tweaking...

Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>
fix...
2025-12-25 12:52:04 +00:00 · 2024-01-20 21:07:44 +03:00 · 2024-01-20 21:01:35 +03:00 · 2024-01-20 20:37:01 +03:00 · 2024-01-20 19:00:22 +03:00 · 2024-01-20 18:40:48 +03:00
10 changed files with 230 additions and 123 deletions
--- a/.pct-helpers
+++ b/.pct-helpers
@ -49,6 +49,7 @@ would-like(){
 }


+
 #----------------------------------------------------------------------
 # Fill section...
 #
@ -148,6 +149,7 @@ hostname2ct(){
 }


+
 #----------------------------------------------------------------------

 normpath(){
@ -161,35 +163,9 @@ normpath(){
 }


+
 #----------------------------------------------------------------------

-#
-#	getLatestTemplate PATTERN [VAR]
-#
-# see:
-#	https://pve.proxmox.com/wiki/Linux_Container
-getLatestTemplate(){
-	if [ $DRY_RUN ] ; then
-		[ -z $2 ] \
-			|| eval "$2=${CT_TEMPLATE:-\\\$CT_TEMPLATE}"
-		return
-	fi
-
-	#IFS=$'\n'
-	#@ pveam update 
-
-	local templates=($(pveam available | grep -o ''${1}'.*$'))
-	local latest=${templates[-1]}
-
-	@ pveam download local ${latest}
-
-	latest=$(pveam list local | grep -o "^.*$latest")
-	#latest=($(ls /var/lib/vz/template/cache/${1}*))
-
-	[ -z $2 ] \
-		|| eval "$2=${latest}"
-}
-
 #
 #	xread [-n] MSG VAR
 #
@ -202,8 +178,9 @@ xread(){
 		shift
 		local non_empty=1
 	fi
-	# XXX check DFL_..???
-	if [[ "${!2}" == "SKIP" ]] ; then
+	# skip...
+	if [[ "${!2}" == "SKIP" ]] \
+			|| [[ "$(eval "echo \$DFL_$2")" == "SKIP" ]] ; then
 		eval "$2="
 		return
 	fi
@ -287,32 +264,8 @@ xreadpass(){
 }


-# Wait for /etc/inithooks.conf to be generated then cleared
-#
-# 	tklWaitForSetup ID
-#
-# for tkl inithooks doc see:
-# 	https://www.turnkeylinux.org/docs/inithooks
-tklWaitForSetup(){
-	printf "# TKL setup, this may take a while"
-	if [ -z $DRY_RUN ] ; then
-		while ! $(lxc-attach $1 -- test -e /etc/inithooks.conf) ; do
-			printf '.'
-			sleep ${TIMEOUT:=5}
-		done
-		printf '+'
-		sleep ${TIMEOUT:=5}
-		while ! [[ $(lxc-attach $1 -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do
-			printf '.'
-			sleep ${TIMEOUT:=5}
-		done
-	else
-		printf '.+..'
-	fi
-	printf 'ready.\n'
-	sleep ${TIMEOUT:=5}
-}

+#----------------------------------------------------------------------

 # 
 # 	readConfig
@ -342,6 +295,7 @@ readConfig(){
 	fi
 }

+
 #
 #	saveConfig [-d|-a] CONFIG VAR ..
 #
@ -377,6 +331,7 @@ saveConfig(){
 	} >> "$cfg"
 }

+
 saveLastRunConfig(){
 	local cfg=config.last-run
 	echo "# Saving config to: config.last-run"
@ -388,7 +343,10 @@ saveLastRunConfig(){
 	saveConfig -d -a "$cfg" ${XREAD_VARS[@]}
 }

+
+#
 #	webAppConfig NAME
+#
 webAppConfig(){
 	local name=${1^^}
 	eval "${name}_SUBDOMAIN=\${${name}_SUBDOMAIN:=\${DFL_SUB${name}_DOMAIN}}
@ -404,6 +362,7 @@ webAppConfig(){
 	DOMAIN=
 }

