Compare commits
16 Commits
develop/v0
...
a5473b700f
| Author | SHA1 | Date | |
|---|---|---|---|
| a5473b700f | |||
| 8adf63860c | |||
| be9f216f4c | |||
| 1980fa4178 | |||
| 81b2811569 | |||
| f48ac1c9ae | |||
| 1405f80bfc | |||
| 2bd4bdbd1d | |||
| 9d3abd60fc | |||
| 412bc59408 | |||
| 40d32b7133 | |||
| 9a258602a2 | |||
| ae316fb7f6 | |||
| fc512b0248 | |||
| 2d22b15e85 | |||
| e93f2a634a |
@ -60,6 +60,7 @@ in {
|
||||
|
||||
# Networking
|
||||
networking = {
|
||||
hostName = jsonConfig.hostname;
|
||||
firewall = {
|
||||
enable = true;
|
||||
# Only allow necessary ports
|
||||
|
||||
14
flake.lock
generated
14
flake.lock
generated
@ -6,11 +6,11 @@
|
||||
"nixpkgs-unstable": "nixpkgs-unstable"
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1741872348,
|
||||
"narHash": "sha256-4d0S59c/rR5lcfqeqw3z+k4FlDwyci6dwrwMPgKuO/g=",
|
||||
"lastModified": 1744286132,
|
||||
"narHash": "sha256-b+QaraEq2KS6X3PeAcm2J0afIQjvUEJ61Oj1OHiELzA=",
|
||||
"ref": "stable",
|
||||
"rev": "50af8d01fb5d5d5616bd1d5c38ced9946f863ca4",
|
||||
"revCount": 6,
|
||||
"rev": "dd405780a03515688101b0b66c8757ce817f1ad7",
|
||||
"revCount": 9,
|
||||
"type": "git",
|
||||
"url": "https://code.m3tam3re.com/m3tam3re/self-host-playbook-base"
|
||||
},
|
||||
@ -27,11 +27,11 @@
|
||||
]
|
||||
},
|
||||
"locked": {
|
||||
"lastModified": 1741786315,
|
||||
"narHash": "sha256-VT65AE2syHVj6v/DGB496bqBnu1PXrrzwlw07/Zpllc=",
|
||||
"lastModified": 1744145203,
|
||||
"narHash": "sha256-I2oILRiJ6G+BOSjY+0dGrTPe080L3pbKpc+gCV3Nmyk=",
|
||||
"owner": "nix-community",
|
||||
"repo": "disko",
|
||||
"rev": "0d8c6ad4a43906d14abd5c60e0ffe7b587b213de",
|
||||
"rev": "76c0a6dba345490508f36c1aa3c7ba5b6b460989",
|
||||
"type": "github"
|
||||
},
|
||||
"original": {
|
||||
|
||||
@ -16,7 +16,6 @@
|
||||
};
|
||||
deploy-rs = {
|
||||
url = "github:serokell/deploy-rs";
|
||||
follows = "nixpkgs";
|
||||
};
|
||||
};
|
||||
|
||||
@ -29,7 +28,7 @@
|
||||
} @ inputs: let
|
||||
jsonConfig = builtins.fromJSON (builtins.readFile ./config.json);
|
||||
in {
|
||||
nixosConfigurations.nixos = nixpkgs.lib.nixosSystem {
|
||||
nixosConfigurations.server = nixpkgs.lib.nixosSystem {
|
||||
system = "x86_64-linux";
|
||||
modules = [
|
||||
(base-config.nixosModules.default {
|
||||
@ -43,15 +42,15 @@
|
||||
inherit self;
|
||||
};
|
||||
};
|
||||
deploy.nodes.nixos = {
|
||||
hostname = "self-host-playbook";
|
||||
deploy.nodes.${jsonConfig.hostname} = {
|
||||
hostname = jsonConfig.hostname;
|
||||
profiles.system = {
|
||||
sshUser = jsonConfig.username;
|
||||
user = "root";
|
||||
interactiveSudo = true;
|
||||
path =
|
||||
deploy-rs.lib.x86_64-linux.activate.nixos
|
||||
self.nixosConfigurations.nixos;
|
||||
self.nixosConfigurations.server;
|
||||
};
|
||||
};
|
||||
};
|
||||
|
||||
69
install.sh
69
install.sh
@ -65,6 +65,14 @@ setup_latest_version() {
|
||||
local target_version=$1
|
||||
local dir_name=$2
|
||||
|
||||
# Safety check: Ensure we're in the self-host-playbook directory
|
||||
local current_dir=$(basename "$(pwd)")
|
||||
if [ "$current_dir" != "self-host-playbook" ]; then
|
||||
echo "❌ Error: Must be in 'self-host-playbook' directory to setup latest version"
|
||||
echo "Current directory: $(pwd)"
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo "⬇️ Downloading version $target_version..."
