2025-02-18 08:50:17 +01:00
|
|
|
#!/usr/bin/env bash
|
|
|
|
|
|
|
|
set -euo pipefail
|
|
|
|
|
|
|
|
# Ensure we're in a flakes-enabled environment with required tools
|
|
|
|
if ! command -v nix &> /dev/null; then
|
|
|
|
echo "❌ Nix is not installed. Please install Nix first:"
|
|
|
|
echo "curl --proto '=https' --tlsv1.2 -sSf -L https://install.determinate.systems/nix | sh -s -- install"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Check if we need to enter a new shell
|
2025-02-20 06:20:47 +01:00
|
|
|
if [ -z "${INSIDE_NIX_SHELL+x}" ]; then
|
2025-02-18 08:50:17 +01:00
|
|
|
export NIX_CONFIG="experimental-features = nix-command flakes"
|
|
|
|
export INSIDE_NIX_SHELL=1
|
|
|
|
exec nix shell nixpkgs#git nixpkgs#mkpasswd --command bash "$0"
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Function to setup from template
|
|
|
|
setup_from_template() {
|
|
|
|
local TEMPLATE=starter
|
|
|
|
local DIR_NAME="self-host-playbook"
|
|
|
|
|
|
|
|
if [ -d "$DIR_NAME" ]; then
|
|
|
|
echo "📂 Directory '$DIR_NAME' already exists"
|
|
|
|
read -p "Do you want to proceed in the existing directory? (y/N) " -n 1 -r
|
|
|
|
echo
|
|
|
|
if [[ $REPLY =~ ^[Yy]$ ]]; then
|
|
|
|
cd "$DIR_NAME"
|
|
|
|
else
|
|
|
|
echo "❌ Please choose a different directory or remove the existing one"
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
else
|
|
|
|
echo "🔄 Creating new self-host-playbook configuration from template..."
|
|
|
|
nix flake new --template "git+https://code.m3tam3re.com/m3tam3re/self-host-playbook#${TEMPLATE}" "$DIR_NAME"
|
|
|
|
cd "$DIR_NAME"
|
|
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
|
|
# Function to generate SSH key
|
|
|
|
generate_ssh_key() {
|
|
|
|
local KEY_NAME="self-host-playbook"
|
|
|
|
local KEY_PATH="$HOME/.ssh/${KEY_NAME}"
|
|
|
|
|
|
|
|
if [ ! -f "$KEY_PATH" ]; then
|
|
|
|
mkdir -p "$HOME/.ssh"
|
|
|
|
echo "🔑 Generating new SSH key pair..." >&2
|
|
|
|
ssh-keygen -t ed25519 -f "$KEY_PATH" -N "" >&2
|
|
|
|
echo "✅ New SSH key pair generated" >&2
|
|
|
|
else
|
|
|
|
echo "🔑 Using existing SSH key pair" >&2
|
|
|
|
fi
|
|
|
|
|
|
|
|
if [ ! -f "${KEY_PATH}.pub" ]; then
|
|
|
|
echo "❌ Error: Public key file not found" >&2
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
printf "%s" "$KEY_PATH"
|
|
|
|
}
|
|
|
|
|
|
|
|
# Function to hash password using mkpasswd
|
|
|
|
hash_password() {
|
|
|
|
local password=$1
|
|
|
|
mkpasswd -m sha-512 "$password"
|
|
|
|
}
|
|
|
|
|
|
|
|
# Function to display device detection guide
|
|
|
|
show_device_guide() {
|
|
|
