#!/bin/bash

# 更新 apt
curl -sSL https://git.martin98.com/MartinFarm/init/raw/branch/main/init-apt.sh | bash

# k8s 相关环境
apt install -y curl apt-transport-https ca-certificates gnupg

# 调整内核 关闭 swap
cat <<EOF | sudo tee /etc/modules-load.d/k8s.conf
overlay
br_netfilter
EOF
cat <<EOF | sudo tee /etc/sysctl.d/k8s.conf
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
net.ipv4.ip_forward = 1
EOF
sudo swapoff -a && sed -i '/swap/d' /etc/fstab && sudo sysctl --system && sudo modprobe overlay && sudo modprobe br_netfilter

# 安装并配置 containerd
# k8s
curl -fsSL https://mirrors.martin98.com/repository/kubernetes/core/stable/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.martin98.com/repository/kubernetes/core/stable/v1.32/deb/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list

# 安装并配置 containerd
apt install -y containerd
mkdir -p /etc/containerd

echo 'plugins."io.containerd.grpc.v1.cri".registry.config_path = "/etc/containerd/certs.d"' | sudo tee -a /etc/containerd/config.toml
printf 'server = "https://registry.k8s.io"\nhost."https://docker.martin98.com/k8s".capabilities = ["pull", "resolve"]\n' | sudo tee /etc/containerd/certs.d/registry.k8s.io/hosts.toml

sudo systemctl restart containerd
ctr image pull registry.k8s.io/pause:3.10



mkdir -pv "$CONFIG_DIR/registry.k8s.io"
cat <<EOF > "$CONFIG_DIR/registry.k8s.io/hosts.toml"
server = "https://registry.k8s.io"

[host."https://docker.martin98.com/k8s"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

# 初始化 containerd 配置
containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
sed -ri '0,/(config_path).*/s@(config_path).*@\1 = "/etc/containerd/certs.d"@' /etc/containerd/config.toml
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml



containerd config default | sudo tee /etc/containerd/config.toml > /dev/null

# 生成默认配置文件
cat <<EOF > /etc/crictl.yaml
runtime-endpoint: unix:///run/containerd/containerd.sock
image-endpoint: unix:///run/containerd/containerd.sock
timeout: 10
debug: false
EOF

containerd config default | sudo tee /etc/containerd/config.toml > /dev/null
sed -i 's/SystemdCgroup = false/SystemdCgroup = true/' /etc/containerd/config.toml

# 定义配置目录
CONFIG_DIR="/etc/containerd/certs.d"
mkdir -pv "$CONFIG_DIR/docker.io"
cat <<EOF > "$CONFIG_DIR/docker.io/hosts.toml"
server = "https://docker.io"

[host."https://docker.martin98.com/docker"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

mkdir -pv "$CONFIG_DIR/k8s.gcr.io"
cat <<EOF > "$CONFIG_DIR/k8s.gcr.io/hosts.toml"
server = "https://k8s.gcr.io"

[host."https://docker.martin98.com/k8s"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

mkdir -pv "$CONFIG_DIR/ghcr.io"
cat <<EOF > "$CONFIG_DIR/ghcr.io/hosts.toml"
server = "https://ghcr.io"

[host."https://docker.martin98.com/ghcr"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

mkdir -pv "$CONFIG_DIR/quay.io"
cat <<EOF > "$CONFIG_DIR/quay.io/hosts.toml"
server = "https://quay.io"

[host."https://docker.martin98.com/quay"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

mkdir -pv "$CONFIG_DIR/registry.k8s.io"
cat <<EOF > "$CONFIG_DIR/registry.k8s.io/hosts.toml"
server = "https://registry.k8s.io"

[host."https://docker.martin98.com/k8s"]
  capabilities = ["pull", "resolve"]
  override_path = true
EOF

sudo systemctl restart containerd && sudo systemctl enable containerd
ctr image pull registry.k8s.io/pause:3.10 --hosts-dir=/etc/containerd/certs.d

# 安装 kubeadm kubelet kubectl
curl -fsSL https://mirrors.tuna.tsinghua.edu.cn/kubernetes/core:/stable:/v1.32/deb/Release.key | sudo gpg --dearmor -o /etc/apt/keyrings/kubernetes-apt-keyring.gpg
echo 'deb [signed-by=/etc/apt/keyrings/kubernetes-apt-keyring.gpg] https://mirrors.martin98.com/repository/kubernetes-1.32/ /' | sudo tee /etc/apt/sources.list.d/kubernetes.list
chmod 644 /etc/apt/sources.list.d/kubernetes.list /etc/apt/keyrings/kubernetes-apt-keyring.gpg
apt update && apt install -y kubeadm kubelet kubectl && apt-mark hold kubeadm kubelet kubectl

echo "k8s 运行环境安装成功"