dynamicalsystem.com
homelab infrastructure services
1#!/bin/bash
2
3set -euo pipefail
4
5SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
6LOG_FILE="/tmp/tinsnip-setup-$(date +%Y%m%d-%H%M%S).log"
7
8# Namespace configuration
9NAMESPACE_FILE="/etc/tinsnip-namespace"
10
11log() {
12 echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" | tee -a "$LOG_FILE"
13}
14
15error() {
16 log "ERROR: $*" >&2
17 exit 1
18}
19
20setup_namespace() {
21 # Check if TIN_NAMESPACE is already set in environment
22 if [[ -z "${TIN_NAMESPACE:-}" ]]; then
23 # Check if namespace file exists
24 if [[ -f "$NAMESPACE_FILE" ]]; then
25 TIN_NAMESPACE=$(cat "$NAMESPACE_FILE")
26 log "Found existing namespace: $TIN_NAMESPACE"
27 else
28 # Prompt user for namespace
29 echo
30 read -p "Enter namespace [dynamicalsystem]: " namespace_input
31 TIN_NAMESPACE="${namespace_input:-dynamicalsystem}"
32
33 # Save namespace system-wide
34 log "Setting namespace to: $TIN_NAMESPACE"
35 echo "$TIN_NAMESPACE" | sudo tee "$NAMESPACE_FILE" > /dev/null
36 sudo chmod 644 "$NAMESPACE_FILE"
37 fi
38 else
39 log "Using TIN_NAMESPACE from environment: $TIN_NAMESPACE"
40 # Ensure it's saved system-wide
41 if [[ ! -f "$NAMESPACE_FILE" ]] || [[ "$(cat "$NAMESPACE_FILE")" != "$TIN_NAMESPACE" ]]; then
42 echo "$TIN_NAMESPACE" | sudo tee "$NAMESPACE_FILE" > /dev/null
43 sudo chmod 644 "$NAMESPACE_FILE"
44 fi
45 fi
46
47 # Export for use by other scripts
48 export TIN_NAMESPACE
49
50 # Create profile script to load namespace for all users
51 local profile_script="/etc/profile.d/tinsnip-namespace.sh"
52 if [[ ! -f "$profile_script" ]]; then
53 log "Creating system-wide namespace profile script..."
54 sudo tee "$profile_script" > /dev/null << EOF
55#!/bin/bash
56# tinsnip namespace configuration
57if [[ -f "$NAMESPACE_FILE" ]]; then
58 export TIN_NAMESPACE=\$(cat "$NAMESPACE_FILE")
59fi
60EOF
61 sudo chmod 644 "$profile_script"
62 fi
63}
64
65check_ubuntu() {
66 if [[ ! -f /etc/os-release ]] || ! grep -q "Ubuntu" /etc/os-release; then
67 error "This script requires Ubuntu"
68 fi
69}
70
71check_current_user() {
72 if [[ "$USER" == "tinsnip" ]]; then
73 error "Do not run this script as the tinsnip user. Run as a regular admin user."
74 fi
75
76 if [[ $EUID -eq 0 ]]; then
77 error "Do not run this script as root. Run as a regular user with sudo access."
78 fi
79
80 if ! groups | grep -q sudo; then
81 error "Current user must have sudo access"
82 fi
83}
84
85main() {
86 log "tinsnip Infrastructure Setup"
87 log "============================"
88 log "Log file: $LOG_FILE"
89
90 check_ubuntu
91 check_current_user
92
93 # Setup namespace first
94 setup_namespace
95 log "Using namespace: $TIN_NAMESPACE"
96
97 log "This will set up tinsnip infrastructure services on this host."
98 log "A dedicated 'tinsnip' user will be created to run all services."
99 echo
100 read -p "Continue? (y/N): " response
101 if [[ ! "$response" =~ ^[Yy]$ ]]; then
102 log "Setup cancelled by user"
103 exit 0
104 fi
105
106 # Step 1: Create tinsnip user
107 log "Step 1: Creating tinsnip user..."
108 if ! "$SCRIPT_DIR/scripts/create_tinsnip_user.sh"; then
109 error "Failed to create tinsnip user"
110 fi
111
112 # Step 2: Setup rootless Docker for tinsnip
113 log "Step 2: Setting up rootless Docker..."
114 if ! "$SCRIPT_DIR/scripts/setup_rootless_docker.sh"; then
115 error "Failed to setup rootless Docker"
116 fi
117
118 # Step 3: Deploy services
119 log "Step 3: Deploying services..."
120
121 # Deploy LLDAP
122 log "Deploying LLDAP identity service..."
123 if ! "$SCRIPT_DIR/scripts/deploy_service.sh" lldap; then
124 error "Failed to deploy LLDAP"
125 fi
126
127 log ""
128 log "Setup completed successfully!"
129 log ""
130 log "Services deployed:"
131 log " - LLDAP: http://$(hostname):17170 (Web UI)"
132 log " - LLDAP: ldap://$(hostname):3890 (LDAP endpoint)"
133 log ""
134 log "Default credentials:"
135 log " - Username: admin"
136 log " - Password: (set during LLDAP setup)"
137 log ""
138 log "To manage services:"
139 log " sudo -u tinsnip -i"
140 log " cd ~/service/lldap && docker compose ps"
141}
142
143main "$@"