Enhance dnsmasq setup with new scripts and documentation

- Add custom dictionary words for spell checking.
- Refactor wild-central-generate-setup script for improved error handling and structure.
- Create README.md for central dnsmasq setup with detailed instructions.
- Implement create-setup-bundle.sh and setup.sh scripts for setting up dnsmasq and PXE booting.
- Add transfer-setup-bundle.sh for transferring setup files to the server.
- Update SETUP.md with clearer instructions for initial setup and configuration.
- Introduce .gitignore for dnsmasq setup bundle.

central-setup/README.md

@@ -1,23 +1,17 @@
 # Central setup
 
-"Central" is a Wild-cloud concept for a network appliance use for cloud utilities.
+**Central** is a separate machine on your network that provides core wild-cloud services.
 
 Right now, this is entirely `dnsmasq` to provide:
 
 - LAN DNS w/ forwarding of internal and external cloud domains to the cluster.
 - PXE for setting up cluster nodes.
 
-## Setup
+Read the [dnsmasq README.md](./dnsmasq/README.md) for how we set things up right now.
 
-The setup is going through architecture design right now.
+## _Future_ setup
 
-- Initially, the process used to bootstrap a node was:
-  - Run `bin/install-dnsmasq` in your personal wildcloud dir to create a set of install files in `cluster/dnsmasq`.
-  - Copy this dir to a configured debian machine to have the services set up correctly as your Central.
-
-## Future setup
-
-To provide a better user experience, we have been creating a debian apt package that also does this while providing a UI.
+We _may_ follow a Central network appliance in the future, where one could install an apt package and use Central like a LAN router.
 
 Development repo: https://github.com/civil-society-dev/wild-central
 

central-setup/dnsmasq/.gitignore

@@ -0,0 +1 @@
+setup-bundle/

central-setup/dnsmasq/README.md

@@ -0,0 +1,68 @@
+# Central dnsmasq setup
+
+## Overview
+
+dnsmasq solves two problems for us. It provides:
+
+- LAN DNS w/ forwarding of internal and external cloud domains to the cluster.
+- PXE for setting up cluster nodes.
+
+### PXE Bootloading
+
+A "PXE client" is any machine that is booting using PXE. This is a great way to set up a new cluster node.
+
+- PXE client broadcasts a request for help across the LAN.
+- Dnsmasq's DHCP service responds with an IP address and TFTP server info.
+- PXE client downloads PXE's iPEXE bootloader files:
+  - `ipxe.efi`
+  - `undionly.kpxe`
+  - `ipxe-arm64.efi`
+    (`pxelinux.0`) via TFTP.
+- PXE client reads the bootloader config for the correct web address and fetches the boot files:
+  - The kernel, `vmlinuz`.
+  - The initial RAM disk, `initrd`.
+  - The Talos image,
+
+## Setup
+
+- Install a Linux machine on your LAN. Record it's IP address in your `config:cloud.dns.ip`.
+- Ensure it is accessible with ssh.
+- From your wild-cloud directory, run `wild-central-generate-setup`.
+- Run `cluster/dnsmasq/bin/create-setup-bundle.sh`
+- Run `cluster/dnsmasq/bin/transfer-setup-bundle.sh`
+
+Now ssh into your dnsmasq machine and do the following:
+
+```bash
+sudo -i
+cd dnsmasq-setup
+./setup.sh
+```
+
+## Future setup
+
+To provide a better user experience, we have been creating a debian apt package that also does this while providing a UI.
+
+Development repo: https://github.com/civil-society-dev/wild-central
+
+The setup will look something like this:
+
+```bash
+# Download and install GPG key
+curl -fsSL https://mywildcloud.org/apt/wild-cloud-central.gpg | sudo tee /usr/share/keyrings/wild-cloud-central-archive-keyring.gpg > /dev/null
+
+# Add repository (modern .sources format)
+sudo tee /etc/apt/sources.list.d/wild-cloud-central.sources << 'EOF'
+Types: deb
+URIs: https://mywildcloud.org/apt
+Suites: stable
+Components: main
+Signed-By: /usr/share/keyrings/wild-cloud-central-archive-keyring.gpg
+EOF
+
+# Update and install
+sudo apt update
+sudo apt install wild-cloud-central
+```
+
+browse to `http://localhost:5050`!

