2021-12-25 18:43:01 +00:00
|
|
|
#!/bin/bash
|
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
set -eu
|
2022-05-20 15:05:38 +00:00
|
|
|
cd "$(dirname "$0")"
|
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
# https://www.sovereign-stack.org/install/
|
2023-02-01 19:44:05 +00:00
|
|
|
|
2023-03-16 19:50:02 +00:00
|
|
|
# this script is not meant to be executed from the SSME; Let's let's check and abort if so.
|
|
|
|
if [ "$(hostname)" = ss-mgmt ]; then
|
|
|
|
echo "ERROR: This command is meant to be executed from the bare metal management machine -- not the SSME."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2023-02-01 19:44:05 +00:00
|
|
|
# the DISK variable here tells us which disk (partition) the admin wants to use for
|
|
|
|
# lxd resources. By default, we provision the disk under / as a loop device. Admin
|
|
|
|
# can override with CLI modifications.
|
|
|
|
DISK="rpool/lxd"
|
|
|
|
export DISK="$DISK"
|
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# install lxd snap and initialize it
|
2023-02-01 19:44:05 +00:00
|
|
|
if ! snap list | grep -q lxd; then
|
2023-03-22 20:36:31 +00:00
|
|
|
sudo snap install lxd --channel=latest/candidate
|
2023-03-05 16:50:22 +00:00
|
|
|
sleep 5
|
2023-02-01 19:44:05 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# run lxd init
|
2023-02-01 19:44:05 +00:00
|
|
|
cat <<EOF | lxd init --preseed
|
|
|
|
config: {}
|
|
|
|
networks:
|
|
|
|
- config:
|
|
|
|
ipv4.address: auto
|
|
|
|
ipv4.dhcp: true
|
|
|
|
ipv4.nat: true
|
|
|
|
ipv6.address: none
|
|
|
|
description: "Default network bridge for ss-mgmt outbound network access."
|
|
|
|
name: lxdbr0
|
2023-03-02 14:46:17 +00:00
|
|
|
type: bridge
|
2023-02-01 19:44:05 +00:00
|
|
|
storage_pools:
|
|
|
|
- config:
|
|
|
|
source: ${DISK}
|
|
|
|
description: ""
|
|
|
|
name: sovereign-stack
|
|
|
|
driver: zfs
|
|
|
|
profiles:
|
|
|
|
- config: {}
|
|
|
|
description: ""
|
|
|
|
devices:
|
|
|
|
enp5s0:
|
|
|
|
name: enp5s0
|
|
|
|
network: lxdbr0
|
|
|
|
type: nic
|
|
|
|
root:
|
|
|
|
path: /
|
|
|
|
pool: sovereign-stack
|
|
|
|
type: disk
|
|
|
|
name: default
|
|
|
|
projects: []
|
2022-05-10 16:15:32 +00:00
|
|
|
|
2023-02-01 19:44:05 +00:00
|
|
|
EOF
|
2021-12-25 18:43:01 +00:00
|
|
|
|
2023-02-01 19:44:05 +00:00
|
|
|
fi
|
2022-11-21 15:58:32 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# if the ss-mgmt doesn't exist, create it.
|
2023-03-18 15:12:14 +00:00
|
|
|
SSH_PUBKEY_PATH="$HOME/.ssh/id_rsa.pub"
|
2023-04-02 13:43:55 +00:00
|
|
|
FROM_BUILT_IMAGE=false
|
2023-02-01 19:44:05 +00:00
|
|
|
if ! lxc list --format csv | grep -q ss-mgmt; then
|
2022-06-22 17:40:34 +00:00
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
# TODO check to see if there's an existing ss-mgmt image to spawn from, otherwise do this.
|
|
|
|
if lxc image list | grep -q ss-mgmt; then
|
|
|
|
FROM_BUILT_IMAGE=true
|
|
|
|
lxc init ss-mgmt ss-mgmt --vm -c limits.cpu=4 -c limits.memory=4GiB --profile=default
|
|
|
|
else
|
|
|
|
lxc init "images:$BASE_LXC_IMAGE" ss-mgmt --vm -c limits.cpu=4 -c limits.memory=4GiB --profile=default
|
|
|
|
fi
|
|
|
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
# mount the pre-verified sovereign stack git repo into the new vm
|
|
|
|
if ! lxc config device show ss-mgmt | grep -q ss-code; then
|
2023-03-19 17:49:00 +00:00
|
|
|
lxc config device add ss-mgmt ss-code disk source="$(pwd)" path=/home/ubuntu/sovereign-stack
