#!/bin/bash # abort this script on errors set -euxo pipefail whoami cd /vagrant make_certs_writable() ( local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" sudo mkdir -p "$certdir" sudo chown -R "$USER" "$certdir" ) secure_certs() ( local certdir="/etc/docker/certs.d/$TINKERBELL_HOST_IP" sudo chown "root" "$certdir" ) configure_vagrant_user() ( echo -n "$TINKERBELL_REGISTRY_PASSWORD" | sudo -iu vagrant docker login \ --username="$TINKERBELL_REGISTRY_USERNAME" \ --password-stdin "$TINKERBELL_HOST_IP" ) setup_nat() ( iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT iptables -A FORWARD -i eth0 -o eth1 -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE ) main() ( export DEBIAN_FRONTEND=noninteractive if [ ! -f ./.env ]; then ./generate-envrc.sh eth1 >.env fi # shellcheck disable=SC1091 . ./.env make_certs_writable ./setup.sh if [[ ${TINKERBELL_CONFIGURE_NAT:=true} != "false" ]]; then setup_nat fi secure_certs configure_vagrant_user ) main