oops

deploy/setup.sh

@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+# Run once on a fresh server to prepare it for Catalyst deployments.
+# Usage: bash setup.sh <deploy-public-key>
+# Example: bash setup.sh "ssh-ed25519 AAAA... gitea-actions"
+set -euo pipefail
+
+DEPLOY_KEY="${1:?usage: setup.sh <deploy-public-key>}"
+
+echo "==> Installing Node.js"
+curl -fsSL https://deb.nodesource.com/setup_lts.x | bash -
+apt-get install -y nodejs
+
+echo "==> Installing PM2"
+npm install -g pm2
+pm2 startup systemd -u deploy --hp /home/deploy | tail -1 | bash
+
+echo "==> Creating app directory"
+mkdir -p /srv/catalyst
+chown -R deploy:deploy /srv/catalyst
+
+echo "==> Creating deploy user"
+if ! id -u deploy &>/dev/null; then
+    useradd -m -s /bin/bash deploy
+fi
+
+DEPLOY_SSH_DIR="/home/deploy/.ssh"
+mkdir -p "$DEPLOY_SSH_DIR"
+echo "$DEPLOY_KEY" >> "$DEPLOY_SSH_DIR/authorized_keys"
+chmod 700 "$DEPLOY_SSH_DIR"
+chmod 600 "$DEPLOY_SSH_DIR/authorized_keys"
+chown -R deploy:deploy "$DEPLOY_SSH_DIR"
+
+echo ""
+echo "Done. Add these secrets to your Gitea repo:"
+echo "  DEPLOY_HOST    → (your Tailscale IP or hostname)"
+echo "  DEPLOY_USER    → deploy"
+echo "  DEPLOY_SSH_KEY → (the private key paired with the public key you provided)"
+echo "  DEPLOY_SSH_PORT → 22"
+echo ""
+echo "Catalyst will be served on port 3000."