DEPRECATED: This tool is no longer needed. The Thinkube installer now handles all overlay network setup automatically during installation. See DEPRECATED.md for details.
Bootstrap script for preparing Ubuntu nodes for remote Thinkube installation via overlay networks (ZeroTier or Tailscale).
Run this command on each Ubuntu node you want to prepare for Thinkube:
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/bootstrap.sh | sudo bash- Auto-detects network configuration from your Ubuntu setup
- Installs overlay network (ZeroTier or Tailscale) and joins your private network
- Configures your existing user for Ansible automation
- Prepares the node for remote Thinkube installation
- Fresh Ubuntu 24.04 installation (arm64 or amd64)
- Network connectivity
- For ZeroTier:
- ZeroTier Network ID (create one at my.zerotier.com)
- ZeroTier API Token (from Account settings)
- For Tailscale:
- Tailscale Auth Key (from https://login.tailscale.com/admin/settings/keys)
- Recommended for DGX Spark environments
- Create a ZeroTier network at my.zerotier.com
- Note your Network ID (looks like:
1234567890abcdef) - Get your API token from Account settings
- Configure your network:
- Set IPv4 Auto-Assign to a range like
192.168.191.0/24 - Or use Manual assignment for specific IPs
- Set IPv4 Auto-Assign to a range like
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/bootstrap.sh | sudo bashWhen prompted:
- Select 1 for ZeroTier
- Enter your ZeroTier Network ID
- Enter your ZeroTier API Token
- Choose a ZeroTier IP for the node
- Sign up at https://login.tailscale.com/
- Generate an auth key from Settings → Keys
- Enable "Reusable" for multiple nodes
- Set expiration as needed
- Note your auth key (starts with
tskey-auth-)
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/bootstrap.sh | sudo bashWhen prompted:
- Select 2 for Tailscale
- Enter your Tailscale auth key
- Tailscale will auto-assign an IP from the 100.x.x.x range
For local network installations without overlay networking:
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/bootstrap.sh | sudo bash -s -- --no-overlayImportant: Choose static IPs outside your DHCP range. Common examples:
- If DHCP uses
.100-.199, use.10-.99or.200-.254 - If DHCP uses
.1-.100, use.150-.254 - Check your router settings to confirm DHCP range
The script will:
- Check and install OpenSSH if needed
- Auto-detect your current network settings (shows DHCP info)
- Configure a static IP address (you choose one outside DHCP range)
- Use your existing Ubuntu user for automation
- Install and configure your chosen overlay network (or skip overlay)
After bootstrap completes, verify:
For ZeroTier:
# Check ZeroTier status
sudo zerotier-cli status
# Check network membership
sudo zerotier-cli listnetworks
# Test connectivity from another ZeroTier node
ping <zerotier-ip>For Tailscale:
# Check Tailscale status
tailscale status
# Test connectivity from another Tailscale node
ping <tailscale-ip>From a machine with overlay network access:
For ZeroTier:
- Join the same ZeroTier network on your installer machine
- Run the Thinkube installer
- Select ZeroTier as overlay provider
- Use the ZeroTier IPs when discovering nodes
- Use the same username you configured during bootstrap
For Tailscale:
- Connect to Tailscale on your installer machine
- Run the Thinkube installer
- Select Tailscale as overlay provider
- Use the Tailscale IPs when discovering nodes
- Use the same username you configured during bootstrap
If you prefer to run commands manually, see docs/manual-setup.md
For development environments where you want to switch overlay providers or start fresh:
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/scripts/remove-zerotier.sh | sudo bashOr if you've cloned the repository:
cd tk-node-setup
sudo ./scripts/remove-zerotier.shThis will:
- Leave all ZeroTier networks
- Stop and disable the ZeroTier service
- Remove the ZeroTier package
- Clean up all ZeroTier files
- Optionally remove firewall rules
- Update bootstrap configuration
curl -sSL https://raw.githubusercontent.com/thinkube/tk-node-setup/main/scripts/remove-tailscale.sh | sudo bashOr if you've cloned the repository:
cd tk-node-setup
sudo ./scripts/remove-tailscale.shThis will:
- Logout from Tailscale
- Stop and disable the Tailscale service
- Remove the Tailscale package
- Clean up all Tailscale files
- Optionally remove firewall rules
- Update bootstrap configuration
After removing an overlay network, you can run bootstrap.sh again to configure a different provider.
# Check service status
sudo systemctl status zerotier-one
# Restart service
sudo systemctl restart zerotier-one
# Check if joined network
sudo zerotier-cli listnetworks# Check Tailscale status
tailscale status
# Re-authenticate
sudo tailscale up
# Check logs
sudo journalctl -u tailscaled -f# Verify SSH is running
sudo systemctl status ssh
# Check firewall
sudo ufw status
# Verify user exists (it will use your existing Ubuntu user)
id $USER- The bootstrap script doesn't store any secrets
- Overlay network credentials are only used during setup
- Uses your existing Ubuntu user for Ansible automation
- All overlay network traffic is encrypted
- ZeroTier: Nodes must be explicitly authorized in your network
- Tailscale: Uses WireGuard encryption, nodes authorized via auth key
For issues or questions:
Apache License 2.0 - See LICENSE file