#!/bin/bash # One-time server setup: create app directory and GitLab deploy key. # Run as root on a fresh server before deploying. # # Usage: # bash infra/setup_server.sh set -euo pipefail APP_DIR="/opt/padelnomics" KEY_PATH="$HOME/.ssh/padelnomics_deploy" # Create app directory mkdir -p "$APP_DIR" echo "Created $APP_DIR" # Generate deploy key if not already present if [ ! -f "$KEY_PATH" ]; then mkdir -p "$HOME/.ssh" ssh-keygen -t ed25519 -f "$KEY_PATH" -N "" -C "padelnomics-server" chmod 700 "$HOME/.ssh" chmod 600 "$KEY_PATH" chmod 644 "$KEY_PATH.pub" # Configure SSH to use this key for gitlab.com if ! grep -q "# padelnomics" "$HOME/.ssh/config" 2>/dev/null; then cat >> "$HOME/.ssh/config" </dev/null; then echo "Installing rclone..." curl -fsSL https://rclone.org/install.sh | sudo bash echo "Installed rclone $(rclone version --check | head -1)" else echo "rclone already installed, skipping" fi # Create landing data directory mkdir -p /data/padelnomics/landing echo "Created /data/padelnomics/landing" # Install and enable landing backup timer cp "$APP_DIR/infra/landing-backup/padelnomics-landing-backup.service" /etc/systemd/system/ cp "$APP_DIR/infra/landing-backup/padelnomics-landing-backup.timer" /etc/systemd/system/ systemctl daemon-reload systemctl enable --now padelnomics-landing-backup.timer echo "Enabled landing backup timer (every 30 min)" # Install and enable supervisor service cp "$APP_DIR/infra/supervisor/padelnomics-supervisor.service" /etc/systemd/system/ systemctl daemon-reload systemctl enable --now padelnomics-supervisor.service echo "Enabled supervisor service" echo "" echo "=== Next steps ===" echo "1. Add this deploy key to GitLab (Settings → Repository → Deploy Keys, read-only):" echo "" cat "$KEY_PATH.pub" echo "" echo "2. Clone the repo:" echo " git clone git@gitlab.com:YOUR_USER/padelnomics.git $APP_DIR" echo "" echo "3. Deploy (first run installs sops+age and generates server keypair):" echo " cd $APP_DIR && bash deploy.sh"