flynx/proxmox-utils
1
0
Fork 0
mirror of https://github.com/flynx/proxmox-utils.git synced 2025-12-25 12:52:04 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: flynx:5f88f39dece3dfd56cc433f2146294ba4e2c497b
Branches Tags
flynx:master
...
compare: flynx:16205e66ecaec7eafdfe2559629579a9d5527cff
Branches Tags
flynx:master

8 Commits
5f88f39dec ... 16205e66ec

Author SHA1 Message Date
Alex A. Naanou
16205e66ec cleanup... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-11 00:24:51 +03:00
Alex A. Naanou
f00050a5a6 cleanup... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-11 00:00:42 +03:00
Alex A. Naanou
d7fb8fd63e fix... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 23:59:53 +03:00
Alex A. Naanou
37d4b893dd tweaking... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 23:57:20 +03:00
Alex A. Naanou
4c3f7f8e50 tweaking... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 23:46:04 +03:00
Alex A. Naanou
01366f02a6 cleanup + dependency checking... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 23:35:52 +03:00
Alex A. Naanou
a2bc38a766 minor fix... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 18:17:18 +03:00
Alex A. Naanou
044962d625 refactoring... 
Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
 2024-01-10 18:12:24 +03:00
4 changed files with 137 additions and 28 deletions
Show Stats Expand all files Collapse all files

