Starbeamrainbowlabs
8a5c83488f
Some checks are pending
continuous-integration/laminar-eldarion Build failed with exit code 123 after 2 seconds
33 lines
1.2 KiB
Bash
Executable file
33 lines
1.2 KiB
Bash
Executable file
#!/usr/bin/env bash
|
|
|
|
#shellcheck disable=SC2034
|
|
wesher_secret="$(ask_password "wesher configuration" "Enter the wesher shared secret:")";
|
|
|
|
#shellcheck disable=SC2034
|
|
wesher_join_ip="$(ask_text "wesher configuration" "Enter an IP of a host in the cluster to join:")";
|
|
|
|
queue_apt_install "wireguard" "wesher" "wesher-systemd";
|
|
|
|
cpu_arch="$(arch | normalise-arch)";
|
|
if [[ "${ID}" == "raspbian" ]]; then
|
|
if [[ "${cpu_arch}" == "armhf" ]] || [[ "${cpu_arch}" == "arm64" ]]; then
|
|
queue_apt_install "raspberrypi-kernel-headers";
|
|
fi
|
|
fi
|
|
|
|
queue_postinstall_step "10-wesher.sh";
|
|
|
|
queue_firewall_rule allow 7946 comment wesher-gossip;
|
|
queue_firewall_rule allow 51820/udp comment wesher-wireguard;
|
|
# Allow all traffic from the VPN; we don't actually know what ports Nomad will use
|
|
queue_firewall_rule allow in on wgoverlay;
|
|
|
|
|
|
# See the Keepass entry in our database for copy-paste commands to join nodes.
|
|
# Basically:
|
|
# sudo wesher --cluster-key CLUSTER_KEY_HERE --join 172.16.230.100 --overlay-net 172.31.250.0/16 --log-level info
|
|
# sudo systemctl enable --now wesher.service
|
|
# sudo systemctl status wesher.service
|
|
#
|
|
# This is all automated now thanks to this script andit's postinstall cousin.
|