68 lines
1.7 KiB
Bash
Executable file
68 lines
1.7 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
set -euo pipefail
|
|
|
|
##
|
|
# Source Code
|
|
# We store all initial configs in the /srv location
|
|
cd /srv
|
|
# Clone if not yet cloned
|
|
if [ ! -d .git ]; then
|
|
git clone https://code.tjo.space/tjo-cloud/ingress.git .
|
|
else
|
|
git pull
|
|
fi
|
|
|
|
##
|
|
# Metadata
|
|
SERVICE_NAME="ingress.tjo.cloud"
|
|
SERVICE_VERSION="$(git describe --tags --always --dirty)"
|
|
CLOUD_REGION="$(hostname -s)"
|
|
|
|
SERVICE_ACCOUNT_USERNAME=$(jq -r ".service_account.username" /etc/tjo.cloud/meta.json)
|
|
SERVICE_ACCOUNT_PASSWORD=$(jq -r ".service_account.password" /etc/tjo.cloud/meta.json)
|
|
|
|
##
|
|
# Dependencies
|
|
apt update -y
|
|
|
|
apt install -y \
|
|
gpg \
|
|
git \
|
|
nginx \
|
|
nginx-extras \
|
|
libnginx-mod-http-geoip2 \
|
|
libnginx-mod-stream-geoip2
|
|
|
|
# Grafana Alloy
|
|
mkdir -p /etc/apt/keyrings/
|
|
wget -q -O - https://apt.grafana.com/gpg.key | gpg --dearmor | tee /etc/apt/keyrings/grafana.gpg >/dev/null
|
|
echo "deb [signed-by=/etc/apt/keyrings/grafana.gpg] https://apt.grafana.com stable main" | tee /etc/apt/sources.list.d/grafana.list
|
|
apt update -y
|
|
apt install -y alloy
|
|
|
|
##
|
|
# Ensure services are enabled
|
|
systemctl enable --now nginx alloy
|
|
|
|
##
|
|
# Configure Alloy
|
|
cp -r root/etc/alloy/* /etc/alloy/
|
|
cp -r root/etc/default/alloy /etc/default/alloy
|
|
# Set Attributes
|
|
ATTRIBUTES=""
|
|
ATTRIBUTES+="service.name=${SERVICE_NAME},"
|
|
ATTRIBUTES+="service.version=${SERVICE_VERSION},"
|
|
ATTRIBUTES+="cloud.region=${CLOUD_REGION}"
|
|
echo "OTEL_RESOURCE_ATTRIBUTES=${ATTRIBUTES}" >>/etc/default/alloy
|
|
# Set Credentials
|
|
{
|
|
echo "ALLOY_USERNAME=${SERVICE_ACCOUNT_USERNAME}"
|
|
echo "ALLOY_PASSWORD=${SERVICE_ACCOUNT_PASSWORD}"
|
|
} >>/etc/default/alloy
|
|
systemctl reload alloy
|
|
|
|
##
|
|
# Configure NGINX
|
|
cp assets/dbip-city-lite-2023-07.mmdb /var/geoip.mmdb
|
|
cp -r root/etc/nginx/* /etc/nginx/
|
|
systemctl reload nginx
|