Initial import: live state on api.qbirr.com (server v0.6.3)

deploy/vps-bootstrap.sh

@@ -0,0 +1,28 @@
+#!/usr/bin/env bash
+# One-time VPS prep for a Coolify-managed box (Ubuntu 24.04).
+# Coolify installs Docker + its reverse proxy itself, so we keep this minimal:
+# system update, firewall, base tools. Idempotent. Run as root.
+set -euo pipefail
+export DEBIAN_FRONTEND=noninteractive
+
+echo "### [1/4] needrestart -> automatic (no interactive prompts)"
+if [ -f /etc/needrestart/needrestart.conf ]; then
+  sed -i "s/#\$nrconf{restart} = .*/\$nrconf{restart} = 'a';/" /etc/needrestart/needrestart.conf || true
+fi
+
+echo "### [2/4] apt update + upgrade"
+apt-get update -y
+apt-get upgrade -y
+
+echo "### [3/4] base packages"
+apt-get install -y curl ca-certificates gnupg lsb-release ufw jq
+
+echo "### [4/4] firewall (ufw)"
+ufw allow OpenSSH        # 22 - keep our key login alive
+ufw allow 80/tcp         # http (Coolify proxy / ACME)
+ufw allow 443/tcp        # https (Coolify proxy)
+ufw allow 8000/tcp       # Coolify dashboard
+ufw --force enable
+ufw status verbose
+
+echo "BOOTSTRAP_DONE"