|
2023-04-02 13:43:55 +00:00
|
|
|
fi
|
2023-04-06 00:16:23 +00:00
|
|
|
|
2023-04-06 00:08:57 +00:00
|
|
|
# create the ~/ss path and mount it into the vm.
|
2023-04-07 14:23:04 +00:00
|
|
|
source ./deployment/deployment_defaults.sh
|
|
|
|
source ./deployment/base.sh
|
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
mkdir -p "$SS_ROOT_PATH"
|
2023-03-15 23:19:32 +00:00
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
if ! lxc config device show ss-mgmt | grep -q ss-root; then
|
2023-04-06 00:16:23 +00:00
|
|
|
lxc config device add ss-mgmt ss-root disk source="$SS_ROOT_PATH" path=/home/ubuntu/ss
|
2023-04-02 13:43:55 +00:00
|
|
|
fi
|
2023-03-18 15:11:12 +00:00
|
|
|
|
2023-04-04 20:25:20 +00:00
|
|
|
# # if a ~/.bitcoin/testnet3/blocks direrectory exists, mount it in.
|
|
|
|
# BITCOIN_DIR="$HOME/.bitcoin"
|
2023-04-06 00:16:23 +00:00
|
|
|
# REMOTE_BITCOIN_CACHE_PATH="/home/ubuntu/ss/cache/bitcoin"
|
2023-04-04 20:25:20 +00:00
|
|
|
# BITCOIN_TESTNET_BLOCKS_PATH="$BITCOIN_DIR/testnet3/blocks"
|
|
|
|
# if [ -d "$BITCOIN_TESTNET_BLOCKS_PATH" ]; then
|
|
|
|
# if ! lxc config device show ss-mgmt | grep -q ss-testnet-blocks; then
|
|
|
|
# lxc config device add ss-mgmt ss-testnet-blocks disk source="$BITCOIN_TESTNET_BLOCKS_PATH" path=$REMOTE_BITCOIN_CACHE_PATH/testnet/blocks
|
|
|
|
# fi
|
|
|
|
# fi
|
|
|
|
|
|
|
|
# # if a ~/.bitcoin/testnet3/blocks direrectory exists, mount it in.
|
|
|
|
# BITCOIN_TESTNET_CHAINSTATE_PATH="$BITCOIN_DIR/testnet3/chainstate"
|
|
|
|
# if [ -d "$BITCOIN_TESTNET_CHAINSTATE_PATH" ]; then
|
|
|
|
# if ! lxc config device show ss-mgmt | grep -q ss-testnet-chainstate; then
|
|
|
|
# lxc config device add ss-mgmt ss-testnet-chainstate disk source="$BITCOIN_TESTNET_CHAINSTATE_PATH" path=$REMOTE_BITCOIN_CACHE_PATH/testnet/chainstate
|
|
|
|
# fi
|
|
|
|
# fi
|
|
|
|
|
|
|
|
# # if a ~/.bitcoin/blocks dir exists, mount it in.
|
|
|
|
# BITCOIN_MAINNET_BLOCKS_PATH="$BITCOIN_DIR/blocks"
|
|
|
|
# if [ -d "$BITCOIN_MAINNET_BLOCKS_PATH" ]; then
|
|
|
|
# if ! lxc config device show ss-mgmt | grep -q ss-mainnet-blocks; then
|
|
|
|
# lxc config device add ss-mgmt ss-mainnet-blocks disk source="$BITCOIN_MAINNET_BLOCKS_PATH" path=$REMOTE_BITCOIN_CACHE_PATH/mainnet/blocks
|
|
|
|
# fi
|
|
|
|
# fi
|
|
|
|
|
|
|
|
# # if a ~/.bitcoin/testnet3/blocks direrectory exists, mount it in.
|
|
|
|
# BITCOIN_MAINNET_CHAINSTATE_PATH="$BITCOIN_DIR/chainstate"
|
|
|
|
# if [ -d "$BITCOIN_MAINNET_CHAINSTATE_PATH" ]; then
|
|
|
|
# if ! lxc config device show ss-mgmt | grep -q ss-mainnet-blocks; then
|
|
|
|
# lxc config device add ss-mgmt ss-mainnet-chainstate disk source="$BITCOIN_MAINNET_CHAINSTATE_PATH" path=$REMOTE_BITCOIN_CACHE_PATH/mainnet/chainstate
