From 460d16cd241d52a7ba9a9f7df9e3cec81fcd54d6 Mon Sep 17 00:00:00 2001
From: Kohei Watanabe <nebel@fogtype.com>
Date: Sun, 4 Aug 2024 20:49:26 +0900
Subject: [PATCH] add makefile

---
 .github/workflows/deploy.yml                  |   6 ++-
 .gitignore                                    |   3 ++
 Makefile                                      |  39 ++++++++++++++++++
 README.md                                     |  28 ++++++-------
 compose.yml                                   |   2 +-
 deploy                                        |   9 ++++
 etc/apt/apt.conf.d/99-tailscale               |   1 +
 etc/apt/keyrings/docker-archive-keyring.gpg   | Bin 0 -> 2760 bytes
 .../keyrings/tailscale-archive-keyring.gpg    | Bin 0 -> 2288 bytes
 etc/apt/sources.list.d/docker.sources         |   5 +++
 etc/apt/sources.list.d/tailscale.sources      |   5 +++
 etc/docker/daemon.json                        |   1 -
 install                                       |  32 ++++++++++++++
 13 files changed, 111 insertions(+), 20 deletions(-)
 create mode 100644 .gitignore
 create mode 100644 Makefile
 create mode 100755 deploy
 create mode 100644 etc/apt/apt.conf.d/99-tailscale
 create mode 100644 etc/apt/keyrings/docker-archive-keyring.gpg
 create mode 100644 etc/apt/keyrings/tailscale-archive-keyring.gpg
 create mode 100644 etc/apt/sources.list.d/docker.sources
 create mode 100644 etc/apt/sources.list.d/tailscale.sources
 create mode 100755 install

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
index e1a0c89..455cd60 100644
--- a/.github/workflows/deploy.yml
+++ b/.github/workflows/deploy.yml
@@ -2,11 +2,13 @@ name: deploy
 concurrency: fogtype.com
 on:
   push:
-    branches: [main]
+    branches:
+      - main
 jobs:
   main:
     runs-on: ubuntu-latest
     steps:
       - run: install -m 700 -d ~/.ssh
       - run: install -m 600 <(echo '${{ secrets.DEPLOY_KEY }}') ~/.ssh/deploy_key
-      - run: ssh -i ~/.ssh/deploy_key -o 'StrictHostKeyChecking no' kou029w@fogtype.com 'sh -c "cd ~/fogtype.com && git pull --rebase && docker compose up --detach --remove-orphans"'
+      - run: install -m 600 <(echo '${{ secrets.KNOWN_HOSTS }}') ~/.ssh/known_hosts
+      - run: make deploy
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..e85ae28
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,3 @@
+.deploy_key
+.deploy_key.pub
+.known_hosts
diff --git a/Makefile b/Makefile
new file mode 100644
index 0000000..8b3ee38
--- /dev/null
+++ b/Makefile
@@ -0,0 +1,39 @@
+REMOTE_USER := nebel
+REMOTE_HOST := fogtype.com
+
+.PHONY: help
+help:
+	@cat README.md
+
+.PHONY: deploy
+deploy:
+	ssh $(REMOTE_USER)@$(REMOTE_HOST) <$@
+
+.PHONY: install
+install: .deploy_key .known_hosts
+	ssh-copy-id -i .deploy_key.pub $(REMOTE_USER)@$(REMOTE_HOST)
+	scp install $(REMOTE_USER)@$(REMOTE_HOST):install
+	ssh -t $(REMOTE_USER)@$(REMOTE_HOST) '\
+		ssh-keygen -t ed25519; \
+		cat ~/.ssh/id_ed25519.pub; \
+		./install; \
+		rm install; \
