ubuntu/.ssh/id_rsa -t ecdsa -b 521 -N ""
|
|
|
|
fi
|
2023-03-06 19:44:36 +00:00
|
|
|
|
|
|
|
echo "Your management machine has been provisioned!"
|