From d58b384e0a93d2b7ee153117a6fdd42570c76a2a Mon Sep 17 00:00:00 2001 From: "Alex A. Naanou" Date: Sat, 20 Jan 2024 22:22:32 +0300 Subject: [PATCH] refactoring... Signed-off-by: Alex A. Naanou --- .pct-helpers | 76 +++++++++++++++++++++++++++++++++++--------- gate-traefik/make.sh | 21 ++++-------- gitea/make.sh | 18 +++-------- nextcloud/make.sh | 23 +------------- ns/make.sh | 19 +++-------- ssh/make.sh | 21 ++++-------- syncthing/make.sh | 19 +++-------- wireguard/make.sh | 20 ++++-------- 8 files changed, 94 insertions(+), 123 deletions(-) diff --git a/.pct-helpers b/.pct-helpers index 477bbe8..132003a 100644 --- a/.pct-helpers +++ b/.pct-helpers @@ -544,7 +544,6 @@ expandPCTTemplate(){ # # buildAssets [VAR ..] # -# XXX revise: SKIP handling... NOTES=NOTES.md buildAssets(){ local template_dir=${TEMPLATE_DIR:-templates} @@ -623,32 +622,77 @@ pveGetLatestTemplate(){ # -# pctCreate ID TEMPLATE ARGS [PASS] +# pctBaseCreate ID TEMPLATE ARGS [PASS] # -pctCreate(){ +pctBaseCreate(){ + local ID=$1 + local TEMPLATE=$2 + local ARGS=$3 + local PASS=$4 + local TMP_PASS=$(cat /dev/urandom | base64 | head -c ${TMP_PASS_LEN:=32}) # NOTE: we are not setting the password here to avoid printing it to the terminal... - @ pct create $1 \ - ${2} \ - ${3} \ + @ pct create $ID \ + "${TEMPLATE}" \ + ${ARGS} \ --password="$TMP_PASS" \ --start 1 \ || exit 1 + # set actual root password... - if [ "$4" ] ; then - echo "root:$4" \ - | @ lxc-attach $1 chpasswd + if [ "$PASS" ] ; then + echo "root:$PASS" \ + | @ lxc-attach $ID chpasswd fi } # -# pctCreate ID ARGS [PASS] +# pctCreate ID TEMPLATE [PASS] +# +#OPTS_STAGE_1= +#INTERFACES= +#CTHOSTNAME= +#CORES= +#RAM= +#SWAP= +#DRIVE= +#PCT_EXTRA= +# XXX +pctCreate(){ + # build network args... + local interfaces_args=() + local i=0 + local interface + for interface in "${INTERFACES[@]}" ; do + interfaces_args+=("--net${i} "${interface}"") + i=$(( i + 1 )) + done + + # NOTE: TKL gui will not function correctly without nesting enabled... + local args="\ + --hostname $CTHOSTNAME \ + --cores $CORES \ + --memory $RAM \ + --swap $SWAP \ + "${interfaces_args[@]}" \ + --storage local-lvm \ + --rootfs local-lvm:$DRIVE \ + --unprivileged 1 \ + --features nesting=1 \ + ${PCT_EXTRA} \ + " + + pctBaseCreate "$1" "$2" "${OPTS_STAGE_1:-"${args}"}" "$3" +} + +# +# pctCreate ID [PASS] # pctCreateAlpine(){ local TEMPLATE pveGetLatestTemplate alpine TEMPLATE - pctCreate $1 "$TEMPLATE" "$2" "$3" + pctCreate $1 "$TEMPLATE" "$2" sleep ${TIMEOUT:=5} @@ -659,7 +703,7 @@ pctCreateDebian(){ local TEMPLATE pveGetLatestTemplate 'debian-12-standard' TEMPLATE - pctCreate $1 "$TEMPLATE" "$2" "$3" + pctCreate $1 "$TEMPLATE" "$2" sleep ${TIMEOUT:=5} @@ -670,7 +714,7 @@ pctCreateUbuntu(){ local TEMPLATE pveGetLatestTemplate ubuntu TEMPLATE - pctCreate $1 "$TEMPLATE" "$2" "$3" + pctCreate $1 "$TEMPLATE" "$2" sleep ${TIMEOUT:=5} @@ -679,7 +723,7 @@ pctCreateUbuntu(){ } # -# pctCreateTurnkey APP ID ARGS [PASS] +# pctCreateTurnkey APP ID [PASS] # pctCreateTurnkey(){ local app=$1 @@ -687,12 +731,13 @@ pctCreateTurnkey(){ local TEMPLATE pveGetLatestTemplate '.*-turnkey-'$app TEMPLATE - pctCreate $1 "$TEMPLATE" "$2" "$3" + pctCreate $1 "$TEMPLATE" "$2" tklWaitForSetup $1 sleep ${TIMEOUT:=5} } + # Wait for /etc/inithooks.conf to be generated then cleared # # tklWaitForSetup ID @@ -718,6 +763,7 @@ tklWaitForSetup(){ printf 'ready.\n' sleep ${TIMEOUT:=5} } + # # pctUpdateTurnkey ID # diff --git a/gate-traefik/make.sh b/gate-traefik/make.sh index f04cf7a..dc48ed8 100755 --- a/gate-traefik/make.sh +++ b/gate-traefik/make.sh @@ -42,20 +42,11 @@ readVars #---------------------------------------------------------------------- -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=${ADMIN_IP}},type=veth \ - --net2 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_IP:+,ip=${LAN_IP}},type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth" + "name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=${ADMIN_IP}},type=veth" + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_IP:+,ip=${LAN_IP}},type=veth" +) OPTS_STAGE_2="\ --startup order=80 \ @@ -69,7 +60,7 @@ echo "# Building config..." buildAssets echo "# Creating CT..." -pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" +pctCreateAlpine $ID "$PASS" echo "# Installing dependencies..." @ lxc-attach $ID apk add bash bridge iptables traefik logrotate diff --git a/gitea/make.sh b/gitea/make.sh index 328b372..53f3632 100644 --- a/gitea/make.sh +++ b/gitea/make.sh @@ -41,19 +41,9 @@ readVars #---------------------------------------------------------------------- -# NOTE: TKL gui will not function correctly without nesting