Skip to content

Instantly share code, notes, and snippets.

@tuxerrante

tuxerrante/ubuntu25_devops_setup.sh

Last active November 17, 2025 10:40
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save tuxerrante/9f9adf29405418427622b1e85d8c8263 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save tuxerrante/9f9adf29405418427622b1e85d8c8263 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ubuntu25_devops_setup.sh
#!/bin/bash
set -euo pipefail
# ====================================================================
# CONFIGURABLE VERSIONS
# ====================================================================
GO_VERSION="1.25.3"
HELM_VERSION="3.18.6"
K9S_VERSION="0.50.16"
GOLANGCI_VERSION="latest"
GITLEAKS_VERSION="8.18.1"
# GRYPE_VERSION="latest"
KUBECONFORM_VERSION="latest"
# PRE_COMMIT_VERSION="3.7.1"
MICROK8S_CHANNEL="1.34/stable"
# ====================================================================
# UTILITIES
# ====================================================================
CURL="curl -fsSL --retry 5 --retry-delay 3"
WGET="wget -q --tries=5 --retry-connrefused"
sudo snap install shfmt
RED='\033[0;31m'
GREEN='\033[0;32m'
YELLOW='\033[1;33m'
BLUE='\033[0;34m'
NC='\033[0m'
log_info() {
echo -e "${BLUE}[INFO]${NC} $1"
}
log_success() {
echo -e "${GREEN}[✓]${NC} $1"
}
log_warn() {
echo -e "${YELLOW}[WARN]${NC} $1"
}
log_error() {
echo -e "${RED}[ERROR]${NC} $1"
}
add_to_bashrc() {
local line="$1"
if ! grep -qxF "$line" ~/.bashrc; then
echo "$line" >>~/.bashrc
log_success "Added to bashrc: $line"
fi
}
# ====================================================================
# BACKUP BASHRC
# ====================================================================
log_info "Starting Kapparmor DevOps environment setup..."
if [[ -f ~/.bashrc ]]; then
cp ~/.bashrc ~/.bashrc.bak.$(date +%Y%m%d%H%M%S)
log_info "Backed up bashrc"
fi
# ====================================================================
# SYSTEM PACKAGES
# ====================================================================
log_info "Updating system packages..."
sudo apt update && sudo apt upgrade -y
log_info "Installing base dependencies..."
sudo apt install -y \
git curl wget make build-essential libssl-dev pkg-config \
unzip zip ca-certificates fontconfig pre-commit nodejs npm fd-find
# ====================================================================
# GO
# ====================================================================
log_info "Setting up Go $GO_VERSION..."
if command -v go &>/dev/null; then
INSTALLED_GO=$(go version | grep -oP 'go\K[0-9.]+')
if [[ "$INSTALLED_GO" == "$GO_VERSION" ]]; then
log_warn "Go $GO_VERSION already installed"
else
log_warn "Go $INSTALLED_GO installed, upgrading to $GO_VERSION"
sudo rm -rf /usr/local/go
fi
else
log_info "Installing Go $GO_VERSION..."
$WGET "https://go.dev/dl/go$GO_VERSION.linux-amd64.tar.gz" -O /tmp/go.tar.gz
sudo tar -C /usr/local -xzf /tmp/go.tar.gz
rm /tmp/go.tar.gz
fi
add_to_bashrc "export GOPATH=\$HOME/go"
add_to_bashrc "export PATH=\$GOPATH/bin:/usr/local/go/bin:\$PATH"
export GOPATH=$HOME/go
export PATH=$GOPATH/bin:/usr/local/go/bin:$PATH
source ~/.bashrc
log_success "Go $GO_VERSION ready"
# ====================================================================
# GO-BASED TOOLS
# ====================================================================
log_info "Installing Go-based development tools..."
log_info "Installing golangci-lint v$GOLANGCI_VERSION..."
go install github.com/golangci/golangci-lint/cmd/golangci-lint@$GOLANGCI_VERSION
log_info "Installing gopls..."
