mirror of
https://github.com/flynx/proxmox-utils.git
synced 2025-12-25 21:02:04 +00:00
Compare commits
10 Commits
5d6e412d29
...
df6850dcdb
| Author | SHA1 | Date | |
|---|---|---|---|
| df6850dcdb | |||
| e03a1caeb8 | |||
| 19abaa7403 | |||
| 75597a2bad | |||
| 8ccb5a5495 | |||
| ee5d4dbb99 | |||
| d58b384e0a | |||
| bfed076867 | |||
| eba0a32812 | |||
| f5a8396abe |
148
.pct-helpers
148
.pct-helpers
@ -196,17 +196,23 @@ xread(){
|
||||
}
|
||||
|
||||
#
|
||||
# xreadYes MSG VAR
|
||||
# xreadYes MSG [VAR]
|
||||
#
|
||||
# XXX make VAR optional...
|
||||
xreadYes(){
|
||||
if [ -z ${2} ] ; then
|
||||
local var=__X
|
||||
local __X
|
||||
else
|
||||
local var=${2}
|
||||
local mode=
|
||||
fi
|
||||
# XXX check DFL_..???
|
||||
if [[ "${!2}" == "SKIP" ]] ; then
|
||||
eval "$2="
|
||||
if [[ "${!var}" == "SKIP" ]] ; then
|
||||
eval "$var="
|
||||
return
|
||||
fi
|
||||
if [ -z ${!2} ] ; then
|
||||
if [ -z $(eval "echo \$DFL_${2}") ] ; then
|
||||
if [ -z ${!var} ] ; then
|
||||
if [ -z $(eval "echo \$DFL_${var}") ] ; then
|
||||
local yes=y
|
||||
local no=N
|
||||
local dfl=
|
||||
@ -215,23 +221,23 @@ xreadYes(){
|
||||
local no=n
|
||||
local dfl=1
|
||||
fi
|
||||
eval 'read -ep "'$1' ('$yes'/'$no') " '${2}''
|
||||
XREAD_VARS+=(${2})
|
||||
eval 'read -ep "'$1' ('$yes'/'$no') " '${var}''
|
||||
XREAD_VARS+=(${var})
|
||||
# normalize...
|
||||
eval "${2}=${!2,,}"
|
||||
if [[ "${!2}" == 'y' ]] ; then
|
||||
eval "${2}=1"
|
||||
elif [[ ${!2} == 'n' ]] ; then
|
||||
eval "${2}="
|
||||
eval "${var}=${!var,,}"
|
||||
if [[ "${!var}" == 'y' ]] ; then
|
||||
eval "${var}=1"
|
||||
elif [[ ${!var} == 'n' ]] ; then
|
||||
eval "${var}="
|
||||
# set default if empty...
|
||||
else
|
||||
eval "${2}=\${${2}:-$dfl}"
|
||||
eval "${var}=\${${var}:-$dfl}"
|
||||
fi
|
||||
fi
|
||||
[ $SCRIPTING ] \
|
||||
&& echo "$2=${!2}"
|
||||
&& echo "$var=${!var}"
|
||||
|
||||
if [ -z ${!2} ] ; then
|
||||
if [ -z ${!var} ] ; then
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
@ -481,11 +487,12 @@ PCT_TEMPLATE_VARS=(
|
||||
ADMIN_GATE
|
||||
)
|
||||
makePCTTemplateSEDPatterns(){
|
||||
local vars=("${PCT_TEMPLATE_VARS[@]}" "$@")
|
||||
# strip ips and save to *_IPn var...
|
||||
local ip_vars=()
|
||||
local var
|
||||
local val
|
||||
for var in ${PCT_TEMPLATE_VARS[@]} ; do
|
||||
for var in ${vars[@]} ; do
|
||||
if [[ $var =~ .*_IP ]] ; then
|
||||
local val=${!var}
|
||||
if [[ $val == SKIP ]] ; then
|
||||
@ -496,7 +503,7 @@ makePCTTemplateSEDPatterns(){
|
||||
fi
|
||||
done
|
||||
|
||||
makeTemplateSEDPatterns "${PCT_TEMPLATE_VARS[@]}" "${ip_vars[@]}" "$@"
|
||||
makeTemplateSEDPatterns "${vars[@]}" "${ip_vars[@]}"
