Here is a edgedb bare metal installation script that you can use!
#!/bin/bash
# EdgeDB bare metal Installation and Configuration Script
# This script automates the process of installing EdgeDB, configuring its service file,
# setting up environment variables, and linking the instance with the CLI.
set -euo pipefail
# Function definitions
error() { echo "Error: $1" >&2; exit 1; }
section() { echo -e "\n==== $1 ====\n"; }
prompt_with_default() {
local prompt="$1" default="$2"
read -p "$prompt [$default]: " response
echo "${response:-$default}"
}
# Check for root privileges
[[ $EUID -ne 0 ]] && error "This script must be run as root (use sudo)."
section "Starting EdgeDB Installation and Configuration"
# Prompt for PostgreSQL connection details
PG_USER=$(prompt_with_default "Enter PostgreSQL username" "postgres")
PG_PASSWORD=$(prompt_with_default "Enter PostgreSQL password" "password")
PG_SERVER=$(prompt_with_default "Enter PostgreSQL server address" "localhost")
PG_PORT=$(prompt_with_default "Enter PostgreSQL port" "5432")
PG_DATABASE=$(prompt_with_default "Enter PostgreSQL database name" "postgres")
# Step 1: Import the EdgeDB packaging key
section "Importing EdgeDB Packaging Key"
mkdir -p /usr/local/share/keyrings
curl --proto '=https' --tlsv1.2 -sSf \
-o /usr/local/share/keyrings/edgedb-keyring.gpg \
https://packages.edgedb.com/keys/edgedb-keyring.gpg || error "Failed to download EdgeDB keyring"
# Step 2: Add the EdgeDB package repository
section "Adding EdgeDB Package Repository"
echo "deb [signed-by=/usr/local/share/keyrings/edgedb-keyring.gpg] https://packages.edgedb.com/apt $(grep "VERSION_CODENAME=" /etc/os-release | cut -d= -f2) main" |
tee /etc/apt/sources.list.d/edgedb.list || error "Failed to add EdgeDB repository"
# Step 3: Install the EdgeDB package
section "Installing EdgeDB"
apt-get update && apt-get install -y edgedb-5 || error "Failed to install EdgeDB"
# Step 4: Create the environment file
section "Setting Up Environment Variables"
ENV_FILE="/opt/edgedb/edgedb.env"
mkdir -p /opt/edgedb
EDGEDB_PASSWORD=$(uuidgen)
cat > "$ENV_FILE" << EOL
EDGEDB_SERVER_TLS_CERT_MODE=generate_self_signed
EDGEDB_SERVER_ADMIN_UI=enabled
EDGEDB_SERVER_BACKEND_DSN=postgres://${PG_USER}:${PG_PASSWORD}@${PG_SERVER}:${PG_PORT}/${PG_DATABASE}
EDGEDB_SERVER_PASSWORD=${EDGEDB_PASSWORD}
EOL
chown edgedb:edgedb "$ENV_FILE"
chmod 600 "$ENV_FILE"
# Step 5: Create run directory
RUNSTATE_DIR=/run/edgedb
mkdir -p $RUNSTATE_DIR
chmod 755 $RUNSTATE_DIR
chown edgedb:edgedb $RUNSTATE_DIR
# Step 6: Configure EdgeDB service
section "Configuring EdgeDB Service"
SERVICE_FILE="/etc/systemd/system/edgedb-server-5.service"
cat > "$SERVICE_FILE" << EOL
[Unit]
Description=EdgeDB database server
After=network.target
[Service]
Type=notify
User=edgedb
Group=edgedb
EnvironmentFile=/opt/edgedb/edgedb.env
ExecStart=/usr/lib/x86_64-linux-gnu/edgedb-server-5/bin/edgedb-server --runstate-dir=%t/edgedb --tls-cert-mode=generate_self_signed
ExecReload=/bin/kill -HUP \$MAINPID
KillMode=mixed
KillSignal=SIGINT
TimeoutSec=0
[Install]
WantedBy=multi-user.target
EOL
# Step 7: Enable, start EdgeDB service, and configure instance
section "Enabling EdgeDB Service and Configuring Instance"
systemctl enable edgedb-server-5 || error "Failed to enable EdgeDB service"
systemctl start edgedb-server-5 || error "Failed to start EdgeDB service"
systemctl daemon-reload
systemctl restart edgedb-server-5 || error "Failed to restart EdgeDB service"
# Set password and configure listen address
edgedb --port 5656 --tls-security insecure --admin --unix-path $RUNSTATE_DIR \
query "ALTER ROLE edgedb SET password := '${EDGEDB_PASSWORD}'" || error "Failed to set password"
echo "${EDGEDB_PASSWORD}" | edgedb --port 5656 --tls-security insecure --password-from-stdin \
query "CONFIGURE INSTANCE SET listen_addresses := {'0.0.0.0'};" || error "Failed to change listen address"
systemctl restart edgedb-server-5 || error "Failed to restart EdgeDB service"
# Link EdgeDB instance with CLI
section "Linking EdgeDB Instance with CLI"
EDB_DATABASE=$(prompt_with_default "Enter EdgeDB database name" "bare_metal_db")
# Run the instance link command as the sudo user
su - "${SUDO_USER}" << EOF
echo "${EDGEDB_PASSWORD}" | edgedb instance link \
--host localhost \
--port 5656 \
--user edgedb \
--branch main \
--trust-tls-cert \
--password-from-stdin \
"${EDB_DATABASE}" || echo "Failed to link EdgeDB instance"
EOF
# Check if the link was successful
if ! su - "${SUDO_USER}" -c "edgedb instance list | grep -q ${EDB_DATABASE}"; then
error "Failed to link EdgeDB instance"
fi
section "Installation Complete"
echo "EdgeDB has been successfully installed, configured, and linked!"
echo
echo "Summary of actions:"
echo "1. EdgeDB version 5 has been installed."
echo "2. A systemd service file has been created at ${SERVICE_FILE}."
echo "3. An environment file has been created at ${ENV_FILE} with a UUID as the password."
echo "4. The EdgeDB service has been enabled and started."
echo "5. EdgeDB listen address has been set to 0.0.0.0 to allow external connections."
echo "6. The EdgeDB instance has been linked with the CLI as '${EDB_DATABASE}'."
echo
echo "Next steps:"
echo "1. Review and update the ${ENV_FILE} file if needed."
echo "2. Configure your firewall to restrict access to port 5656 as needed."
echo "3. Use strong authentication methods when connecting to EdgeDB remotely."
echo "4. You can now use '${EDB_DATABASE}' when running EdgeDB CLI commands."
echo
echo "For more information, visit https://docs.edgedb.com/guides/deployment/bare_metal#bare-metal"
Top comments (0)