flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-12-25 21:02:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: flynx:16205e66ecaec7eafdfe2559629579a9d5527cff
Branches Tags
flynx:master
..
compare: flynx:5f88f39dece3dfd56cc433f2146294ba4e2c497b
Branches Tags
flynx:master

No commits in common. "16205e66ecaec7eafdfe2559629579a9d5527cff" and "5f88f39dece3dfd56cc433f2146294ba4e2c497b" have entirely different histories.
16205e66ec ... 5f88f39dec

4 changed files with 28 additions and 137 deletions
Show Stats Expand all files Collapse all files

127
.pct-helpers
View File

@ -27,28 +27,6 @@ ECHO_PREFIX="### "
#----------------------------------------------------------------------
#
# check MSG COMMAND ..
#
check(){
local MSG=$1
shift
for cmd in "$@" ; do
which $cmd > /dev/null 2>&1 \
|| eval "echo \"$MSG\"" >&2
done
}
need(){
check 'ERROR: "$cmd": needed by this script but not in path.' "$@"
}
would-like(){
check 'WARNING: "$cmd": is not in path.' "$@"
}
#---------------------------------------------------------------------- #----------------------------------------------------------------------
# Fill section... # Fill section...
# #
@ -194,17 +172,12 @@ getLatestTemplate(){
# xread [-n] MSG VAR # xread [-n] MSG VAR
# #
# This saves all user input variables to the $XREAD_VARS array. # This saves all user input variables to the $XREAD_VARS array.
#
# XXX add support for keywords like SKIP and DISABLE
xread(){ xread(){
local non_empty= local non_empty=
if [[ $1 == '-n' ]] ; then if [[ $1 == '-n' ]] ; then
shift shift
local non_empty=1 local non_empty=1
fi fi
if [[ "${!2}" == "SKIP" ]] ; then
return
fi
if [ -z ${!2} ] ; then if [ -z ${!2} ] ; then
eval 'read -ep "'$1'" -i "$DFL_'$2'" '${2}'' eval 'read -ep "'$1'" -i "$DFL_'$2'" '${2}''
XREAD_VARS+=(${2}) XREAD_VARS+=(${2})
@ -216,40 +189,6 @@ xread(){
&& echo "$2=${!2}" && echo "$2=${!2}"
} }
#
# xreadYes MSG VAR
#
xreadYes(){
if [[ "${!2}" == "SKIP" ]] ; then
return
fi
if [ -z ${!2} ] ; then
if [ -z $(eval "echo \$DFL_${2}") ] ; then
local yes=y
local no=N
local dfl=
else
local yes=Y
local no=n
local dfl=1
fi
eval 'read -ep "'$1' ('$yes'/'$no') " '${2}''
XREAD_VARS+=(${2})
# normalize...
eval "${2}=${!2,,}"
if [[ "${!2}" == 'y' ]] ; then
eval "${2}=1"
elif [[ ${!2} == 'n' ]] ; then
eval "${2}="
# set default if empty...
else
eval "${2}=\${${2}:-$dfl}"
fi
fi
[ $SCRIPTING ] \
&& echo "$2=${!2}"
}
# #
# xreadpass VAR # xreadpass VAR
# #
@ -277,20 +216,20 @@ xreadpass(){
# Wait for /etc/inithooks.conf to be generated then cleared # Wait for /etc/inithooks.conf to be generated then cleared
# #
# tklWaitForSetup ID # tklWaitForSetup
# #
# for tkl inithooks doc see: # for tkl inithooks doc see:
# https://www.turnkeylinux.org/docs/inithooks # https://www.turnkeylinux.org/docs/inithooks
tklWaitForSetup(){ tklWaitForSetup(){
printf "# TKL setup, this may take a while" printf "# TKL setup, this may take a while"
if [ -z $DRY_RUN ] ; then if [ -z $DRY_RUN ] ; then
while ! $(lxc-attach $1 -- test -e /etc/inithooks.conf) ; do while ! $(lxc-attach $ID -- test -e /etc/inithooks.conf) ; do
printf '.' printf '.'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
done done
printf '+' printf '+'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
while ! [[ $(lxc-attach $1 -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do while ! [[ $(lxc-attach $ID -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do
printf '.' printf '.'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
done done
@ -325,49 +264,28 @@ readConfig(){
} }
# #
# saveConfig [-d|-a] CONFIG VAR .. # saveConfig [-d] CONFIG VAR ..
# #
saveConfig(){ saveConfig(){
local prefix= local prefix=
local append= if [ $1 == '-d' ] ; then
while true ; do prefix=DFL_
case $1 in shift
-d|--default) fi
prefix=DFL_
shift
;;
-a|--append)
append=1
shift
;;
*)
break
;;
esac
done
local cfg=$1 local cfg=$1
shift shift
if [ -z $append ] ; then
printf '' > "$cfg"
fi
{ {
for var in $@ ; do for var in $@ ; do
echo "${prefix}${var}=${!var}" echo "${prefix}${var}=${!var}"
done done
echo } > $cfg
} >> "$cfg"
} }
saveLastRunConfig(){ saveLastRunConfig(){
local cfg=config.last-run
echo "# Saving config to: config.last-run" echo "# Saving config to: config.last-run"
{ saveConfig -d config.last-run ${XREAD_VARS[@]}
echo "#"
echo "# This file is auto-generated, any changes here will be overwritten."
echo "#"
} > "$cfg"
saveConfig -d -a "$cfg" ${XREAD_VARS[@]}
} }
# #
@ -565,29 +483,6 @@ pctCreateUbuntu(){
@ lxc-attach $1 -- apt upgrade -y @ lxc-attach $1 -- apt upgrade -y
} }
#
# pctCreateTurnkey APP ID ARGS [PASS]
#
pctCreateTurnkey(){
local app=$1
shift
local TEMPLATE
getLatestTemplate '.*-turnkey-'$app TEMPLATE
pctCreate $1 "$TEMPLATE" "$2" "$3"
tklWaitForSetup $1
sleep ${TIMEOUT:=5}
}
#
# pctUpdateTurnkey ID
#
pctUpdateTurnkey(){
@ lxc-attach $1 apt update
@ lxc-attach $1 -- apt upgrade -y
}
# #
# pctSet ID [ARGS [REBOOT]] # pctSet ID [ARGS [REBOOT]]