|
echo
|
|
|
|
echo "📝 How to find your root device name:"
|
|
|
|
echo "------------------------------------"
|
|
|
|
echo "1. SSH into your server with the credentials provided by your cloud provider or use the web console"
|
|
|
|
echo "2. Run the following command:"
|
|
|
|
echo " lsblk -d -o NAME,SIZE"
|
|
|
|
echo
|
|
|
|
echo "Look for the main disk, usually the largest one. It will be shown as:"
|
|
|
|
echo "- AWS (older): xvda"
|
|
|
|
echo "- AWS (newer): nvme0n1"
|
|
|
|
echo "- GCP/Azure/Linode: sda"
|
|
|
|
echo "- DigitalOcean: vda"
|
|
|
|
echo
|
|
|
|
echo "The device name will be /dev/[name shown in lsblk]"
|
|
|
|
echo
|
|
|
|
echo "💡 Example:"
|
|
|
|
echo " NAME SIZE"
|
|
|
|
echo " sda 76.3G"
|
|
|
|
echo " sr0 1024M"
|
|
|
|
echo "------------------------------------"
|
|
|
|
echo
|
|
|
|
}
|
|
|
|
|
|
|
|
# Function to get device name based on provider
|
|
|
|
get_device_name() {
|
|
|
|
local provider=$1
|
|
|
|
case $provider in
|
|
|
|
"aws-new")
|
|
|
|
echo "/dev/nvme0n1"
|
|
|
|
;;
|
|
|
|
"aws-old")
|
|
|
|
echo "/dev/xvda"
|
|
|
|
;;
|
|
|
|
"gcp")
|
|
|
|
echo "/dev/sda"
|
|
|
|
;;
|
|
|
|
"azure")
|
|
|
|
echo "/dev/sda"
|
|
|
|
;;
|
|
|
|
"digitalocean")
|
|
|
|
echo "/dev/vda"
|
|
|
|
;;
|
|
|
|
"linode")
|
|
|
|
echo "/dev/sda"
|
|
|
|
;;
|
|
|
|
"hetzner")
|
|
|
|
echo "/dev/sda"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "unknown"
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
}
|
|
|
|
|
2025-02-20 05:37:13 +01:00
|
|
|
echo "🚀 Welcome to the Self-Host Playbook!"
|
|
|
|
echo "================================================"
|
|
|
|
echo "This script will help you manage your NixOS server with:"
|
|
|
|
echo "- Portainer (Docker management)"
|
|
|
|
echo "- n8n (Workflow automation)"
|
|
|
|
echo "- Baserow (No-code database)"
|
|
|
|
echo "- Caddy (Automatic HTTPS reverse proxy)"
|
|
|
|
echo "================================================"
|
|
|
|
echo
|
|
|
|
|
|
|
|
read -p "Press ANY KEY to continue or CTRL + C to abort..."
|
|
|
|
echo
|
|
|
|
# Generate SSH key
|
|
|
|
SSH_KEY_PATH=$(generate_ssh_key) || exit 1
|
|
|
|
SSH_PUB_KEY=$(cat "${SSH_KEY_PATH}.pub") || {
|
|
|
|
echo "❌ Error: Failed to read public key from ${SSH_KEY_PATH}.pub"
|
|
|
|
exit 1
|
|
|
|
}
|
|
|
|
echo
|
|
|
|
echo "🔑 Here is your public key:"
|
|
|
|
echo
|
|
|
|
cat $SSH_KEY_PATH.pub
|
|
|
|
echo ""
|
|
|
|
echo "📁 You can also find the keyfile here:"
|
|
|
|
echo
|
|
|
|
echo $SSH_KEY_PATH.pub
|
|
|
|
echo
|
|
|
|
read -p "Press ENTER to continue or CTRL + C to abort..."
