proxmox-utils/ns/make.sh

#!/usr/bin/bash
#----------------------------------------------------------------------

source ../.pct-helpers


#----------------------------------------------------------------------

UPDATE_ON_LAN=1
TIMEOUT=5
TMP_PASS_LEN=32

TEMPLATE_DIR=templates
ASSETS_DIR=assets

# EMAIL=
# DOMAIN=
# ID=
# CTHOSTNAME=
# WAN_IP=
# WAN_GATE=
# ROOTPASS=

DFL_EMAIL=user@example.com
DFL_DOMAIN=example.com
DFL_ID=100
DFL_CTHOSTNAME=ns
DFL_WAN_IP=192.168.1.101/24
DFL_WAN_GATE=192.168.1.252

TMP_PASS=$(cat /dev/urandom | base64 | head -c ${TMP_PASS_LEN:=32})


#----------------------------------------------------------------------

[ -z $EMAIL ] \
	&& read -ep "Email: " -i "$DFL_EMAIL" EMAIL
EMAIL=${EMAIL:=$DFL_EMAIL}
[ -z $DOMAIN ] \
	&& read -ep "Domain: " -i "$DFL_DOMAIN" DOMAIN
DOMAIN=${DOMAIN:=$DFL_DOMAIN}
[ -z $ID ] \
	&& read -ep "ID: " -i "$DFL_ID" ID
[ -z $CTHOSTNAME ] \
	&& read -ep "Hostname: " -i "$DFL_CTHOSTNAME" CTHOSTNAME
[ -z $WAN_IP ] \
	&& read -ep "WAN ip (stub): " -i "$DFL_WAN_IP" WAN_IP
[ -z $WAN_GATE ] \
	&& read -ep "WAN gateway (stub): " -i "$DFL_WAN_GATE" WAN_GATE
if [ -z $ROOTPASS ] ; then
	read -sep "root password (Enter to skip): " PASS1
	echo
	if [ $PASS1 ] ; then
		read -sep "retype root password: " PASS2
		echo
		if [[ $PASS1 != $PASS2 ]] ; then
			echo "ERR: passwords do not match."
			exit 1
		fi
		PASS=$PASS1
	fi
else
	PASS=$ROOTPASS
fi


#----------------------------------------------------------------------

echo Building config...
TEMPLATES=($(find "$TEMPLATE_DIR" -type f))
for file in "${TEMPLATES[@]}" ; do
	file=${file#${TEMPLATE_DIR}}
	echo Generating: ${file}...
	cat "${TEMPLATE_DIR}/${file}" \
		| sed \
			-e 's/\${EMAIL}/'$EMAIL'/' \
			-e 's/\${DOMAIN}/'$DOMAIN'/' \
			-e 's/\${CTHOSTNAME}/'$CTHOSTNAME'/' \
			-e 's/\${WAN_IP}/'${WAN_IP/\//\\/}'/' \
			-e 's/\${WAN_GATE}/'$WAN_GATE'/' \
		> "${ASSETS_DIR}/${file}"
done


#----------------------------------------------------------------------

echo Creating CT...

TEMPLATE=($(ls /var/lib/vz/template/cache/alpine-3.18*.tar.xz))

# XXX option to configure bridges...
# NOTE: we are not setting the password here to avoid printing it to the terminal...
@ pct create $ID \
	${TEMPLATE[-1]} \
	--hostname $CTHOSTNAME \
	--memory 128 \
	--swap 128 \
	--net0 name=lan,bridge=vmbr0,firewall=1,ip=dhcp,type=veth \
	--net1 name=admin,bridge=vmbr1,firewall=1,type=veth \
	--net2 name=wan,bridge=vmbr2,firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth \
	--storage local-lvm \
	--rootfs local-lvm:0.5 \
	--unprivileged 1 \
	--password="$TMP_PASS" \
	--start 1 \
|| exit 1

# XXX ifdown admin lan interfaces fro bootstrap...

echo Setting root password...
if [ $PASS ] ; then
	echo "root:$PASS" \
		| @ lxc-attach $ID chpasswd
fi

echo Updating container...
@ lxc-attach $ID apk update
@ lxc-attach $ID apk upgrade

echo Installing dependencies...
@ lxc-attach $ID apk add bash dnsmasq

echo Copying assets...
@ pct-push-r $ID ./assets /

echo Setup: dnsmasq...
@ lxc-attach $ID rc-update add dnsmasq
@ lxc-attach $ID rc-service dnsmasq start


echo Done.