enabled... -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" +) OPTS_STAGE_2="\ --onboot 1 \ @@ -66,7 +56,7 @@ echo "# Building config..." buildAssets echo "# Creating CT..." -pctCreateTurnkey 'gitea' $ID "$OPTS_STAGE_1" "$PASS" +pctCreateTurnkey 'gitea' $ID "$PASS" echo "# Starting TKL UI..." @ lxc-attach $ID -- bash -c "HUB_APIKEY=SKIP SEC_UPDATES=SKIP /usr/sbin/turnkey-init" diff --git a/nextcloud/make.sh b/nextcloud/make.sh index 28efefd..c2da9d9 100755 --- a/nextcloud/make.sh +++ b/nextcloud/make.sh @@ -56,27 +56,6 @@ INTERFACES=( "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" ) -# XXX move this to .pct-helpers -INTERFACES_ARGS=() -i=0 -for interface in "${INTERFACES[@]}" ; do - INTERFACES_ARGS+=("--net${i} "${interface}"") - i=$(( i + 1 )) -done -# NOTE: TKL gui will not function correctly without nesting enabled... -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - "${INTERFACES_ARGS[@]}" \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" - OPTS_STAGE_2="\ --onboot 1 \ " @@ -88,7 +67,7 @@ echo "# Building config..." buildAssets echo "# Creating CT..." -pctCreateTurnkey 'nextcloud' $ID "$OPTS_STAGE_1" "$PASS" +pctCreateTurnkey 'nextcloud' $ID "$PASS" echo "# Starting TKL UI..." # XXX might be a good idea to reaaad stuff from config... diff --git a/ns/make.sh b/ns/make.sh index bb72757..62cd55b 100755 --- a/ns/make.sh +++ b/ns/make.sh @@ -43,19 +43,10 @@ readVars #---------------------------------------------------------------------- -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_GATE:+,gw=$LAN_GATE}${LAN_IP:+,ip=$LAN_IP},type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=$ADMIN_IP},type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_GATE:+,gw=$LAN_GATE}${LAN_IP:+,ip=$LAN_IP},type=veth" + "name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=$ADMIN_IP},type=veth" +) OPTS_STAGE_2="\ --startup order=90,up=10 \ @@ -69,7 +60,7 @@ echo "# Building config..." buildAssets echo "# Creating CT..." -pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" +pctCreateAlpine $ID "$PASS" echo "# Installing dependencies..." @ lxc-attach $ID apk add bash dnsmasq logrotate diff --git a/ssh/make.sh b/ssh/make.sh index 036d6a2..3bb7053 100755 --- a/ssh/make.sh +++ b/ssh/make.sh @@ -43,20 +43,11 @@ readVars #---------------------------------------------------------------------- -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --net2 name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_SSH_IP:+,ip=${WAN_SSH_IP}},type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" + "name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth" + "name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_SSH_IP:+,ip=${WAN_SSH_IP}},type=veth" +) OPTS_STAGE_2="\ --onboot 1 \ @@ -66,7 +57,7 @@ OPTS_STAGE_2="\ #---------------------------------------------------------------------- echo "# Creating CT..." -pctCreateDebian $ID "${OPTS_STAGE_1}" "$PASS" +pctCreateDebian $ID "$PASS" echo "# Installing dependencies..." @ lxc-attach $ID -- bash -c 'yes | apt install vim htop iftop iotop tmux mc sudo' diff --git a/syncthing/make.sh b/syncthing/make.sh index 5c22b8d..53f7381 100755 --- a/syncthing/make.sh +++ b/syncthing/make.sh @@ -39,19 +39,10 @@ readVars #---------------------------------------------------------------------- -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" + "name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth" +) OPTS_STAGE_2="\ --onboot 1 \ @@ -64,7 +55,7 @@ echo "# Building config..." buildAssets echo "# Creating CT..." -pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" +pctCreateAlpine $ID "$PASS" echo "# Copying assets..." pctPushAssets $ID diff --git a/wireguard/make.sh b/wireguard/make.sh index 710af9d..f72247f 100755 --- a/wireguard/make.sh +++ b/wireguard/make.sh @@ -68,19 +68,11 @@ readVars #---------------------------------------------------------------------- -OPTS_STAGE_1="\ - --hostname $CTHOSTNAME \ - --cores $CORES \ - --memory $RAM \ - --swap $SWAP \ - --net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \ - --storage local-lvm \ - --rootfs local-lvm:$DRIVE \ - --unprivileged 1 \ - --features nesting=1 \ - ${PCT_EXTRA} \ -" +INTERFACES=( + "name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth" + "name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth" +) + OPTS_STAGE_2="\ --onboot 1 \ @@ -93,7 +85,7 @@ echo "# Building config..." buildAssets ENDPOINT ENDPOINT_PORT DNS CLIENT_IPS ALLOWED_IPS echo "# Creating CT..." -pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" +pctCreateAlpine $ID "$PASS" echo "# Installing dependencies..." @ lxc-attach $ID apk add \