+	'
+
+.deploy_key:
+	ssh-keygen -t ed25519 -C deploy_key -f $@
+
+.known_hosts:
+	ssh-keyscan -t ed25519 -H $(REMOTE_HOST) >$@
+
+.PHONY: keyrings
+keyrings: \
+	etc/apt/keyrings/docker-archive-keyring.gpg \
+	etc/apt/keyrings/tailscale-archive-keyring.gpg \
+
+etc/apt/keyrings/docker-archive-keyring.gpg:
+	curl -sSf --tlsv1.3 https://download.docker.com/linux/ubuntu/gpg \
+		| gpg --dearmor >$@
+
+etc/apt/keyrings/tailscale-archive-keyring.gpg:
+	curl -sSf --tlsv1.3 -o $@ https://pkgs.tailscale.com/stable/ubuntu/noble.noarmor.gpg
diff --git a/README.md b/README.md
index 4cf2d78..2ec3bd4 100644
--- a/README.md
+++ b/README.md
@@ -1,23 +1,19 @@
 # Fogtype
 
-## 前提
+## Runner Registration
 
-- Docker Compose
-- systemd
-- systemd-journald
-
-Git リポジトリを取得し、設定ファイルを配置
-
-```bash
-ssh kou029w@fogtype.com
-git clone git@github.com:kou029w/fogtype.com.git
-cd fogtype.com
-sudo install -m 644 {,/}etc/docker/daemon.json
-sudo systemctl restart docker
+```
+$ make install
 ```
 
-## 構築
+secrets.DEPLOY_KEY
+: SSH identity file
+
+secrets.KNOWN_HOSTS
+: SSH known_hosts file
+
+## Deploy
 
-```sh
-docker compose up -d
+```
+$ make deploy
 ```
diff --git a/compose.yml b/compose.yml
index d0b5ddb..d9f4d5f 100644
--- a/compose.yml
+++ b/compose.yml
@@ -1,4 +1,4 @@
-name: keiunet
+name: fogtype
 services:
   https:
     image: caddy:2.8.4-alpine@sha256:221bcf3be161b0d856bdb7bea76b42386d732d19348f79692404829532d83f4a
diff --git a/deploy b/deploy
new file mode 100755
index 0000000..135de31
--- /dev/null
+++ b/deploy
@@ -0,0 +1,9 @@
+#!/bin/sh
+set -eu
+
+cd "${HOME}/${REMOTE_HOST:-fogtype.com}"
+
+git pull --rebase
+docker compose up --detach --remove-orphans
+
+cd -
diff --git a/etc/apt/apt.conf.d/99-tailscale b/etc/apt/apt.conf.d/99-tailscale
new file mode 100644
index 0000000..b22c023
--- /dev/null
+++ b/etc/apt/apt.conf.d/99-tailscale
@@ -0,0 +1 @@
+Unattended-Upgrade::Allowed-Origins:: "Tailscale:*";
diff --git a/etc/apt/keyrings/docker-archive-keyring.gpg b/etc/apt/keyrings/docker-archive-keyring.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..e5dc8cfda8e5d37f69956520048140c9baab9803
GIT binary patch
literal 2760
zcmV;(3ODtc0u2OMt=cL95CGv?mVEyU+3FP&iF2?(b<6@*g&o7k_7E+vfpyDoj$zjA
zGV5WMs<5X`yaKG4`1D^?%Ti#*<GBm2<-D>f9W@2In1<xHj@po#SlRuuZ(gb9iB;j>
z#V#$cv(vuM$1G5W?m=#;?M(Cxek`gIB|ZeE>e*?4HA0Yo?Le89KO(!1UAgKnfVKJp
ze7*UXLf?I!keb9u+BFqeeB``A$gwvu)M9q}dT8YU+=NzEb9$;fT&a6fycOmt+QBrl
zSljK4NaNyiOYqwZ!pA8r^c00OKI|6ITnqr2;lfcg2)^}~s|^iuXkp-Z9zw?u9f%Gl
zIKx%?805>Gz6o0*0IGj52V2<jnG*P^vl)-(^<IaM64-5$?i(QkbzhV8?ekX7SQ<pW
zS>W@R3^r4ggg+8qe2>{F;knjCB39B|n)&}Ia))TWmVOS1zJD$Q<&mo|g~V`#5B$6N
zxLlw5L@k&9cvMyuB<WrP{}%URoq#zZO~k_+w=}eg6%eCTtB)Jqq&nc!nL%#fRyXJ?
z0U31aj}yI*YmQ^BobOOvQl;39lWSRBi=-Yoal}XgbT7%>!wfYMH5Y?I18^yQU0Cn<
zQ+Vm-4&d0rzki{yJhx4HVp!v=n%$Eu4}XG1@@3Rpmx4E2z!ZF5gVt7hXhF3JhQ)dC
z^v|>E6|i%rp_>2^0RRECD@1Q&Yh`jEQe|vqVRL05C__acWMyJ0AUtGmV{2t{KxA)Y
zYh`jSV{dIfi2^qS69EbUAq4_ht>?f38!rV52?z%R1r-Vj2nz)k0s{d60v-VZ7k~f?
