#!/usr/bin/env bash # KAWA OS - Installation automatique # Usage: git clone https://git.du-senegal.com/kawa_bot/kawa.git && cd kawa && ./setup set -e HEADSCALE_URL="https://headscale.du-senegal.com" HEADSCALE_FALLBACK="http://141.94.23.212" HEADSCALE_AUTHKEY="f43f36ef159b3df799eb316b81bdac1b415c7cc2add174d0" # Paramètres NATS NATS_SERVER="100.64.0.1:4222" NATS_CLUSTER="KAWA" NATS_USER="kawa" NATS_PASS="kawa123" # Paramètres Syncthing SYNCTHING_DEVICE_ID="" # Sera généré SYNCTHING_FOLDERS="kawa-memory,kawa-workspace,kawa-forge" SYNCTHING_VPS_ID="AHF53QZ-ZYCQ2K7-556QBZ2-2UAYZL4-QNEQOGZ-PHZQIAG-4ZRXI3P-QLLJNA6" echo "🜄 KAWA OS - Installation" echo "" # Détection du type de système detect_system() { # NixOS if [ -f /etc/NIXOS ]; then echo "nixos" return fi # Debian/Ubuntu if [ -f /etc/debian_version ]; then echo "debian" return fi # Fedora/RHEL if [ -f /etc/redhat-release ]; then echo "redhat" return fi # Arch Linux if [ -f /etc/arch-release ]; then echo "arch" return fi # Docker/Container if [ -f /.dockerenv ]; then echo "docker" return fi # Container générique if grep -q "docker\|lxc\|container" /proc/1/cgroup 2>/dev/null; then echo "container" return fi # Machine physique if [ -f /sys/class/dmi/id/product_name ]; then echo "physical" return fi echo "unknown" } # Installation spécifique NixOS install_nixos() { echo "📦 Installation NixOS détectée" echo "" # Demander le hostname read -p "Hostname pour ce nœud (ex: kawa-node-01): " HOSTNAME_INPUT HOSTNAME="${HOSTNAME_INPUT:-kawa-node-$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")}" # Créer la configuration NixOS echo "Création de la configuration NixOS..." NIXOS_CONFIG="/etc/nixos/kawa-configuration.nix" cat > "$NIXOS_CONFIG" << NIXOS_EOF # KAWA Node - Configuration NixOS # Généré automatiquement par kawa-setup { config, lib, pkgs, ... }: { imports = [ ./hardware-configuration.nix ./kawa.nix ]; # Configuration réseau networking.hostName = "$HOSTNAME"; networking.firewall = { allowedTCPPorts = [ 22 4222 22000 ]; allowedUDPPorts = [ 41641 22000 ]; trustedInterfaces = [ "tailscale0" ]; }; # Tailscale/Headscale services.tailscale = { enable = true; extraUpFlags = [ "--login-server=$HEADSCALE_URL" "--authkey=$HEADSCALE_AUTHKEY" "--hostname=$HOSTNAME" "--force-reauth" ]; }; # NATS Client services.nats = { enable = true; server = "$NATS_SERVER"; }; # Syncthing services.syncthing = { enable = true; user = "kawa"; group = "kawa"; config = { devices = { "vps-7ed4abb0" = { id = "$SYNCTHING_VPS_ID"; }; }; folders = { "kawa-memory" = { path = "/home/kawa/.local/share/kawa/memory"; devices = [ "vps-7ed4abb0" ]; }; "kawa-workspace" = { path = "/home/kawa/.local/share/kawa/workspace"; devices = [ "vps-7ed4abb0" ]; }; "kawa-forge" = { path = "/home/kawa/.local/share/kawa/forge"; devices = [ "vps-7ed4abb0" ]; }; }; }; }; # Utilisateur KAWA users.users.kawa = { isNormalUser = true; extraGroups = [ "wheel" "networkmanager" "tailscale" "syncthing" ]; }; # Packages système environment.systemPackages = with pkgs; [ tailscale natscli syncthing git curl wget htop ]; } NIXOS_EOF # Copier le module kawa.nix cp ./nixos/kawa.nix /etc/nixos/ 2>/dev/null || true echo "" echo "✓ Configuration NixOS créée: $NIXOS_CONFIG" echo "" echo "Pour appliquer:" echo " sudo nixos-rebuild switch" echo "" echo "Ou ajouter à votre configuration existante:" echo " imports = [ ./kawa.nix ];" echo " services.kawa.enable = true;" return 0 } # Installation standard (Debian/Ubuntu/Fedora/etc.) install_standard() { echo "📦 Installation standard ($1)" HOSTNAME="${2:-kawa-$SYSTEM_TYPE-$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")}" echo "Hostname: $HOSTNAME" echo "" # Vérifier connexion existante check_existing # Installer Tailscale si nécessaire if ! command -v tailscale &> /dev/null; then echo "Installation de Tailscale..." curl -fsSL https://tailscale.com/install.sh | sh fi # Démarrer tailscaled echo "Démarrage de tailscaled..." tailscaled 2>/dev/null & sleep 3 # Connexion au mesh echo "Connexion au mesh KAWA..." tailscale down 2>/dev/null || true sleep 1 if tailscale up --login-server="$HEADSCALE_URL" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then echo "✓ Connecté via $HEADSCALE_URL" elif tailscale up --login-server="$HEADSCALE_FALLBACK" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then echo "✓ Connecté via $HEADSCALE_FALLBACK" else echo "✗ Échec de connexion" exit 1 fi sleep 2 # Afficher les infos echo "" echo "🜄 Nœud KAWA configuré!" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "Hostname: $HOSTNAME" echo "IP Mesh: $(tailscale ip 2>/dev/null || echo 'en attente...')" echo "NATS: $NATS_SERVER" echo "" echo "Commandes utiles:" echo " tailscale status # Voir le mesh" echo " tailscale ip # Voir l'IP" echo " tailscale ping NODE # Ping un nœud" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" } # Vérifier si déjà connecté check_existing() { if command -v tailscale &> /dev/null && tailscale status &>/dev/null; then local CURRENT_IP=$(tailscale ip 2>/dev/null || echo "") if [ -n "$CURRENT_IP" ]; then echo "⚠️ Ce nœud est déjà connecté au mesh: $CURRENT_IP" echo " Hostname actuel: $(tailscale status | head -1 | awk '{print $2}')" echo "" read -p "Voulez-vous le reconnecter avec un nouveau nom? (y/N): " confirm if [[ ! "$confirm" =~ ^[Yy]$ ]]; then echo "Connexion annulée." exit 0 fi echo "Reconnexion avec un nouveau hostname..." fi fi } # Programme principal echo "Détection du système..." SYSTEM_TYPE=$(detect_system) echo "Type détecté: $SYSTEM_TYPE" echo "" case "$SYSTEM_TYPE" in nixos) install_nixos ;; debian|redhat|arch|physical) install_standard "$SYSTEM_TYPE" ;; docker|container) install_standard "container" ;; *) echo "Type de système non reconnu: $SYSTEM_TYPE" echo "Tentative d'installation standard..." install_standard "unknown" ;; esac