|
||||
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
@ -80,6 +88,12 @@ setup_latest_version() {
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Additional safety check before copying files
|
||||
if [ ! -f "$CLONE_DIR/flake.nix" ]; then
|
||||
echo "❌ Error: Downloaded content doesn't appear to be a valid self-host-playbook"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Copy files from clone to target directory
|
||||
cp -r "$CLONE_DIR"/* "$dir_name/"
|
||||
|
||||
@ -88,12 +102,25 @@ setup_latest_version() {
|
||||
|
||||
# Function to setup from template
|
||||
setup_from_template() {
|
||||
# Ensure we're in the correct directory
|
||||
local current_dir=$(basename "$(pwd)")
|
||||
if [ "$current_dir" != "self-host-playbook" ]; then
|
||||
echo "❌ Error: Must be in 'self-host-playbook' directory"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Create backup if directory is not empty
|
||||
if [ -n "$(ls -A)" ]; then
|
||||
local CURRENT_VERSION=$(date +%Y%m%d_%H%M%S)
|
||||
local backup_dir="backup_${CURRENT_VERSION}_$(date +%Y%m%d_%H%M%S)"
|
||||
echo "📑 Creating backup in $backup_dir..."
|
||||
mkdir -p "$backup_dir"
|
||||
# Add safety check for backup creation
|
||||
if [ ! -d "$backup_dir" ]; then
|
||||
echo "❌ Error: Failed to create backup directory"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec cp -r {} "$backup_dir/" \;
|
||||
echo "✅ Backup created successfully"
|
||||
|
||||
@ -112,7 +139,7 @@ setup_from_template() {
|
||||
generate_ssh_key() {
|
||||
local KEY_NAME="self-host-playbook"
|
||||
local KEY_PATH="$HOME/.ssh/${KEY_NAME}"
|
||||
W
|
||||
|
||||
if [ ! -f "$KEY_PATH" ]; then
|
||||
mkdir -p "$HOME/.ssh"
|
||||
echo "🔑 Generating new SSH key pair..." >&2
|
||||
@ -195,6 +222,7 @@ get_device_name() {
|
||||
setup_ssh_config() {
|
||||
local username=$1
|
||||
local ip_address=$2
|
||||
local hostname=$3 # Add hostname parameter
|
||||
local ssh_config_dir="$HOME/.ssh"
|
||||
local ssh_config_file="$ssh_config_dir/config"
|
||||
local ssh_key_file="$ssh_config_dir/self-host-playbook"
|
||||
@ -203,19 +231,20 @@ setup_ssh_config() {
|
||||
mkdir -p "$ssh_config_dir"
|
||||
chmod 700 "$ssh_config_dir"
|
||||
|
||||
# Create or append to SSH config
|
||||
local config_entry="Host self-host-playbook
|
||||
# Create or append to SSH config using hostname as the Host name
|
||||
local config_entry="Host $hostname
|
||||
HostName $ip_address
|
||||
User $username
|
||||
Port 2222
|
||||
IdentityFile $ssh_key_file"
|
||||
|
||||
# Check if entry already exists
|
||||
if ! grep -q "Host self-host-playbook" "$ssh_config_file" 2>/dev/null; then
|
||||
if ! grep -q "Host $hostname" "$ssh_config_file" 2>/dev/null; then
|
||||
echo -e "\n$config_entry" >> "$ssh_config_file"
|
||||
echo "✅ Added SSH config entry"
|
||||
else
|
||||
# Update existing entry
|
||||
sed -i.bak "/Host self-host-playbook/,/IdentityFile.*/{
|
||||