|
||||
}
|
||||
|
||||
|
||||
@ -544,17 +551,12 @@ expandPCTTemplate(){
|
||||
#
|
||||
# buildAssets [VAR ..]
|
||||
#
|
||||
# XXX revise: SKIP handling...
|
||||
NOTES=NOTES.md
|
||||
buildAssets(){
|
||||
local template_dir=${TEMPLATE_DIR:-templates}
|
||||
local assets_dir=${ASSETS_DIR:-assets}
|
||||
local staging_dir=${STAGING_DIR:-staging}
|
||||
|
||||
if ! [ -e $template_dir ] ; then
|
||||
return
|
||||
fi
|
||||
|
||||
local PCT_TEMPLATE_PATTERNS=($(makePCTTemplateSEDPatterns "$@"))
|
||||
|
||||
# assets...
|
||||
@ -564,18 +566,20 @@ buildAssets(){
|
||||
fi
|
||||
|
||||
# template dir...
|
||||
local TEMPLATES=($(find "$template_dir" -type f))
|
||||
for file in "${TEMPLATES[@]}" ; do
|
||||
file=${file#${template_dir}}
|
||||
echo Generating: ${file}...
|
||||
[ $DRY_RUN ] \
|
||||
&& continue
|
||||
# ensure the directory exists...
|
||||
mkdir -p "$(dirname "${staging_dir}/${file}")"
|
||||
cat "${template_dir}/${file}" \
|
||||
| expandTemplate \
|
||||
> "${staging_dir}/${file}"
|
||||
done
|
||||
if [ -e $template_dir ] ; then
|
||||
local TEMPLATES=($(find "$template_dir" -type f))
|
||||
for file in "${TEMPLATES[@]}" ; do
|
||||
file=${file#${template_dir}}
|
||||
echo Generating: ${file}...
|
||||
[ $DRY_RUN ] \
|
||||
&& continue
|
||||
# ensure the directory exists...
|
||||
mkdir -p "$(dirname "${staging_dir}/${file}")"
|
||||
cat "${template_dir}/${file}" \
|
||||
| expandTemplate \
|
||||
> "${staging_dir}/${file}"
|
||||
done
|
||||
fi
|
||||
|
||||
# special case: NOTES.md...
|
||||
if [ -z "$DESCRIPTION" ] && [ -e "$NOTES" ] ; then
|
||||
@ -625,32 +629,76 @@ pveGetLatestTemplate(){
|
||||
|
||||
|
||||
#
|
||||
# pctCreate ID TEMPLATE ARGS [PASS]
|
||||
# pctBaseCreate ID TEMPLATE ARGS [PASS]
|
||||
#
|
||||
pctCreate(){
|
||||
pctBaseCreate(){
|
||||
local ID=$1
|
||||
local TEMPLATE=$2
|
||||
local ARGS=$3
|
||||
local PASS=$4
|
||||
|
||||
local TMP_PASS=$(cat /dev/urandom | base64 | head -c ${TMP_PASS_LEN:=32})