+
 #
 #	readVars
 #
@ -490,20 +449,21 @@ readVars(){


 #
-#	buildAssets [VAR ..]
+#	makeTemplateSEDPatterns VAR ...
 #
-# XXX revise: SKIP handling...
-NOTES=NOTES.md
-buildAssets(){
-	local template_dir=${TEMPLATE_DIR:-templates}
-	local assets_dir=${ASSETS_DIR:-assets}
-
-	if ! [ -e $template_dir ] ; then
-		return
+makeTemplateSEDPatterns(){
+	local var
+	for var in "$@" ; do
+		local val=${!var}
+		if [[ $val == SKIP ]] ; then
+			val=
 		fi
+		echo "-e 's/\\\${${var}}/${val//\//\\/}/g'"
+	done
+}

-	local PATTERNS=()
-	local DFL_VARS=(
+# same as makeTemplateSEDPatterns but adds default vars + generates *_IPn vars...
+PCT_TEMPLATE_VARS=(
 	EMAIL
 	DOMAIN
 	CTHOSTNAME
@ -520,39 +480,90 @@ buildAssets(){
 	ADMIN_IP
 	ADMIN_GATE
 )
-	for var in ${DFL_VARS[@]} ; do
+makePCTTemplateSEDPatterns(){
+	# strip ips and save to *_IPn var...
+	local ip_vars=()
+	local var
+	local val
+	for var in ${PCT_TEMPLATE_VARS[@]} ; do
+		if [[ $var =~ .*_IP ]] ; then
 			local val=${!var}
 			if [[ $val == SKIP ]] ; then
 				val=
 			fi
-		PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'")
-	done
-	local IP_VARS=(
-		GATE_LAN_IPn
-		GATE_ADMIN_IPn
-		NS_LAN_IPn
-		NS_ADMIN_IPn
-		WAN_IPn
-		LAN_IPn
-		ADMIN_IPn
-	)
-	for var in ${IP_VARS[@]} ; do
-		var=${var%n}
-		local val=${!var}
-		if [[ $val == SKIP ]] ; then
-			val=
+			ip_vars+=("${var}n")
+			eval "local ${var}n=\"${val/\/*}\""
 		fi
-		PATTERNS+=("-e 's/\\\${${var}n}/${val/\/*}/g'")
-	done
-	# args...
-	for var in $@ ; do
-		local val=${!var}
-		if [[ $val == SKIP ]] ; then
-			val=
-		fi
-		PATTERNS+=("-e 's/\\\${${var}}/${val//\//\\/}/g'")
 	done

