flake-update-20260201
 1#+TITLE: Nagoya Configuration
 2#+FILETAGS: imperative debian server nagoya
 3
 4#+begin_quote
 5⚠️ *DEPRECATED:* This imperative setup is now deprecated in favor of the declarative system-manager configuration at =~/src/home/systems/nagoya/system.nix=.
 6
 7The imperative scripts are kept as a backup fallback only.
 8
 9To use system-manager, see the deployment instructions in =CLAUDE.md=.
10#+end_quote
11
12Configuration scripts for the Nagoya system, a Debian-based server.
13
14* Overview
15
16This directory contains idempotent configuration scripts for the Nagoya host, which runs Debian and is not managed by NixOS.
17
18** System Information
19
20- *Hostname:* nagoya
21- *OS:* Debian
22- *Type:* Server
23- *Architecture:* aarch64
24- *VPN Address:* 10.100.0.80/24
25
26* Files
27
28** =apply.sh=
29
30The main configuration script that sets up the system. This script is designed to be run multiple times safely (idempotent).
31
32* Setup Components
33
34The =apply.sh= script configures the following:
35
36** Wireguard VPN
37- Configures wireguard VPN client
38- Creates =/etc/wireguard/wg0.conf= with VPN settings
39- Connects to VPN endpoint at 167.99.17.238:51820
40- Assigns client IP: 10.100.0.80/24
41- Requires =WG_PRIVATE_KEY= environment variable
42
43** Docker
44- Removes old Docker packages (docker.io, podman-docker, etc.)
45- Installs official Docker CE from docker.com repository
46- Installs docker-ce, docker-ce-cli, containerd.io, and docker-buildx-plugin
47- Configures Docker APT repository with proper GPG keys
48
49** Kind (Kubernetes in Docker)
50- Installs Kind v0.30.0 for ARM64
51- Installs to =/usr/local/bin/kind=
52- Used for local Kubernetes development
53
54** Syncthing
55- Installs Syncthing from official APT repository
56- Configures GPG keys for package verification
57- Note: User service setup needs to be completed (see TODOs)
58
59* Usage
60
61** Running the Script
62
63From the repository root:
64
65#+begin_src bash
66# Basic run (without wireguard configuration)
67sudo ./imperative/nagoya/apply.sh
68
69# With wireguard private key
70sudo WG_PRIVATE_KEY="your-private-key-here" ./imperative/nagoya/apply.sh
71#+end_src
72
73** First-Time Setup
74
751. Ensure you have root/sudo access
762. Have your wireguard private key ready
773. Run the script with the WG_PRIVATE_KEY environment variable
78
79** Updating Configuration
80
81Simply re-run the script. It's designed to be idempotent, meaning running it multiple times will bring the system to the desired state without causing issues.
82
83* TODOs
84
85- [ ] Complete Syncthing user service setup
86- [ ] Add config.txt configuration (diff with default, nvme settings)
87- [ ] Add error handling for missing Kind download
88- [ ] Consider adding Docker post-install steps (user groups, etc.)
89
90* Notes
91
92- The script uses =set -euo pipefail= for strict error handling
93- All setup functions are prefixed with =setup.=
94- Logging functions provide colored output for better readability
95- Shellcheck directives are used where system files are sourced