|
||||
# NOTE: we are not setting the password here to avoid printing it to the terminal...
|
||||
@ pct create $1 \
|
||||
${2} \
|
||||
${3} \
|
||||
@ pct create $ID \
|
||||
"${TEMPLATE}" \
|
||||
${ARGS} \
|
||||
--password="$TMP_PASS" \
|
||||
--start 1 \
|
||||
|| exit 1
|
||||
|
||||
# set actual root password...
|
||||
if [ "$4" ] ; then
|
||||
echo "root:$4" \
|
||||
| @ lxc-attach $1 chpasswd
|
||||
if [ "$PASS" ] ; then
|
||||
echo "root:$PASS" \
|
||||
| @ lxc-attach $ID chpasswd
|
||||
fi
|
||||
}
|
||||
|
||||
#
|
||||
# pctCreate<distro> ID ARGS [PASS]
|
||||
# pctCreate ID TEMPLATE [PASS]
|
||||
#
|
||||
#OPTS_STAGE_1=
|
||||
#INTERFACES=
|
||||
#CTHOSTNAME=
|
||||
#CORES=
|
||||
#RAM=
|
||||
#SWAP=
|
||||
#DRIVE=
|
||||
#PCT_EXTRA=
|
||||
pctCreate(){
|
||||
# build network args...
|
||||
local interfaces_args=()
|
||||
local i=0
|
||||
local interface
|
||||
for interface in "${INTERFACES[@]}" ; do
|
||||
interfaces_args+=("--net${i} "${interface}"")
|
||||
i=$(( i + 1 ))
|
||||
done
|
||||
|
||||
# NOTE: TKL gui will not function correctly without nesting enabled...
|
||||
local args="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
"${interfaces_args[@]}" \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
|
||||
pctBaseCreate "$1" "$2" "${OPTS_STAGE_1:-"${args}"}" "$3"
|
||||
}
|
||||
|
||||
#
|
||||
# pctCreate<distro> ID [PASS]
|
||||
#
|
||||
pctCreateAlpine(){
|
||||
local TEMPLATE
|
||||
pveGetLatestTemplate alpine TEMPLATE
|
||||
|
||||
pctCreate $1 "$TEMPLATE" "$2" "$3"
|
||||
pctCreate $1 "$TEMPLATE" "$2"
|
||||
|
||||
sleep ${TIMEOUT:=5}
|
||||
|
||||
@ -661,7 +709,7 @@ pctCreateDebian(){
|
||||
local TEMPLATE
|
||||
pveGetLatestTemplate 'debian-12-standard' TEMPLATE
|
||||
|
||||
pctCreate $1 "$TEMPLATE" "$2" "$3"
|
||||
pctCreate $1 "$TEMPLATE" "$2"
|
||||
|
||||
sleep ${TIMEOUT:=5}
|
||||
|
||||
@ -672,7 +720,7 @@ pctCreateUbuntu(){
|
||||
local TEMPLATE
|
||||
pveGetLatestTemplate ubuntu TEMPLATE
|
||||
|
||||
pctCreate $1 "$TEMPLATE" "$2" "$3"
|
||||
pctCreate $1 "$TEMPLATE" "$2"
|
||||
|
||||
sleep ${TIMEOUT:=5}
|
||||
|
||||
@ -681,7 +729,7 @@ pctCreateUbuntu(){
|
||||
}
|
||||
|
||||
#
|
||||
# pctCreateTurnkey APP ID ARGS [PASS]
|
||||
# pctCreateTurnkey APP ID [PASS]
|
||||
#
|
||||
pctCreateTurnkey(){
|
||||
local app=$1
|
||||
@ -689,12 +737,13 @@ pctCreateTurnkey(){
|
||||
local TEMPLATE
|
||||
pveGetLatestTemplate '.*-turnkey-'$app TEMPLATE
|
||||
|
||||
pctCreate $1 "$TEMPLATE" "$2" "$3"
|
||||
pctCreate $1 "$TEMPLATE" "$2"
|
||||
|
||||
tklWaitForSetup $1
|
||||
|
||||
sleep ${TIMEOUT:=5}
|
||||
}
|
||||
|
||||
# Wait for /etc/inithooks.conf to be generated then cleared
|
||||
#
|
||||
# tklWaitForSetup ID
|
||||
@ -720,6 +769,7 @@ tklWaitForSetup(){
|
||||
printf 'ready.\n'
|
||||
sleep ${TIMEOUT:=5}
|
||||
}
|
||||
|
||||
#
|
||||
# pctUpdateTurnkey ID
|
||||
#
|
||||
|
||||
@ -42,20 +42,11 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth \
|
||||
--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=${ADMIN_IP}},type=veth \
|
||||
--net2 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_IP:+,ip=${LAN_IP}},type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_GATE:+,gw=${WAN_GATE}}${WAN_IP:+,ip=${WAN_IP}},type=veth"
|
||||
"name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=${ADMIN_IP}},type=veth"
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_IP:+,ip=${LAN_IP}},type=veth"
|
||||
)
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--startup order=80 \
|
||||
@ -69,7 +60,7 @@ echo "# Building config..."