z2@s8efIJSr&4{we5B?+>qpu&7G$uCr{9l#Rccf8iLHFK8*j}rX=-CG)$dc?$piG&n
zyvm)ljwUsM!bnCjBbuvmg?VD7{XegYqwDC-jwi9@5G?Wk0W>(My&0lUwT?!h+_)r;
ziSkkZTf)_`7M(d9Eygf&;f2K#dl0cev@e`hmk(<eEU2#@ou5y{8$@TB`Q7H}`kZ%>
zZtk3Hs%->NGPyLrr#y%lgx{LEI^lyjO4KBwd}kap{2xYFqV-F2>Yq<t5{Q*)*R?(>
zG-gdq-7QDsOB?=ysoxG@7KH&vE_?hnRc?txWkz9<=VtFx@Ut8hfLi2;JwF@<K<Fyz
z5Xud;em<noPmu*N<aL_3+>%ZMK$zRb;~8!vOdFX75Fk8*e>XpOrG|YsSZ2f#t_(HJ
z+2iiq+kTKEd{!m%PjyDuMW8T;FZ!)Cg>O6x2SR3fyfZ=kBSDUz=aV8M^lA(&u0B2M
z-aM5?LcHpf3Iqah6nv_W(wZrA8IAR4qXOaf%g7n?TNrw7a0Kc^OVl3Z8#a2R3m+9$
z8(5MM+x77e+YoN$TgPo5x1IH2GV6I8ege0YQtX?0EQiH**C+5Ml4{T8)OO+-<Y05X
z7ys6n$Mt^*LT}Pi9`XbFxH=XT@)_;kuOH=WqpWUNL87?EqRw`y*r-{WnIL}Zau#Z3
zhf6w=e5Sbq4Fp)N+A0AM0OxqWQub~yg-zR)q+?Y@GAFkGsW{wADQ^gVS5Quo+E1L2
zMq_*f89cg9`};*RVn`&w_(~_rxh?T>PfE3sg1Paga|nw;9NrvW?<GR3EIv_ALt@)}
zoxNsYK09$k;L}f5T%WLOKvp^y3DKcNNXH9Z!&b~=|2?k3U`w1ZxWN*4bT&nZ8|*`c
zI+^anr&{f1q*?w5hH-hG!&n$KS|EJsilC+X<lBE&sR}yIl#JwOc6VY<LNoN@7c=C~
zX-m(~T%<n~_}fCU_Mlm3<9B5@j5eu&f4iLt!VzjwI^5bQak`WZ>0Q{d=P|r_7drn!
z8&M^%eloEvv)?t~lG>1q+=qlCndr6=1Yy(%>dfgbh&%TXeRWyM$f8?S{8ygGsA8pS
zM?IBQwFu-HaGRib&`sVMSJXjhuE(AOvYeGL$vD)^dqADy%5oai-WdX=OaMym$#l_A
z7d>5VEn*PN1N}x~{PYrGX`90HOmI4|Rc$_R*_6<i=>1pBoGZVu(m<g47->O4MgBSA
z3G&qBk^c}(l#fx^d_Tr93{<%g;efsvX)qQ8<7p74rQ;AUmvbi*yka|wYGA+9!(&uJ
z3tZ#|GLLIrw5-@~{uvdM_93`x8jgYT%ZPhr3MqBNEu`I@f@nl~3G(!ilEW9!nGG{5
zNIRRPhlryvj{p$?00D^vJ_Hy62mlEM0$8ouDgqk<0x1a)je&qX4!_Na!CfE(8370Y
z1_c6Gt=cL83JDN?psB<1bNtxVU=ROn3Hco$6RNCn?dy%AGv~v}na?1gs^YJhXA)JR
zJ_hRT#t5-)YKUBmhDT{(!zP43W=13FLVlQQY&Uywe9iI|Dk@tr8RUEXt!L9asCk14
z$moeFun}{2z@`Y8KUEy#Y?ttc*0nt%%r%bCd4pClxDY!t`M2qFddF+NHq%TDA5Z73
zoZ<)UWl<6+4{!S>HvV2YFUNmbNfe7l7outUhag5HvTFpov<ZFt7)B51?`y26seeBA
zUGuvnfwMTKWtKMo57bxw4(CO%r~7d&AG~Li<jVh@9=JlV@go$2UOTXq+@%Sx=}g&h
z&Iy3M2W)jhqBVF6`ehKj40X^8I9HfMG~$1&3`F<-+%%){`r9IS!h|jIIJ~s!y8YOp
zXq#TdB0Yiu${wq=4~8wMqUHg>{9)%SU3wB^qK~XMv`AX!x<6%-nu+;S&pdG~rCcpO
z05M&Fwf!q>>kU>E8(Zk`CG@{MMFpYoH>2^}r{N(ze}#nyK^=2d^FwnaCSIuyoty8V
z$MgLSEc6&fC;Zgt2oP+BME)7IvYQ`*`)m(a>t+0)T%TWxv;Hw42=h!wN&j`JBw0E>
