d-bis/proxmox
4
0
Fork 0
Code Issues 1 Pull Requests 9 Actions Packages Projects Releases Wiki Activity
Files
f0f0a4bb844eefe6c19e9568c3af9b2d387e5a2e
proxmox/scripts/deployment/install-pmm-mesh-systemd-on-proxmox-lxc.sh
defiQUG bad8fdc98c
Some checks failed
Deploy to Phoenix / deploy (push) Has been cancelled
Details
scripts: portal login, PMM mesh install, ops template audit, NPM verify, route matrix export 
Made-with: Cursor
2026-03-27 18:46:42 -07:00

185 lines
7.2 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Push Chain 138 PMM mesh into Proxmox LXC and enable systemd.
# Copies: pmm-mesh-6s-automation.sh, update-oracle-price.sh, smom-dbis-138/.env, and this host's cast binary.
#
# Run from repo root (LAN + SSH root@Proxmox BatchMode). Requires: cast in PATH, smom-dbis-138/.env.
#
# Usage:
# ./scripts/deployment/install-pmm-mesh-systemd-on-proxmox-lxc.sh [--dry-run]
# Env:
# PMM_MESH_LXC_TARGETS="192.168.11.11:3500 192.168.11.12:5700"
#
# Note: Running the full mesh on multiple hosts repeats performUpkeep / oracle ticks (extra gas).
# Set ENABLE_MESH_KEEPER_TICK=0 in a drop-in if you want only one keeper driver.
#
# Hardened LXCs (e.g. unprivileged) may forbid writing /etc/systemd/system inside the guest.
# In that case this script installs chain138-pmm-mesh-pct-<VMID>.service on the Proxmox host
# so systemd runs: pct exec <VMID> -- bash …/pmm-mesh-6s-automation.sh
#
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
PROJECT_ROOT="$(cd "$SCRIPT_DIR/../.." && pwd)"
SMOM="$PROJECT_ROOT/smom-dbis-138"
DRY_RUN=false
for a in "$@"; do [[ "$a" == "--dry-run" ]] && DRY_RUN=true; done
TARGETS="${PMM_MESH_LXC_TARGETS:-192.168.11.11:3500 192.168.11.12:5700}"
CAST_SRC="$(command -v cast || true)"
[[ -x "$CAST_SRC" ]] || { echo "ERROR: cast not in PATH" >&2; exit 1; }
[[ -f "$SMOM/.env" ]] || { echo "ERROR: missing $SMOM/.env" >&2; exit 1; }
MESH_TGZ="$(mktemp /tmp/c138-mesh-XXXXXX.tgz)"
cleanup() { rm -f "$MESH_TGZ" 2>/dev/null || true; }
trap cleanup EXIT
tar czf "$MESH_TGZ" -C "$PROJECT_ROOT" \
smom-dbis-138/scripts/reserve/pmm-mesh-6s-automation.sh \
smom-dbis-138/scripts/update-oracle-price.sh \
smom-dbis-138/.env
log() { echo "[install-pmm-mesh] $*"; }
for pair in $TARGETS; do
host="${pair%%:*}"
vmid="${pair##*:}"
[[ -n "$host" && -n "$vmid" ]] || { log "skip bad target: $pair"; continue; }
log "root@$host VMID $vmid"
if [[ "$DRY_RUN" == true ]]; then
log "DRY-RUN: would scp + pct push $vmid + systemctl enable --now"
continue
fi
scp -o BatchMode=yes -o ConnectTimeout=20 "$MESH_TGZ" "root@${host}:/tmp/c138-mesh-install.tgz"
scp -o BatchMode=yes -o ConnectTimeout=20 "$CAST_SRC" "root@${host}:/tmp/cast-bin-lxc"
ssh -o BatchMode=yes -o ConnectTimeout=25 "root@${host}" \
"VMID=${vmid} bash -s" <<'REMOTE'
set -euo pipefail
[[ -n "${VMID:-}" ]] || exit 1
[[ -f /tmp/c138-mesh-install.tgz ]] || { echo "missing /tmp/c138-mesh-install.tgz"; exit 1; }
[[ -f /tmp/cast-bin-lxc ]] || { echo "missing /tmp/cast-bin-lxc"; exit 1; }
# Stop mesh before rm/tar so host pct unit or guest loop does not hit a missing script mid-upgrade.
systemctl stop "chain138-pmm-mesh-pct-${VMID}.service" 2>/dev/null || true
pct exec "$VMID" -- systemctl stop chain138-pmm-mesh-automation.service 2>/dev/null || true
sleep 1
pct push "$VMID" /tmp/c138-mesh-install.tgz /var/tmp/c138-mesh.tgz
pct push "$VMID" /tmp/cast-bin-lxc /var/tmp/cast-bin
# Unprivileged LXCs may have /opt and /var/lib root-owned on host as nobody: use /var/tmp (writable as CT root).
BASE=/var/tmp/chain138-mesh
pct exec "$VMID" -- mkdir -p "$BASE/bin"
pct exec "$VMID" -- rm -rf "$BASE/smom-dbis-138"
pct exec "$VMID" -- tar xzf /var/tmp/c138-mesh.tgz -C "$BASE"
if pct exec "$VMID" -- install -m 755 /var/tmp/cast-bin "$BASE/bin/cast" 2>/dev/null; then
:
else
pct exec "$VMID" -- cp /var/tmp/cast-bin "$BASE/bin/cast"
pct exec "$VMID" -- chmod 755 "$BASE/bin/cast"
fi
set +e
pct exec "$VMID" -- env DEBIAN_FRONTEND=noninteractive apt-get update -qq
A1=$?
