josh/Vetting
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
273e7593bcea8d6f393fa08ae54b3653e67e88a0
Vetting/deploy/proxmox-install.sh
T
josh 47b4fa35a6
CI / Lint + build + test (push) Failing after 5m16s
Details
Install gen-admin-password alongside vetting 
proxmox-install.sh + install.sh left operators with no way to
generate the bcrypt hash on the LXC — 'vetting gen-admin-password'
was suggested in the post-install message but the binary has no
subcommands. Cross-build gen-admin-password-linux-amd64 during the
one-liner flow and drop it into /usr/local/bin.
2026-04-17 21:50:54 -04:00

85 lines
2.9 KiB
Bash
Raw Blame History

#!/usr/bin/env bash
# proxmox-install.sh — one-shot fetch + build + install for a fresh
# Proxmox LXC (or any Debian/Ubuntu host). Designed to be piped
# straight from the repo:
#
# curl -fsSL https://gitea.thewrightserver.net/josh/Vetting/raw/branch/main/deploy/proxmox-install.sh | sudo bash
#
# What it does:
# 1. apt-installs build prereqs (git, curl, build-essential).
# 2. Drops Go into /usr/local/go if a recent enough toolchain isn't
# already present.
# 3. Clones the repo to /opt/vetting-src (or pulls latest if already
# there), then `make orchestrator-linux`.
# 4. Hands off to deploy/install.sh to lay down the binary, the
# systemd unit, the example config, and the vetting user.
#
# Override via env: GO_VERSION, TEMPL_VERSION, SRC_DIR, BRANCH, REPO_URL.
set -euo pipefail
GO_VERSION="${GO_VERSION:-1.23.4}"
TEMPL_VERSION="${TEMPL_VERSION:-v0.3.1001}"
SRC_DIR="${SRC_DIR:-/opt/vetting-src}"
BRANCH="${BRANCH:-main}"
REPO_URL="${REPO_URL:-https://gitea.thewrightserver.net/josh/Vetting.git}"
if [[ $EUID -ne 0 ]]; then
echo "proxmox-install.sh must be run as root (try: sudo bash)" >&2
exit 1
fi
echo "==> installing build prerequisites"
export DEBIAN_FRONTEND=noninteractive
apt-get update -qq
apt-get install -y --no-install-recommends \
git curl ca-certificates build-essential
need_go=1
if command -v go >/dev/null 2>&1; then
have="$(go env GOVERSION 2>/dev/null || true)"
# Accept any go1.23+ toolchain already on the host.
if [[ "${have}" =~ ^go1\.(2[3-9]|[3-9][0-9]) ]]; then
echo "==> using existing ${have}"
need_go=0
fi
fi
if [[ ${need_go} -eq 1 ]]; then
echo "==> installing Go ${GO_VERSION} into /usr/local/go"
tmp="$(mktemp -d)"
curl -fsSL "https://go.dev/dl/go${GO_VERSION}.linux-amd64.tar.gz" -o "${tmp}/go.tgz"
rm -rf /usr/local/go
tar -C /usr/local -xzf "${tmp}/go.tgz"
rm -rf "${tmp}"
ln -sf /usr/local/go/bin/go /usr/local/bin/go
fi
echo "==> fetching source into ${SRC_DIR}"
if [[ -d "${SRC_DIR}/.git" ]]; then
git -C "${SRC_DIR}" fetch --depth=1 origin "${BRANCH}"
git -C "${SRC_DIR}" checkout -B "${BRANCH}" "origin/${BRANCH}"
else
install -d -m 0755 "$(dirname "${SRC_DIR}")"
git clone --depth=1 --branch "${BRANCH}" "${REPO_URL}" "${SRC_DIR}"
fi
echo "==> installing templ ${TEMPL_VERSION}"
GOBIN=/usr/local/bin go install "github.com/a-h/templ/cmd/templ@${TEMPL_VERSION}"
echo "==> building orchestrator + gen-admin-password"
cd "${SRC_DIR}"
make orchestrator-linux gen-admin-password-linux
echo "==> running deploy/install.sh"
bash deploy/install.sh --binary "bin/vetting-linux-amd64"
cat <<EOF
vetting source is at ${SRC_DIR}.
To upgrade later, rerun this one-liner, or from the source dir:
cd ${SRC_DIR} && git pull && make orchestrator-linux \\
&& sudo ./deploy/install.sh --binary bin/vetting-linux-amd64 \\
&& sudo systemctl restart vetting
EOF
Reference in New Issue View Git Blame Copy Permalink