z50`dHHM+RTjBnAsX^_gE8Q9$kh)YxA+2aP#nvkSPSGK0POS-qBfqQ0U`6_z!bL?8k
zW-GmuFEE@S55O+}&SbUnxDWqc+d9(t{vtC%96$nq3|U&n$e6E6Na09qb+{@cv1jZ|
z3ANPz<FdPmFRfY3#T64~jNJL7<ZqVr2N~zVCi_*aR&W<}M1TFWCWk8gz`w@TgSA(3
zL?tv`#>BC8hPZX%fd!AicAGHUi1CEtQTkg6rlJ&izkT=Qe0t#FL~*@%Q@afty20kH
zP@b&1>Szr#R<^(R$ZDQ+tX1BmAvCn7XbkFG{bvJsln04BkS2;}7+r)m!j=C|-@2Mb
zZaVA|!c_0vpuO@|Zgh7CYc|rUFc^1cmciEIZ-OsoUfh8=!gs&KS$I6fh;IjUD`52-
z$hYta7J<<pbiPx+O;4z_DE!MJVBfRE`$k%FxW_nA`#gdSp!WU1d#4TE<TAy=x5Gyp
z2MZzobPayMI=b(@AG2X?=s_|TC#2SLtbD?oJeQHHutW-|39*7VDHBHvF0a@U<5bWy
z%PbFA#f9UEe|Sy~c?whE%8v69I$c96yxo|$P0S5kzSc+naDw!s<JUhB3y#vqADvB<
zvEbuChX&I8vv)p%t)IfrjgL(~+k;q-lUa(cOJzPNaO(s)Y=Vr#ZqLq)EL@~K&6#>u
zKyfV{PWt21mmL1oc+`{DV3Y`cYIUjP(OqJCF?#$b(-lq(eagmRKXj;3eca9O(@<N)
O|AZlpzxLROJ-XfM=roc5

literal 0
HcmV?d00001

diff --git a/etc/apt/keyrings/tailscale-archive-keyring.gpg b/etc/apt/keyrings/tailscale-archive-keyring.gpg
new file mode 100644
index 0000000000000000000000000000000000000000..603538d6458641164d8767c30a6959db122ccaf3
GIT binary patch
literal 2288
zcmajfc{~#i1IO`g=Ge@Y@pIeUgt;<TMTAi1Ud1%mvbl-5auv!=m?I%_<qF{`FH`)C
zat}=^xfY5X`OOi}@p}DU&-35&|M&CX_w_CU@qlrTMO{FC0F|w%mAg*~YjN;N$gKbl
z@nekN?40i~)~C&K*tI5$>KnM;$SiZIny}V^Ln4(iw}RDxSu6I`YRgkt><oj7%{b(W
zNT==1_0d^E=reP=Hj<q@nBnvp0!Ld6_>xE4)@ScHwNjI5uZ}UJwQ}|yi4HLzQ>&4-
zAWu|7Zlcan;k?EHVrsLfIOm$tnKyQI9p)s3+yd#u<}TvFdDULD#_MiG)4i7i@*|iv
zI){p*<{RmH08ZW1y(9t^E<(QFA}h1mgic1>T7E)e=3RVY{tahplCNGR%*tZ@WRsY|
zt+?upoB8u?@8Wyrr3(}zODMR5p@zWOjHgkC5PsZx_OlJ(3d@q#(Z5ohQ3wci@3G(N
z^_NweOwOB)v+H*eyta*Ydi*}_M`@gpVi2aN%ji%3;uxT;Of}xu=>xDlPQa`9Q+~8W
z?&_!ro5ScUrIwqPDfC0%U$JDBsVBP12_&0)qwJkrVf{&EHs?y})~{w42{f9c>$MAI
zo0@5ZI6P9h+`kxcUKBZY<Vv*f-1d&QNR2=brk3wNSMT-MTfuGDKOc&C0)4$mlyQB}
zBL}U$-7F997)(#xPbplpya+3pxYLsLLuIMBE&bJS)R%nIVW`@9f>!U(WX@a#RBRlp
ze{mqyFFfomIE;~9nO!$IRnSlveUgl@Iu8&40)Xvij(A_cP*1#{H{wcwr#eCjgZCui
z3Eqeh@1Vd?->|@tNJOYFA;33)fFOBCDkF@11AGFF!~U++Jp=tOJOEt-3j(<SdcsJs
zd_i4VeVZQgfe|$Fa(b;+ejN5TJLun^1BtV-b3?c|K^#I*2p2a9EDT};f~0_;KjHyU