#----------------------------------------------------------------------
# vim:set ts=4 sw=4 :
added ns... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2023-12-28 20:08:03 +03:00			`#!/usr/bin/bash`
			`#----------------------------------------------------------------------`

			`source ../.pct-helpers`


			`#----------------------------------------------------------------------`

			`UPDATE_ON_LAN=1`
			`TIMEOUT=5`
			`TMP_PASS_LEN=32`

			`TEMPLATE_DIR=templates`
			`ASSETS_DIR=assets`

			`# EMAIL=`
			`# DOMAIN=`
			`# ID=`
			`# CTHOSTNAME=`
			`# WAN_IP=`
			`# WAN_GATE=`
			`# ROOTPASS=`

			`DFL_EMAIL=user@example.com`
			`DFL_DOMAIN=example.com`
			`DFL_ID=100`
			`DFL_CTHOSTNAME=ns`
			`DFL_WAN_IP=192.168.1.101/24`
			`DFL_WAN_GATE=192.168.1.252`

			`TMP_PASS=$(cat /dev/urandom \| base64 \| head -c ${TMP_PASS_LEN:=32})`


			`#----------------------------------------------------------------------`

			`[ -z $EMAIL ] \`
			`&& read -ep "Email: " -i "$DFL_EMAIL" EMAIL`
			`EMAIL=${EMAIL:=$DFL_EMAIL}`
			`[ -z $DOMAIN ] \`
			`&& read -ep "Domain: " -i "$DFL_DOMAIN" DOMAIN`
			`DOMAIN=${DOMAIN:=$DFL_DOMAIN}`
			`[ -z $ID ] \`
			`&& read -ep "ID: " -i "$DFL_ID" ID`
			`[ -z $CTHOSTNAME ] \`
			`&& read -ep "Hostname: " -i "$DFL_CTHOSTNAME" CTHOSTNAME`
			`[ -z $WAN_IP ] \`
			`&& read -ep "WAN ip (stub): " -i "$DFL_WAN_IP" WAN_IP`
			`[ -z $WAN_GATE ] \`
			`&& read -ep "WAN gateway (stub): " -i "$DFL_WAN_GATE" WAN_GATE`
			`if [ -z $ROOTPASS ] ; then`
			`read -sep "root password (Enter to skip): " PASS1`
			`echo`
			`if [ $PASS1 ] ; then`
			`read -sep "retype root password: " PASS2`
			`echo`
			`if [[ $PASS1 != $PASS2 ]] ; then`
			`echo "ERR: passwords do not match."`
			`exit 1`
			`fi`
			`PASS=$PASS1`
			`fi`
			`else`
			`PASS=$ROOTPASS`
			`fi`


			`#----------------------------------------------------------------------`

			`echo Building config...`
			`TEMPLATES=($(find "$TEMPLATE_DIR" -type f))`
			`for file in "${TEMPLATES[@]}" ; do`
			`file=${file#${TEMPLATE_DIR}}`
			`echo Generating: ${file}...`
			`cat "${TEMPLATE_DIR}/${file}" \`
			`\| sed \`
			`-e 's/\${EMAIL}/'$EMAIL'/' \`
			`-e 's/\${DOMAIN}/'$DOMAIN'/' \`
			`-e 's/\${CTHOSTNAME}/'$CTHOSTNAME'/' \`
			`-e 's/\${WAN_IP}/'${WAN_IP/\//\\/}'/' \`
			`-e 's/\${WAN_GATE}/'$WAN_GATE'/' \`
			`> "${ASSETS_DIR}/${file}"`
			`done`


			`#----------------------------------------------------------------------`

			`echo Creating CT...`

			`TEMPLATE=($(ls /var/lib/vz/template/cache/alpine-3.18*.tar.xz))`

notes... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2023-12-29 06:32:00 +03:00			`# XXX option to configure bridges...`
added ns... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2023-12-28 20:08:03 +03:00			`# NOTE: we are not setting the password here to avoid printing it to the terminal...`
			`@ pct create $ID \`
			`${TEMPLATE[-1]} \`
			`--hostname $CTHOSTNAME \`
			`--memory 128 \`
			`--swap 128 \`
			`--net0 name=lan,bridge=vmbr0,firewall=1,ip=dhcp,type=veth \`
			`--net1 name=admin,bridge=vmbr1,firewall=1,type=veth \`
			`--net2 name=wan,bridge=vmbr2,firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth \`
			`--storage local-lvm \`
			`--rootfs local-lvm:0.5 \`
			`--unprivileged 1 \`
			`--password="$TMP_PASS" \`
			`--start 1 \`
			`\|\| exit 1`

notes... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2023-12-29 06:32:00 +03:00			`# XXX ifdown admin lan interfaces fro bootstrap...`
added ns... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com> 2023-12-28 20:08:03 +03:00
			`echo Setting root password...`
			`if [ $PASS ] ; then`
			`echo "root:$PASS" \`
			`\| @ lxc-attach $ID chpasswd`
			`fi`

			`echo Updating container...`
			`@ lxc-attach $ID apk update`
			`@ lxc-attach $ID apk upgrade`

			`echo Installing dependencies...`
			`@ lxc-attach $ID apk add bash dnsmasq`

			`echo Copying assets...`
			`@ pct-push-r $ID ./assets /`

			`echo Setup: dnsmasq...`
			`@ lxc-attach $ID rc-update add dnsmasq`
			`@ lxc-attach $ID rc-service dnsmasq start`



			`echo Done.`


			`#----------------------------------------------------------------------`
			`# vim:set ts=4 sw=4 :`