+	makeTemplateSEDPatterns "${PCT_TEMPLATE_VARS[@]}" "${ip_vars[@]}" "$@"
+}
+
+
+#
+#	expandTemplate PATH VAR ...
+#	.. | expandTemplate VAR ...
+#
+PCT_TEMPLATE_PATTERNS=
+expandTemplate(){
+	if [ -t 0 ] ; then
+		local input=$1
+		shift
+	else
+		local input=/dev/stdin
+	fi
+
+	if [ -z "$PCT_TEMPLATE_PATTERNS" ] ; then
+		local patterns=($(makeTemplateSEDPatterns "$@"))
+	else
+		local patterns=("${PCT_TEMPLATE_PATTERNS[@]}")
+	fi
+
+	cat "${input}" \
+		| eval "sed ${patterns[@]}" 
+}
+
+
+#
+#	expandTemplate PATH [VAR ...]
+#	.. | expandTemplate [VAR ...]
+#
+expandPCTTemplate(){
+	local input=
+	if [ -t 0 ] ; then
+		input=$1
+		shift
+	fi
+
+	local PCT_TEMPLATE_PATTERNS=($(makePCTTemplateSEDPatterns "$@"))
+
+	expandTemplate "${input}"
+}
+
+
+#
+#	buildAssets [VAR ..]
+#
+# XXX revise: SKIP handling...
+NOTES=NOTES.md
+buildAssets(){
+	local template_dir=${TEMPLATE_DIR:-templates}
+	local assets_dir=${ASSETS_DIR:-assets}
+	local staging_dir=${STAGING_DIR:-staging}
+
+	if ! [ -e $template_dir ] ; then
+		return
+	fi
+
+	local PCT_TEMPLATE_PATTERNS=($(makePCTTemplateSEDPatterns "$@"))
+
+	# assets...
+	if [ -e "${assets_dir}" ] ; then
+		mkdir -p "${staging_dir}"
+		cp -R "${assets_dir}"/* "${staging_dir}"/
+	fi
+
+	# template dir...
 	local TEMPLATES=($(find "$template_dir" -type f))
 	for file in "${TEMPLATES[@]}" ; do
 		file=${file#${template_dir}}
@ -560,20 +571,59 @@ buildAssets(){
 		[ $DRY_RUN ] \
 			&& continue
 		# ensure the directory exists...
-		mkdir -p "$(dirname "${assets_dir}/${file}")"
+		mkdir -p "$(dirname "${staging_dir}/${file}")"
 		cat "${template_dir}/${file}" \
-			| eval "sed ${PATTERNS[@]}" \
-			> "${assets_dir}/${file}"
+			| expandTemplate \
+			> "${staging_dir}/${file}"
 	done
+
 	# special case: NOTES.md...
 	if [ -z "$DESCRIPTION" ] && [ -e "$NOTES" ] ; then
 		DESCRIPTION="$(\
 			cat ${NOTES} \
-				| eval "sed ${PATTERNS[@]}")"
+				| expandTemplate)"
 	fi
 }


+
+#----------------------------------------------------------------------
+
+#
+#	pctPushAssets ID
+#
+pctPushAssets(){
+	@ pct-push-r $1 "${STAGING_DIR:-./staging}" /
+}
+
+
+#
+#	pveGetLatestTemplate PATTERN [VAR]
+#
+# see:
+#	https://pve.proxmox.com/wiki/Linux_Container
+pveGetLatestTemplate(){
+	if [ $DRY_RUN ] ; then
+		[ -z $2 ] \
+			|| eval "$2=${CT_TEMPLATE:-\\\$CT_TEMPLATE}"
+		return
+	fi
+
+	#@ pveam update 
+
+	local templates=($(pveam available | grep -o ''${1}'.*$'))
+	local latest=${templates[-1]}
+
+	@ pveam download local ${latest}
+
+	latest=$(pveam list local | grep -o "^.*$latest")
+	#latest=($(ls /var/lib/vz/template/cache/${1}*))
+
+	[ -z $2 ] \
+		|| eval "$2=${latest}"
+}
+
+
 #
 #	pctCreate ID TEMPLATE ARGS [PASS]
 #
@ -598,7 +648,7 @@ pctCreate(){
 #
 pctCreateAlpine(){
 	local TEMPLATE
-	getLatestTemplate alpine TEMPLATE
+	pveGetLatestTemplate alpine TEMPLATE

 	pctCreate $1 "$TEMPLATE" "$2" "$3"

@ -609,7 +659,7 @@ pctCreateAlpine(){
 }
 pctCreateDebian(){
 	local TEMPLATE
-	getLatestTemplate 'debian-12-standard' TEMPLATE
+	pveGetLatestTemplate 'debian-12-standard' TEMPLATE

 	pctCreate $1 "$TEMPLATE" "$2" "$3"

@ -620,7 +670,7 @@ pctCreateDebian(){
 }
 pctCreateUbuntu(){
 	local TEMPLATE
-	getLatestTemplate ubuntu TEMPLATE
+	pveGetLatestTemplate ubuntu TEMPLATE

 	pctCreate $1 "$TEMPLATE" "$2" "$3"

@ -637,7 +687,7 @@ pctCreateTurnkey(){
 	local app=$1
 	shift
 	local TEMPLATE
-	getLatestTemplate '.*-turnkey-'$app TEMPLATE
+	pveGetLatestTemplate '.*-turnkey-'$app TEMPLATE

 	pctCreate $1 "$TEMPLATE" "$2" "$3"