|
2025-02-18 09:36:15 +01:00
|
|
|
|
2025-02-18 08:50:17 +01:00
|
|
|
# Collect user input
|
2025-02-20 05:37:13 +01:00
|
|
|
echo ""
|
2025-02-18 08:50:17 +01:00
|
|
|
echo "📝 Please provide the following information:"
|
|
|
|
echo "-------------------------------------------"
|
|
|
|
read -p "1. Enter target server IP address: " SERVER_IP
|
|
|
|
read -p "2. Enter desired username for server access: " USERNAME
|
|
|
|
read -s -p "3. Enter desired password: " PASSWORD
|
|
|
|
echo
|
|
|
|
echo "4. Enter domain names for services (must point to $SERVER_IP):"
|
|
|
|
read -p " - Domain for Portainer: " PORTAINER_DOMAIN
|
|
|
|
read -p " - Domain for n8n: " N8N_DOMAIN
|
|
|
|
read -p " - Domain for Baserow: " BASEROW_DOMAIN
|
2025-02-20 05:37:13 +01:00
|
|
|
echo
|
|
|
|
echo "5. How do you authentiate to the target machine?"
|
|
|
|
echo "-------------------------------------------"
|
|
|
|
echo " 1) Password"
|
|
|
|
echo " 2) SSH Key"
|
|
|
|
echo
|
|
|
|
read -p "Enter your choice (1-2): " KEY_CHOICE
|
|
|
|
|
|
|
|
case $KEY_CHOICE in
|
|
|
|
1)
|
|
|
|
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server root@$SERVER_IP"
|
|
|
|
;;
|
|
|
|
2)
|
|
|
|
INSTALL_COMMAND="nix run github:nix-community/nixos-anywhere -- --flake .#server -i $SSH_KEY_PATH root@$SERVER_IP"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "❌ Invalid choice"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
setup_from_template
|
2025-02-18 08:50:17 +01:00
|
|
|
|
|
|
|
echo
|
2025-02-20 05:37:13 +01:00
|
|
|
echo "6. Select your cloud provider:"
|
2025-02-18 08:50:17 +01:00
|
|
|
echo " 1) AWS (Newer instances with NVMe)"
|
|
|
|
echo " 2) AWS (Older instances)"
|
|
|
|
echo " 3) Google Cloud Platform"
|
|
|
|
echo " 4) Microsoft Azure"
|
|
|
|
echo " 5) DigitalOcean"
|
|
|
|
echo " 6) Linode"
|
|
|
|
echo " 7) Hetzner"
|
|
|
|
echo " 8) I'm not sure (Show detection guide)"
|
|
|
|
echo
|
|
|
|
|
|
|
|
read -p "Enter your choice (1-8): " PROVIDER_CHOICE
|
|
|
|
|
|
|
|
# Set device name based on provider choice
|
|
|
|
case $PROVIDER_CHOICE in
|
|
|
|
1)
|
|
|
|
PROVIDER="aws-new"
|
|
|
|
;;
|
|
|
|
2)
|
|
|
|
PROVIDER="aws-old"
|
|
|
|
;;
|
|
|
|
3)
|
|
|
|
PROVIDER="gcp"
|
|
|
|
;;
|
|
|
|
4)
|
|
|
|
PROVIDER="azure"
|
|
|
|
;;
|
|
|
|
5)
|
|
|
|
PROVIDER="digitalocean"
|
|
|
|
;;
|
|
|
|
6)
|
|
|
|
PROVIDER="linode"
|
|
|
|
;;
|
|
|
|
7)
|
|
|
|
PROVIDER="hetzner"
|
|
|
|
;;
|
|
|
|
8)
|
|
|
|
show_device_guide
|
|
|
|
read -p "Enter your root device name (e.g., /dev/sda): " DEVICE_NAME
|
|
|
|
PROVIDER="custom"
|
|
|
|
;;
|
|
|
|
*)
|
|
|
|
echo "❌ Invalid choice"
|
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
|
|
|
|
if [ "$PROVIDER" != "custom" ]; then
|
|
|
|
DEVICE_NAME=$(get_device_name "$PROVIDER")
|
|
|
|
fi
|
|
|
|
|
|
|
|
echo
|
|
|
|
echo "Using root device: $DEVICE_NAME"
|
|
|
|
read -p "Is this correct? (y/N) " CONFIRM
|
|
|
|
if [[ ! $CONFIRM =~ ^[Yy]$ ]]; then
|
|
|
|
echo "Installation aborted. Please run the script again with the correct device."
