#!/bin/bash set -eo pipefail hasunset=0 if [ "$UID" != "0" ]; then echo "This script must be run in root." exit 2 fi if ! command -v "ssh-keygen"; then echo "ssh-keygen is required for guest setup." exit 1 fi PATH="$PWD/scripts:$PATH" if [[ "$CLOUD_CONFIG_REPO" -eq "" ]]; then echo "CLOUD_CONFIG_REPO is not set." CLOUD_CONFIG_REPO="https://git.sfclub.cc/cloud/bearnet" hasunset=1 fi if [[ "$CLOUD_CONFIG_REVISION" -eq "" ]]; then echo "CLOUD_CONFIG_REVISION is not set." CLOUD_CONFIG_REVISION="wish" hasunset=1 fi if [[ "$CLOUD_GATEWAY_ADDRESS" -eq "" ]]; then echo "CLOUD_GATEWAY_ADDRESS is not set." CLOUD_GATEWAY_ADDRESS="10.0.0.119" hasunset=1 fi if [[ "$hasunset" -ne 0 ]]; then echo "" echo "Default values will be used for unset environments:" echo "" set | grep -E "^CLOUD_" fi IMAGE_TAG=$(git rev-parse --short HEAD) IMAGE_NAME=${IMAGE_NAME:-bearcloud} echo "Image tag: $IMAGE_NAME:$IMAGE_TAG and $IMAGE_NAME:latest" echo "Additional arguments for VM image: $VM_OPTS" echo "Additional arguments for Hypervisor Image: $HY_OPTS" echo "Missing secret files like ssh host key will be automatically created." echo "Continue?" read declare -A PRIVATE_KEYS=(["ssh_host_ecdsa_key"]="ecdsa" ["ssh_host_ed25519_key"]="ed25519" ["ssh_host_rsa_key"]="rsa") for item in "${!PRIVATE_KEYS[@]}"; do subject="secret/$item" if [[ ! -f $subject ]]; then echo "Creating missing secret $subject" ssh-keygen -t "${PRIVATE_KEYS[$item]}" -f "$subject" \ -C "automatically generated bearcloud ssh key" \ -N "" ssh-keygen -y -f "$subject" > "${subject}_pub" fi done BUILDERS=$(docker buildx ls) if ! (echo $BUILDERS | grep -q "bearcloud"); then docker buildx create --name bearcloud --buildkitd-flags '--allow-insecure-entitlement security.insecure' fi echo "BUILDING VM DISK IMAGE" docker build \ --builder bearcloud \ --allow security.insecure \ -f vm.Dockerfile \ --build-context host-modules=/lib/modules \ --target export \ --output type=local,dest=./data \ $VM_OPTS . fallocate -d ./data/vm.raw echo "BUILDING HYPERVISOR IMAGE" docker build -t "$IMAGE_NAME:$IMAGE_TAG" -t "$IMAGE_NAME:latest" \ -f hypervisor.Dockerfile $HY_OPTS .