@ -645,6 +695,31 @@ pctCreateTurnkey(){

 	sleep ${TIMEOUT:=5}
 }
+# Wait for /etc/inithooks.conf to be generated then cleared
+#
+# 	tklWaitForSetup ID
+#
+# for tkl inithooks doc see:
+# 	https://www.turnkeylinux.org/docs/inithooks
+tklWaitForSetup(){
+	printf "# TKL setup, this may take a while"
+	if [ -z $DRY_RUN ] ; then
+		while ! $(lxc-attach $1 -- test -e /etc/inithooks.conf) ; do
+			printf '.'
+			sleep ${TIMEOUT:=5}
+		done
+		printf '+'
+		sleep ${TIMEOUT:=5}
+		while ! [[ $(lxc-attach $1 -- cat /etc/inithooks.conf | wc -c) < 2 ]] ; do
+			printf '.'
+			sleep ${TIMEOUT:=5}
+		done
+	else
+		printf '.+..'
+	fi
+	printf 'ready.\n'
+	sleep ${TIMEOUT:=5}
+}
 #
 #	pctUpdateTurnkey ID
 #
@ -685,12 +760,13 @@ pctSetNotes(){
 	if [ "$DRY_RUN" ] ; then
 		echo "--- ${CT_DIR}/${ID}.conf ---"
 		echo -e "${TEXT}"
-		echo "--- ${CT_DIR}/${ID}.conf ---"
+		echo "---"
 	else
 		echo -e "${TEXT}" > "${CT_DIR}/${ID}.conf"
 	fi
 }


+
 #----------------------------------------------------------------------
 # vim:set ts=4 sw=4 nowrap :
--- a/9
+++ b/9
@ -9,6 +9,9 @@
 #
 #----------------------------------------------------------------------

+EDITOR ?= vim
+
+
 # NOTE: The order here is important: 
 # 	- to avoid bootstrapping network connections gate must be the 
 # 	  first CT to get built to route the rest of CT's to the WAN 
@ -100,6 +103,12 @@ all: minimal $(APP_CTs)



+#----------------------------------------------------------------------
+
+.PHONY: clean
+clean:
+	-rm -rf */staging
+