go install golang.org/x/tools/gopls@latest
log_info "Installing gitleaks v$GITLEAKS_VERSION..."
go install github.com/zricethezav/gitleaks/v8@v$GITLEAKS_VERSION
log_info "Installing grype"
curl -sSfL https://get.anchore.io/grype | sudo sh -s -- -b /usr/local/bin
log_info "Installing k9s v$K9S_VERSION..."
go install github.com/derailed/k9s@v$K9S_VERSION
log_info "Installing kubeconform $KUBECONFORM_VERSION..."
go install github.com/yannh/kubeconform/cmd/kubeconform@latest
# log_info "Installing pre-commit v$PRE_COMMIT_VERSION..."
log_success "All Go-based tools installed"
# ====================================================================
# MICROK8S 1.34
# ====================================================================
log_info "Setting up Microk8s $MICROK8S_CHANNEL..."
if ! command -v microk8s &>/dev/null; then
log_info "Installing Microk8s..."
sudo snap install microk8s --classic --channel=$MICROK8S_CHANNEL
sudo usermod -a -G microk8s "$USER"
sudo chown -f -R "$USER" ~/.kube
log_warn "Please log out and back in to apply group changes"
else
log_warn "Microk8s already installed"
fi
# Wait for Microk8s to be ready
log_info "Waiting for Microk8s to be ready..."
sudo microk8s status --wait-ready
# Enable essential addons for Kapparmor development
log_info "Enabling Microk8s addons..."
sudo microk8s enable dns storage ingress rbac observability
if sudo microk8s addons | grep -q apparmor; then
sudo microk8s enable apparmor
log_success "AppArmor addon enabled"
fi
log_success "Microk8s configured"
# ====================================================================
# HELM 3.18.6
# ====================================================================
log_info "Setting up Helm $HELM_VERSION..."
if command -v helm &>/dev/null; then
INSTALLED_HELM=$(helm version --short | grep -oP 'v\K[0-9.]+')
if [[ "$INSTALLED_HELM" == "$HELM_VERSION" ]]; then
log_warn "Helm $HELM_VERSION already installed"
else
log_warn "Helm $INSTALLED_HELM installed, upgrading to $HELM_VERSION"
sudo rm -rf /usr/local/bin/helm
fi
else
log_info "Installing Helm $HELM_VERSION..."
$CURL "https://get.helm.sh/helm-v$HELM_VERSION-linux-amd64.tar.gz" | tar -xz
sudo mv linux-amd64/helm /usr/local/bin/helm
sudo chmod +x /usr/local/bin/helm
rm -rf linux-amd64
fi
log_success "Helm $HELM_VERSION ready"
# ====================================================================
# NEOVIM + LAZYVIM
# ====================================================================
log_info "Setting up Neovim and LazyVim..."
# Remove old Neovim if installed
if command -v nvim &>/dev/null; then
log_warn "Removing old Neovim version..."
sudo apt remove -y neovim
fi
# Install latest Neovim from GitHub
log_info "Installing latest Neovim from GitHub..."
NVIM_LATEST=$($CURL "https://api.github.com/repos/neovim/neovim/releases/latest" | grep -oP '"tag_name": "\K[^"]+')
log_info "Installing Neovim $NVIM_LATEST..."
$CURL "https://github.com/neovim/neovim/releases/download/$NVIM_LATEST/nvim-linux-x86_64.appimage" -o /tmp/nvim.appimage
chmod +x /tmp/nvim.appimage
sudo mv /tmp/nvim.appimage /usr/local/bin/nvim
log_success "Neovim $NVIM_LATEST installed"
# Verify installation
nvim --version | head -1
if [[ ! -d "$HOME/.config/nvim" ]]; then
log_info "Installing LazyVim starter configuration..."
git clone https://github.com/LazyVim/starter "$HOME/.config/nvim"
rm -rf "$HOME/.config/nvim/.git"
log_success "LazyVim installed"
else
log_warn "LazyVim already configured"
fi
log_info "Install plugins from Neovim: "
log_info " Lazy install mason.vim"
log_success "--> Neovim and LazyVim ready"
# ====================================================================
# FIRACODE NERD FONT
# ====================================================================
log_info "Installing FiraCode Nerd Font..."
mkdir -p ~/.local/share/fonts
if ! fc-list | grep -q "FiraCode"; then
log_info "Downloading FiraCode Nerd Font..."
