forge/internal/controller/installer/installer.prepare.go

package installer

import (
	"context"
	"fmt"

	"gitea.loveuer.com/yizhisec/pkg3/logger"
)

func (i *installer) Prepare(ctx context.Context) error {
	var (
		err error
	)

	logger.Info("☑️ installer.Prepare: Starting system preparation...")

	if err = i.targetOK(ctx); err != nil {
		return err
	}

	// 1. Set timezone to Asia/Shanghai
	logger.Info("☑️ installer.Prepare: Setting timezone to Asia/Shanghai...")
	if err = i.setTimezone(ctx); err != nil {
		logger.Debug("❌ installer.Prepare: Failed to set timezone: %v", err)
		return fmt.Errorf("failed to set timezone: %w", err)
	}
	logger.Info("✅ installer.Prepare: Timezone set successfully")

	// 2. Disable swap
	logger.Info("☑️ installer.Prepare: Disabling swap...")
	if err = i.disableSwap(ctx); err != nil {
		logger.Debug("❌ installer.Prepare: Failed to disable swap: %v", err)
		return fmt.Errorf("failed to disable swap: %w", err)
	}
	logger.Info("✅ installer.Prepare: Swap disabled successfully")

	// 3. Load module: iscsi_tcp
	logger.Info("☑️ installer.Prepare: Loading kernel module iscsi_tcp...")
	if err = i.loadKernelModule(ctx, "iscsi_tcp"); err != nil {
		logger.Debug("❌ installer.Prepare: Failed to load iscsi_tcp module: %v", err)
		return fmt.Errorf("failed to load iscsi_tcp module: %w", err)
	}
	logger.Info("✅ installer.Prepare: iscsi_tcp module loaded successfully")

	// 4. Load module: br_netfilter
	logger.Info("☑️ installer.Prepare: Loading kernel module br_netfilter...")
	if err = i.loadKernelModule(ctx, "br_netfilter"); err != nil {
		logger.Debug("❌ installer.Prepare: Failed to load br_netfilter module: %v", err)
		return fmt.Errorf("failed to load br_netfilter module: %w", err)
	}
	logger.Info("✅ installer.Prepare: br_netfilter module loaded successfully")

	// 5. Apply sysctl settings
	logger.Info("☑️ installer.Prepare: Applying sysctl settings...")
	if err = i.applySysctlSettings(ctx); err != nil {
		logger.Debug("❌ installer.Prepare: Failed to apply sysctl settings: %v", err)
		return fmt.Errorf("failed to apply sysctl settings: %w", err)
	}
	logger.Info("✅ installer.Prepare: Sysctl settings applied successfully")

	logger.Info("✅ installer.Prepare: System preparation completed successfully!")

	return nil
}

// setTimezone sets the system timezone to Asia/Shanghai
func (i *installer) setTimezone(ctx context.Context) error {
	// Check if timezone file exists
	cmd := i.buildCommand(ctx, "test", "-f", "/usr/share/zoneinfo/Asia/Shanghai")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		return fmt.Errorf("timezone file /usr/share/zoneinfo/Asia/Shanghai not found")
	}

	// Remove old localtime link/file
	cmd = i.buildCommand(ctx, "rm", "-f", "/etc/localtime")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		logger.Debug("Failed to remove /etc/localtime: %v", err)
	}

	// Create symlink
	cmd = i.buildCommand(ctx, "ln", "-s", "/usr/share/zoneinfo/Asia/Shanghai", "/etc/localtime")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		return fmt.Errorf("failed to create symlink: %w", err)
	}

	return nil
}

// disableSwap disables all swap partitions and removes swap entries from /etc/fstab
func (i *installer) disableSwap(ctx context.Context) error {
	// Turn off all swap
	cmd := i.buildCommand(ctx, "swapoff", "-a")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		logger.Debug("Failed to swapoff: %v (may be already off)", err)
	}

	// Comment out swap entries in /etc/fstab to make it persistent
	cmd = i.buildCommand(ctx, "sed", "-i", "/swap/s/^/#/", "/etc/fstab")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		logger.Debug("Failed to comment swap in /etc/fstab: %v", err)
	}

	return nil
}

// loadKernelModule loads a kernel module and ensures it's loaded on boot
func (i *installer) loadKernelModule(ctx context.Context, moduleName string) error {
	// Load the module immediately
	cmd := i.buildCommand(ctx, "modprobe", moduleName)
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		return fmt.Errorf("failed to load module %s: %w", moduleName, err)
	}

	// Add to /etc/modules-load.d/ to load on boot
	filePath := fmt.Sprintf("/etc/modules-load.d/%s.conf", moduleName)
	cmd = i.buildCommand(ctx, "bash", "-c", fmt.Sprintf("echo '%s' > %s", moduleName, filePath))
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		logger.Debug("Failed to add module to modules-load.d: %v", err)
	}

	return nil
}

// applySysctlSettings applies required sysctl settings for Kubernetes
func (i *installer) applySysctlSettings(ctx context.Context) error {
	const sysctlConfig = `# Kubernetes required settings
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
net.ipv4.ip_forward = 1
net.ipv4.conf.all.forwarding = 1
net.ipv6.conf.all.forwarding = 1
vm.swappiness = 0
vm.overcommit_memory = 1
vm.panic_on_oom = 0
fs.file-max = 1000000
fs.inotify.max_user_watches = 2099999999
fs.inotify.max_user_instances = 2099999999
fs.inotify.max_queued_events = 2099999999
net.ipv4.neigh.default.gc_thresh1 = 1024
net.ipv4.neigh.default.gc_thresh2 = 4096
net.ipv4.neigh.default.gc_thresh3 = 8192
`

	// Write sysctl config file
	cmd := i.buildCommand(ctx, "bash", "-c", fmt.Sprintf("cat > /etc/sysctl.d/99-kubernetes.conf << 'EOF'\n%sEOF", sysctlConfig))
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		return fmt.Errorf("failed to write sysctl config: %w", err)
	}

	// Apply sysctl settings
	cmd = i.buildCommand(ctx, "sysctl", "--system")
	if cmd == nil {
		return fmt.Errorf("failed to build command")
	}
	if err := cmd.Run(); err != nil {
		return fmt.Errorf("failed to apply sysctl settings: %w", err)
	}

	return nil
}