#!/usr/bin/env bash # ZeroGravity — Linux setup # Creates the zerogravity-ls system user for UID-scoped iptables isolation, # installs the systemd user service, and builds the dns_redirect.so preload lib. set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "$0")" && pwd)" PROJECT_DIR="$(dirname "$SCRIPT_DIR")" # ── 0. Dependency check ── MISSING=() for cmd in cargo curl jq gcc sudo iptables; do command -v "$cmd" &>/dev/null || MISSING+=("$cmd") done if [ ${#MISSING[@]} -gt 0 ]; then echo "✗ Missing dependencies: ${MISSING[*]}" echo " Install them first, then re-run this script." exit 1 fi # ── 1. System user for UID isolation ── echo "→ Creating zerogravity-ls system user…" if id -u zerogravity-ls &>/dev/null; then echo " Already exists." else sudo useradd --system --no-create-home --shell /usr/sbin/nologin zerogravity-ls echo " Created." fi # ── 2. Sudoers rule (run commands as zerogravity-ls without password) ── SUDOERS="/etc/sudoers.d/zerogravity" echo "→ Installing sudoers rule…" if [ -f "$SUDOERS" ]; then echo " Already exists." else echo "$USER ALL=(zerogravity-ls) NOPASSWD: ALL" | sudo tee "$SUDOERS" > /dev/null sudo chmod 0440 "$SUDOERS" echo " Installed: $SUDOERS" fi # ── 3. Data directory permissions ── echo "→ Setting up /tmp/zerogravity-standalone…" sudo mkdir -p /tmp/zerogravity-standalone sudo chmod 1777 /tmp/zerogravity-standalone # ── 4. Config directory ── echo "→ Setting up ~/.config/zerogravity…" mkdir -p "$HOME/.config/zerogravity" # ── 5. Systemd user service ── echo "→ Installing systemd user service…" UNIT_DIR="$HOME/.config/systemd/user" mkdir -p "$UNIT_DIR" cat > "$UNIT_DIR/zerogravity.service" << EOF [Unit] Description=ZeroGravity Proxy After=network.target [Service] Type=simple ExecStart=$PROJECT_DIR/target/release/zerogravity WorkingDirectory=$PROJECT_DIR Environment=RUST_LOG=info Restart=on-failure RestartSec=3 StandardOutput=journal StandardError=journal [Install] WantedBy=default.target EOF systemctl --user daemon-reload echo " Installed: $UNIT_DIR/zerogravity.service" echo " Enable with: systemctl --user enable zerogravity" # ── 6. Build ── echo "→ Building release binary…" cd "$PROJECT_DIR" cargo build --release 2>&1 | tail -1 echo "" echo "✓ Setup complete. Start with: zg start"