66 lines
2.7 KiB
Bash
Executable File
66 lines
2.7 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
set -eu
|
|
cd "$(dirname "$0")"
|
|
|
|
# let's check to ensure the management machine is on the Baseline ubuntu 21.04
|
|
if ! lsb_release -d | grep -q "Ubuntu 22.04 LTS"; then
|
|
echo "ERROR: Your machine is not running the Ubuntu 22.04 LTS baseline OS on your management machine."
|
|
exit 1
|
|
fi
|
|
|
|
if [ ! -f /usr/share/keyrings/docker-archive-keyring.gpg ]; then
|
|
cat ./certs/docker.gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
|
|
echo "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
|
|
fi
|
|
|
|
sudo apt-get update
|
|
|
|
# TODO REVIEW management machine software requirements
|
|
# to a host on SERVERS LAN so that it can operate
|
|
# TODO document which dependencies are required by what software, e.g., trezor, docker, etc.
|
|
# virt-manager allows us to run type-1 vms desktop version. We use remote viewer to get a GUI for the VM
|
|
sudo apt-get install -y wait-for-it dnsutils rsync sshfs curl gnupg \
|
|
apt-transport-https ca-certificates lsb-release docker-ce-cli \
|
|
python3-pip python3-dev libusb-1.0-0-dev libudev-dev pinentry-curses \
|
|
libcanberra-gtk-module virt-manager pass
|
|
|
|
|
|
# for trezor installation
|
|
pip3 install setuptools wheel
|
|
pip3 install trezor_agent
|
|
|
|
if [ ! -f /etc/udev/rules.d/51-trezor.rules ]; then
|
|
sudo cp ./51-trezor.rules /etc/udev/rules.d/51-trezor.rules
|
|
fi
|
|
|
|
# TODO initialize pass here; need to first initialize Trezor-T certificates.
|
|
|
|
|
|
# install lxd as a snap if it's not installed. We only really use the client part of this package
|
|
# on the management machine.
|
|
if ! snap list | grep -q lxd; then
|
|
sudo snap install lxd --candidate
|
|
|
|
# initialize the daemon for auto use. Most of the time on the management machine,
|
|
# we only use the LXC client -- not the daemon. HOWEVER, there are circustances where
|
|
# you might want to run the management machine in a LXD-based VM. We we init the lxd daemon
|
|
# after havning installed it so it'll be available for use.
|
|
# see https://www.sovereign-stack.org/management/
|
|
sudo lxd init --auto --storage-pool=default --storage-create-loop=50 --storage-backend=zfs
|
|
fi
|
|
|
|
# make the Sovereign Stack commands available to the user via ~/.bashrc
|
|
# we use ~/.bashrc
|
|
ADDED_COMMAND=false
|
|
for SS_COMMAND in deploy cluster; do
|
|
if ! < "$HOME/.bashrc" grep -q "ss-$SS_COMMAND"; then
|
|
echo "alias ss-${SS_COMMAND}='$(pwd)/${SS_COMMAND}.sh \$@'" >> "$HOME/.bashrc"
|
|
ADDED_COMMAND=true
|
|
fi
|
|
done
|
|
|
|
if [ "$ADDED_COMMAND" = true ]; then
|
|
echo "WARNING! You need to run 'source ~/.bashrc' before continuing."
|
|
fi
|