Add initial infrastructure and backup scripts for Gitea and homelab deployment
- Create README.md with project layout and quick start instructions - Implement backup scripts for Gitea, including database and repository exports - Add systemd service and timer for automated Gitea backups - Develop bootstrap scripts for homelab and VPS setup - Document architecture and restore procedures - Configure Caddy reverse proxy and Docker Compose for service management - Establish secrets management guidelines
This commit is contained in:
57
bootstrap/homelab.sh
Normal file
57
bootstrap/homelab.sh
Normal file
@@ -0,0 +1,57 @@
|
||||
#!/usr/bin/env bash
|
||||
set -euo pipefail
|
||||
|
||||
OPS_REPO_PRIMARY_URL="${OPS_REPO_PRIMARY_URL:-https://git.sketchferret.com/sketchferret/ops.git}"
|
||||
OPS_REPO_FALLBACK_URL="${OPS_REPO_FALLBACK_URL:-}"
|
||||
OPS_BUNDLE_PATH="${OPS_BUNDLE_PATH:-/srv/backups/ops/latest/ops.bundle}"
|
||||
TS_HOSTNAME="${TS_HOSTNAME:-homelab}"
|
||||
|
||||
echo "[1/5] Install packages"
|
||||
apt-get update
|
||||
apt-get install -y ca-certificates curl git ufw docker.io docker-compose-plugin age
|
||||
|
||||
echo "[2/5] Install tailscale"
|
||||
curl -fsSL https://tailscale.com/install.sh | sh
|
||||
|
||||
echo "[3/5] Prepare directories"
|
||||
mkdir -p /srv/{ops,secrets,data,backups}
|
||||
chmod 700 /srv/secrets
|
||||
|
||||
echo "[4/5] Sync ops repo"
|
||||
if [[ ! -d /srv/ops/.git ]]; then
|
||||
if git clone "$OPS_REPO_PRIMARY_URL" /srv/ops; then
|
||||
echo "Cloned ops from primary"
|
||||
elif [[ -n "$OPS_REPO_FALLBACK_URL" ]] && git clone "$OPS_REPO_FALLBACK_URL" /srv/ops; then
|
||||
echo "Cloned ops from fallback mirror"
|
||||
elif [[ -f "$OPS_BUNDLE_PATH" ]]; then
|
||||
rm -rf /srv/ops
|
||||
mkdir -p /srv/ops
|
||||
git clone "$OPS_BUNDLE_PATH" /srv/ops
|
||||
echo "Cloned ops from local bundle: $OPS_BUNDLE_PATH"
|
||||
else
|
||||
echo "Unable to fetch ops repo from primary, fallback, or bundle"
|
||||
exit 1
|
||||
fi
|
||||
else
|
||||
if ! git -C /srv/ops pull --ff-only; then
|
||||
if [[ -n "$OPS_REPO_FALLBACK_URL" ]]; then
|
||||
git -C /srv/ops remote set-url origin "$OPS_REPO_FALLBACK_URL"
|
||||
git -C /srv/ops pull --ff-only || true
|
||||
fi
|
||||
fi
|
||||
fi
|
||||
|
||||
echo "[5/5] Bring up tailscale"
|
||||
if [[ -f /srv/ops/secrets/tailscale_authkey.age ]]; then
|
||||
if [[ ! -f /srv/secrets/ops.agekey ]]; then
|
||||
echo "Missing /srv/secrets/ops.agekey (age private key)"
|
||||
exit 1
|
||||
fi
|
||||
age -d -i /srv/secrets/ops.agekey -o /srv/secrets/tailscale_authkey /srv/ops/secrets/tailscale_authkey.age
|
||||
chmod 600 /srv/secrets/tailscale_authkey
|
||||
tailscale up --authkey="$(cat /srv/secrets/tailscale_authkey)" --hostname="$TS_HOSTNAME"
|
||||
else
|
||||
echo "tailscale_authkey.age not found; run tailscale up manually"
|
||||
fi
|
||||
|
||||
echo "Done: Homelab bootstrap complete"
|
||||
Reference in New Issue
Block a user