#!/usr/bin/env bash # tools/cmd/railiance-plan-host # Provider-neutral planning and checklist for a first Railiance host. set -euo pipefail ROOT="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" CLOUDINIT="${ROOT}/cloudinit/user-data.yaml" usage() { cat <<'EOF' Usage: railiance-plan-host [--cloudinit] [--check] [--help] --cloudinit Print the recommended cloud-init user-data to stdout. --check Print a pre-VM checklist only. --help Show this help. Without flags, this command prints the recommended host plan and a checklist. EOF } print_hdr() { printf "\n%s\n" "$1"; printf "%0.s-" $(seq 1 "${#1}"); echo; } plan() { print_hdr "Provider-neutral host plan" cat <<'PLAN' Distro: Ubuntu Server 24.04 LTS (or Debian 12) CPU/RAM: 2 vCPU / 4–8 GB RAM (start) — scale as needed Disk: 60–100 GB SSD (expand later for data) Network: Public IPv4 (and/or IPv6), allow ports 22, 80, 443 SSH: Use ed25519 key; disable password auth User: 'ubuntu' or your provider's default user Backups: Snapshot weekly; keep 2–4 rotations Security baseline: - Regular updates (unattended-upgrades or Ansible role) - UFW/iptables with allow 22,80,443; deny rest (adjust for cluster) - Fail2ban (optional) - Time sync (systemd-timesyncd or chrony) Cloud-init: Use 'bin/railiance cloudinit' or this command with --cloudinit to get the template. PLAN } checklist() { print_hdr "Rent-a-VM Checklist" cat <<'CK' [ ] Provider account ready (billing set) [ ] Region chosen (low latency to you/users) [ ] Image: Ubuntu 24.04 LTS (or Debian 12) [ ] Size: 2 vCPU / 4–8 GB RAM / 60+ GB SSD [ ] SSH key uploaded (use ed25519) [ ] Firewall security group: allow 22,80,443 (tighten later) [ ] Cloud-init pasted (from bin/railiance cloudinit) [ ] Hostname set (e.g., railiance-seed-1) [ ] Record public IP / DNS CK } cloudinit() { if [[ -f "${CLOUDINIT}" ]]; then cat "${CLOUDINIT}" else echo "cloud-init template not found at ${CLOUDINIT}" >&2 exit 1 fi } # Parse flags DO_PLAN=true DO_CHECK=true while [[ $# -gt 0 ]]; do case "$1" in --cloudinit) cloudinit; exit 0 ;; --check) DO_PLAN=false; DO_CHECK=true; shift ;; --help|-h) usage; exit 0 ;; *) echo "Unknown option: $1" >&2; usage; exit 2 ;; esac done $DO_PLAN && plan $DO_CHECK && checklist echo echo "Tip: After renting the VM, seed it with: tools/seed_node.sh"