studio/sbbb
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5d9bd7b0679ec780c5d1031f92626ed5f74a5707
sbbb/scripts/local-up.sh
Sienna Meridian Satterwhite 5d9bd7b067 chore: initial infrastructure scaffold 
Kustomize base + overlays for the full Sunbeam k3s stack:
- base/mesh      — Linkerd edge (crds + control-plane + viz)
- base/ingress   — custom Pingora edge proxy
- base/ory       — Kratos 0.60.1 + Hydra 0.60.1 + login-ui
- base/data      — CloudNativePG 0.27.1, Valkey 8, OpenSearch 2
- base/storage   — SeaweedFS master + volume + filer (S3 on :8333)
- base/lasuite   — Hive sync daemon + La Suite app placeholders
- base/media     — LiveKit livekit-server 1.9.0
- base/devtools  — Gitea 12.5.0 (external PG + Valkey)
overlays/local   — sslip.io domain, mkcert TLS, Lima hostPort
overlays/production — stub (TODOs for sunbeam.pt values)
scripts/         — local-up/down/certs/urls helpers
justfile         — up / down / certs / urls targets
2026-02-28 13:42:27 +00:00

123 lines
4.8 KiB
Bash
Executable File
Raw Blame History

#!/usr/bin/env bash
# Start the Sunbeam local dev stack.
# Idempotent: safe to run multiple times.
set -euo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
REPO_ROOT="$(cd "$SCRIPT_DIR/.." && pwd)"
# ---------------------------------------------------------------------------
# 1. Check prerequisites
# ---------------------------------------------------------------------------
echo "==> Checking prerequisites..."
for tool in limactl mkcert kubectl helm linkerd; do
if ! command -v "$tool" &>/dev/null; then
echo "ERROR: '$tool' not found. Install with: brew install $tool" >&2
exit 1
fi
done
echo " OK"
# ---------------------------------------------------------------------------
# 2. Start Lima VM (skip if already running)
# ---------------------------------------------------------------------------
LIMA_STATUS=$(limactl list --json 2>/dev/null | \
python3 -c "import sys,json; vms=[v for v in json.load(sys.stdin) if v['name']=='sunbeam']; print(vms[0]['status'] if vms else 'none')" 2>/dev/null || echo "none")
if [[ "$LIMA_STATUS" == "Running" ]]; then
echo "==> Lima VM 'sunbeam' already running."
elif [[ "$LIMA_STATUS" == "Stopped" ]]; then
echo "==> Starting existing Lima VM 'sunbeam'..."
limactl start sunbeam
else
echo "==> Creating Lima VM 'sunbeam' (k3s, 6 CPU / 12 GB / 60 GB)..."
limactl start \
--name=sunbeam \
template://k3s \
--memory=12 \
--cpus=6 \
--disk=60 \
--vm-type=vz \
--mount-type=virtiofs
fi
# ---------------------------------------------------------------------------
# 3. Export kubeconfig
# ---------------------------------------------------------------------------
echo "==> Exporting kubeconfig..."
mkdir -p ~/.kube
limactl shell sunbeam kubectl config view --raw > ~/.kube/sunbeam.yaml
export KUBECONFIG=~/.kube/sunbeam.yaml
echo " KUBECONFIG=$KUBECONFIG"
# ---------------------------------------------------------------------------
# 4. Install Linkerd CRDs + control plane
# ---------------------------------------------------------------------------
echo "==> Adding Linkerd Helm repo..."
helm repo add linkerd https://helm.linkerd.io/stable --force-update
helm repo update linkerd
echo "==> Installing Linkerd CRDs..."
helm upgrade --install linkerd-crds linkerd/linkerd-crds \
-n mesh --create-namespace --wait
echo "==> Installing Linkerd control plane..."
helm upgrade --install linkerd-control-plane linkerd/linkerd-control-plane \
-n mesh \
--set-file identityTrustAnchorsPEM="$(linkerd identity trust-anchors 2>/dev/null || echo '')" \
--wait || {
echo "==> Bootstrapping Linkerd identity (first install)..."
linkerd install --crds | kubectl apply -f -
linkerd install | kubectl apply -f -
linkerd check
}
# ---------------------------------------------------------------------------
# 5. Generate mkcert wildcard cert
# ---------------------------------------------------------------------------
echo "==> Generating TLS cert..."
bash "$SCRIPT_DIR/local-certs.sh"
LIMA_IP=$(limactl shell sunbeam hostname -I | awk '{print $1}')
DOMAIN="${LIMA_IP}.sslip.io"
# ---------------------------------------------------------------------------
# 6. Create TLS Secret in ingress namespace
# ---------------------------------------------------------------------------
echo "==> Applying TLS Secret to ingress namespace..."
kubectl create namespace ingress --dry-run=client -o yaml | kubectl apply -f -
kubectl create secret tls pingora-tls \
--cert="$REPO_ROOT/secrets/local/tls.crt" \
--key="$REPO_ROOT/secrets/local/tls.key" \
-n ingress \
--dry-run=client -o yaml | kubectl apply -f -
# ---------------------------------------------------------------------------
# 7. Substitute domain and apply manifests
# ---------------------------------------------------------------------------
echo "==> Applying manifests (domain: $DOMAIN)..."
# Substitute DOMAIN_SUFFIX placeholder before piping to kubectl
kubectl kustomize "$REPO_ROOT/overlays/local" --enable-helm | \
sed "s/DOMAIN_SUFFIX/${DOMAIN}/g" | \
kubectl apply -f -
# ---------------------------------------------------------------------------
# 8. Wait for core components
# ---------------------------------------------------------------------------
echo "==> Waiting for PostgreSQL cluster..."
kubectl wait --for=condition=Ready cluster/postgres -n data --timeout=180s || true
echo "==> Waiting for Redis..."
kubectl rollout status deployment/redis -n data --timeout=120s || true
echo "==> Waiting for Kratos..."
kubectl rollout status deployment/kratos -n ory --timeout=120s || true
echo "==> Waiting for Hydra..."
kubectl rollout status deployment/hydra -n ory --timeout=120s || true
# ---------------------------------------------------------------------------
# 9. Print URLs
# ---------------------------------------------------------------------------
bash "$SCRIPT_DIR/local-urls.sh"
Reference in New Issue View Git Blame Copy Permalink