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
2025-02-20 05:37:13 +01:00
|
|
|
echo
|
2025-02-18 08:50:17 +01:00
|
|
|
echo "🛠️ Preparing server configuration..."
|
|
|
|
|
|
|
|
# Hash the password
|
|
|
|
HASHED_PASSWORD=$(hash_password "$PASSWORD")
|
|
|
|
|
|
|
|
echo "📝 Customizing configuration files..."
|
|
|
|
# Write configuration to JSON file
|
|
|
|
cat > config.json << EOF
|
|
|
|
{
|
|
|
|
"username": "$USERNAME",
|
|
|
|
"hashedPassword": "$HASHED_PASSWORD",
|
|
|
|
"sshKey": "$SSH_PUB_KEY",
|
|
|
|
"domains": {
|
|
|
|
"portainer": "$PORTAINER_DOMAIN",
|
|
|
|
"n8n": "$N8N_DOMAIN",
|
|
|
|
"baserow": "$BASEROW_DOMAIN"
|
|
|
|
},
|
|
|
|
"rootDevice": "$DEVICE_NAME"
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
|
|
|
|
echo "📦 Setting up environment files..."
|
|
|
|
# Update environment files with domains
|
2025-02-20 06:20:47 +01:00
|
|
|
if [[ "$OSTYPE" == "darwin"* ]]; then
|
|
|
|
sed -i '' "s/N8N_DOMAIN/$N8N_DOMAIN/g" ./env/n8n.env
|
|
|
|
sed -i '' "s/BASEROW_DOMAIN/$BASEROW_DOMAIN/g" ./env/baserow.env
|
|
|
|
else
|
|
|
|
sed -i "s/N8N_DOMAIN/$N8N_DOMAIN/g" ./env/n8n.env
|
|
|
|
sed -i "s/BASEROW_DOMAIN/$BASEROW_DOMAIN/g" ./env/baserow.env
|
|
|
|
fi
|
2025-02-18 08:50:17 +01:00
|
|
|
|
|
|
|
echo
|
2025-02-20 05:37:13 +01:00
|
|
|
echo "⚠️ Important: By proceeding the existing virtual machine will be overwritten!"
|
2025-02-18 08:50:17 +01:00
|
|
|
echo
|
2025-02-20 05:37:13 +01:00
|
|
|
read -p "Do you want to proceed? (y/N) " CONFIRM
|
|
|
|
if [[ ! $CONFIRM =~ ^[Yy]$ ]]; then
|
|
|
|
echo "Installation aborted."
|
|
|
|
exit 1
|
|
|
|
fi
|
2025-02-18 08:50:17 +01:00
|
|
|
echo
|
2025-02-20 05:37:13 +01:00
|
|
|
echo "🚀 Starting NixOS installation..."
|
|
|
|
echo "This process might take several minutes..."
|
|
|
|
|
|
|
|
# Run nixos-anywhere installation
|
|
|
|
$INSTALL_COMMAND && {
|
|
|
|
echo
|
|
|
|
echo "🎉 Installation completed successfully!"
|
|
|
|
echo "=====================================>"
|
|
|
|
echo "You can now access your services at:"
|
|
|
|
echo "- Portainer: https://$PORTAINER_DOMAIN"
|
|
|
|
echo "- n8n: https://$N8N_DOMAIN"
|
|
|
|
echo "- Baserow: https://$BASEROW_DOMAIN"
|
|
|
|
echo
|
|
|
|
echo "To connect to your server, use:"
|
|
|
|
echo "ssh -i $SSH_KEY_PATH -p 2222 $USERNAME@$SERVER_IP"
|
|
|
|
echo
|
|
|
|
echo "⚠️ Important: Please save your SSH key path: $SSH_KEY_PATH"
|
|
|
|
echo "=====================================>"
|
|
|
|
} || echo "Command failed with exit status $?"
|