|
|
|
|
# fi
|
|
|
|
# fi
|
2023-03-18 15:11:12 +00:00
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
# mount the ssh directory in there.
|
|
|
|
if [ -f "$SSH_PUBKEY_PATH" ]; then
|
|
|
|
if ! lxc config device show ss-mgmt | grep -q ss-ssh; then
|
2023-03-18 15:11:12 +00:00
|
|
|
lxc config device add ss-mgmt ss-ssh disk source="$HOME/.ssh" path=/home/ubuntu/.ssh
|
|
|
|
fi
|
2022-06-22 17:40:34 +00:00
|
|
|
fi
|
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# start the vm if it's not already running
|
2023-02-01 19:44:05 +00:00
|
|
|
if lxc list --format csv | grep -q "ss-mgmt,STOPPED"; then
|
|
|
|
lxc start ss-mgmt
|
2023-03-15 23:19:32 +00:00
|
|
|
sleep 10
|
2023-02-01 19:44:05 +00:00
|
|
|
fi
|
2022-11-21 15:58:32 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# wait for the vm to have an IP address
|
2023-02-01 19:44:05 +00:00
|
|
|
. ./management/wait_for_lxc_ip.sh
|
2022-11-21 15:58:32 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# wait for the VM to complete its default cloud-init.
|
|
|
|
while lxc exec ss-mgmt -- [ ! -f /var/lib/cloud/instance/boot-finished ]; do
|
|
|
|
sleep 1
|
|
|
|
done
|
2023-02-01 19:44:05 +00:00
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# do some other preparations for user experience
|
2023-03-20 17:01:50 +00:00
|
|
|
lxc file push ./management/bash_aliases ss-mgmt/home/ubuntu/.bash_aliases
|
2023-02-01 19:44:05 +00:00
|
|
|
lxc file push ./management/bash_profile ss-mgmt/home/ubuntu/.bash_profile
|
|
|
|
lxc file push ./management/bashrc ss-mgmt/home/ubuntu/.bashrc
|
|
|
|
lxc file push ./management/motd ss-mgmt/etc/update-motd.d/sovereign-stack
|
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# install SSH
|
2023-02-01 19:44:05 +00:00
|
|
|
lxc exec ss-mgmt apt-get update
|
|
|
|
lxc exec ss-mgmt -- apt-get install -y openssh-server
|
|
|
|
lxc file push ./management/sshd_config ss-mgmt/etc/ssh/sshd_config
|
|
|
|
lxc exec ss-mgmt -- sudo systemctl restart sshd
|
|
|
|
|
2023-03-15 23:19:32 +00:00
|
|
|
# add 'ss-manage' to the bare metal ~/.bashrc
|
2022-06-22 17:40:34 +00:00
|
|
|
ADDED_COMMAND=false
|
2023-02-01 19:44:05 +00:00
|
|
|
if ! < "$HOME/.bashrc" grep -q "ss-manage"; then
|
|
|
|
echo "alias ss-manage='$(pwd)/manage.sh \$@'" >> "$HOME/.bashrc"
|
|
|
|
ADDED_COMMAND=true
|
|
|
|
fi
|
|
|
|
|
|
|
|
wait-for-it -t 300 "$IP_V4_ADDRESS:22" > /dev/null 2>&1
|
|
|
|
|
|
|
|
# Let's remove any entry in our known_hosts, then add it back.
|
|
|
|
# we are using IP address here so we don't have to rely on external DNS
|
|
|
|
# configuration for the base image preparataion.
|
|
|
|
ssh-keygen -R "$IP_V4_ADDRESS"
|
|
|
|
|
|
|
|
ssh-keyscan -H -t ecdsa "$IP_V4_ADDRESS" >> "$SSH_HOME/known_hosts"
|
|
|
|
|
|
|
|
ssh "ubuntu@$IP_V4_ADDRESS" sudo chown -R ubuntu:ubuntu /home/ubuntu
|
|
|
|
|
|
|
|
|
2023-04-02 13:43:55 +00:00
|
|
|
if [ "$FROM_BUILT_IMAGE" = false ]; then
|
|
|
|
ssh "ubuntu@$IP_V4_ADDRESS" /home/ubuntu/sovereign-stack/management/provision.sh
|
|
|
|
|
|
|
|
lxc stop ss-mgmt
|
|
|
|
|
|
|
|
if ! lxc image list | grep -q "ss-mgmt"; then
|
|
|
|
lxc publish ss-mgmt --alias=ss-mgmt
|
|
|
|
fi
|
|
|
|
|
|
|
|
lxc start ss-mgmt
|
|
|
|
fi
|
2022-08-24 14:09:09 +00:00
|
|
|
|
2022-06-22 17:40:34 +00:00
|
|
|
if [ "$ADDED_COMMAND" = true ]; then
|
2023-02-01 19:44:05 +00:00
|
|
|
echo "NOTICE! You need to run 'source ~/.bashrc' before continuing. After that, type 'ss-manage' to enter your management environment."
|
2022-11-21 15:58:32 +00:00
|
|
|
fi
|