123
.pct-helpers
View File

@ -27,6 +27,28 @@ ECHO_PREFIX="### "
#----------------------------------------------------------------------
#
# check MSG COMMAND ..
#
check(){
local MSG=$1
shift
for cmd in "$@" ; do
which $cmd > /dev/null 2>&1 \
|| eval "echo \"$MSG\"" >&2
done
}
need(){
check 'ERROR: "$cmd": needed by this script but not in path.' "$@"
}
would-like(){
check 'WARNING: "$cmd": is not in path.' "$@"
}
#---------------------------------------------------------------------- #----------------------------------------------------------------------
# Fill section... # Fill section...
# #
@ -172,12 +194,17 @@ getLatestTemplate(){
# xread [-n] MSG VAR # xread [-n] MSG VAR
# #
# This saves all user input variables to the $XREAD_VARS array. # This saves all user input variables to the $XREAD_VARS array.
#
# XXX add support for keywords like SKIP and DISABLE
xread(){ xread(){
local non_empty= local non_empty=
if [[ $1 == '-n' ]] ; then if [[ $1 == '-n' ]] ; then
shift shift
local non_empty=1 local non_empty=1
fi fi
if [[ "${!2}" == "SKIP" ]] ; then
return
fi
if [ -z ${!2} ] ; then if [ -z ${!2} ] ; then
eval 'read -ep "'$1'" -i "$DFL_'$2'" '${2}'' eval 'read -ep "'$1'" -i "$DFL_'$2'" '${2}''
XREAD_VARS+=(${2}) XREAD_VARS+=(${2})
@ -189,6 +216,40 @@ xread(){
&& echo "$2=${!2}" && echo "$2=${!2}"
} }
#
# xreadYes MSG VAR
#
xreadYes(){
if [[ "${!2}" == "SKIP" ]] ; then
return
fi
if [ -z ${!2} ] ; then
if [ -z $(eval "echo \$DFL_${2}") ] ; then
local yes=y
local no=N
local dfl=
else
local yes=Y
local no=n
local dfl=1
fi
eval 'read -ep "'$1' ('$yes'/'$no') " '${2}''
XREAD_VARS+=(${2})
# normalize...
eval "${2}=${!2,,}"
if [[ "${!2}" == 'y' ]] ; then
eval "${2}=1"
elif [[ ${!2} == 'n' ]] ; then
eval "${2}="
# set default if empty...
else
eval "${2}=\${${2}:-$dfl}"
fi
fi
[ $SCRIPTING ] \
&& echo "$2=${!2}"
}
# #
# xreadpass VAR # xreadpass VAR
# #
@ -216,20 +277,20 @@ xreadpass(){
# Wait for /etc/inithooks.conf to be generated then cleared # Wait for /etc/inithooks.conf to be generated then cleared
# #
# tklWaitForSetup # tklWaitForSetup ID
# #
# for tkl inithooks doc see: # for tkl inithooks doc see:
# https://www.turnkeylinux.org/docs/inithooks # https://www.turnkeylinux.org/docs/inithooks
tklWaitForSetup(){ tklWaitForSetup(){
printf "# TKL setup, this may take a while" printf "# TKL setup, this may take a while"
if [ -z $DRY_RUN ] ; then if [ -z $DRY_RUN ] ; then
while ! $(lxc-attach $ID -- test -e /etc/inithooks.conf) ; do while ! $(lxc-attach $1 -- test -e /etc/inithooks.conf) ; do
printf '.' printf '.'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
done done
printf '+' printf '+'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
while ! [[ $(lxc-attach $ID -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do while ! [[ $(lxc-attach $1 -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do
printf '.' printf '.'
sleep ${TIMEOUT:=5} sleep ${TIMEOUT:=5}
done done
@ -264,28 +325,49 @@ readConfig(){
} }
# #
# saveConfig [-d] CONFIG VAR .. # saveConfig [-d|-a] CONFIG VAR ..
# #
saveConfig(){ saveConfig(){
local prefix= local prefix=
if [ $1 == '-d' ] ; then local append=
while true ; do
case $1 in
-d|--default)
prefix=DFL_ prefix=DFL_
shift shift
fi ;;
-a|--append)
append=1
shift
;;
*)
break
;;
esac
done
local cfg=$1 local cfg=$1
shift shift
if [ -z $append ] ; then
printf '' > "$cfg"
fi
{ {
for var in $@ ; do for var in $@ ; do
echo "${prefix}${var}=${!var}" echo "${prefix}${var}=${!var}"
done done
} > $cfg echo
} >> "$cfg"
} }
saveLastRunConfig(){ saveLastRunConfig(){
local cfg=config.last-run
echo "# Saving config to: config.last-run" echo "# Saving config to: config.last-run"
saveConfig -d config.last-run ${XREAD_VARS[@]} {
echo "#"
echo "# This file is auto-generated, any changes here will be overwritten."
echo "#"
} > "$cfg"
saveConfig -d -a "$cfg" ${XREAD_VARS[@]}
} }
# #
@ -483,6 +565,29 @@ pctCreateUbuntu(){
@ lxc-attach $1 -- apt upgrade -y @ lxc-attach $1 -- apt upgrade -y
} }
#
# pctCreateTurnkey APP ID ARGS [PASS]
#
pctCreateTurnkey(){
local app=$1
shift
local TEMPLATE
getLatestTemplate '.*-turnkey-'$app TEMPLATE
pctCreate $1 "$TEMPLATE" "$2" "$3"
tklWaitForSetup $1
sleep ${TIMEOUT:=5}
}
#
# pctUpdateTurnkey ID
#
pctUpdateTurnkey(){
@ lxc-attach $1 apt update
@ lxc-attach $1 -- apt upgrade -y
}
# #
# pctSet ID [ARGS [REBOOT]] # pctSet ID [ARGS [REBOOT]]

10
Makefile
View File

@ -18,13 +18,9 @@
# - the rest of the CT's are created in order of importance, strting # - the rest of the CT's are created in order of importance, strting
# from CT's needed for access and ending with services. # from CT's needed for access and ending with services.
CTs := \ CTs := \
gate \ gate ns \
ns \ ssh wireguard syncthing \
ssh \ nextcloud gitea
wireguard \
syncthing \
nextcloud \
gitea

