#!/usr/bin/env bash set -euo pipefail echo "[*] Installing packages (Fedora)…" sudo dnf install -y NetworkManager dnsmasq wireguard-tools iptables-nft nginx echo "[*] Enabling IP forwarding…" sudo install -m 0644 ./../../configs/99-vrb-sysctl.conf /etc/sysctl.d/99-vrb-sysctl.conf sudo sysctl --system echo "[*] Installing NetworkManager profiles…" sudo install -m 0600 ./../../configs/networkmanager/vrb-lan.nmconnection /etc/NetworkManager/system-connections/vrb-lan.nmconnection sudo install -m 0600 ./../../configs/networkmanager/vrb-lan-port.nmconnection /etc/NetworkManager/system-connections/vrb-lan-port.nmconnection sudo install -m 0600 ./../../configs/networkmanager/vrb-wan.nmconnection /etc/NetworkManager/system-connections/vrb-wan.nmconnection sudo install -m 0600 ./../../configs/networkmanager/vrb-ext.nmconnection /etc/NetworkManager/system-connections/vrb-ext.nmconnection echo ">> Replace / in the above profiles with actual device names (nmcli d)." echo "[*] dnsmasq setup…" sudo install -m 0644 ./../../configs/dnsmasq/dnsmasq.conf /etc/dnsmasq.conf sudo install -m 0644 ./../../configs/dnsmasq/dnsmasq.hosts /etc/dnsmasq.hosts sudo systemctl enable --now dnsmasq echo "[*] WireGuard setup…" if [[ ! -f /etc/wireguard/wg0.conf ]]; then sudo install -m 0600 ./../../configs/wireguard/wg0.conf.sample /etc/wireguard/wg0.conf echo ">> Edit /etc/wireguard/wg0.conf with keys and WAN iface." fi sudo systemctl enable --now wg-quick@wg0 || true echo "[*] Deploying app to /opt/exosysteme…" sudo mkdir -p /opt/exosysteme sudo rsync -a --delete ./../../app/ /opt/exosysteme/app/ echo "[*] Systemd services…" sudo install -m 0644 ./../../configs/systemd/exosysteme-api.service /etc/systemd/system/exosysteme-api.service sudo install -m 0644 ./../../configs/systemd/exosysteme-keymgr.service /etc/systemd/system/exosysteme-keymgr.service sudo systemctl daemon-reload sudo systemctl enable --now exosysteme-api.service exosysteme-keymgr.service echo "[*] NGINX…" sudo install -m 0644 ./../../configs/nginx/spectra.conf /etc/nginx/conf.d/spectra.conf sudo systemctl enable --now nginx echo "[✓] VRB + API deployed (Fedora). Adjust interfaces via 'nmcli d' and restart NetworkManager."