$CURL "https://github.com/ryanoasis/nerd-fonts/releases/download/v3.1.1/FiraCode.zip" -o /tmp/FiraCode.zip
unzip -q /tmp/FiraCode.zip -d ~/.local/share/fonts
rm /tmp/FiraCode.zip
fc-cache -vf ~/.local/share/fonts
log_success "FiraCode Nerd Font installed"
else
log_warn "FiraCode Nerd Font already installed"
fi
# ====================================================================
# STARSHIP SHELL PROMPT
# ====================================================================
log_info "Installing Starship shell prompt..."
if ! command -v starship &>/dev/null; then
log_info "Downloading and installing Starship..."
$CURL "https://starship.rs/install.sh" | sudo sh
else
log_warn "Starship already installed"
fi
add_to_bashrc "eval \"\$(starship init bash)\""
# Create Starship config if it doesn't exist
if [[ ! -f ~/.config/starship.toml ]]; then
mkdir -p ~/.config
cat >~/.config/starship.toml <<'EOF'
format = """
[┌───────────────────>](bold green)
[│](bold green) $username@$hostname in $directory$git_branch$git_status
[└─>](bold green) $character """
command_timeout 1000
[character]
success_symbol = "[❯](bold green)"
error_symbol = "[❯](bold red)"
[username]
show_always = true
format = "[$user]($style)"
[hostname]
ssh_only = false
format = "[$hostname]($style)"
[directory]
truncation_length = 3
truncate_to_repo = true
format = "[$path]($style)[$read_only]($read_only_style) "
[git_branch]
format = "on [$symbol$branch]($style) "
[git_status]
format = "([\\[$all_status$ahead_behind\\]]($style) )"
[golang]
symbol = "🐹 "
format = "[$symbol($version)]($style) "
EOF
log_success "Starship configuration created"
fi
log_success "Starship installed and configured"
# ====================================================================
# DEVELOPMENT ALIASES
# ====================================================================
log_info "Adding development aliases..."
add_to_bashrc ""
add_to_bashrc "# ====== Kapparmor Development Aliases ======"
add_to_bashrc "alias kapp='cd /home/alex/workspace/tuxerrante/kapparmor'"
add_to_bashrc "alias kapptest='cd /home/alex/workspace/tuxerrante/kapparmor && go test ./...'"
add_to_bashrc "alias kapplint='golangci-lint run ./...'"
add_to_bashrc "alias kappbuild='go build -v ./cmd/...'"
add_to_bashrc "alias kappfmt='go fmt ./...'"
add_to_bashrc "alias kappvet='go vet ./...'"
add_to_bashrc "alias kappsec='gitleaks detect --source . --verbose'"
add_to_bashrc "alias kappvuln='grype . -o json'"
add_to_bashrc ""
add_to_bashrc "# ====== Kubernetes Aliases ======"
add_to_bashrc "alias k='microk8s kubectl'"
add_to_bashrc "alias kctx='microk8s kubectl config current-context'"
add_to_bashrc "alias kns='microk8s kubectl config set-context --current --namespace'"
add_to_bashrc "alias kgp='microk8s kubectl get pods'"
add_to_bashrc "alias kgpa='microk8s kubectl get pods --all-namespaces'"
add_to_bashrc "alias kgd='microk8s kubectl get deployments'"
add_to_bashrc "alias kgs='microk8s kubectl get services'"
add_to_bashrc "alias kgn='microk8s kubectl get nodes'"
add_to_bashrc "alias kdesc='microk8s kubectl describe'"
add_to_bashrc "alias klogs='microk8s kubectl logs'"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment