0f7134e49f
- Load from .env if present - Prompt user for authkey if not defined - Better error messages
165 lines
5.2 KiB
Bash
Executable File
165 lines
5.2 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
# KAWA OS - Installation automatique
|
|
# Usage: git clone https://git.du-senegal.com/kawa_bot/kawa.git && cd kawa && ./setup
|
|
|
|
set -e
|
|
|
|
HEADSCALE_URL="https://headscale.du-senegal.com"
|
|
HEADSCALE_FALLBACK="http://141.94.23.212"
|
|
|
|
# Charger les variables depuis .env si présent
|
|
if [ -f ".env" ]; then
|
|
source .env
|
|
fi
|
|
|
|
# Demander la clé si pas définie
|
|
if [ -z "$HEADSCALE_AUTHKEY" ] || [ "$HEADSCALE_AUTHKEY" = "<HEADSCALE_AUTHKEY>" ]; then
|
|
echo ""
|
|
echo "⚠️ HEADSCALE_AUTHKEY non défini!"
|
|
echo ""
|
|
echo "Options:"
|
|
echo " 1. Créer un fichier .env avec:"
|
|
echo " HEADSCALE_AUTHKEY=votre-clé"
|
|
echo ""
|
|
echo " 2. Ou entrer la clé maintenant:"
|
|
read -p "Entrez votre clé Headscale: " HEADSCALE_AUTHKEY
|
|
fi
|
|
|
|
echo "🜄 KAWA OS - Installation"
|
|
echo ""
|
|
|
|
# Détection du type de système
|
|
detect_system() {
|
|
if [ -f /.dockerenv ]; then
|
|
echo "docker"
|
|
elif grep -q "docker\|lxc\|container" /proc/1/cgroup 2>/dev/null; then
|
|
echo "container"
|
|
elif [ -f /etc/NIXOS ]; then
|
|
echo "nixos"
|
|
elif [ -f /etc/debian_version ]; then
|
|
echo "debian"
|
|
elif [ -f /etc/redhat-release ]; then
|
|
echo "redhat"
|
|
elif [ -f /etc/arch-release ]; then
|
|
echo "arch"
|
|
elif [ -f /sys/class/dmi/id/product_name ]; then
|
|
echo "physical"
|
|
else
|
|
echo "unknown"
|
|
fi
|
|
}
|
|
|
|
# Génération du hostname
|
|
generate_hostname() {
|
|
local SYSTEM_TYPE=$(detect_system)
|
|
local MODEL
|
|
local SUFFIX
|
|
|
|
case "$SYSTEM_TYPE" in
|
|
docker|container)
|
|
if [ -f /etc/hostname ]; then
|
|
MODEL=$(cat /etc/hostname | tr '[:upper:]' '[:lower:]' | tr -d ' ' | cut -c1-15)
|
|
else
|
|
MODEL="container"
|
|
fi
|
|
SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")
|
|
echo "kawa-${MODEL}-${SUFFIX}"
|
|
;;
|
|
nixos)
|
|
SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")
|
|
echo "kawa-nixos-${SUFFIX}"
|
|
;;
|
|
physical)
|
|
MODEL=$(cat /sys/class/dmi/id/product_name 2>/dev/null | tr '[:upper:]' '[:lower:]' | tr -d ' ' | cut -c1-15 || echo "node")
|
|
SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")
|
|
echo "kawa-${MODEL}-${SUFFIX}"
|
|
;;
|
|
*)
|
|
SUFFIX=$(head -c 4 /dev/urandom | xxd -p 2>/dev/null || echo "$(date +%s | tail -c 4)")
|
|
echo "kawa-node-${SUFFIX}"
|
|
;;
|
|
esac
|
|
}
|
|
|
|
# Vérifier si déjà connecté
|
|
check_existing() {
|
|
if command -v tailscale &> /dev/null && tailscale status &>/dev/null; then
|
|
local CURRENT_IP=$(tailscale ip 2>/dev/null || echo "")
|
|
if [ -n "$CURRENT_IP" ]; then
|
|
echo "⚠️ Ce nœud est déjà connecté au mesh: $CURRENT_IP"
|
|
echo " Hostname actuel: $(tailscale status | head -1 | awk '{print $2}')"
|
|
echo ""
|
|
read -p "Voulez-vous le reconnecter avec un nouveau nom? (y/N): " confirm
|
|
if [[ ! "$confirm" =~ ^[Yy]$ ]]; then
|
|
echo "Connexion annulée."
|
|
exit 0
|
|
fi
|
|
echo "Reconnexion avec un nouveau hostname..."
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# Programme principal
|
|
echo "Détection du système..."
|
|
SYSTEM_TYPE=$(detect_system)
|
|
echo "Type détecté: $SYSTEM_TYPE"
|
|
|
|
HOSTNAME=$(generate_hostname)
|
|
echo "Hostname: $HOSTNAME"
|
|
echo ""
|
|
|
|
# Vérifier connexion existante
|
|
check_existing
|
|
|
|
# Installer Tailscale si nécessaire
|
|
if ! command -v tailscale &> /dev/null; then
|
|
echo "Installation de Tailscale..."
|
|
curl -fsSL https://tailscale.com/install.sh | sh
|
|
fi
|
|
|
|
# Démarrer tailscaled
|
|
echo "Démarrage de tailscaled..."
|
|
tailscaled 2>/dev/null &
|
|
sleep 3
|
|
|
|
# Connexion au mesh
|
|
echo "Connexion au mesh KAWA..."
|
|
|
|
# Déconnexion préalable si existante
|
|
tailscale down 2>/dev/null || true
|
|
sleep 1
|
|
|
|
# Tentative de connexion
|
|
if tailscale up --login-server="$HEADSCALE_URL" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then
|
|
echo "✓ Connecté via $HEADSCALE_URL"
|
|
elif tailscale up --login-server="$HEADSCALE_FALLBACK" --authkey="$HEADSCALE_AUTHKEY" --hostname="$HOSTNAME" --force-reauth 2>/dev/null; then
|
|
echo "✓ Connecté via $HEADSCALE_FALLBACK"
|
|
else
|
|
echo "✗ Échec de connexion"
|
|
echo ""
|
|
echo "Vérifiez:"
|
|
echo " - La connexion réseau"
|
|
echo " - Le serveur Headscale est accessible"
|
|
echo " - L'authkey est valide"
|
|
echo ""
|
|
echo "Pour obtenir une nouvelle clé:"
|
|
echo " headscale preauthkeys create --user kawa --reusable"
|
|
exit 1
|
|
fi
|
|
|
|
sleep 2
|
|
|
|
# Afficher les infos
|
|
echo ""
|
|
echo "🜄 Nœud KAWA configuré!"
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|
|
echo "Hostname: $HOSTNAME"
|
|
echo "IP Mesh: $(tailscale ip 2>/dev/null || echo 'en attente...')"
|
|
echo "IPv6: $(tailscale ip -6 2>/dev/null || echo 'en attente...')"
|
|
echo ""
|
|
echo "Commandes utiles:"
|
|
echo " tailscale status # Voir le mesh"
|
|
echo " tailscale ip # Voir l'IP"
|
|
echo " tailscale ping NODE # Ping un nœud"
|
|
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"
|