 #----------------------------------------------------------------------
--- a/README.md
+++ b/README.md
@ -111,5 +111,11 @@ sudo make all
 ```


+## Post-setup
+
+XXX test conections
+XXX change proxmox ip/network
+
+


--- a/config.global.example
+++ b/config.global.example
@ -33,17 +33,18 @@ LAN_BRIDGE=
 ADMIN_BRIDGE=


+# NOTE: it is simpler to statically assign these than to configure dhcp
+# 	plus port forewarding to the dynamically assigned IP.
 DFL_WAN_IP=192.168.1.101/24
 DFL_WAN_GATE=192.168.1.252

-DFL_WAN_SSH_IP:192.168.1.102/24
+DFL_WAN_SSH_IP=192.168.1.102/24


-# Doman and email configuration
+# Domain and email configuration
 #
-EMAIL=user@example.com
-
 DOMAIN=example.com
+EMAIL=user@example.com


 # Web app/service domain configuration
--- a/gate-traefik/make.sh
+++ b/gate-traefik/make.sh
@ -75,7 +75,7 @@ echo "# Installing dependencies..."
@ lxc-attach $ID apk add bash bridge iptables traefik logrotate

 echo "# Copying assets..."
-@ pct-push-r $ID ./assets /
+pctPushAssets $ID

 echo "# Setup: traefik..."
@ lxc-attach $ID rc-update add traefik
--- a/gitea/make.sh
+++ b/gitea/make.sh
@ -72,7 +72,7 @@ echo "# Starting TKL UI..."
@ lxc-attach $ID -- bash -c "HUB_APIKEY=SKIP SEC_UPDATES=SKIP /usr/sbin/turnkey-init"

 echo "# Copying assets..."
-@ pct-push-r $ID ./assets /
+pctPushAssets $ID

 echo "# Disabling fail2ban..."
 # NOTE: we do not need this as we'll be running from behind a reverse proxy...
--- a/nextcloud/make.sh
+++ b/nextcloud/make.sh
@ -52,13 +52,24 @@ APP_DOMAIN=$DOMAIN

 #----------------------------------------------------------------------

+INTERFACES=(
+	"name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth"
+)
+
+# XXX move this to .pct-helpers
+INTERFACES_ARGS=()
+i=0
+for interface in "${INTERFACES[@]}" ; do
+	INTERFACES_ARGS+=("--net${i} "${interface}"")
+	i=$(( i + 1 ))
+done
 # NOTE: TKL gui will not function correctly without nesting enabled...
 OPTS_STAGE_1="\
 	--hostname $CTHOSTNAME \
 	--cores $CORES \
 	--memory $RAM \
 	--swap $SWAP \
-	--net0 name=lan,bridge=vmbr${LAN_BRIDGE},firewall=1,ip=dhcp,type=veth \
+	"${INTERFACES_ARGS[@]}" \
 	--storage local-lvm \
 	--rootfs local-lvm:$DRIVE \
 	--unprivileged 1 \
@ -134,7 +145,8 @@ done
@ lxc-attach $ID -- turnkey-occ maintenance:update:htaccess

 echo "# Copying assets..."
-@ pct-push-r $ID ./assets /
+pctPushAssets $ID
+# XXX need to push proxy config to gate...

 echo "# Disabling fail2ban..."
 # NOTE: we do not need this as we'll be running from behind a reverse proxy...
--- a/ns/make.sh
+++ b/ns/make.sh
@ -75,7 +75,7 @@ echo "# Installing dependencies..."
@ lxc-attach $ID apk add bash dnsmasq logrotate

 echo "# Copying assets..."
-@ pct-push-r $ID ./assets /
+pctPushAssets $ID

 echo "# Setup: dnsmasq..."
@ lxc-attach $ID rc-update add dnsmasq
--- a/syncthing/make.sh
+++ b/syncthing/make.sh
@ -60,6 +60,9 @@ OPTS_STAGE_2="\

 #----------------------------------------------------------------------

+echo "# Building config..."
+buildAssets
+
 echo "# Creating CT..."
 pctCreateAlpine $ID "${OPTS_STAGE_1}" "$PASS"

--- a/wireguard/make.sh
+++ b/wireguard/make.sh
@ -100,7 +100,7 @@ echo "# Installing dependencies..."
 	iptables wireguard-tools-wg-quick make bind-tools libqrencode logrotate

 echo "# Copying assets..."
-@ pct-push-r $ID ./assets /
+pctPushAssets $ID
@ lxc-attach $ID -- chmod +x /root/getFreeClientIP

 echo "# Setup: wireguard server and client profile..."
Author	SHA1	Message	Date
Alex A. Naanou	5d6e412d29	tweaking... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 21:07:44 +03:00
Alex A. Naanou	b5489d7a2b	fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 21:01:35 +03:00
Alex A. Naanou	820421a9da	bugfix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 20:37:01 +03:00
Alex A. Naanou	9737e1fb2b	fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 19:00:22 +03:00
Alex A. Naanou	27338f3a9d	fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 18:40:48 +03:00
Alex A. Naanou	ef6513923e	minor fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 18:37:20 +03:00
Alex A. Naanou	83d92d8824	minor fix... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 18:36:57 +03:00
Alex A. Naanou	da2837a80d	cleanup... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 18:08:55 +03:00
Alex A. Naanou	3963fdd97e	refactoring... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-20 17:58:46 +03:00
Alex A. Naanou	153e0a9c82	Merge branch 'master' of github.com:flynx/proxmox-utils	2024-01-19 02:51:18 +03:00
Alex A. Naanou	a73f38485b	refactoring... Signed-off-by: Alex A. Naanou <alex.nanou@gmail.com>	2024-01-19 02:51:11 +03:00