pdcastro/provision_local_machine.sh

## provision_local_machine.sh
#!/usr/bin/env bash

# Provision an Ubuntu or similar system as an openBalena "local machine"
# Tested with Ubuntu 20.04 LTS

set -eo pipefail # quit this script on errors

CERT_PATH="/usr/local/share/ca-certificates/openbalena.crt"
INSTALL_DIR="/opt"
CLI_BIN_PATH="/usr/local/bin/balena"
CLI_DIR="${INSTALL_DIR}/balena-cli"
CLI_CONFIG=~/.balenarc.yml

if [ `whoami` != root ]; then
  echo "This script must be executed as the root user (e.g. using 'sudo'). Aborting."
  exit 1
fi

if [ -z "${OB_DOMAIN}" ]; then
   echo 'OB_DOMAIN not set. Aborting.'
   exit 1
fi

if [[ "${OB_DOMAIN}" = *.local ]]; then
  cat <<EOF
Using a '.local' domain name (${OB_DOMAIN}) for openBalena is known to cause
name resolution problems on some systems. Also, some balena CLI commands treat
'.local' hostnames as an indicator of a local device. For these reasons, this
script will insist that a different domain name is used. For testing purposes,
it may not have to be a real domain name though. You could try a dummy domain
name like 'open.balena'.
Aborting.
EOF
  exit 1
fi

if [ -z "${OB_SERVER_IP}" ]; then
  cat <<EOF
OB_SERVER_IP environment variable must be set. If you have setup proper CNAME
records, please set this variable to 'skip'. Otherwise, set it to the IP address
of the openBalena server, and this script will update '/etc/hosts' for local name
resolution on this machine.
EOF
  exit 1
fi

if [ ! -r "${CERT_PATH}" ]; then
  cat <<EOF
'${CERT_PATH}' file not found or not readable. Aborting.
Please copy and rename the openBalena server's 'ca.crt' file to that location.
Hint: on the openBalena server, the file is typically found at:
'/home/balena/open-balena/config/certs/root/ca.crt'
EOF
   exit 1
fi

echo
echo "Installing dependencies..."
apt-get update && apt-get install -qy curl unzip docker.io

echo
if [ -z "${SUDO_USER}" ]; then
  echo "SUDO_USER env var not set: skipping adding user to docker group"
else
  echo "Adding current user '${SUDO_USER}' to 'docker' and 'sudo' groups..."
  usermod -aG sudo "${SUDO_USER}"
  usermod -aG docker "${SUDO_USER}"
fi

echo
echo "Installing the balena CLI to ${CLI_DIR}..."
mkdir -p "${INSTALL_DIR}"
cd "${INSTALL_DIR}"

CLI_VERSION=$(curl -sSL https://github.com/balena-io/balena-cli/releases/latest | sed -En 's/.*balena-cli-(v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-linux-x64-standalone\.zip.*/\1/p' | head -1)
CLI_ZIP_FILE="balena-cli-${CLI_VERSION}-linux-x64-standalone.zip"

echo
echo "Downloading CLI version ${CLI_VERSION}..."

if [ ! -e "${CLI_ZIP_FILE}" ]; then
  curl -LO "https://github.com/balena-io/balena-cli/releases/download/${CLI_VERSION}/${CLI_ZIP_FILE}"
fi
unzip -o "${CLI_ZIP_FILE}"

rm -f "${CLI_BIN_PATH}"
cat >"${CLI_BIN_PATH}" <<EOF
#!/usr/bin/env sh
export NODE_EXTRA_CA_CERTS=\${NODE_EXTRA_CA_CERTS:-"${CERT_PATH}"}
"${CLI_DIR}"/balena "\$@"
EOF
chmod +x "${CLI_BIN_PATH}"

echo
if [ -e "${CLI_CONFIG}" ]; then
  echo "'${CLI_CONFIG}' exists - leaving it alone"
else
  echo "Setting balenaUrl to '${OB_DOMAIN}' in '${CLI_CONFIG}'"
  echo "balenaUrl: '${OB_DOMAIN}'" > "${CLI_CONFIG}"
fi

echo
echo "Updating certificates..."
echo "Using '${CERT_PATH}' as the openBalena CA certificate"
chmod +r "${CERT_PATH}"
update-ca-certificates

