chore: move bootstrap script to xworkspace-console repo
This commit is contained in:
Haitao Pan
parent
604132e604
commit
cc41ff61db
@ -1,119 +0,0 @@
|
|||||||
#!/usr/bin/env bash
|
|
||||||
set -e
|
|
||||||
|
|
||||||
# ==============================================================================
|
|
||||||
# AI Workspace All-in-One Bootstrap Script
|
|
||||||
# ==============================================================================
|
|
||||||
# Usage:
|
|
||||||
# curl -sfL https://raw.githubusercontent.com/ai-workspace-infra/playbooks/main/setup-ai-workspace-all-in-one.sh | bash -
|
|
||||||
#
|
|
||||||
# Supported Environment Variables:
|
|
||||||
# AI_WORKSPACE_SECURITY_LEVEL
|
|
||||||
# LITELLM_API_CADDY_STRICT_WHITELIST
|
|
||||||
# XWORKSPACE_CONSOLE_PUBLIC_ACCESS
|
|
||||||
# XWORKMATE_BRIDGE_PUBLIC_ACCESS
|
|
||||||
# GATEWAY_OPENCLAW_PUBLIC_ACCESS
|
|
||||||
# VAULT_PUBLIC_ACCESS
|
|
||||||
# XWORKSPACE_CONSOLE_ENABLE_XRDP
|
|
||||||
# VAULT_PASS (Will be securely passed as vault password if set)
|
|
||||||
# ==============================================================================
|
|
||||||
|
|
||||||
REPO_URL=${REPO_URL:-"https://github.com/ai-workspace-infra/playbooks.git"}
|
|
||||||
BRANCH=${BRANCH:-"main"}
|
|
||||||
TARGET_DIR="/tmp/ai-workspace-deploy"
|
|
||||||
|
|
||||||
# Function: Output messages
|
|
||||||
info() {
|
|
||||||
echo -e "\033[1;34m[INFO]\033[0m $*"
|
|
||||||
}
|
|
||||||
success() {
|
|
||||||
echo -e "\033[1;32m[SUCCESS]\033[0m $*"
|
|
||||||
}
|
|
||||||
error() {
|
|
||||||
echo -e "\033[1;31m[ERROR]\033[0m $*" >&2
|
|
||||||
exit 1
|
|
||||||
}
|
|
||||||
|
|
||||||
info "Starting AI Workspace All-in-One Bootstrap..."
|
|
||||||
|
|
||||||
# 1. Install prerequisites (git, curl, ansible) if missing
|
|
||||||
if ! command -v ansible-playbook >/dev/null 2>&1 || ! command -v git >/dev/null 2>&1; then
|
|
||||||
info "Installing required dependencies (git, ansible)..."
|
|
||||||
if [ -f /etc/debian_version ]; then
|
|
||||||
sudo apt-get update -y
|
|
||||||
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y git curl software-properties-common
|
|
||||||
sudo apt-add-repository --yes --update ppa:ansible/ansible
|
|
||||||
sudo DEBIAN_FRONTEND=noninteractive apt-get install -y ansible
|
|
||||||
elif [ -f /etc/redhat-release ]; then
|
|
||||||
sudo yum install -y epel-release
|
|
||||||
sudo yum install -y git curl ansible
|
|
||||||
else
|
|
||||||
error "Unsupported OS. Please install git and ansible manually."
|
|
||||||
fi
|
|
||||||
success "Dependencies installed."
|
|
||||||
fi
|
|
||||||
|
|
||||||
# 2. Clone Repository
|
|
||||||
if [ -d "$TARGET_DIR" ]; then
|
|
||||||
info "Updating existing repository in $TARGET_DIR..."
|
|
||||||
cd "$TARGET_DIR"
|
|
||||||
git fetch origin
|
|
||||||
git reset --hard origin/"$BRANCH"
|
|
||||||
else
|
|
||||||
info "Cloning playbooks repository to $TARGET_DIR..."
|
|
||||||
git clone -b "$BRANCH" "$REPO_URL" "$TARGET_DIR"
|
|
||||||
cd "$TARGET_DIR"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# 3. Construct Ansible variables from Environment Variables
|
|
||||||
ANSIBLE_EXTRA_VARS=""
|
|
||||||
|
|
||||||
# Helper function to append to extra vars if set
|
|
||||||
append_var() {
|
|
||||||
local env_name=$1
|
|
||||||
local ansible_var=$2
|
|
||||||
local val="${!env_name}"
|
|
||||||
if [ -n "$val" ]; then
|
|
||||||
info "Applying parameter: $ansible_var = $val"
|
|
||||||
ANSIBLE_EXTRA_VARS="$ANSIBLE_EXTRA_VARS -e \"$ansible_var=$val\""
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
append_var "AI_WORKSPACE_SECURITY_LEVEL" "ai_workspace_security_level"
|
|
||||||
append_var "LITELLM_API_CADDY_STRICT_WHITELIST" "litellm_api_caddy_strict_whitelist"
|
|
||||||
append_var "XWORKSPACE_CONSOLE_PUBLIC_ACCESS" "xworkspace_console_public_access"
|
|
||||||
append_var "XWORKMATE_BRIDGE_PUBLIC_ACCESS" "xworkmate_bridge_public_access"
|
|
||||||
append_var "GATEWAY_OPENCLAW_PUBLIC_ACCESS" "gateway_openclaw_public_access"
|
|
||||||
append_var "VAULT_PUBLIC_ACCESS" "vault_public_access"
|
|
||||||
append_var "XWORKSPACE_CONSOLE_ENABLE_XRDP" "xworkspace_console_enable_xrdp"
|
|
||||||
|
|
||||||
# 4. Handle Vault Password (Auth Token)
|
|
||||||
# If DEPLOY_TOKEN is provided, use it. Otherwise, generate a random one or reuse existing.
|
|
||||||
VAULT_FILE="$HOME/.vault_password"
|
|
||||||
|
|
||||||
if [ -n "$DEPLOY_TOKEN" ]; then
|
|
||||||
echo "$DEPLOY_TOKEN" > "$VAULT_FILE"
|
|
||||||
info "Using provided DEPLOY_TOKEN as the Vault password."
|
|
||||||
elif [ -f "$VAULT_FILE" ]; then
|
|
||||||
info "Found existing Vault password at $VAULT_FILE, reusing it."
|
|
||||||
else
|
|
||||||
info "No DEPLOY_TOKEN provided and no existing vault password found. Generating a secure random token..."
|
|
||||||
# Generate a random 32-character token
|
|
||||||
openssl rand -base64 32 > "$VAULT_FILE"
|
|
||||||
info "Generated new Vault password and saved to $VAULT_FILE"
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Ensure correct permissions for the vault file
|
|
||||||
chmod 600 "$VAULT_FILE"
|
|
||||||
VAULT_OPT="--vault-password-file $VAULT_FILE"
|
|
||||||
|
|
||||||
# 5. Run Ansible Playbook locally
|
|
||||||
info "Running Ansible Playbook locally..."
|
|
||||||
eval "ansible-playbook -i '127.0.0.1,' -c local setup-ai-workspace-all-in-one.yml $VAULT_OPT $ANSIBLE_EXTRA_VARS"
|
|
||||||
RET=$?
|
|
||||||
|
|
||||||
if [ $RET -eq 0 ]; then
|
|
||||||
success "AI Workspace deployed successfully!"
|
|
||||||
else
|
|
||||||
error "Deployment failed with exit code $RET."
|
|
||||||
fi
|
|
||||||
Loading…
Reference in New Issue
Block a user