central-setup/dnsmasq/bin/create-setup-bundle.sh

@@ -0,0 +1,78 @@
+#!/bin/bash
+
+# Set up 
+
+# Initialize wildcloud environment.
+
+if [ ! -d ".wildcloud" ]; then
+    echo "Error: You must run this script from a wild-cloud directory"
+    exit 1
+fi
+
+WILDCLOUD_CONFIG_FILE="./config.yaml"
+if [ ! -f ${WILDCLOUD_CONFIG_FILE} ]; then
+    echo "Error: ${WILDCLOUD_CONFIG_FILE} not found"
+    exit 1
+fi
+
+
+WILDCLOUD_ROOT=$(yq eval '.wildcloud.root' ${WILDCLOUD_CONFIG_FILE})
+if [ -z "${WILDCLOUD_ROOT}" ] || [ "${WILDCLOUD_ROOT}" = "null" ]; then
+    echo "Error: wildcloud.root not found in ${WILDCLOUD_CONFIG_FILE}"
+    exit 1
+fi
+
+# ---
+
+DNSMASQ_SETUP_DIR="./cluster/dnsmasq"
+BUNDLE_DIR="${DNSMASQ_SETUP_DIR}/setup-bundle"
+mkdir -p "${BUNDLE_DIR}"
+
+
+# Copy iPXE bootloader to ipxe-web.
+echo "Copying Talos kernel and initramfs for PXE boot..."
+PXE_WEB_ROOT="${BUNDLE_DIR}/ipxe-web"
+mkdir -p "${PXE_WEB_ROOT}/amd64"
+cp "${DNSMASQ_SETUP_DIR}/boot.ipxe" "${PXE_WEB_ROOT}/boot.ipxe"
+
+# Create Talos bare metal boot assets.
+# This uses the Talos factory API to create boot assets for bare metal nodes.
+# These assets include the kernel and initramfs needed for PXE booting Talos on bare metal.
+echo "Creating Talos bare metal boot assets..."
+TALOS_ID=$(curl -X POST --data-binary @${DNSMASQ_SETUP_DIR}/bare-metal.yaml https://factory.talos.dev/schematics | jq -r '.id')
+if [ -z "${TALOS_ID}" ] || [ "${TALOS_ID}" = "null" ]; then
+    echo "Error: Failed to create Talos bare metal boot assets"
+    exit 1
+fi
+echo "Successfully created Talos bare metal boot assets with ID: ${TALOS_ID}"
+
+# Download kernel to ipxe-web if it's not already there.
+TALOS_VERSION=$(wild-config .cluster.nodes.talos.version) || exit 1
+if [ ! -f "${PXE_WEB_ROOT}/amd64/vmlinuz" ]; then
+    echo "Downloading Talos kernel..."
+    wget -O "${PXE_WEB_ROOT}/amd64/vmlinuz" "https://pxe.factory.talos.dev/image/${TALOS_ID}/${TALOS_VERSION}/kernel-amd64"
+else
+    echo "Talos kernel already exists, skipping download"
+fi
+
+# Download initramfs to ipxe-web if it's not already there.
+if [ ! -f "${PXE_WEB_ROOT}/amd64/initramfs.xz" ]; then
+    echo "Downloading Talos initramfs..."
+    wget -O "${PXE_WEB_ROOT}/amd64/initramfs.xz" "https://pxe.factory.talos.dev/image/${TALOS_ID}/${TALOS_VERSION}/initramfs-amd64.xz"
+else
+    echo "Talos initramfs already exists, skipping download"
+fi
+
+# Update PXE's iPXE bootloader files.
+# TODO: Put download to cache first.
+echo "Updating iPXE ftpd bootloader files."
+FTPD_DIR="${BUNDLE_DIR}/pxe-ftpd"
+mkdir -p $FTPD_DIR
+wget http://boot.ipxe.org/ipxe.efi -O ${FTPD_DIR}/ipxe.efi
+wget http://boot.ipxe.org/undionly.kpxe -O ${FTPD_DIR}/undionly.kpxe
+wget http://boot.ipxe.org/arm64-efi/ipxe.efi -O ${FTPD_DIR}/ipxe-arm64.efi
+
+
+cp "${DNSMASQ_SETUP_DIR}/nginx.conf" "${BUNDLE_DIR}/nginx.conf"
+cp "${DNSMASQ_SETUP_DIR}/dnsmasq.conf" "${BUNDLE_DIR}/dnsmasq.conf"
+cp "${DNSMASQ_SETUP_DIR}/bin/setup.sh" "${BUNDLE_DIR}/setup.sh"

