|
|
@ -32,7 +32,7 @@ function prepare_lxd { |
|
|
echo "define lxd and assign to user <$USER>" |
|
|
echo "define lxd and assign to user <$USER>" |
|
|
sudo groupadd --force "$NEW_GROUP" |
|
|
sudo groupadd --force "$NEW_GROUP" |
|
|
sudo usermod --append --groups "$NEW_GROUP" "$(whoami)" |
|
|
sudo usermod --append --groups "$NEW_GROUP" "$(whoami)" |
|
|
exec sg "$NEW_GROUP" "exec '$0' $(printf "'%s' " SESSION_RELOAD_REQUIRED "$@")" |
|
|
|
|
|
|
|
|
exec sg "$NEW_GROUP" exec "$0 $TARGET SESSION_RELOAD_REQUIRED $@" |
|
|
# no further processing because exec has been called! |
|
|
# no further processing because exec has been called! |
|
|
else |
|
|
else |
|
|
echo "user <$USER> already belongs to group <lxd>!" |
|
|
echo "user <$USER> already belongs to group <lxd>!" |
|
|
@ -40,75 +40,65 @@ function prepare_lxd { |
|
|
|
|
|
|
|
|
sudo /opt/miaou-bash/tools/idem_apt_install lxd btrfs-progs |
|
|
sudo /opt/miaou-bash/tools/idem_apt_install lxd btrfs-progs |
|
|
|
|
|
|
|
|
|
|
|
override_lxd_service |
|
|
|
|
|
|
|
|
# test lxdbr0 |
|
|
# test lxdbr0 |
|
|
if ! lxc network info lxdbr0 &>/dev/null; then |
|
|
if ! lxc network info lxdbr0 &>/dev/null; then |
|
|
|
|
|
|
|
|
echo "bridge <lxdbr0> down, so initialization will use default preseed..." |
|
|
echo "bridge <lxdbr0> down, so initialization will use default preseed..." |
|
|
sudo lxd init |
|
|
|
|
|
# cat <<EOF | sudo lxd init --preseed |
|
|
|
|
|
|
|
|
|
|
|
# NEW |
|
|
|
|
|
# networks: |
|
|
|
|
|
# - config: |
|
|
|
|
|
# ipv4.address: auto |
|
|
|
|
|
# ipv6.address: none |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# name: lxdbr0 |
|
|
|
|
|
# type: "" |
|
|
|
|
|
# project: default |
|
|
|
|
|
# storage_pools: |
|
|
|
|
|
# - config: |
|
|
|
|
|
# source: /dev/sda4 |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# name: default |
|
|
|
|
|
# driver: btrfs |
|
|
|
|
|
# profiles: |
|
|
|
|
|
# - config: {} |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# devices: |
|
|
|
|
|
# eth0: |
|
|
|
|
|
# name: eth0 |
|
|
|
|
|
# network: lxdbr0 |
|
|
|
|
|
# type: nic |
|
|
|
|
|
# root: |
|
|
|
|
|
# path: / |
|
|
|
|
|
# pool: default |
|
|
|
|
|
# type: disk |
|
|
|
|
|
# name: default |
|
|
|
|
|
# projects: [] |
|
|
|
|
|
# cluster: null |
|
|
|
|
|
|
|
|
|
|
|
# OLD |
|
|
|
|
|
# networks: |
|
|
|
|
|
# - config: |
|
|
|
|
|
# ipv4.address: auto |
|
|
|
|
|
# ipv6.address: none |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# name: lxdbr0 |
|
|
|
|
|
# type: "" |
|
|
|
|
|
# project: default |
|
|
|
|
|
# storage_pools: |
|
|
|
|
|
# - config: |
|
|
|
|
|
# source: /dev/sda4 |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# name: default |
|
|
|
|
|
# driver: btrfs |
|
|
|
|
|
# profiles: |
|
|
|
|
|
# - config: {} |
|
|
|
|
|
# description: "" |
|
|
|
|
|
# devices: |
|
|
|
|
|
# eth0: |
|
|
|
|
|
# name: eth0 |
|
|
|
|
|
# network: lxdbr0 |
|
|
|
|
|
# type: nic |
|
|
|
|
|
# root: |
|
|
|
|
|
# path: / |
|
|
|
|
|
# pool: default |
|
|
|
|
|
# type: disk |
|
|
|
|
|
# name: default |
|
|
|
|
|
# projects: [] |
|
|
|
|
|
# cluster: null |
|
|
|
|
|
|
|
|
|
|
|
echo OK |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
empty_block_partition='' |
|
|
|
|
|
if lsblk -o NAME,FSTYPE,GROUP --noheadings -p | grep -E ^.─ | grep disk; then |
|
|
|
|
|
# FIXME: when nesting no DISK type partition found! |
|
|
|
|
|
empty_block_partition=$(lsblk -o NAME,FSTYPE,GROUP --noheadings -p | grep -E ^.─ | grep disk | awk '{if($3=="") print $1}' | cut -d'/' -f3) |