z2>;(>Y%t#`=0n7EQBz8YOX<#x>Q<JCONSXwLG5S}!2Hy=A>Kgghyd^1DN2E}tp_c5
zFkh@v@#?$dskYw>b11I!7Y#qVINNesmjNXZlm@#p5Az$T$TSg*@zfiu@B5bRB<Zl6
zpOP$lt%)q_mbwyU&*%@x9Yy_b<4EpK{dTVvzGm#MW=dulhPz^c>c+~Li;>q+zVgnu
zShiI^^e#D$hdKXo^6DPM<{2H*^@S=hzGGkpXLh$(97Ib*a#<@xKA3JZ5IGS`h|#yT
z>#cthnW!Zhc4ybX1l5%9E{AEX`Q#*n2^xB*tbE^>o){mtYXEUM^@v|4!4#I%c|%Ae
z#1{Q<p#<^E>#dupX$Cd`NfV;(;+C|YhpX~=m;a23vANLICGcV5FnlpaimQ9hOHt0r
zTG2yyk1dN_07FH+7x!L`l2f<$(@MEIk}H_HesBclFHvcopmAT5Jk0w;_Or#q5DN##
zG<Nhu^=<a;lByr@p`mKQ%+asswpy|JIhi_feA|Vbf+TImy@txb8dfzP?M#I=Sb2S_
zocPF^ehMI7xpBeR3;A1efiy>QO5WR?Z@6>`UuQ0NXIERiXf4Oh@-Ff&z8c>)O!j|#
zHo7OY`CcKhZp74SjcL{|s@Zd%N*N2;p@H&Yh0Uao)2lS8Se+4iBB&Q5L#j?$?fx%Q
zQ<jx4$ZoS(BcCr)uQWD(`S^beN$KvtH37<7PON~jZJrjN^Ck+q)bfeH^n;CIESMXl
z^cAH_0b+9RWuu)<<*MGQYklC~$7j*;3pIkNR^39pkdbUIGrx)!=*ik^S7rAfJ}T>a
zaCYvOgA8L%=~t;rL3F<}Y;ZEOXi{4-4`@VF>5*mhyeTNjK-^rM(IB4Dh;<zJlF$>t
zV%p-OwT^3|{gz0<jvr?<Ws-6!iDp!M?BGG@D!ZG{W^-{<n{SN^4^mb^(2jmx#<cX7
za5V?I#TnmZnRw>0_0jtF?riMhlpa}rU=U+aN^5aUa4OBMk@@0N@s2#dFzE5<ulO=8
zOh~R1#}xdWE?H@m-rt=`qF~<~Dit8F^qJUl{<u#4BFTE)F$cDa8;(DbIo8f$J%+wV
z5$qJ-TD|}MXe&7A@NVu5`7BSIoDB=Z(FEqz*l}+!nC~hpzF-1fc>v0cI3;lJomwt`
z>`WtC%YEHVhZhd`q-&8pavvHuIi_O={lqx-2JWBu%0~|bHb(A?%4ZnE9|toi(#Wx{
zv9pDx;efewSXIt}Dk$+S<XFCH2>XHXZnqKi&d|+$rdyL&(|gWli$G(f<TqPoiJD|<
zneS6e6Os_O5sKyQjsX4w;=FAk>UzF2&FHuf)GLJE>$mHa0>moH{)edtAYHJ?zkosf
zA7Ehr3(4YNe8;?~5cSB-@I8V^$Dc6GaGrK}8ssXu#KI_;#mRu0RhmjW`ZF{Bf#O4f
z){?43?F2URHum`)7AJ}MwS3yH6s_HIhoj4KVw^K+Cm}AqE1m@d7QctruIMa?7#h`*
zxDCT~9qgVyElKA{dg2a#{nW|X@C4@oZdbbdwYsgzd+@gd<BsEbN)>^r&Hk$?>N8@J
z*t!hB^n9Z+qSwKp!{4(PK!B-w)}*j$lEUCPV1!=c?rf{QnDXtIAYBplELm|zzA^VL
z@bg1GH?-qvwm-X<-FLc10DGeOXPJoKZBi(lC;b~UD47dCC|Q14vMX|JX%(AQ#KUJi
zFe<mDr!Gu844fA=ajIXusHu3S?rWBmohO@E0DZP1G05J=Wey;#QXAeue%_+wM%B#G
z0q63zR7iC5N5k$~!w<4`Gw(_3dFihmt~2-eN*{Ie<mahsvh(^^Id8ms;jh53@(>ns
zI471ip#>ci4?8r1Rb3JY5j=nizdBIK`?{&Iv|Orv$;LX{LBb1dzjP;rQh`VkYt(L#
zKnm%vs_FmQ83Q^EiBoE(Z`<e&H7+r3s+31%{8)Q*KT}P1lk3T{#k`wv*?8U<2P9Z>
zYE%1Uo3JRx+dO*J^=9yWl-wR+h%&~AwR+`&pEwZLh_=~yt}4hgo0aaV^s8?zBF+=~
G*FORFpf800