pct exec "$VMID" -- env DEBIAN_FRONTEND=noninteractive apt-get install -y -qq curl ca-certificates >/dev/null
A2=$?
set -e
if [[ "$A1" != 0 || "$A2" != 0 ]]; then
echo "apt not usable in VMID $VMID; installing static curl into $BASE/bin/curl"
curl -fsSL "https://github.com/moparisthebest/static-curl/releases/latest/download/curl-amd64" -o "/tmp/curl-static-$VMID"
chmod 755 "/tmp/curl-static-$VMID"
pct push "$VMID" "/tmp/curl-static-$VMID" "$BASE/bin/curl"
rm -f "/tmp/curl-static-$VMID"
fi
pct exec "$VMID" -- chmod 755 "$BASE/bin/cast" 2>/dev/null || true
if pct exec "$VMID" -- test -f "$BASE/bin/curl"; then
pct exec "$VMID" -- chmod 755 "$BASE/bin/curl"
fi
pct exec "$VMID" -- env -i PATH="$BASE/bin:/usr/local/bin:/usr/bin:/bin" HOME=/tmp bash --noprofile --norc -lc 'cast --version | head -1; command -v curl >/dev/null && curl --version | head -1 || true'
HOST_UNIT="chain138-pmm-mesh-pct-${VMID}.service"
GUEST_UNIT="chain138-pmm-mesh-automation.service"
PCT_BIN="$(command -v pct)"
can_guest_systemd=false
if pct exec "$VMID" -- bash -c 't=/etc/systemd/system/.c138mesh_w; rm -f "$t"; touch "$t" && rm -f "$t"'; then
can_guest_systemd=true
fi
if [[ "$can_guest_systemd" == true ]]; then
systemctl disable --now "$HOST_UNIT" 2>/dev/null || true
rm -f "/etc/systemd/system/$HOST_UNIT"
systemctl daemon-reload 2>/dev/null || true
pct exec "$VMID" -- bash -c 'cat > /etc/systemd/system/chain138-pmm-mesh-automation.service' <<'UNITEOF'
[Unit]
Description=Chain 138 PMM mesh — oracle/keeper/WETH poll
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
Environment=PATH=/var/tmp/chain138-mesh/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
WorkingDirectory=/var/tmp/chain138-mesh/smom-dbis-138
Environment=PMM_MESH_INTERVAL_SEC=6
Environment=MESH_CAST_GAS_PRICE=2gwei
Environment=ENABLE_MESH_ORACLE_TICK=1
Environment=ENABLE_MESH_KEEPER_TICK=1
Environment=ENABLE_MESH_PMM_READS=1
Environment=ENABLE_MESH_WETH_READS=1
EnvironmentFile=-/var/tmp/chain138-mesh/smom-dbis-138/.env
ExecStart=/bin/bash /var/tmp/chain138-mesh/smom-dbis-138/scripts/reserve/pmm-mesh-6s-automation.sh
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target
UNITEOF
pct exec "$VMID" -- systemctl daemon-reload
pct exec "$VMID" -- systemctl enable "$GUEST_UNIT"
pct exec "$VMID" -- systemctl restart "$GUEST_UNIT"
sleep 2
pct exec "$VMID" -- systemctl is-active "$GUEST_UNIT" || {
pct exec "$VMID" -- journalctl -u chain138-pmm-mesh-automation -n 40 --no-pager || true
exit 1
}
else
pct exec "$VMID" -- systemctl disable --now "$GUEST_UNIT" 2>/dev/null || true
pct exec "$VMID" -- rm -f "/etc/systemd/system/$GUEST_UNIT" 2>/dev/null || true
cat > "/etc/systemd/system/$HOST_UNIT" <<UNIT_HOST
[Unit]
Description=Chain 138 PMM mesh via pct into CT ${VMID}
After=network-online.target
Wants=network-online.target
[Service]
Type=simple
ExecStart=${PCT_BIN} exec ${VMID} -- env PATH=${BASE}/bin:/usr/bin:/bin HOME=/tmp PMM_MESH_INTERVAL_SEC=6 MESH_CAST_GAS_PRICE=2gwei ENABLE_MESH_ORACLE_TICK=1 ENABLE_MESH_KEEPER_TICK=1 ENABLE_MESH_PMM_READS=1 ENABLE_MESH_WETH_READS=1 /bin/bash --noprofile --norc ${BASE}/smom-dbis-138/scripts/reserve/pmm-mesh-6s-automation.sh
Restart=always
RestartSec=5
[Install]
WantedBy=multi-user.target
UNIT_HOST
systemctl daemon-reload
systemctl enable "$HOST_UNIT"
systemctl restart "$HOST_UNIT"
sleep 2
systemctl is-active "$HOST_UNIT" || {
journalctl -u "$HOST_UNIT" -n 40 --no-pager || true
exit 1
}
fi
rm -f /tmp/c138-mesh-install.tgz /tmp/cast-bin-lxc
REMOTE
done
log "done. Guest logs: ssh root@<proxmox> \"pct exec <VMID> -- journalctl -u chain138-pmm-mesh-automation -f\""
log " Host-wrapped (hardened CT): ssh root@<proxmox> \"journalctl -u chain138-pmm-mesh-pct-<VMID> -f\""
Reference in New Issue View Git Blame Copy Permalink