deploy using openfront user instead of root

This commit is contained in:
Evan
2025-04-17 14:00:25 -07:00
parent 99a273b2ed
commit 50ced5b029
4 changed files with 103 additions and 52 deletions
+68 -25
View File
@@ -1,37 +1,80 @@
#!/bin/bash
# Comprehensive setup script for Hetzner server with Docker and Cloudflare R2 configuration
# Comprehensive setup script for Hetzner server with Docker and user setup
# Exit on error
set -e
echo "====================================================="
echo "🚀 STARTING SERVER SETUP"
echo "====================================================="
echo "🔄 Updating system..."
apt update && apt upgrade -y
echo "🐳 Installing Docker..."
# Install Docker using official script
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
systemctl enable --now docker
# Check if Docker is already installed
if command -v docker &> /dev/null; then
echo "Docker is already installed"
else
echo "🐳 Installing Docker..."
# Install Docker using official script
curl -fsSL https://get.docker.com -o get-docker.sh
sh get-docker.sh
systemctl enable --now docker
echo "Docker installed successfully"
fi
# Set up Docker Hub credentials
echo "🔐 Setting up Docker Hub login..."
echo "Enter your Docker Hub username:"
read DOCKER_USERNAME
echo "Enter your Docker Hub password/token:"
read -s DOCKER_PASSWORD
echo $DOCKER_PASSWORD | docker login -u $DOCKER_USERNAME --password-stdin
echo "✅ Docker Hub login configured"
echo "👤 Setting up openfront user..."
# Create openfront user if it doesn't exist
if id "openfront" &>/dev/null; then
echo "User openfront already exists"
else
useradd -m -s /bin/bash openfront
echo "User openfront created"
fi
echo "🔄 Installing Node Exporter..."
# Check if openfront is already in docker group
if groups openfront | grep -q '\bdocker\b'; then
echo "User openfront is already in the docker group"
else
# Add openfront to docker group
usermod -aG docker openfront
echo "Added openfront to docker group"
fi
docker run -d --name node-exporter --restart=unless-stopped \
--net="host" \
--pid="host" \
-v "/:/host:ro,rslave" \
prom/node-exporter:latest \
--path.rootfs=/host
# Create .ssh directory for openfront if it doesn't exist
if [ ! -d "/home/openfront/.ssh" ]; then
mkdir -p /home/openfront/.ssh
chmod 700 /home/openfront/.ssh
echo "Created .ssh directory for openfront"
fi
echo "node-exporter installed"
# Copy SSH keys from root if they exist and haven't been copied yet
if [ -f /root/.ssh/authorized_keys ] && [ ! -f /home/openfront/.ssh/authorized_keys ]; then
cp /root/.ssh/authorized_keys /home/openfront/.ssh/
chmod 600 /home/openfront/.ssh/authorized_keys
echo "SSH keys copied from root to openfront"
fi
echo "🎉 Setup complete! You can find helpful Docker and R2 commands in ~/docker-commands.sh"
echo "Test your R2 connection: aws s3 ls --profile r2"
# Check if node-exporter container already exists
if docker ps -a | grep -q "node-exporter"; then
echo "Node Exporter is already installed"
else
echo "🔄 Installing Node Exporter..."
docker run -d --name node-exporter --restart=unless-stopped \
--net="host" \
--pid="host" \
-v "/:/host:ro,rslave" \
prom/node-exporter:latest \
--path.rootfs=/host
echo "Node Exporter installed successfully"
fi
# Set proper ownership for openfront's home directory
chown -R openfront:openfront /home/openfront
echo "Set proper ownership for openfront's home directory"
echo "====================================================="
echo "🎉 SETUP COMPLETE!"
echo "====================================================="
echo "The openfront user has been set up and has Docker permissions."
echo "You can now deploy using the openfront user."
echo "====================================================="