sed -i.bak "/Host $hostname/,/IdentityFile.*/{
|
||||
s/HostName.*/HostName $ip_address/
|
||||
s/User.*/User $username/
|
||||
}" "$ssh_config_file"
|
||||
@ -265,11 +294,11 @@ SSH_PUB_KEY=$(cat "${SSH_KEY_PATH}.pub") || {
|
||||
echo
|
||||
echo "🔑 Here is your public key:"
|
||||
echo
|
||||
cat $SSH_KEY_PATH.pub
|
||||
cat "$SSH_KEY_PATH.pub"
|
||||
echo ""
|
||||
echo "📁 You can also find the keyfile here:"
|
||||
echo
|
||||
echo $SSH_KEY_PATH.pub
|
||||
echo "$SSH_KEY_PATH.pub"
|
||||
echo
|
||||
read -p "Press ENTER to continue or CTRL + C to abort..."
|
||||
|
||||
@ -278,15 +307,23 @@ echo ""
|
||||
echo "📝 Please provide the following information:"
|
||||
echo "-------------------------------------------"
|
||||
read -p "1. Enter target server IP address: " IP_ADDRESS
|
||||
read -p "2. Enter desired username for server access: " USERNAME
|
||||
read -s -p "3. Enter desired password: " PASSWORD
|
||||
read -p "2. Enter hostname for the server: " HOSTNAME
|
||||
|
||||
# Validate hostname format
|
||||
while ! [[ $HOSTNAME =~ ^[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?)*$ ]]; do
|
||||
echo "❌ Invalid hostname format. Please use a valid hostname (e.g., my-server.example.com)"
|
||||
read -p "Enter hostname for the server: " HOSTNAME
|
||||
done
|
||||
|
||||
read -p "3. Enter desired username for server access: " USERNAME
|
||||
read -s -p "4. Enter desired password: " PASSWORD
|
||||
echo
|
||||
echo "4. Enter domain names for services (must point to $IP_ADDRESS):"
|
||||
echo "5. Enter domain names for services (must point to $IP_ADDRESS):"
|
||||
read -p " - Domain for Portainer: " PORTAINER_DOMAIN
|
||||
read -p " - Domain for n8n: " N8N_DOMAIN
|
||||
read -p " - Domain for Baserow: " BASEROW_DOMAIN
|
||||
echo
|
||||
echo "5. How do you authentiate to the target machine?"
|
||||
echo "6. How do you authenticate to the target machine?"
|
||||
echo "-------------------------------------------"
|
||||
echo " 1) Password"
|
||||
echo " 2) SSH Key"
|
||||
@ -295,10 +332,10 @@ read -p "Enter your choice (1-2): " KEY_CHOICE
|
||||
|
||||
case $KEY_CHOICE in
|
||||
1)
|
||||
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server root@$IP_ADDRESS"
|
||||
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#$HOSTNAME root@$IP_ADDRESS"
|
||||
;;
|
||||
2)
|
||||
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server -i $SSH_KEY_PATH root@$IP_ADDRESS"
|
||||
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#$HOSTNAME -i $SSH_KEY_PATH root@$IP_ADDRESS"
|
||||
;;
|
||||
*)
|
||||
echo "❌ Invalid choice"
|
||||
@ -309,7 +346,7 @@ esac
|
||||
setup_from_template
|
||||
|
||||
echo
|
||||
echo "6. Select your cloud provider:"
|
||||
echo "7. Select your cloud provider:"
|
||||
echo " 1) AWS (Newer instances with NVMe)"
|
||||
echo " 2) AWS (Older instances)"
|
||||
echo " 3) Google Cloud Platform"
|
||||
@ -416,7 +453,7 @@ echo "This process might take several minutes..."