|
||||
buildAssets
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
|
||||
pctCreateAlpine $ID "$PASS"
|
||||
|
||||
echo "# Installing dependencies..."
|
||||
@ lxc-attach $ID apk add bash bridge iptables traefik logrotate
|
||||
|
||||
@ -41,19 +41,9 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
# NOTE: TKL gui will not function correctly without nesting enabled...
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
)
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--onboot 1 \
|
||||
@ -66,7 +56,7 @@ echo "# Building config..."
|
||||
buildAssets
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateTurnkey 'gitea' $ID "$OPTS_STAGE_1" "$PASS"
|
||||
pctCreateTurnkey 'gitea' $ID "$PASS"
|
||||
|
||||
echo "# Starting TKL UI..."
|
||||
@ lxc-attach $ID -- bash -c "HUB_APIKEY=SKIP SEC_UPDATES=SKIP /usr/sbin/turnkey-init"
|
||||
|
||||
@ -56,27 +56,6 @@ INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
)
|
||||
|
||||
# XXX move this to .pct-helpers
|
||||
INTERFACES_ARGS=()
|
||||
i=0
|
||||
for interface in "${INTERFACES[@]}" ; do
|
||||
INTERFACES_ARGS+=("--net${i} "${interface}"")
|
||||
i=$(( i + 1 ))
|
||||
done
|
||||
# NOTE: TKL gui will not function correctly without nesting enabled...
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
"${INTERFACES_ARGS[@]}" \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--onboot 1 \
|
||||
"
|
||||
@ -88,7 +67,7 @@ echo "# Building config..."
|
||||
buildAssets
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateTurnkey 'nextcloud' $ID "$OPTS_STAGE_1" "$PASS"
|
||||
pctCreateTurnkey 'nextcloud' $ID "$PASS"
|
||||
|
||||
echo "# Starting TKL UI..."
|
||||
# XXX might be a good idea to reaaad stuff from config...
|
||||
|
||||
19
ns/make.sh
19
ns/make.sh
@ -43,19 +43,10 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_GATE:+,gw=$LAN_GATE}${LAN_IP:+,ip=$LAN_IP},type=veth \
|
||||
--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=$ADMIN_IP},type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1${LAN_GATE:+,gw=$LAN_GATE}${LAN_IP:+,ip=$LAN_IP},type=veth"
|
||||
"name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1${ADMIN_IP:+,ip=$ADMIN_IP},type=veth"
|
||||
)
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--startup order=90,up=10 \
|
||||
@ -69,7 +60,7 @@ echo "# Building config..."
|
||||
buildAssets
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
|
||||
pctCreateAlpine $ID "$PASS"
|
||||
|
||||
echo "# Installing dependencies..."
|
||||
@ lxc-attach $ID apk add bash dnsmasq logrotate
|
||||
|
||||
@ -1,9 +1,8 @@
|
||||
# SSH (admin)
|
||||
|
||||
SSH landing into the network
|
||||
SSH gateway into the network
|
||||
|
||||
${HOSTNAME}
|
||||
${DOMAIN}
|
||||
${CTHOSTNAME}.srv
|
||||
${WAN_SSH_IPn}
|
||||
${LAN_IP} (DHCP)
|
||||
|
||||
|
||||
40
ssh/make.sh
40
ssh/make.sh
@ -43,20 +43,11 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--net2 name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_SSH_IP:+,ip=${WAN_SSH_IP}},type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
"name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
"name=wan,bridge=vmbr${WAN_BRIDGE},firewall=1${WAN_SSH_IP:+,ip=${WAN_SSH_IP}},type=veth"
|
||||
)
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--onboot 1 \
|
||||
@ -65,19 +56,28 @@ OPTS_STAGE_2="\
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
echo "# Building config..."
|
||||
buildAssets WAN_SSH_IP
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateDebian $ID "${OPTS_STAGE_1}" "$PASS"
|
||||
pctCreateDebian $ID "$PASS"
|
||||
|
||||
echo "# Installing dependencies..."
|
||||
@ lxc-attach $ID -- bash -c 'yes | apt install vim htop iftop iotop tmux mc sudo'
|
||||
|
||||
echo "# Copying assets..."
