#!/usr/bin/env bash # # Silo Host Setup Script # Run this once on silo.kindred.internal to prepare for deployment # # Usage: # sudo ./setup-host.sh # # This script: # 1. Installs required packages (git, go) # 2. Creates the silo system user # 3. Creates required directories # 4. Sets up the environment file template # 5. Clones the repository # 6. Runs initial deployment set -euo pipefail # Colors RED='\033[0;31m' GREEN='\033[0;32m' YELLOW='\033[1;33m' BLUE='\033[0;34m' NC='\033[0m' # Configuration REPO_URL="${SILO_REPO_URL:-https://gitea.kindred.internal/kindred/silo-0062.git}" REPO_BRANCH="${SILO_BRANCH:-main}" INSTALL_DIR="/opt/silo" CONFIG_DIR="/etc/silo" GO_VERSION="1.23.0" log_info() { echo -e "${BLUE}[INFO]${NC} $*"; } log_success() { echo -e "${GREEN}[OK]${NC} $*"; } log_warn() { echo -e "${YELLOW}[WARN]${NC} $*"; } log_error() { echo -e "${RED}[ERROR]${NC} $*" >&2; } die() { log_error "$*"; exit 1; } # Check root if [[ $EUID -ne 0 ]]; then die "This script must be run as root (use sudo)" fi log_info "============================================" log_info "Silo Host Setup" log_info "============================================" echo "" # Detect package manager if command -v apt-get >/dev/null 2>&1; then PKG_MANAGER="apt" elif command -v dnf >/dev/null 2>&1; then PKG_MANAGER="dnf" elif command -v yum >/dev/null 2>&1; then PKG_MANAGER="yum" else die "Unsupported package manager. Install git and go manually." fi log_info "Detected package manager: ${PKG_MANAGER}" # Install dependencies log_info "Installing dependencies..." case ${PKG_MANAGER} in apt) apt-get update -qq apt-get install -y -qq git curl ca-certificates ;; dnf|yum) ${PKG_MANAGER} install -y -q git curl ca-certificates ;; esac log_success "System packages installed" # Install Go if not present or wrong version install_go() { log_info "Installing Go ${GO_VERSION}..." local arch case $(uname -m) in x86_64) arch="amd64" ;; aarch64) arch="arm64" ;; *) die "Unsupported architecture: $(uname -m)" ;; esac local go_tar="go${GO_VERSION}.linux-${arch}.tar.gz" local go_url="https://go.dev/dl/${go_tar}" # Remove existing Go installation rm -rf /usr/local/go # Download and install curl -fsSL "${go_url}" -o "/tmp/${go_tar}" tar -C /usr/local -xzf "/tmp/${go_tar}" rm -f "/tmp/${go_tar}" # Add to PATH for all users cat > /etc/profile.d/go.sh << 'EOF' export PATH=$PATH:/usr/local/go/bin export GOPATH=/opt/go export PATH=$PATH:$GOPATH/bin EOF # Source for current session export PATH=$PATH:/usr/local/go/bin log_success "Go ${GO_VERSION} installed" } if command -v go >/dev/null 2>&1; then current_go=$(go version | grep -oP '\d+\.\d+' | head -1) required_go="1.23" if [[ "$(printf '%s\n' "$required_go" "$current_go" | sort -V | head -n1)" != "$required_go" ]]; then log_warn "Go ${current_go} found, but ${required_go}+ required" install_go else log_success "Go ${current_go} already installed" fi else install_go fi # Ensure Go is in PATH export PATH=$PATH:/usr/local/go/bin # Create silo system user if ! id -u silo >/dev/null 2>&1; then log_info "Creating silo user..." useradd -r -m -d "${INSTALL_DIR}" -s /sbin/nologin -c "Silo Service" silo log_success "Created user: silo" else log_info "User silo already exists" fi # Create directories log_info "Creating directories..." mkdir -p "${INSTALL_DIR}/bin" mkdir -p "${INSTALL_DIR}/src" mkdir -p "${CONFIG_DIR}/schemas" mkdir -p /var/log/silo # Set ownership chown -R silo:silo "${INSTALL_DIR}" chown root:silo "${CONFIG_DIR}" chmod 750 "${CONFIG_DIR}" chown silo:silo /var/log/silo chmod 750 /var/log/silo log_success "Directories created" # Create environment file if it doesn't exist ENV_FILE="${CONFIG_DIR}/silod.env" if [[ ! -f "${ENV_FILE}" ]]; then log_info "Creating environment file..." cat > "${ENV_FILE}" << 'EOF' # Silo daemon environment variables # Fill in the values below # Database credentials (psql.kindred.internal) # Database: silo, User: silo SILO_DB_PASSWORD= # MinIO credentials (minio.kindred.internal) # User: silouser SILO_MINIO_ACCESS_KEY=silouser SILO_MINIO_SECRET_KEY= # Optional overrides # SILO_SERVER_BASE_URL=http://silo.kindred.internal:8080 EOF chmod 600 "${ENV_FILE}" chown root:silo "${ENV_FILE}" log_warn "Created ${ENV_FILE} - YOU MUST EDIT THIS FILE!" else log_info "Environment file already exists" fi # Clone repository log_info "Cloning repository..." # Configure git to trust internal Gitea (self-signed cert) git config --global http.sslVerify false log_warn "Disabled SSL verification for git (internal Gitea uses self-signed cert)" if [[ -d "${INSTALL_DIR}/src/.git" ]]; then log_info "Repository already cloned, pulling latest..." cd "${INSTALL_DIR}/src" git fetch origin git checkout "${REPO_BRANCH}" git reset --hard "origin/${REPO_BRANCH}" else rm -rf "${INSTALL_DIR}/src" git clone --branch "${REPO_BRANCH}" "${REPO_URL}" "${INSTALL_DIR}/src" fi cd "${INSTALL_DIR}/src" log_success "Repository ready at $(git rev-parse --short HEAD)" # Set ownership of source chown -R silo:silo "${INSTALL_DIR}/src" # Summary echo "" log_info "============================================" log_info "Host setup complete!" log_info "============================================" echo "" echo "Next steps:" echo "" echo "1. Edit ${ENV_FILE} and fill in credentials:" echo " sudo nano ${ENV_FILE}" echo "" echo "2. Verify database connectivity:" echo " psql -h psql.kindred.internal -U silo -d silo -c 'SELECT 1'" echo "" echo "3. Verify MinIO connectivity:" echo " curl -I http://minio.kindred.internal:9000/minio/health/live" echo "" echo "4. Run the deployment:" echo " sudo ${INSTALL_DIR}/src/scripts/deploy.sh" echo "" echo "After deployment, manage the service with:" echo " sudo systemctl status silod" echo " sudo systemctl restart silod" echo " sudo journalctl -u silod -f" echo ""