|
||||
# Run nixos-anywhere installation
|
||||
$INSTALL_COMMAND && {
|
||||
echo "🔧 Setting up SSH configuration..."
|
||||
setup_ssh_config "$USERNAME" "$IP_ADDRESS"
|
||||
setup_ssh_config "$USERNAME" "$IP_ADDRESS" "$HOSTNAME"
|
||||
echo
|
||||
echo "🎉 Installation completed successfully!"
|
||||
echo "=====================================>"
|
||||
@ -426,7 +463,7 @@ $INSTALL_COMMAND && {
|
||||
echo "- Baserow: https://$BASEROW_DOMAIN"
|
||||
echo
|
||||
echo "To connect to your server, use:"
|
||||
echo "ssh self-host-playbook"
|
||||
echo "ssh $HOSTNAME"
|
||||
echo
|
||||
install_deploy_rs
|
||||
echo
|
||||
|
||||
108
update.sh
108
update.sh
@ -26,7 +26,7 @@ get_current_version() {
|
||||
}
|
||||
|
||||
get_latest_version() {
|
||||
local LATEST_VERSION
|
||||
local latest_version
|
||||
|
||||
latest_version=$(curl -s "https://code.m3tam3re.com/api/v1/repos/m3tam3re/self-host-playbook/tags" | jq -r '.[] | select(.name | startswith("v")) | .name' | sort -V | tail -n1)
|
||||
|
||||
@ -86,6 +86,20 @@ show_changelog() {
|
||||
perform_update() {
|
||||
local target_version=$1
|
||||
local backup_dir=$2
|
||||
|
||||
# Ensure we're in the correct directory
|
||||
local current_dir=$(basename "$(pwd)")
|
||||
if [ "$current_dir" != "self-host-playbook" ]; then
|
||||
echo "❌ Error: Must be in 'self-host-playbook' directory"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Verify essential files exist before proceeding
|
||||
if [ ! -f "config.json" ] || [ ! -d "env" ]; then
|
||||
echo "❌ Error: Essential files missing. Are you in the correct directory?"
|
||||
return 1
|
||||
fi
|
||||
|
||||
echo "⬇️ Downloading version $target_version..."
|
||||
|
||||
TEMP_DIR=$(mktemp -d)
|
||||
@ -101,6 +115,12 @@ perform_update() {
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Verify downloaded content
|
||||
if [ ! -f "$CLONE_DIR/flake.nix" ]; then
|
||||
echo "❌ Error: Downloaded content appears invalid"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Remove current directory contents except backup
|
||||
echo "🗑️ Cleaning current directory..."
|
||||
find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec rm -rf {} +
|
||||
@ -109,11 +129,27 @@ perform_update() {
|
||||
echo "📋 Installing new version..."
|
||||
cp -r "$CLONE_DIR"/* .
|
||||
|
||||
# Restore configuration files from backup
|
||||
echo "🔄 Restoring configuration files..."
|
||||
cp -r "${backup_dir}/config.json" \
|
||||
"${backup_dir}/env" . 2>/dev/null || true
|
||||
# Verify essential files were copied
|
||||
if [ ! -f "flake.nix" ]; then
|
||||
echo "❌ Error: Failed to copy new version files"
|
||||
return 1
|
||||
fi
|
||||
|
||||
# Restore configuration files from backup with validation
|
||||
echo "🔄 Restoring configuration files..."
