diff --git a/setup b/setup index ccbcf33..71017c8 100755 --- a/setup +++ b/setup @@ -6,233 +6,79 @@ set -e HEADSCALE_URL="https://headscale.du-senegal.com" HEADSCALE_FALLBACK="http://141.94.23.212" -HEADSCALE_AUTHKEY="" -# Paramètres NATS -NATS_SERVER="100.64.0.1:4222" -NATS_CLUSTER="KAWA" -NATS_USER="kawa" -NATS_PASS="kawa123" +# Charger les variables depuis .env si présent +if [ -f ".env" ]; then + source .env +fi -# Paramètres Syncthing -SYNCTHING_DEVICE_ID="" # Sera généré -SYNCTHING_FOLDERS="kawa-memory,kawa-workspace,kawa-forge" -SYNCTHING_VPS_ID="AHF53QZ-ZYCQ2K7-556QBZ2-2UAYZL4-QNEQOGZ-PHZQIAG-4ZRXI3P-QLLJNA6" +# Demander la clé si pas définie +if [ -z "$HEADSCALE_AUTHKEY" ] || [ "$HEADSCALE_AUTHKEY" = "" ]; then + echo "" + echo "⚠️ HEADSCALE_AUTHKEY non défini!" + echo "" + echo "Options:" + echo " 1. Créer un fichier .env avec:" + echo " HEADSCALE_AUTHKEY=votre-clé" + echo "" + echo " 2. Ou entrer la clé maintenant:" + read -p "Entrez votre clé Headscale: " HEADSCALE_AUTHKEY +fi echo "🜄 KAWA OS - Installation" echo "" # Détection du type de système detect_system() { - # NixOS - if [ -f /etc/NIXOS ]; then - echo "nixos" - return - fi - - # Debian/Ubuntu - if [ -f /etc/debian_version ]; then - echo "debian" - return - fi - - # Fedora/RHEL - if [ -f /etc/redhat-release ]; then - echo "redhat" - return - fi - - # Arch Linux - if [ -f /etc/arch-release ]; then - echo "arch" - return - fi - - # Docker/Container if [ -f /.dockerenv ]; then echo "docker" - return - fi - - # Container générique - if grep -q "docker\|lxc\|container" /proc/1/cgroup 2>/dev/null; then + elif grep -q "docker\|lxc\|container" /proc/1/cgroup 2>/dev/null; then echo "container" - return - fi - - # Machine physique - if [ -f /sys/class/dmi/id/product_name ]; then + elif [ -f /etc/NIXOS ]; then + echo "nixos" + elif [ -f /etc/debian_version ]; then + echo "debian" + elif [ -f /etc/redhat-release ]; then + echo "redhat" + elif [ -f /etc/arch-release ]; then + echo "arch" + elif [ -f /sys/class/dmi/id/product_name ]; then echo "physical" - return - fi - - echo "unknown" -} - -# Installation spécifique NixOS -install_nixos() { - echo "📦 Installation NixOS détectée" - echo "" - - # Demander le hostname - read -p "Hostname pour ce nœud (ex: kawa-node-01): " HOSTNAME_INPUT - HOSTNAME="${HOSTNAME_INPUT:-kawa-node-$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")}" - - # Créer la configuration NixOS - echo "Création de la configuration NixOS..." - - NIXOS_CONFIG="/etc/nixos/kawa-configuration.nix" - - cat > "$NIXOS_CONFIG" << NIXOS_EOF -# KAWA Node - Configuration NixOS -# Généré automatiquement par kawa-setup - -{ config, lib, pkgs, ... }: - -{ - imports = [ - ./hardware-configuration.nix - ./kawa.nix - ]; - - # Configuration réseau - networking.hostName = "$HOSTNAME"; - networking.firewall = { - allowedTCPPorts = [ 22 4222 22000 ]; - allowedUDPPorts = [ 41641 22000 ]; - trustedInterfaces = [ "tailscale0" ]; - }; - - # Tailscale/Headscale - services.tailscale = { - enable = true; - extraUpFlags = [ - "--login-server=$HEADSCALE_URL" - "--authkey=$HEADSCALE_AUTHKEY" - "--hostname=$HOSTNAME" - "--force-reauth" - ]; - }; - - # NATS Client - services.nats = { - enable = true; - server = "$NATS_SERVER"; - }; - - # Syncthing - services.syncthing = { - enable = true; - user = "kawa"; - group = "kawa"; - config = { - devices = { - "vps-7ed4abb0" = { id = "$SYNCTHING_VPS_ID"; }; - }; - folders = { - "kawa-memory" = { - path = "/home/kawa/.local/share/kawa/memory"; - devices = [ "vps-7ed4abb0" ]; - }; - "kawa-workspace" = { - path = "/home/kawa/.local/share/kawa/workspace"; - devices = [ "vps-7ed4abb0" ]; - }; - "kawa-forge" = { - path = "/home/kawa/.local/share/kawa/forge"; - devices = [ "vps-7ed4abb0" ]; - }; - }; - }; - }; - - # Utilisateur KAWA - users.users.kawa = { - isNormalUser = true; - extraGroups = [ "wheel" "networkmanager" "tailscale" "syncthing" ]; - }; - - # Packages système - environment.systemPackages = with pkgs; [ - tailscale - natscli - syncthing - git - curl - wget - htop - ]; -} -NIXOS_EOF - - # Copier le module kawa.nix - cp ./nixos/kawa.nix /etc/nixos/ 2>/dev/null || true - - echo "" - echo "✓ Configuration NixOS créée: $NIXOS_CONFIG" - echo "" - echo "Pour appliquer:" - echo " sudo nixos-rebuild switch" - echo "" - echo "Ou ajouter à votre configuration existante:" - echo " imports = [ ./kawa.nix ];" - echo " services.kawa.enable = true;" - - return 0 -} - -# Installation standard (Debian/Ubuntu/Fedora/etc.) -install_standard() { - echo "📦 Installation standard ($1)" - - HOSTNAME="${2:-kawa-$SYSTEM_TYPE-$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")}" - echo "Hostname: $HOSTNAME" - echo "" - - # Vérifier connexion existante - check_existing - - # Installer Tailscale si nécessaire - if ! command -v tailscale &> /dev/null; then - echo "Installation de Tailscale..." - curl -fsSL https://tailscale.com/install.sh | sh - fi - - # Démarrer tailscaled - echo "Démarrage de tailscaled..." - tailscaled 2>/dev/null & - sleep 3 - - # Connexion au mesh - echo "Connexion au mesh KAWA..." - - tailscale down 2>/dev/null || true - sleep 1 - - if tailscale up --login-server="$HEADSCALE_URL" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then - echo "✓ Connecté via $HEADSCALE_URL" - elif tailscale up --login-server="$HEADSCALE_FALLBACK" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then - echo "✓ Connecté via $HEADSCALE_FALLBACK" else - echo "✗ Échec de connexion" - exit 1 + echo "unknown" fi +} + +# Génération du hostname +generate_hostname() { + local SYSTEM_TYPE=$(detect_system) + local MODEL + local SUFFIX - sleep 2 - - # Afficher les infos - echo "" - echo "🜄 Nœud KAWA configuré!" - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" - echo "Hostname: $HOSTNAME" - echo "IP Mesh: $(tailscale ip 2>/dev/null || echo 'en attente...')" - echo "NATS: $NATS_SERVER" - echo "" - echo "Commandes utiles:" - echo " tailscale status # Voir le mesh" - echo " tailscale ip # Voir l'IP" - echo " tailscale ping NODE # Ping un nœud" - echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" + case "$SYSTEM_TYPE" in + docker|container) + if [ -f /etc/hostname ]; then + MODEL=$(cat /etc/hostname | tr '[:upper:]' '[:lower:]' | tr -d ' ' | cut -c1-15) + else + MODEL="container" + fi + SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)") + echo "kawa-${MODEL}-${SUFFIX}" + ;; + nixos) + SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)") + echo "kawa-nixos-${SUFFIX}" + ;; + physical) + MODEL=$(cat /sys/class/dmi/id/product_name 2>/dev/null | tr '[:upper:]' '[:lower:]' | tr -d ' ' | cut -c1-15 || echo "node") + SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)") + echo "kawa-${MODEL}-${SUFFIX}" + ;; + *) + SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)") + echo "kawa-node-${SUFFIX}" + ;; + esac } # Vérifier si déjà connecté @@ -257,21 +103,62 @@ check_existing() { echo "Détection du système..." SYSTEM_TYPE=$(detect_system) echo "Type détecté: $SYSTEM_TYPE" + +HOSTNAME=$(generate_hostname) +echo "Hostname: $HOSTNAME" echo "" -case "$SYSTEM_TYPE" in - nixos) - install_nixos - ;; - debian|redhat|arch|physical) - install_standard "$SYSTEM_TYPE" - ;; - docker|container) - install_standard "container" - ;; - *) - echo "Type de système non reconnu: $SYSTEM_TYPE" - echo "Tentative d'installation standard..." - install_standard "unknown" - ;; -esac +# Vérifier connexion existante +check_existing + +# Installer Tailscale si nécessaire +if ! command -v tailscale &> /dev/null; then + echo "Installation de Tailscale..." + curl -fsSL https://tailscale.com/install.sh | sh +fi + +# Démarrer tailscaled +echo "Démarrage de tailscaled..." +tailscaled 2>/dev/null & +sleep 3 + +# Connexion au mesh +echo "Connexion au mesh KAWA..." + +# Déconnexion préalable si existante +tailscale down 2>/dev/null || true +sleep 1 + +# Tentative de connexion +if tailscale up --login-server="$HEADSCALE_URL" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then + echo "✓ Connecté via $HEADSCALE_URL" +elif tailscale up --login-server="$HEADSCALE_FALLBACK" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then + echo "✓ Connecté via $HEADSCALE_FALLBACK" +else + echo "✗ Échec de connexion" + echo "" + echo "Vérifiez:" + echo " - La connexion réseau" + echo " - Le serveur Headscale est accessible" + echo " - L'authkey est valide" + echo "" + echo "Pour obtenir une nouvelle clé:" + echo " headscale preauthkeys create --user kawa --reusable" + exit 1 +fi + +sleep 2 + +# Afficher les infos +echo "" +echo "🜄 Nœud KAWA configuré!" +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" +echo "Hostname: $HOSTNAME" +echo "IP Mesh: $(tailscale ip 2>/dev/null || echo 'en attente...')" +echo "IPv6: $(tailscale ip -6 2>/dev/null || echo 'en attente...')" +echo "" +echo "Commandes utiles:" +echo " tailscale status # Voir le mesh" +echo " tailscale ip # Voir l'IP" +echo " tailscale ping NODE # Ping un nœud" +echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"