|
|
|
|
|
fi |
|
|
|
|
|
if [[ -n "$empty_block_partition" ]]; then |
|
|
|
|
|
echo "use empty block partition /dev/$empty_block_partition" |
|
|
|
|
|
cat <<EOF | sudo lxd init --preseed |
|
|
|
|
|
config: {} |
|
|
|
|
|
networks: |
|
|
|
|
|
- config: |
|
|
|
|
|
ipv4.address: auto |
|
|
|
|
|
ipv6.address: none |
|
|
|
|
|
description: "" |
|
|
|
|
|
name: lxdbr0 |
|
|
|
|
|
type: "" |
|
|
|
|
|
project: default |
|
|
|
|
|
storage_pools: |
|
|
|
|
|
- config: |
|
|
|
|
|
source: /dev/$empty_block_partition |
|
|
|
|
|
description: "" |
|
|
|
|
|
name: default |
|
|
|
|
|
driver: btrfs |
|
|
|
|
|
profiles: |
|
|
|
|
|
- config: {} |
|
|
|
|
|
description: "" |
|
|
|
|
|
devices: |
|
|
|
|
|
eth0: |
|
|
|
|
|
name: eth0 |
|
|
|
|
|
network: lxdbr0 |
|
|
|
|
|
type: nic |
|
|
|
|
|
root: |
|
|
|
|
|
path: / |
|
|
|
|
|
pool: default |
|
|
|
|
|
type: disk |
|
|
|
|
|
name: default |
|
|
|
|
|
projects: [] |
|
|
|
|
|
cluster: null |
|
|
|
|
|
EOF |
|
|
|
|
|
echo OK |
|
|
|
|
|
else |
|
|
|
|
|
echo "use dir partition" |
|
|
|
|
|
cat <<EOF | lxd init --preseed |
|
|
|
|
|
config: {} |
|
|
|
|
|
networks: |
|
|
|
|
|
- name: lxdbr0 |
|
|
|
|
|
type: bridge |
|
|
|
|
|
config: |
|
|
|
|
|
ipv4.address: auto |
|
|
|
|
|
ipv6.address: none |
|
|
|
|
|
EOF |
|
|
|
|
|
fi |
|
|
else |
|
|
else |
|
|
echo "bridge <lxdbr0> found implies it has been already initialized!" |
|
|
echo "bridge <lxdbr0> found implies it has been already initialized!" |
|
|
fi |
|
|
fi |
|
|
@ -118,7 +108,8 @@ function prepare_lxd { |
|
|
set_alias 'll' 'list -c ns4mDN' |
|
|
set_alias 'll' 'list -c ns4mDN' |
|
|
|
|
|
|
|
|
# test environment container hostname |
|
|
# test environment container hostname |
|
|
local env_container_hostname=$(lxc profile get default environment.container_hostname) |
|
|
|
|
|
|
|
|
local env_container_hostname |
|
|
|
|
|
env_container_hostname=$(lxc profile get default environment.container_hostname) |
|
|
if [[ -z "$env_container_hostname" ]]; then |
|
|
if [[ -z "$env_container_hostname" ]]; then |
|
|
env_container_hostname=$(hostname -s) |
|
|
env_container_hostname=$(hostname -s) |
|
|
if env | grep -q container_hostname; then |
|
|
if env | grep -q container_hostname; then |
|
|
@ -137,12 +128,6 @@ function prepare_lxd { |
|
|
echo -n "subuid, subgid allowing <$(whoami)> ..." |
|
|
echo -n "subuid, subgid allowing <$(whoami)> ..." |
|
|
printf "root:$(id -u):1\n" | sudo tee -a /etc/subuid /etc/subgid |
|
|
printf "root:$(id -u):1\n" | sudo tee -a /etc/subuid /etc/subgid |
|
|
PREFIX="" echoinfo DONE |
|
|
PREFIX="" echoinfo DONE |
|
|
|
|
|
|
|
|
# root:1000:1 |
|
|
|
|
|
# root:100000:65536 |
|
|
|
|
|
# _lxd:100000:65536 |
|
|
|
|
|
# <USER>:100000:65536 |
|
|
|
|
|
|
|
|
|
|
|
else |
|
|
else |
|
|
echo "subuid, subgid allowing <$(whoami)> already done!" |
|
|
echo "subuid, subgid allowing <$(whoami)> already done!" |
|
|
fi |
|
|
fi |
|
|
@ -156,8 +141,8 @@ function prepare_lxd { |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
if [[ ! -d "$HOME/LXD/BACKUP" ]]; then |
|
|
if [[ ! -d "$HOME/LXD/BACKUP" ]]; then |
|
|
echo -n "$HOME/LXD/SHARED creating ... " |
|
|
|
|
|
mkdir "$HOME/LXD/SHARED" -p |
|
|
|
|
|
|
|
|
echo -n "$HOME/LXD/BACKUP creating ... " |
|
|
|
|
|
mkdir "$HOME/LXD/BACKUP" -p |
|
|
PREFIX="" echoinfo DONE |
|
|
PREFIX="" echoinfo DONE |
|
|
else |
|
|
else |
|
|
echo "folder <$HOME/LXD/BACKUP> already created!" |
|
|
echo "folder <$HOME/LXD/BACKUP> already created!" |
