mirror of
https://github.com/gogrlx/bootstrap.grlx.dev.git
synced 2026-04-02 02:59:05 -07:00
146 lines
4.1 KiB
Bash
Executable File
146 lines
4.1 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
set -e -o pipefail
|
|
|
|
# determine machine architecture
|
|
arch=$(uname -m)
|
|
case $arch in
|
|
"x86_64")
|
|
machine_arch="x86_64"
|
|
;;
|
|
"i686"|"i386")
|
|
machine_arch="386"
|
|
;;
|
|
"aarch64"|"arm64"|"armv8")
|
|
machine_arch="arm64"
|
|
;;
|
|
"armv7l")
|
|
machine_arch="arm"
|
|
;;
|
|
*)
|
|
echo "Unknown machine architecture: $arch"
|
|
exit 1
|
|
;;
|
|
esac
|
|
|
|
|
|
# install farmer
|
|
|
|
if [ ! -f /usr/local/bin/grlx-farmer ]; then
|
|
curl -f -L -s "https://artifacts.grlx.dev/linux/${machine_arch}/v0.0.6/farmer" > /usr/local/bin/grlx-farmer
|
|
chmod +x /usr/local/bin/grlx-farmer
|
|
fi
|
|
|
|
# install systemd service
|
|
cat << EOF > /etc/systemd/system/grlx-farmer.service
|
|
[Unit]
|
|
Description=grlx farmer
|
|
Documentation=https://docs.grlx.dev
|
|
After=network-online.target
|
|
|
|
[Service]
|
|
Type=simple
|
|
ExecStart=/usr/local/bin/grlx-farmer
|
|
Restart=always
|
|
RestartSec=30
|
|
User=farmer
|
|
Group=farmer
|
|
|
|
[Install]
|
|
WantedBy=multi-user.target
|
|
EOF
|
|
|
|
# configure farmer if it's not already configured
|
|
if [ ! -f /etc/grlx/farmer ]; then
|
|
# install gum if it's not already installed for interactive config
|
|
if ! command -v gum >/dev/null 2>&1; then
|
|
tempdir=""
|
|
if command -v mktemp >/dev/null 2>&1; then
|
|
tempdir=$(mktemp -d)
|
|
else
|
|
tempdir="/tmp/grlx-farmer-gum"
|
|
mkdir -p "$tempdir"
|
|
fi
|
|
#trap 'rm -r "$tempdir"' EXIT
|
|
case $machine_arch in
|
|
"386")
|
|
curl -f -L -s "https://github.com/charmbracelet/gum/releases/download/v0.11.0/gum_0.11.0_Linux_i386.tar.gz" > "$tempdir/gum.tar.gz"
|
|
;;
|
|
"x86_64")
|
|
curl -f -L -s "https://github.com/charmbracelet/gum/releases/download/v0.11.0/gum_0.11.0_Linux_x86_64.tar.gz" > "$tempdir/gum.tar.gz"
|
|
;;
|
|
"arm64")
|
|
curl -f -L -s "https://github.com/charmbracelet/gum/releases/download/v0.11.0/gum_0.11.0_Linux_arm64.tar.gz" > "$tempdir/gum.tar.gz"
|
|
;;
|
|
"arm")
|
|
curl -f -L -s "https://github.com/charmbracelet/gum/releases/download/v0.11.0/gum_0.11.0_Linux_arm.tar.gz" > "$tempdir/gum.tar.gz"
|
|
;;
|
|
esac
|
|
echo "Installing gum..."
|
|
echo "$tempdir"
|
|
ls -ashil "$tempdir"
|
|
tar -C "$tempdir" -xzf "$tempdir/gum.tar.gz"
|
|
mv "$tempdir/gum" /usr/local/bin/gum
|
|
chmod +x /usr/local/bin/gum
|
|
fi
|
|
|
|
mkdir -p /etc/grlx
|
|
if [ -z "$FARMER_INTERFACE" ]; then
|
|
FARMER_INTERFACE=$(gum input --value="localhost" --prompt="Choose an interface for the farmer: > ")
|
|
fi
|
|
if [ -z "$FARMER_API_PORT" ]; then
|
|
FARMER_API_PORT=$(gum input --value=5405 --prompt="Choose a port for the farmer API: > ")
|
|
fi
|
|
if [ -z "$FARMER_BUS_PORT" ]; then
|
|
FARMER_BUS_PORT=$(gum input --value=5406 --prompt="Choose a port for the farmer bus: > ")
|
|
fi
|
|
if [ -z "$FARMER_ORGANIZATION" ]; then
|
|
FARMER_ORGANIZATION=$(gum input --value="Your Organization" --prompt="Choose an organization name for the farmer: > ")
|
|
fi
|
|
if [ -z "$ADMIN_PUBKEYS" ]; then
|
|
ADMIN_PUBKEYS=()
|
|
while true; do
|
|
ADMIN_PUBKEYS+=($(gum input --width=57 --placeholder="ABC25HBCYNHYMIFTN372NCKASUQPJCTBA66GLKXFYM3QGRP42IC5BYYF" --prompt="Enter an admin public key (generated by 'grlx auth pubkey'): > "))
|
|
if ! gum confirm "Add another admin public key?"; then
|
|
break
|
|
fi
|
|
done
|
|
fi
|
|
if [ -z "$CERTHOSTS" ]; then
|
|
CERTHOSTS=()
|
|
while true; do
|
|
CERTHOSTS+=($(gum input --placeholder="mydomain.com" --prompt="Enter a domain or IP to generate a certificate for: > "))
|
|
if ! gum confirm "Add another domain or IP?"; then
|
|
break
|
|
fi
|
|
done
|
|
fi
|
|
|
|
|
|
cat << EOF > /etc/grlx/farmer
|
|
certhosts:
|
|
$(for host in "${CERTHOSTS[@]}"; do echo " - $host"; done)
|
|
certificatevalidtime: 8760h0m0s
|
|
configroot: /etc/grlx/
|
|
farmerapiport: "$FARMER_API_PORT"
|
|
farmerbusport: "$FARMER_BUS_PORT"
|
|
farmerinterface: $FARMER_INTERFACE
|
|
farmerpki: /etc/grlx/pki/farmer/
|
|
farmerurl: https://$FARMER_INTERFACE:$FARMER_API_PORT
|
|
keyfile: /etc/grlx/pki/farmer/tls-key.pem
|
|
nkeyfarmerprivfile: /etc/grlx/pki/farmer/farmer.nkey
|
|
nkeyfarmerpubfile: /etc/grlx/pki/farmer/farmer.nkey.pub
|
|
organization: $FARMER_ORGANIZATION
|
|
rootca: /etc/grlx/pki/farmer/tls-rootca.pem
|
|
rootcapriv: /etc/grlx/pki/farmer/tls-rootca-key.pem
|
|
pubkeys:
|
|
admin:
|
|
$(for key in "${ADMIN_PUBKEYS[@]}"; do echo " - $key"; done)
|
|
EOF
|
|
|
|
fi
|
|
useradd -r -s /usr/sbin/nologin farmer >/dev/null || true
|
|
chown farmer:farmer /etc/grlx
|
|
chmod 700 /etc/grlx
|
|
systemctl daemon-reload
|
|
systemctl enable --now grlx-farmer
|