10
Makefile
View File

@ -18,9 +18,13 @@
# - the rest of the CT's are created in order of importance, strting # - the rest of the CT's are created in order of importance, strting
# from CT's needed for access and ending with services. # from CT's needed for access and ending with services.
CTs := \ CTs := \
gate ns \ gate \
ssh wireguard syncthing \ ns \
nextcloud gitea ssh \
wireguard \
syncthing \
nextcloud \
gitea

9
nextcloud/make.sh
View File

@ -70,7 +70,11 @@ echo "# Building config..."
buildAssets buildAssets
echo "# Creating CT..." echo "# Creating CT..."
pctCreateTurnkey 'nextcloud' $ID "$OPTS_STAGE_1" "$PASS" getLatestTemplate '.*-turnkey-nextcloud' TEMPLATE
pctCreate $ID "$TEMPLATE" "$OPTS_STAGE_1" "$PASS"
sleep ${TIMEOUT:=5}
tklWaitForSetup
echo "# Starting TKL UI..." echo "# Starting TKL UI..."
# XXX might be a good idea to reaaad stuff from config... # XXX might be a good idea to reaaad stuff from config...
@ -105,7 +109,8 @@ echo "# Disabling fail2ban..."
@ lxc-attach $ID systemctl disable fail2ban @ lxc-attach $ID systemctl disable fail2ban
echo "# Updating system..." echo "# Updating system..."
pctUpdateTurnkey $ID @ lxc-attach $ID apt update
@ lxc-attach $ID -- apt upgrade -y
echo "# Post config..." echo "# Post config..."
pctSet $ID "${OPTS_STAGE_2}" $REBOOT pctSet $ID "${OPTS_STAGE_2}" $REBOOT

19
wireguard/make.sh
View File

@ -13,14 +13,11 @@ source ../.pct-helpers
#---------------------------------------------------------------------- #----------------------------------------------------------------------
# check dependencies... readConfig
would-like dig #qrencode
#---------------------------------------------------------------------- #----------------------------------------------------------------------
readConfig
DFL_ID=${DFL_ID:=103} DFL_ID=${DFL_ID:=103}
DFL_CTHOSTNAME=${DFL_CTHOSTNAME:=wireguard} DFL_CTHOSTNAME=${DFL_CTHOSTNAME:=wireguard}
@ -39,11 +36,7 @@ LAN_GATE=-
REBOOT=${REBOOT:=1} REBOOT=${REBOOT:=1}
# Wireguard config... # Wireguard config...
DFL_ENDPOINT=${DFL_ENDPOINT:=$(\ DFL_ENDPOINT=${DFL_ENDPOINT:=$(dig +short ${DOMAIN:-$DFL_DOMAIN} | tail -1)}
which dig > /dev/null 2>&1 \
&& (dig +short ${DOMAIN:-$DFL_DOMAIN} \
| tail -1) \
|| echo "${DOMAIN:-$DFL_DOMAIN}")}
xread "Wireguard endpoint: " ENDPOINT xread "Wireguard endpoint: " ENDPOINT
DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820} DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820}
@ -52,7 +45,6 @@ xread "Wireguard endpoint port: " ENDPOINT_PORT
CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16} CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16}
ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}} ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}}
xreadYes "Show profile as QRcode when done?" QRCODE
readVars readVars
@ -91,7 +83,7 @@ echo "# Creating CT..."
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
echo "# Installing dependencies..." echo "# Installing dependencies..."
@ lxc-attach $ID apk add iptables wireguard-tools-wg-quick make bind-tools libqrencode @ lxc-attach $ID apk add iptables wireguard-tools-wg-quick make bind-tools
echo "# Copying assets..." echo "# Copying assets..."
@ pct-push-r $ID ./assets / @ pct-push-r $ID ./assets /
@ -107,11 +99,6 @@ echo "# Setup: wireguard default profile..."
echo "# client config:" echo "# client config:"
@ mkdir -p clients @ mkdir -p clients
@ pct pull $ID /etc/wireguard/clients/default.conf clients/default.conf @ pct pull $ID /etc/wireguard/clients/default.conf clients/default.conf
# show the profile as a qrcode...
if [ "$QRCODE" ] ; then
echo "# default profile:"
@ lxc-attach $ID -- qrencode -t UTF8 -r /etc/wireguard/clients/default.conf
fi
#echo "# Setup: bridge device..." #echo "# Setup: bridge device..."
@ lxc-attach $ID wg-quick up wg0 @ lxc-attach $ID wg-quick up wg0