literal 0
HcmV?d00001

diff --git a/etc/apt/sources.list.d/docker.sources b/etc/apt/sources.list.d/docker.sources
new file mode 100644
index 0000000..d9f6861
--- /dev/null
+++ b/etc/apt/sources.list.d/docker.sources
@@ -0,0 +1,5 @@
+Types: deb
+URIs: https://download.docker.com/linux/ubuntu
+Suites: noble
+Components: stable
+Signed-By: /usr/share/keyrings/docker-archive-keyring.gpg
diff --git a/etc/apt/sources.list.d/tailscale.sources b/etc/apt/sources.list.d/tailscale.sources
new file mode 100644
index 0000000..ac1a087
--- /dev/null
+++ b/etc/apt/sources.list.d/tailscale.sources
@@ -0,0 +1,5 @@
+Types: deb
+URIs: https://pkgs.tailscale.com/stable/ubuntu
+Suites: noble
+Components: main
+Signed-By: /usr/share/keyrings/tailscale-archive-keyring.gpg
diff --git a/etc/docker/daemon.json b/etc/docker/daemon.json
index b73dceb..fe3a9bc 100644
--- a/etc/docker/daemon.json
+++ b/etc/docker/daemon.json
@@ -1,4 +1,3 @@
 {
-  "live-restore": true,
   "log-driver": "journald"
 }
diff --git a/install b/install
new file mode 100755
index 0000000..facd977
--- /dev/null
+++ b/install
@@ -0,0 +1,32 @@
+#!/bin/sh
+set -eu
+
+REPO=${REPO:-git@github.com:kou029w/fogtype.com.git}
+REMOTE_HOST=${REMOTE_HOST:-fogtype.com}
+PACKAGES="docker-ce docker-compose-plugin tailscale"
+
+sudo apt-get update -qq
+DEBIAN_FRONTEND=noninteractive \
+  sudo apt-get install -y -qq git rsync
+
+git clone "${REPO}" "${HOME}/${REMOTE_HOST}" ||
+  git pull --rebase
+
+cd "${HOME}/${REMOTE_HOST}"
+
+sudo rsync -r etc/apt/keyrings/ /usr/share/keyrings/
+eval "$(apt-config shell APT_CONF_DIR 'Dir::Etc::parts/d')"
+sudo rsync -r etc/apt/apt.conf.d/ "${APT_CONF_DIR}"
+eval "$(apt-config shell APT_SOURCES_DIR 'Dir::Etc::sourceparts/d')"
+sudo rsync -r etc/apt/sources.list.d/ "${APT_SOURCES_DIR}"
+
+sudo rsync -r etc/docker/ /etc/docker/
+
+sudo apt-get update -qq
+# shellcheck disable=SC2086
+DEBIAN_FRONTEND=noninteractive \
+  sudo apt-get install -y -qq ${PACKAGES}
+
+sudo gpasswd -a "$(whoami)" docker
+
+cd -