9
nextcloud/make.sh
View File

@ -70,11 +70,7 @@ echo "# Building config..."
buildAssets buildAssets
echo "# Creating CT..." echo "# Creating CT..."
getLatestTemplate '.*-turnkey-nextcloud' TEMPLATE pctCreateTurnkey 'nextcloud' $ID "$OPTS_STAGE_1" "$PASS"
pctCreate $ID "$TEMPLATE" "$OPTS_STAGE_1" "$PASS"
sleep ${TIMEOUT:=5}
tklWaitForSetup
echo "# Starting TKL UI..." echo "# Starting TKL UI..."
# XXX might be a good idea to reaaad stuff from config... # XXX might be a good idea to reaaad stuff from config...
@ -109,8 +105,7 @@ echo "# Disabling fail2ban..."
@ lxc-attach $ID systemctl disable fail2ban @ lxc-attach $ID systemctl disable fail2ban
echo "# Updating system..." echo "# Updating system..."
@ lxc-attach $ID apt update pctUpdateTurnkey $ID
@ lxc-attach $ID -- apt upgrade -y
echo "# Post config..." echo "# Post config..."
pctSet $ID "${OPTS_STAGE_2}" $REBOOT pctSet $ID "${OPTS_STAGE_2}" $REBOOT

19
wireguard/make.sh
View File

@ -13,11 +13,14 @@ source ../.pct-helpers
#---------------------------------------------------------------------- #----------------------------------------------------------------------
readConfig # check dependencies...
would-like dig #qrencode
#---------------------------------------------------------------------- #----------------------------------------------------------------------
readConfig
DFL_ID=${DFL_ID:=103} DFL_ID=${DFL_ID:=103}
DFL_CTHOSTNAME=${DFL_CTHOSTNAME:=wireguard} DFL_CTHOSTNAME=${DFL_CTHOSTNAME:=wireguard}
@ -36,7 +39,11 @@ LAN_GATE=-
REBOOT=${REBOOT:=1} REBOOT=${REBOOT:=1}
# Wireguard config... # Wireguard config...
DFL_ENDPOINT=${DFL_ENDPOINT:=$(dig +short ${DOMAIN:-$DFL_DOMAIN} | tail -1)} DFL_ENDPOINT=${DFL_ENDPOINT:=$(\
which dig > /dev/null 2>&1 \
&& (dig +short ${DOMAIN:-$DFL_DOMAIN} \
| tail -1) \
|| echo "${DOMAIN:-$DFL_DOMAIN}")}
xread "Wireguard endpoint: " ENDPOINT xread "Wireguard endpoint: " ENDPOINT
DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820} DFL_ENDPOINT_PORT=${DFL_ENDPOINT_PORT:=51820}
@ -45,6 +52,7 @@ xread "Wireguard endpoint port: " ENDPOINT_PORT
CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16} CLIENT_IPS=${CLIENT_IPS:-10.42.0.0/16}
ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}} ALLOWED_IPS=${ALLOWED_IPS:-0.0.0.0/0,${CLIENT_IPS}}
xreadYes "Show profile as QRcode when done?" QRCODE
readVars readVars
@ -83,7 +91,7 @@ echo "# Creating CT..."
pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS" pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"
echo "# Installing dependencies..." echo "# Installing dependencies..."
@ lxc-attach $ID apk add iptables wireguard-tools-wg-quick make bind-tools @ lxc-attach $ID apk add iptables wireguard-tools-wg-quick make bind-tools libqrencode
echo "# Copying assets..." echo "# Copying assets..."
@ pct-push-r $ID ./assets / @ pct-push-r $ID ./assets /
@ -99,6 +107,11 @@ echo "# Setup: wireguard default profile..."
echo "# client config:" echo "# client config:"
@ mkdir -p clients @ mkdir -p clients
@ pct pull $ID /etc/wireguard/clients/default.conf clients/default.conf @ pct pull $ID /etc/wireguard/clients/default.conf clients/default.conf
# show the profile as a qrcode...
if [ "$QRCODE" ] ; then
echo "# default profile:"
@ lxc-attach $ID -- qrencode -t UTF8 -r /etc/wireguard/clients/default.conf
fi
#echo "# Setup: bridge device..." #echo "# Setup: bridge device..."
@ lxc-attach $ID wg-quick up wg0 @ lxc-attach $ID wg-quick up wg0