kimjunte/juntekim.com
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 13
juntekim.com/github_runner/install/install_arc.sh
Jun-te Kim 571b978634 add to main
2025-12-13 17:01:02 +00:00

81 lines
2 KiB
Bash
Raw Blame History

#!/bin/bash
set -euo pipefail
# ==========================================================
# FIRST SETUP SCRIPT — mist / microk8s
#
# PURPOSE:
# - Bootstrap a fresh machine
# - Install & configure microk8s
# - Enable required core addons
# - Apply cluster-wide RBAC from YAML
#
# RUN:
# - Once on a fresh host
# - Or again after a full microk8s reset
#
# DOES NOT:
# - Deploy apps
# - Deploy databases
# - Contain RBAC logic inline
#
# All ongoing infra changes should be done via:
# - YAML (db/k8s/**)
# - GitHub Actions
# ==========================================================
echo "=== [1/6] Installing microk8s (if needed) ==="
if ! command -v microk8s >/dev/null 2>&1; then
sudo snap install microk8s --classic
else
echo "microk8s already installed"
fi
echo "=== [2/6] Adding current user to microk8s group ==="
sudo usermod -aG microk8s "$USER"
# Required so kubectl works without sudo
sudo chown -f -R "$USER" ~/.kube || true
echo "=== [3/6] Enabling core microk8s addons ==="
# These are the foundations everything else depends on
sudo microk8s enable \
dns \
rbac \
hostpath-storage \
host-access \
metrics-server \
ingress
# Optional: MetalLB (only if you need L2 IPs)
# sudo microk8s enable metallb:192.168.0.200-192.168.0.220
echo "=== [4/6] Waiting for microk8s to be ready ==="
sudo microk8s status --wait-ready
echo "=== [5/6] Writing kubeconfig for local user ==="
mkdir -p ~/.kube
microk8s kubectl config view --raw > ~/.kube/config
chmod 600 ~/.kube/config
echo "=== [6/6] Applying cluster RBAC (infra deployer role) ==="
# IMPORTANT:
# RBAC is fully declarative and lives in YAML.
# Extend permissions by editing the YAML — NOT this script.
microk8s kubectl apply -f db/k8s/rbac/infra-deployer-rbac.yaml
echo
echo "=== Bootstrap complete ==="
echo
echo "You can now:"
echo "- Install ARC (GitHub Actions runners)"
echo "- Deploy Postgres via CI"
echo "- Apply CronJobs, Jobs, and Traefik resources"
echo
echo "This script should NOT be modified for normal infra changes."
Reference in a new issue View git blame Copy permalink