|
|
@ -169,11 +154,11 @@ function set_alias { |
|
|
local name="$1" |
|
|
local name="$1" |
|
|
local command="$2" |
|
|
local command="$2" |
|
|
if ! lxc alias list -f csv | grep -q "^$name,"; then |
|
|
if ! lxc alias list -f csv | grep -q "^$name,"; then |
|
|
echo -n "define lxc alias $name ..." |
|
|
|
|
|
|
|
|
echo -n "defining new lxc alias <$name> ..." |
|
|
lxc alias add "$name" "$command" |
|
|
lxc alias add "$name" "$command" |
|
|
PREFIX="" echoinfo OK |
|
|
PREFIX="" echoinfo OK |
|
|
else |
|
|
else |
|
|
echo "lxc alias "$name" already defined!" |
|
|
|
|
|
|
|
|
echo "lxc alias <$name> already defined!" |
|
|
fi |
|
|
fi |
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
@ -329,7 +314,7 @@ function extra_dev_desktop { |
|
|
: |
|
|
: |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
function override_lxd_service_to_reload_nftables { |
|
|
|
|
|
|
|
|
function override_lxd_service { |
|
|
local PREFIX="lxd:override" |
|
|
local PREFIX="lxd:override" |
|
|
|
|
|
|
|
|
if [[ ! -d /etc/systemd/system/lxd.service.d ]]; then |
|
|
if [[ ! -d /etc/systemd/system/lxd.service.d ]]; then |
|
|
@ -338,8 +323,10 @@ function override_lxd_service_to_reload_nftables { |
|
|
cat <<EOF | sudo tee /etc/systemd/system/lxd.service.d/override.conf |
|
|
cat <<EOF | sudo tee /etc/systemd/system/lxd.service.d/override.conf |
|
|
[Service] |
|
|
[Service] |
|
|
ExecStartPost=systemctl reload nftables.service |
|
|
ExecStartPost=systemctl reload nftables.service |
|
|
|
|
|
Environment=LANGUAGE=en:en_US |
|
|
EOF |
|
|
EOF |
|
|
sudo systemctl daemon-reload |
|
|
sudo systemctl daemon-reload |
|
|
|
|
|
sudo systemctl restart lxd.service |
|
|
PREFIX="" echo "OK" |
|
|
PREFIX="" echo "OK" |
|
|
else |
|
|
else |
|
|
echo "lxd service already overridden!" |
|
|
echo "lxd service already overridden!" |
|
|
@ -357,9 +344,23 @@ function ask_for_credential { |
|
|
echo "successfully checked!" |
|
|
echo "successfully checked!" |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
function preload_bookworm_image { |
|
|
|
|
|
local PREFIX="preload:bookworm" |
|
|
|
|
|
|
|
|
|
|
|
if [[ $(lxc image list debian/12/cloud -f csv | wc -l) -lt 1 ]]; then |
|
|
|
|
|
echo -n "downloading images from publc remote, please hold on..." |
|
|
|
|
|
lxc image copy images:debian/12/cloud local: --copy-aliases --quiet |
|
|
|
|
|
PREFIX="" echoinfo OK |
|
|
|
|
|
else |
|
|
|
|
|
echo -n "refreshing images from publc remote..." |
|
|
|
|
|
lxc image refresh debian/12/cloud --quiet |
|
|
|
|
|
PREFIX="" echoinfo DONE |
|
|
|
|
|
fi |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
### MAIN |
|
|
### MAIN |
|
|
|
|
|
|
|
|
if [[ "${1:-}" == "SESSION_RELOAD_REQUIRED" ]]; then |
|
|
|
|
|
|
|
|
if [[ "${2:-}" == "SESSION_RELOAD_REQUIRED" ]]; then |
|
|
SESSION_RELOAD_REQUIRED=true |
|
|
SESSION_RELOAD_REQUIRED=true |
|
|
shift |
|
|
shift |
|
|
else |
|
|
else |
|
|
@ -392,12 +393,11 @@ else |
|
|
add_toolbox_sudoers |
|
|
add_toolbox_sudoers |
|
|
prepare_nftables |
|
|
prepare_nftables |
|
|
prepare_lxd "$@" |
|
|
prepare_lxd "$@" |
|
|
override_lxd_service_to_reload_nftables |
|
|
|
|
|
|
|
|
preload_bookworm_image |
|
|
miaou_resolver |
|
|
miaou_resolver |
|
|
miaou_evalfrombashrc |
|
|
miaou_evalfrombashrc |
|
|
miaou_configfiles |
|
|
miaou_configfiles |
|
|
ask_for_credential |
|
|
ask_for_credential |
|
|
prepare_nftables |
|
|
|
|
|
opt_link |
|
|
opt_link |
|
|
extra_dev_desktop |
|
|
extra_dev_desktop |
|
|
|
|
|
|
|
|
|