central-setup/dnsmasq/bin/setup.sh

@@ -9,7 +9,8 @@ echo "Installing dnsmasq and nginx."
 sudo apt install -y dnsmasq nginx
 
 DNSMASQ_SETUP_DIR="/tmp/dnsmasq-setup"
-NODE_IMAGES_DIR="${DNSMASQ_SETUP_DIR}/pxe-web-root"
+PXE_FTPD_DIR="${DNSMASQ_SETUP_DIR}/pxe-ftpd"
+PXE_WEB_ROOT="${DNSMASQ_SETUP_DIR}/pxe-web"
 
 # Configure nginx.
 echo "Configuring nginx."
@@ -22,7 +23,7 @@ echo "Copying Talos PXE boot assets to nginx web root."
 TALOS_PXE_WEB_ROOT="/var/www/html/talos"
 sudo mkdir -p "${TALOS_PXE_WEB_ROOT}"
 sudo rm -rf ${TALOS_PXE_WEB_ROOT}/* # Clean the web root directory
-sudo cp -r ${NODE_IMAGES_DIR}/* "${TALOS_PXE_WEB_ROOT}"
+sudo cp -r ${PXE_WEB_ROOT}/* "${TALOS_PXE_WEB_ROOT}"
 sudo chown -R www-data:www-data "${TALOS_PXE_WEB_ROOT}"
 sudo chmod -R 755 "${TALOS_PXE_WEB_ROOT}"
 
@@ -42,13 +43,9 @@ if systemctl is-active --quiet systemd-resolved; then
 fi
 
 # Update PXE's iPXE bootloader files.
-# TODO: Put download to cache first.
 echo "Updating iPXE ftpd bootloader files."
 sudo mkdir -p /var/ftpd
-sudo wget http://boot.ipxe.org/ipxe.efi -O /var/ftpd/ipxe.efi
-sudo wget http://boot.ipxe.org/undionly.kpxe -O /var/ftpd/undionly.kpxe
-sudo wget http://boot.ipxe.org/arm64-efi/ipxe.efi -O /var/ftpd/ipxe-arm64.efi
-
+sudo cp ${PXE_FTPD_DIR}/* /var/ftpd/
 
 # Finally, install and configure DNSMasq.
 echo "Configuring and starting DNSMasq."

central-setup/dnsmasq/bin/transfer-setup-bundle.sh

@@ -0,0 +1,13 @@
+#!/bin/bash
+
+if [ ! -d ".wildcloud" ]; then
+    echo "Error: You must run this script from a wild-cloud directory"
+    exit 1
+fi
+
+SERVER_HOST=$(wild-config cloud.dns.ip2) || exit 1
+SETUP_DIR="./cluster/dnsmasq/setup-bundle"
+DESTINATION_DIR="~/dnsmasq-setup"
+
+echo "Copying DNSMasq setup files to ${SERVER_HOST}:${DESTINATION_DIR}..."
+scp -r ${SETUP_DIR}/* root@${SERVER_HOST}:${DESTINATION_DIR}