From f467869cf5dd365fbe11141b8a5e59a81527b788 Mon Sep 17 00:00:00 2001
From: Matt <matt@letsbe.solutions>
Date: Mon, 8 Dec 2025 16:13:48 +0100
Subject: [PATCH] feat: add private Docker registry support
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- Add --docker-registry parameter to start.sh and setup.sh
- Support login to private registries like code.letsbe.solutions
- Required for pulling sysadmin-agent image from Gitea registry

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 script/setup.sh | 23 +++++++++++++++++------
 script/start.sh |  9 +++++++--
 2 files changed, 24 insertions(+), 8 deletions(-)

diff --git a/script/setup.sh b/script/setup.sh
index e728b46..bc4d333 100644
--- a/script/setup.sh
+++ b/script/setup.sh
@@ -26,9 +26,10 @@ SKIP_SSL=false
 ROOT_SSL=false
 DOMAIN=""
 
-# Docker Hub authentication (optional)
+# Docker registry authentication (optional)
 DOCKER_USER=""
 DOCKER_TOKEN=""
+DOCKER_REGISTRY=""
 
 while [[ $# -gt 0 ]]; do
     case $1 in
@@ -56,6 +57,10 @@ while [[ $# -gt 0 ]]; do
             DOCKER_TOKEN="$2"
             shift 2
             ;;
+        --docker-registry)
+            DOCKER_REGISTRY="$2"
+            shift 2
+            ;;
         --help|-h)
             echo "Usage: $0 [--tools \"tool1,tool2,...\"|\"all\"] [--domain DOMAIN] [--skip-ssl] [--root-ssl]"
             echo ""
@@ -64,8 +69,9 @@ while [[ $# -gt 0 ]]; do
             echo "  --domain      Domain name for SSL email (administrator@domain)"
             echo "  --skip-ssl    Skip SSL certificate setup"
             echo "  --root-ssl    Include root domain in SSL certificate"
-            echo "  --docker-user Docker Hub username (optional, to bypass rate limits)"
-            echo "  --docker-token Docker Hub Personal Access Token (optional)"
+            echo "  --docker-user Docker registry username (optional)"
+            echo "  --docker-token Docker registry password/token (optional)"
+            echo "  --docker-registry Docker registry URL (optional, defaults to Docker Hub)"
             echo ""
             echo "Examples:"
             echo "  $0 --tools \"all\" --domain \"example.com\""
@@ -112,10 +118,15 @@ sudo systemctl enable docker
 sudo curl -L "https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m)" -o /usr/local/bin/docker-compose
 sudo chmod 755 /usr/local/bin/docker-compose
 
-# Docker Hub login (optional - to bypass rate limits)
+# Docker registry login (optional - for private registries or to bypass rate limits)
 if [[ -n "$DOCKER_USER" && -n "$DOCKER_TOKEN" ]]; then
-    echo "Logging into Docker Hub..."
-    echo "$DOCKER_TOKEN" | docker login -u "$DOCKER_USER" --password-stdin
+    if [[ -n "$DOCKER_REGISTRY" ]]; then
+        echo "Logging into Docker registry: $DOCKER_REGISTRY..."
+        echo "$DOCKER_TOKEN" | docker login -u "$DOCKER_USER" --password-stdin "$DOCKER_REGISTRY"
+    else
+        echo "Logging into Docker Hub..."
+        echo "$DOCKER_TOKEN" | docker login -u "$DOCKER_USER" --password-stdin
+    fi
 fi
 
 # =============================================================================
diff --git a/script/start.sh b/script/start.sh
index 4e3bd8e..7192457 100644
--- a/script/start.sh
+++ b/script/start.sh
@@ -57,9 +57,10 @@ CUSTOMER=""
 DOMAIN=""
 COMPANY_NAME=""
 
-# Docker Hub authentication (optional)
+# Docker registry authentication (optional)
 DOCKER_USER=""
 DOCKER_TOKEN=""
+DOCKER_REGISTRY=""
 
 # =============================================================================
 # HELPER FUNCTIONS
@@ -128,13 +129,16 @@ parse_json() {
     SERVER_PASSWORD=$(echo "$json" | jq -r '.password // empty')
     SSH_KEY=$(echo "$json" | jq -r '.key // empty')
     ACTION=$(echo "$json" | jq -r '.action // empty')
-    TOOLS=$(echo "$json" | jq -r '.tools // empty')
+    # Handle tools as either array or string
+    TOOLS=$(echo "$json" | jq -r 'if .tools | type == "array" then .tools | join(",") elif .tools then .tools else empty end')
     SKIP_SSL=$(echo "$json" | jq -r 'if .skip_ssl == true then "true" else "" end')
+    ROOT_SSL=$(echo "$json" | jq -r 'if .root_ssl == true then "true" else "" end')
     CUSTOMER=$(echo "$json" | jq -r '.customer // empty')
     DOMAIN=$(echo "$json" | jq -r '.domain // empty')
     COMPANY_NAME=$(echo "$json" | jq -r '.company_name // empty')
     DOCKER_USER=$(echo "$json" | jq -r '.docker_user // empty')
     DOCKER_TOKEN=$(echo "$json" | jq -r '.docker_token // empty')
+    DOCKER_REGISTRY=$(echo "$json" | jq -r '.docker_registry // empty')
 
     # Registration token (can also be set via environment variable)
     local json_token=$(echo "$json" | jq -r '.registration_token // empty')
@@ -376,6 +380,7 @@ if [[ "$ACTION" == "setup" ]]; then
         [[ "$ROOT_SSL" == "true" ]] && SETUP_ARGS="$SETUP_ARGS --root-ssl"
         [[ -n "$DOCKER_USER" ]] && SETUP_ARGS="$SETUP_ARGS --docker-user $(printf '%q' "$DOCKER_USER")"
         [[ -n "$DOCKER_TOKEN" ]] && SETUP_ARGS="$SETUP_ARGS --docker-token $(printf '%q' "$DOCKER_TOKEN")"
+        [[ -n "$DOCKER_REGISTRY" ]] && SETUP_ARGS="$SETUP_ARGS --docker-registry $(printf '%q' "$DOCKER_REGISTRY")"
 
         # Run setup.sh directly in foreground (connection stays alive with PermitRootLogin yes)
         echo "Running setup.sh (this may take 10-15 minutes)..."