Add VM host deployment scripts (cloud-init + post-install)
Recommended base: Debian 13 Trixie (matches opencode-devbox base image). - cloud-init.yml: automated VM provisioning for Proxmox/OpenStack/cloud providers - setup-host.sh: interactive post-install script for manually-created VMs - README.md: documents both paths and VM sizing recommendations Installs Docker (official repo), Compose v2, ufw firewall, mosh support, and the IPv4 DNS preference workaround for Docker Hub IPv6 issues.
This commit is contained in:
Executable
+135
@@ -0,0 +1,135 @@
|
||||
#!/bin/bash
|
||||
# setup-host.sh — Post-install script for opencode-devbox host VM
|
||||
#
|
||||
# Run this on a fresh Debian 13 or Ubuntu 24.04 VM to set up everything
|
||||
# needed to run opencode-devbox containers.
|
||||
#
|
||||
# Usage:
|
||||
# curl -fsSL https://gitea.jordbo.se/joakimp/opencode-devbox/raw/branch/main/deploy/setup-host.sh | bash
|
||||
#
|
||||
# Or clone and run:
|
||||
# git clone https://gitea.jordbo.se/joakimp/opencode-devbox
|
||||
# cd opencode-devbox/deploy
|
||||
# ./setup-host.sh
|
||||
|
||||
set -euo pipefail
|
||||
|
||||
# ── Colors ──────────────────────────────────────────────────────────
|
||||
BOLD="\033[1m"; GREEN="\033[32m"; YELLOW="\033[33m"; RED="\033[31m"; RESET="\033[0m"
|
||||
info() { echo -e "${BOLD}==>${RESET} $*"; }
|
||||
ok() { echo -e "${GREEN}${BOLD}✓${RESET} $*"; }
|
||||
warn() { echo -e "${YELLOW}${BOLD}!${RESET} $*"; }
|
||||
err() { echo -e "${RED}${BOLD}✗${RESET} $*" >&2; }
|
||||
|
||||
# ── Detect distro ──────────────────────────────────────────────────
|
||||
if [[ ! -f /etc/os-release ]]; then
|
||||
err "Cannot detect Linux distribution — /etc/os-release missing"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
. /etc/os-release
|
||||
|
||||
case "$ID" in
|
||||
debian|ubuntu)
|
||||
info "Detected $PRETTY_NAME"
|
||||
;;
|
||||
*)
|
||||
err "Unsupported distribution: $ID — this script only supports Debian and Ubuntu"
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
|
||||
# ── Require sudo ────────────────────────────────────────────────────
|
||||
if [[ $EUID -eq 0 ]]; then
|
||||
err "Do not run as root — use a regular user with sudo"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if ! sudo -n true 2>/dev/null; then
|
||||
warn "This script needs sudo access. You may be prompted for your password."
|
||||
fi
|
||||
|
||||
# ── Update packages ─────────────────────────────────────────────────
|
||||
info "Updating package index..."
|
||||
sudo apt-get update -qq
|
||||
|
||||
info "Installing base packages..."
|
||||
sudo apt-get install -y --no-install-recommends \
|
||||
ca-certificates curl gnupg git tmux mosh ufw
|
||||
|
||||
# ── Docker ──────────────────────────────────────────────────────────
|
||||
if command -v docker &>/dev/null; then
|
||||
ok "Docker already installed ($(docker --version))"
|
||||
else
|
||||
info "Installing Docker from official repository..."
|
||||
sudo install -m 0755 -d /etc/apt/keyrings
|
||||
sudo curl -fsSL "https://download.docker.com/linux/${ID}/gpg" -o /etc/apt/keyrings/docker.asc
|
||||
sudo chmod a+r /etc/apt/keyrings/docker.asc
|
||||
|
||||
echo "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] https://download.docker.com/linux/${ID} ${VERSION_CODENAME} stable" | \
|
||||
sudo tee /etc/apt/sources.list.d/docker.list > /dev/null
|
||||
|
||||
sudo apt-get update -qq
|
||||
sudo apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
|
||||
|
||||
ok "Docker installed: $(docker --version)"
|
||||
fi
|
||||
|
||||
# ── Add user to docker group ────────────────────────────────────────
|
||||
if groups | grep -q docker; then
|
||||
ok "User already in docker group"
|
||||
else
|
||||
info "Adding $USER to docker group..."
|
||||
sudo usermod -aG docker "$USER"
|
||||
warn "You must log out and back in for docker group to take effect"
|
||||
warn "Or run: newgrp docker"
|
||||
fi
|
||||
|
||||
# ── Firewall ────────────────────────────────────────────────────────
|
||||
info "Configuring firewall (ufw)..."
|
||||
sudo ufw default deny incoming >/dev/null
|
||||
sudo ufw default allow outgoing >/dev/null
|
||||
sudo ufw allow ssh >/dev/null
|
||||
sudo ufw allow 60000:61000/udp comment 'mosh' >/dev/null
|
||||
if ! sudo ufw status | grep -q "Status: active"; then
|
||||
sudo ufw --force enable
|
||||
fi
|
||||
ok "Firewall active — SSH and mosh allowed"
|
||||
|
||||
# ── IPv4 preference for Docker Hub ──────────────────────────────────
|
||||
if ! grep -q 'precedence ::ffff:0:0/96' /etc/gai.conf 2>/dev/null; then
|
||||
info "Setting IPv4 preference in /etc/gai.conf..."
|
||||
echo 'precedence ::ffff:0:0/96 100' | sudo tee -a /etc/gai.conf > /dev/null
|
||||
ok "IPv4 preferred for DNS resolution"
|
||||
fi
|
||||
|
||||
# ── Create projects directory ───────────────────────────────────────
|
||||
if [[ ! -d "$HOME/projects" ]]; then
|
||||
mkdir -p "$HOME/projects"
|
||||
ok "Created ~/projects"
|
||||
fi
|
||||
|
||||
# ── Done ────────────────────────────────────────────────────────────
|
||||
echo ""
|
||||
ok "Host setup complete"
|
||||
echo ""
|
||||
cat <<EOF
|
||||
${BOLD}Next steps:${RESET}
|
||||
|
||||
1. If you weren't already in the docker group, log out and back in:
|
||||
exit
|
||||
ssh <your-user>@<this-host>
|
||||
|
||||
2. Set up opencode-devbox:
|
||||
mkdir -p ~/opencode-devbox && cd ~/opencode-devbox
|
||||
curl -sL https://gitea.jordbo.se/joakimp/opencode-devbox/raw/branch/main/docker-compose.yml -o docker-compose.yml
|
||||
curl -sL https://gitea.jordbo.se/joakimp/opencode-devbox/raw/branch/main/.env.example -o .env
|
||||
|
||||
3. Edit .env with your provider and API keys:
|
||||
vim .env
|
||||
|
||||
4. Start and connect:
|
||||
docker compose up -d
|
||||
docker compose exec -u developer devbox opencode
|
||||
|
||||
EOF
|
||||
Reference in New Issue
Block a user