#!/bin/bash set -e echo "========================================" echo " SIMATICA - Docker Bootstrap" echo "========================================" export DEBIAN_FRONTEND=noninteractive # # Aggiornamenti iniziali # apt-get clean apt-get update apt-get dist-upgrade -y apt-get autoremove -y # # Rimozione eventuali vecchie versioni Docker # for pkg in docker.io docker-doc docker-compose docker-compose-v2 podman-docker containerd runc; do apt-get remove -y "$pkg" || true done # # Pacchetti base # apt-get install -y \ ca-certificates \ curl \ gnupg \ lsb-release \ rsync \ parted \ software-properties-common # # Configurazione secondo disco # if [ -b /dev/sdb ]; then echo "[INFO] Secondo disco rilevato: /dev/sdb" # # Se non esiste partizione, la crea # if ! blkid /dev/sdb1 >/dev/null 2>&1; then echo "[INFO] Creo partizione su /dev/sdb" parted -s /dev/sdb mklabel gpt parted -s /dev/sdb mkpart primary ext4 0% 100% sleep 2 mkfs.ext4 -F /dev/sdb1 fi # # Mount /mnt/docker # mkdir -p /mnt/docker UUID=$(blkid -s UUID -o value /dev/sdb1) if ! grep -q "$UUID" /etc/fstab; then echo "UUID=$UUID /mnt/docker ext4 defaults,nofail 0 2" >> /etc/fstab fi mount -a echo "[OK] Disco Docker montato" else echo "[WARNING] Nessun secondo disco trovato" mkdir -p /mnt/docker fi # # Installazione Docker ufficiale # install -m 0755 -d /etc/apt/keyrings curl -fsSL https://download.docker.com/linux/ubuntu/gpg \ -o /etc/apt/keyrings/docker.asc chmod a+r /etc/apt/keyrings/docker.asc echo \ "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.asc] \ https://download.docker.com/linux/ubuntu \ $(. /etc/os-release && echo "${UBUNTU_CODENAME:-$VERSION_CODENAME}") stable" \ > /etc/apt/sources.list.d/docker.list apt-get update apt-get install -y \ docker-ce \ docker-ce-cli \ containerd.io \ docker-buildx-plugin \ docker-compose-plugin # # Stop servizi # systemctl stop docker.socket || true systemctl stop docker || true systemctl stop containerd || true # # Directory dedicate # mkdir -p /mnt/docker/docker mkdir -p /mnt/docker/containerd mkdir -p /mnt/docker/portainer mkdir -p /etc/docker mkdir -p /etc/containerd # # Migrazione eventuali dati esistenti # rsync -aHAXx /var/lib/docker/ /mnt/docker/docker/ 2>/dev/null || true rsync -aHAXx /var/lib/containerd/ /mnt/docker/containerd/ 2>/dev/null || true # # Docker data-root # cat >/etc/docker/daemon.json </etc/containerd/config.toml sed -i 's#^root = .*#root = "/mnt/docker/containerd"#' \ /etc/containerd/config.toml sed -i 's#^state = .*#state = "/run/containerd"#' \ /etc/containerd/config.toml # # Symlink containerd # rm -rf /var/lib/containerd || true ln -s /mnt/docker/containerd /var/lib/containerd # # Avvio servizi # systemctl daemon-reload systemctl enable containerd systemctl enable docker systemctl start containerd systemctl start docker # # Verifiche Docker # docker --version docker compose version docker run --rm hello-world # # Installazione Portainer # docker volume create portainer_data docker run -d \ --name portainer \ --restart always \ -p 10443:9443 \ -p 8099:9000 \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /mnt/docker/portainer:/data \ portainer/portainer-ce:latest # # Prerequisiti Wazuh / Elasticsearch # sysctl -w vm.max_map_count=262144 echo 'vm.max_map_count=262144' \ >/etc/sysctl.d/99-wazuh.conf sysctl --system # # MOTD Simatica # cat >/etc/motd <