Built the Sentinel Tab

infrastructure/desineuron_ingress/install_linux_ingress_ip_sync.sh

@@ -0,0 +1,40 @@
+#!/usr/bin/env bash
+set -euo pipefail
+
+if [[ $# -ne 2 ]]; then
+  echo "Usage: $0 <aws_access_key_id> <aws_secret_access_key>" >&2
+  exit 1
+fi
+
+AWS_ACCESS_KEY_ID="$1"
+AWS_SECRET_ACCESS_KEY="$2"
+INSTALL_ROOT="/opt/desineuron-ingress-ip-sync"
+VENV_PATH="${INSTALL_ROOT}/.venv"
+
+sudo apt-get update
+sudo apt-get install -y python3-venv
+sudo mkdir -p "${INSTALL_ROOT}"
+sudo python3 -m venv "${VENV_PATH}"
+sudo "${VENV_PATH}/bin/pip" install --upgrade pip boto3
+
+sudo install -m 0755 /tmp/sync_ingress_home_ip.py /usr/local/bin/sync_ingress_home_ip.py
+sudo install -m 0644 /tmp/desineuron-ingress-home-ip-sync.service /etc/systemd/system/desineuron-ingress-home-ip-sync.service
+sudo install -m 0644 /tmp/desineuron-ingress-home-ip-sync.timer /etc/systemd/system/desineuron-ingress-home-ip-sync.timer
+
+sudo mkdir -p /var/lib/desineuron-ingress-ip-sync
+sudo tee /etc/desineuron-ingress-home-ip-sync.env >/dev/null <<EOF
+AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
+AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
+AWS_REGION=us-east-1
+INGRESS_SECURITY_GROUP_ID=sg-0721b8b48e12c531d
+INGRESS_SSH_PORT=22
+INGRESS_SSH_RULE_DESCRIPTION=SSH fallback from origin network
+INGRESS_IP_STATE_FILE=/var/lib/desineuron-ingress-ip-sync/current_ip.txt
+EOF
+sudo chmod 600 /etc/desineuron-ingress-home-ip-sync.env
+
+sudo systemctl daemon-reload
+sudo systemctl enable --now desineuron-ingress-home-ip-sync.timer
+sudo systemctl start desineuron-ingress-home-ip-sync.service
+sudo systemctl --no-pager --full status desineuron-ingress-home-ip-sync.service
+sudo systemctl --no-pager --full status desineuron-ingress-home-ip-sync.timer