echo
echo "Restarting Docker to take new certificates into account..."
systemctl restart docker

if [ -n "${OB_SERVER_IP}" -a "${OB_SERVER_IP}" != "skip" ]; then
  echo
  echo "Updating /etc/hosts..."
  cat <<EOF
Please note that this script is not yet smart enough to update existing
entries in '/etc/hosts', and will simply append new entries at the bottom.
You may need to tidy it up manually - sorry!
EOF
  cat >>/etc/hosts <<EOF
${OB_SERVER_IP}  api.open.balena
${OB_SERVER_IP}  registry.open.balena
${OB_SERVER_IP}  s3.open.balena
${OB_SERVER_IP}  tunnel.open.balena
${OB_SERVER_IP}  vpn.open.balena
EOF
fi

echo
echo "All done!"

## provision_server.sh
#!/usr/bin/env bash

# Provision an Ubuntu or similar system as an openBalena server
# Tested with Ubuntu 20.04 LTS

set -eo pipefail # quit this script on errors

DOCKER_COMPOSE="/usr/local/bin/docker-compose"

if [[ -z "${OB_EMAIL}" || -z "${OB_PASSWORD}" || -z "${OB_DOMAIN}" ]]; then
   echo 'OB_EMAIL, OB_PASSWORD or OB_DOMAIN env vars not set. Aborting.'
   exit 1
fi

if [[ "${OB_DOMAIN}" = *.local ]]; then
  cat <<EOF
Using a '.local' domain name (${OB_DOMAIN}) for openBalena is known to cause
name resolution problems on some systems. Also, some balena CLI commands treat
'.local' hostnames as an indicator of a local device. For these reasons, this
script will insist that a different domain name is used. For testing purposes,
it may not have to be a real domain name though. You could try a dummy domain
name like 'open.balena'.
Aborting.
EOF
  exit 1
fi

if [ `whoami` != root ]; then
  echo "This script must be executed as the root user (e.g. using 'sudo'). Aborting."
  exit 1
fi

echo
echo "Installing dependencies..."
apt-get update && apt-get install -qy build-essential git docker.io libssl-dev nodejs

if [[ ! -e "${DOCKER_COMPOSE}" ]]; then
  curl -L https://github.com/docker/compose/releases/download/1.27.4/docker-compose-Linux-x86_64 -o "${DOCKER_COMPOSE}"
  chmod +x "${DOCKER_COMPOSE}"
fi

echo
echo "Starting Docker..."
systemctl start docker

echo
echo "Creating 'balena' user account..."
adduser --disabled-password --gecos "" balena || true
usermod -aG sudo balena
usermod -aG docker balena

echo
echo "Installing openBalena..."
cd /home/balena
sudo -u balena git clone https://github.com/balena-io/open-balena.git
cd /home/balena/open-balena
sudo -u balena /home/balena/open-balena/scripts/quickstart -U "${OB_EMAIL}" -P "${OB_PASSWORD}" -d "${OB_DOMAIN}"

echo 'All done. To start openBalena, run:'
echo 'sudo su - balena'
echo '/home/balena/open-balena/scripts/compose up -d'
	#!/usr/bin/env bash

	# Provision an Ubuntu or similar system as an openBalena "local machine"
	# Tested with Ubuntu 20.04 LTS

	set -eo pipefail # quit this script on errors

	CERT_PATH="/usr/local/share/ca-certificates/openbalena.crt"
	INSTALL_DIR="/opt"
	CLI_BIN_PATH="/usr/local/bin/balena"
	CLI_DIR="${INSTALL_DIR}/balena-cli"
	CLI_CONFIG=~/.balenarc.yml

	if [ `whoami` != root ]; then
	echo "This script must be executed as the root user (e.g. using 'sudo'). Aborting."
	exit 1
	fi

	if [ -z "${OB_DOMAIN}" ]; then
	echo 'OB_DOMAIN not set. Aborting.'
	exit 1
	fi

	if [[ "${OB_DOMAIN}" = *.local ]]; then
	cat <<EOF
	Using a '.local' domain name (${OB_DOMAIN}) for openBalena is known to cause
	name resolution problems on some systems. Also, some balena CLI commands treat
	'.local' hostnames as an indicator of a local device. For these reasons, this
	script will insist that a different domain name is used. For testing purposes,
	it may not have to be a real domain name though. You could try a dummy domain
	name like 'open.balena'.
	Aborting.
	EOF
	exit 1
	fi

