From 30a6793fe0d5d0a28c2e521fa5546d34311c4a43 Mon Sep 17 00:00:00 2001
From: josh <josh@hostlabs.pro>
Date: Mon, 3 Nov 2025 19:16:59 +0000
Subject: [PATCH] Add scripts/mysqlPool.bootstrap

---
 scripts/mysqlPool.bootstrap | 68 +++++++++++++++++++++++++++++++++++++
 1 file changed, 68 insertions(+)
 create mode 100644 scripts/mysqlPool.bootstrap

diff --git a/scripts/mysqlPool.bootstrap b/scripts/mysqlPool.bootstrap
new file mode 100644
index 0000000..545d9f4
--- /dev/null
+++ b/scripts/mysqlPool.bootstrap
@@ -0,0 +1,68 @@
+#!/usr/bin/env bash
+# burnServ worker bootstrap — join as WORKER only (no temp manager)
+# Run as root (e.g., cloud-init user-data or startup script)
+
+set -euo pipefail
+
+### === CONFIG: fill these in ===
+SWARM_MANAGER_ADDR="10.10.10.5:2377"       # e.g., 10.10.10.7:2377
+WORKER_JOIN_TOKEN="SWMTKN-1-2a2sxynvwvpcapqysty6fyifxjsdu7xlk529r05nnvi6g7i01c-e700ngcb66bp9rp04am7cmcli"
+
+# Shared storage (NFS)
+NFS_SERVER="10.10.10.8"                    # e.g., 10.10.10.7
+NFS_EXPORT="/mnt/data"                    # e.g., /volume2/nfs0  or /mnt/data
+MOUNTPOINT="/mnt/data"
+
+# Optional local user
+LINUX_USER="josh"
+SSH_PUBKEY="ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIOFiNTLzVAex3rG3P233A85qwClxlhm+vIjhvi6e1tER josh@jos
+h-zbook"            # leave empty to skip
+
+### ===============================
+
+log(){ echo "[bootstrap] $*"; }
+
+log "Installing base packages"
+apt-get update -y
+apt-get install -y ca-certificates curl gnupg lsb-release nfs-common uidmap
+
+log "Ensuring user '${LINUX_USER}'"
+if ! id -u "$LINUX_USER" >/dev/null 2>&1; then
+  adduser --disabled-password --gecos "" "$LINUX_USER"
+fi
+if [[ -n "$SSH_PUBKEY" ]]; then
+  install -d -m 700 -o "$LINUX_USER" -g "$LINUX_USER" "/home/$LINUX_USER/.ssh"
+  touch "/home/$LINUX_USER/.ssh/authorized_keys"
+  chown "$LINUX_USER:$LINUX_USER" "/home/$LINUX_USER/.ssh/authorized_keys"
+  chmod 600 "/home/$LINUX_USER/.ssh/authorized_keys"
+  grep -qxF "$SSH_PUBKEY" "/home/$LINUX_USER/.ssh/authorized_keys" || echo "$SSH_PUBKEY" >> "/home/$LINUX_USER/.ssh/authorized_keys"
+fi
+
+log "Installing Docker (official repo)"
+install -m 0755 -d /etc/apt/keyrings
+curl -fsSL "https://download.docker.com/linux/$(. /etc/os-release && echo "$ID")/gpg" | gpg --dearmor -o /etc/apt/keyrings/docker.gpg
+chmod a+r /etc/apt/keyrings/docker.gpg
+echo \
+  "deb [arch=$(dpkg --print-architecture) signed-by=/etc/apt/keyrings/docker.gpg] \
+  https://download.docker.com/linux/$(. /etc/os-release && echo "$ID") \
+  $(. /etc/os-release && echo "$VERSION_CODENAME") stable" \
+  | tee /etc/apt/sources.list.d/docker.list > /dev/null
+apt-get update -y
+apt-get install -y docker-ce docker-ce-cli containerd.io docker-buildx-plugin docker-compose-plugin
+usermod -aG docker "$LINUX_USER" || true
+
+log "Mounting NFS ${NFS_SERVER}:${NFS_EXPORT} -> ${MOUNTPOINT}"
+mkdir -p "$MOUNTPOINT"
+if ! grep -qE "^\s*${NFS_SERVER}:${NFS_EXPORT}\s+${MOUNTPOINT}\s+nfs" /etc/fstab; then
+  echo "${NFS_SERVER}:${NFS_EXPORT} ${MOUNTPOINT} nfs defaults,_netdev,proto=tcp,noatime 0 0" >> /etc/fstab
+fi
+mount -a
+
+log "Joining swarm as WORKER"
+# leave any existing swarm membership (idempotent)
+if docker info 2>/dev/null | grep -q 'Swarm: active'; then
+  docker swarm leave --force || true
+fi
+docker swarm join --token "$WORKER_JOIN_TOKEN" "$SWARM_MANAGER_ADDR"
+
+log "Done. Labels can be applied from a manager (e.g., scripts/bs-label-workers.sh)."
\ No newline at end of file