|
||||
if [ -f "${backup_dir}/config.json" ]; then
|
||||
cp -r "${backup_dir}/config.json" . || {
|
||||
echo "❌ Error: Failed to restore config.json"
|
||||
return 1
|
||||
}
|
||||
fi
|
||||
|
||||
if [ -d "${backup_dir}/env" ]; then
|
||||
cp -r "${backup_dir}/env" . || {
|
||||
echo "❌ Error: Failed to restore env directory"
|
||||
return 1
|
||||
}
|
||||
fi
|
||||
|
||||
return 0
|
||||
}
|
||||
@ -121,67 +157,60 @@ perform_update() {
|
||||
setup_ssh_config() {
|
||||
local username=$1
|
||||
local ip_address=$2
|
||||
local hostname=$3
|
||||
local ssh_config_dir="$HOME/.ssh"
|
||||
local ssh_config_file="$ssh_config_dir/config"
|
||||
local ssh_key_file="$ssh_config_dir/self-host-playbook"
|
||||
|
||||
# Create .ssh directory if it doesn't exist
|
||||
mkdir -p "$ssh_config_dir"
|
||||
chmod 700 "$ssh_config_dir"
|
||||
|
||||
# Create or append to SSH config
|
||||
local config_entry="Host self-host-playbook
|
||||
local config_entry="Host $hostname
|
||||
HostName $ip_address
|
||||
User $username
|
||||
Port 2222
|
||||
IdentityFile $ssh_key_file"
|
||||
|
||||
# Check if entry already exists
|
||||
if ! grep -q "Host self-host-playbook" "$ssh_config_file" 2>/dev/null; then
|
||||
if ! grep -q "Host $hostname" "$ssh_config_file" 2>/dev/null; then
|
||||
echo -e "\n$config_entry" >> "$ssh_config_file"
|
||||
echo "✅ Added SSH config entry"
|
||||
else
|
||||
# Update existing entry
|
||||
sed -i.bak "/Host self-host-playbook/,/IdentityFile.*/{
|
||||
sed -i.bak "/Host $hostname/,/IdentityFile.*/{
|
||||
s/HostName.*/HostName $ip_address/
|
||||
s/User.*/User $username/
|
||||
}" "$ssh_config_file"
|
||||
echo "✅ Updated existing SSH config entry"
|
||||
fi
|
||||
|
||||
# Set appropriate permissions
|
||||
chmod 600 "$ssh_config_file"
|
||||
}
|
||||
|
||||
update_config_json() {
|
||||
local ip_address=$1
|
||||
update_config_value() {
|
||||
local key=$1
|
||||
local value=$2
|
||||
local config_file="config.json"
|
||||
|
||||
# Read existing config
|
||||
local config
|
||||
config=$(cat "$config_file")
|
||||
|
||||
# Update or add ipAddress field
|
||||
if jq -e '.ipAddress' "$config_file" >/dev/null 2>&1; then
|
||||
config=$(echo "$config" | jq --arg ip "$ip_address" '.ipAddress = $ip')
|
||||
if jq -e ".$key" "$config_file" >/dev/null 2>&1; then
|
||||
config=$(echo "$config" | jq --arg key "$key" --arg value "$value" '.[$key] = $value')
|
||||
else
|
||||
config=$(echo "$config" | jq --arg ip "$ip_address" '. + {ipAddress: $ip}')
|
||||
config=$(echo "$config" | jq --arg key "$key" --arg value "$value" '. + {($key): $value}')
|
||||
fi
|
||||
|
||||
# Write back to file
|
||||
echo "$config" | jq '.' > "$config_file"
|
||||
echo "✅ Updated IP address in config.json"
|
||||
echo "✅ Updated $key in config.json"
|
||||
}
|
||||
|
||||
install_deploy_rs() {
|
||||
echo "🔧 Installing deploy-rs to user environment..."