	if [ -z "${OB_SERVER_IP}" ]; then
	cat <<EOF
	OB_SERVER_IP environment variable must be set. If you have setup proper CNAME
	records, please set this variable to 'skip'. Otherwise, set it to the IP address
	of the openBalena server, and this script will update '/etc/hosts' for local name
	resolution on this machine.
	EOF
	exit 1
	fi

	if [ ! -r "${CERT_PATH}" ]; then
	cat <<EOF
	'${CERT_PATH}' file not found or not readable. Aborting.
	Please copy and rename the openBalena server's 'ca.crt' file to that location.
	Hint: on the openBalena server, the file is typically found at:
	'/home/balena/open-balena/config/certs/root/ca.crt'
	EOF
	exit 1
	fi

	echo
	echo "Installing dependencies..."
	apt-get update && apt-get install -qy curl unzip docker.io

	echo
	if [ -z "${SUDO_USER}" ]; then
	echo "SUDO_USER env var not set: skipping adding user to docker group"
	else
	echo "Adding current user '${SUDO_USER}' to 'docker' and 'sudo' groups..."
	usermod -aG sudo "${SUDO_USER}"
	usermod -aG docker "${SUDO_USER}"
	fi

	echo
	echo "Installing the balena CLI to ${CLI_DIR}..."
	mkdir -p "${INSTALL_DIR}"
	cd "${INSTALL_DIR}"

	CLI_VERSION=$(curl -sSL https://github.com/balena-io/balena-cli/releases/latest \| sed -En 's/.balena-cli-(v[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})-linux-x64-standalone\.zip./\1/p' \| head -1)
	CLI_ZIP_FILE="balena-cli-${CLI_VERSION}-linux-x64-standalone.zip"

	echo
	echo "Downloading CLI version ${CLI_VERSION}..."

	if [ ! -e "${CLI_ZIP_FILE}" ]; then
	curl -LO "https://github.com/balena-io/balena-cli/releases/download/${CLI_VERSION}/${CLI_ZIP_FILE}"
	fi
	unzip -o "${CLI_ZIP_FILE}"

	rm -f "${CLI_BIN_PATH}"
	cat >"${CLI_BIN_PATH}" <<EOF
	#!/usr/bin/env sh
	export NODE_EXTRA_CA_CERTS=\${NODE_EXTRA_CA_CERTS:-"${CERT_PATH}"}
	"${CLI_DIR}"/balena "\$@"
	EOF
	chmod +x "${CLI_BIN_PATH}"

	echo
	if [ -e "${CLI_CONFIG}" ]; then
	echo "'${CLI_CONFIG}' exists - leaving it alone"
	else
	echo "Setting balenaUrl to '${OB_DOMAIN}' in '${CLI_CONFIG}'"
	echo "balenaUrl: '${OB_DOMAIN}'" > "${CLI_CONFIG}"
	fi

	echo
	echo "Updating certificates..."
	echo "Using '${CERT_PATH}' as the openBalena CA certificate"
	chmod +r "${CERT_PATH}"
	update-ca-certificates

	echo
	echo "Restarting Docker to take new certificates into account..."
	systemctl restart docker

	if [ -n "${OB_SERVER_IP}" -a "${OB_SERVER_IP}" != "skip" ]; then
	echo
	echo "Updating /etc/hosts..."
	cat <<EOF
	Please note that this script is not yet smart enough to update existing
	entries in '/etc/hosts', and will simply append new entries at the bottom.
	You may need to tidy it up manually - sorry!
	EOF
	cat >>/etc/hosts <<EOF
	${OB_SERVER_IP} api.open.balena
	${OB_SERVER_IP} registry.open.balena
	${OB_SERVER_IP} s3.open.balena
	${OB_SERVER_IP} tunnel.open.balena
	${OB_SERVER_IP} vpn.open.balena
	EOF
	fi

	echo
	echo "All done!"