privacy-in-design/gitea-migration
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: add runner conversion scripts and strengthen cutover automation

Browse Source
This commit is contained in:
S
2026-03-04 13:32:06 -06:00
parent e624885bb9
commit c2087d5087
43 changed files with 6995 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
setup/pi-monitoring/bootstrap_pi.sh
View File

@@ -5,7 +5,7 @@ SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)"
# shellcheck source=./lib.sh
source "$SCRIPT_DIR/lib.sh"
TIMEZONE="America/New_York"
TIMEZONE="America/Chicago"
SSH_PORT="22"
AUTO_YES=false
ENABLE_UFW=true
@@ -17,14 +17,14 @@ Usage: $(basename "$0") [options]
Prepare a brand-new Raspberry Pi OS host for monitoring stack workloads.
Options:
--timezone=ZONE Set system timezone (default: America/New_York)
--timezone=ZONE Set system timezone (default: America/Chicago)
--ssh-port=PORT SSH port allowed by firewall (default: 22)
--skip-firewall Skip UFW configuration
--yes, -y Non-interactive; skip confirmation prompts
--help, -h Show help
Example:
$(basename "$0") --timezone=America/New_York --yes
$(basename "$0") --timezone=America/Chicago --yes
USAGE
}
@@ -39,6 +39,19 @@ for arg in "$@"; do
esac
done
# Validate --ssh-port (must be 1-65535) before we risk enabling UFW with a bad rule
if ! [[ "$SSH_PORT" =~ ^[0-9]+$ ]] || [[ "$SSH_PORT" -lt 1 ]] || [[ "$SSH_PORT" -gt 65535 ]]; then
log_error "--ssh-port must be a number between 1 and 65535 (got: '$SSH_PORT')"
exit 1
fi
# Validate --timezone against timedatectl's known list
if ! timedatectl list-timezones 2>/dev/null | grep -qx "$TIMEZONE"; then
log_error "Unknown timezone: '$TIMEZONE'"
log_error "Run 'timedatectl list-timezones' for valid options"
exit 1
fi
require_cmd sudo apt systemctl timedatectl curl
if ! confirm_action "This will install/update OS packages and Docker on this Pi. Continue?" "$AUTO_YES"; then
@@ -85,6 +98,10 @@ sudo systemctl enable --now docker
log_info "Configuring Docker daemon defaults..."
sudo mkdir -p /etc/docker
if [[ -f /etc/docker/daemon.json ]]; then
sudo cp /etc/docker/daemon.json /etc/docker/daemon.json.bak
log_info "Backed up existing daemon.json to daemon.json.bak"
fi
sudo tee /etc/docker/daemon.json >/dev/null <<'JSON'
{
"log-driver": "json-file",
@@ -119,5 +136,5 @@ fi
log_success "Bootstrap complete"
log_info "Recommended next steps:"
log_info "1) Re-login to apply docker group membership"
log_info "2) Run setup/pi-monitoring/mount_ssd.sh"
log_info "2) (Optional) Run setup/pi-monitoring/mount_ssd.sh if you have an SSD"
log_info "3) Copy stack.env.example to stack.env and run deploy_stack.sh"