|
||||
|
||||
# Check if deploy is already installed
|
||||
if command -v deploy >/dev/null 2>&1; then
|
||||
echo "ℹ️ deploy-rs is already installed"
|
||||
return 0
|
||||
fi
|
||||
|
||||
# Install deploy-rs using nix profile
|
||||
if nix profile install 'github:serokell/deploy-rs'; then
|
||||
echo "✅ deploy-rs installed successfully"
|
||||
else
|
||||
@ -190,12 +219,10 @@ install_deploy_rs() {
|
||||
fi
|
||||
}
|
||||
|
||||
|
||||
# Main script
|
||||
echo "🔄 Self-Host Playbook Update Assistant"
|
||||
echo "======================================"
|
||||
|
||||
# Check if we're in the right directory
|
||||
if [ ! -f "config.json" ]; then
|
||||
echo "❌ Error: config.json not found. Please run this script in your self-host-playbook directory."
|
||||
exit 1
|
||||
@ -203,25 +230,35 @@ fi
|
||||
|
||||
USERNAME=$(jq -r '.username' config.json)
|
||||
IP_ADDRESS=$(jq -r '.ipAddress // empty' config.json)
|
||||
HOSTNAME=$(jq -r '.hostname // empty' config.json)
|
||||
|
||||
if [ -z "$USERNAME" ]; then
|
||||
echo "❌ Error: Could not read username from config.json"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# If IP address is not in config.json, prompt for it
|
||||
if [ -z "$IP_ADDRESS" ]; then
|
||||
echo "ℹ️ No IP address found in config.json"
|
||||
read -p "Enter the IP address of your server: " IP_ADDRESS
|
||||
|
||||
# Validate IP address format
|
||||
if ! [[ $IP_ADDRESS =~ ^[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$ ]]; then
|
||||
echo "❌ Error: Invalid IP address format"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Update config.json with the new IP address
|
||||
update_config_json "$IP_ADDRESS"
|
||||
update_config_value "ipAddress" "$IP_ADDRESS"
|
||||
fi
|
||||
|
||||
if [ -z "$HOSTNAME" ]; then
|
||||
echo "ℹ️ No hostname found in config.json"
|
||||
read -p "Enter the hostname for your server: " HOSTNAME
|
||||
|
||||
if ! [[ $HOSTNAME =~ ^[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?(\.[a-zA-Z0-9]([a-zA-Z0-9-]*[a-zA-Z0-9])?)*$ ]]; then
|
||||
echo "❌ Error: Invalid hostname format"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
update_config_value "hostname" "$HOSTNAME"
|
||||
fi
|
||||
|
||||
VERSION_FILE="version.json"
|
||||
@ -248,26 +285,21 @@ read -p "Do you want to update to version $LATEST_VERSION? (y/N) " -n 1 -r
|
||||
echo
|
||||
|
||||
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
||||
# Create backup
|
||||
backup_dir="backup_${CURRENT_VERSION}_$(date +%Y%m%d_%H%M%S)"
|
||||
echo "📑 Creating backup in $backup_dir..."
|
||||
mkdir -p "$backup_dir"
|
||||
find . -maxdepth 1 ! -name "." ! -name ".." ! -name "$backup_dir" -exec cp -r {} "$backup_dir/" \;
|
||||
|
||||
|
||||
# Perform update
|
||||
if perform_update "$LATEST_VERSION" "$backup_dir"; then
|
||||
echo
|
||||
echo "✅ Update completed successfully!"
|
||||
# Setup SSH configuration
|
||||
echo
|
||||
echo "🔧 Setting up SSH configuration..."
|
||||
setup_ssh_config "$USERNAME" "$IP_ADDRESS"
|
||||
setup_ssh_config "$USERNAME" "$IP_ADDRESS" "$HOSTNAME"
|
||||
echo
|
||||
install_deploy_rs
|
||||
echo
|
||||
echo "To apply the changes, run:"
|
||||
echo "sudo nixos-rebuild switch"
|
||||
echo "🚀 Applying the update to your system..."
|
||||
deploy .#$HOSTNAME
|
||||
echo
|
||||
echo "If you encounter any issues, your backup is available in $backup_dir"
|
||||
else
|
||||
|
||||
Reference in New Issue
Block a user