|
||||
pctPushAssets $ID
|
||||
|
||||
echo "# Setup: users..."
|
||||
while true ; do
|
||||
xread "user name for ssh: " SSH_USER
|
||||
[ -z $SSH_USER ] \
|
||||
|| @ lxc-attach $ID -- adduser $SSH_USER
|
||||
read -ep "Add another user? [y/N] " MORE
|
||||
if [[ $MORE == 'y' ]] ; then
|
||||
xread "User name for ssh (empty to skip): " SSH_USER
|
||||
if [ -z "$SSH_USER" ] ; then
|
||||
break
|
||||
fi
|
||||
|
||||
@ lxc-attach $ID -- adduser $SSH_USER
|
||||
|
||||
if xreadYes "Add another user?" ; then
|
||||
continue
|
||||
fi
|
||||
break
|
||||
|
||||
@ -1,5 +1,5 @@
|
||||
# Syncthing
|
||||
|
||||
https://${CTHOSTNAME}.srv
|
||||
https://${CTHOSTNAME}.adm
|
||||
|
||||
|
||||
|
||||
1
syncthing/assets/etc/sysctl.d/ports.conf
Normal file
1
syncthing/assets/etc/sysctl.d/ports.conf
Normal file
@ -0,0 +1 @@
|
||||
net.ipv4.ip_unprivileged_port_start=443
|
||||
@ -39,19 +39,10 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
"name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
)
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--onboot 1 \
|
||||
@ -64,11 +55,17 @@ echo "# Building config..."
|
||||
buildAssets
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
|
||||
pctCreateAlpine $ID "$PASS"
|
||||
|
||||
echo "# Installing dependencies..."
|
||||
@ lxc-attach $ID apk add bash syncthing logrotate
|
||||
|
||||
echo "# Copying assets..."
|
||||
pctPushAssets $ID
|
||||
|
||||
echo "# Setup: sysctl..."
|
||||
@ lxc-attach $ID rc-update add sysctl
|
||||
|
||||
echo "# Setup: syncthing..."
|
||||
@ lxc-attach $ID rc-update add syncthing
|
||||
@ lxc-attach $ID rc-service syncthing start
|
||||
@ -77,7 +74,8 @@ echo "# Setup: dashboard..."
|
||||
sleep ${TIMEOUT:=5}
|
||||
@ lxc-attach $ID -- \
|
||||
sed \
|
||||
-e 's/127\.0\.0\.1:8384/0.0.0.0:8384/g' \
|
||||
-e 's/tls="false"/tls="true"/g' \
|
||||
-e 's/127\.0\.0\.1:8384/0.0.0.0:443/g' \
|
||||
-i /var/lib/syncthing/.config/syncthing/config.xml
|
||||
|
||||
echo "# Setup: firewall..."
|
||||
|
||||
@ -68,19 +68,11 @@ readVars
|
||||
|
||||
#----------------------------------------------------------------------
|
||||
|
||||
OPTS_STAGE_1="\
|
||||
--hostname $CTHOSTNAME \
|
||||
--cores $CORES \
|
||||
--memory $RAM \
|
||||
--swap $SWAP \
|
||||
--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--net1 name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth \
|
||||
--storage local-lvm \
|
||||
--rootfs local-lvm:$DRIVE \
|
||||
--unprivileged 1 \
|
||||
--features nesting=1 \
|
||||
${PCT_EXTRA} \
|
||||
"
|
||||
INTERFACES=(
|
||||
"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
"name=admin,bridge=vmbr${ADMIN_BRIDGE},firewall=1,ip=dhcp,type=veth"
|
||||
)
|
||||
|
||||
|
||||
OPTS_STAGE_2="\
|
||||
--onboot 1 \
|
||||
@ -93,7 +85,7 @@ echo "# Building config..."
|
||||
buildAssets ENDPOINT ENDPOINT_PORT DNS CLIENT_IPS ALLOWED_IPS
|
||||
|
||||
echo "# Creating CT..."
|
||||
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
|
||||
pctCreateAlpine $ID "$PASS"
|
||||
|
||||
echo "# Installing dependencies..."
|
||||
@ lxc-attach $ID apk add \
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user