hak8or
/
proxmox_scripts
mirror of https://github.com/hak8or/proxmox_scripts.git
1
0
Fork 0
Code Issues 0 Releases 0 Wiki Activity
Collection of scripts for interfacing with proxmox containers
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
40 Commits
2 Branches
99 KiB
 
 
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
proxmox_scripts/deploy.sh

239 lines
8.8 KiB
Raw Permalink Blame History 

  1. #!/usr/bin/env bash

  2. 

  3. ##########################

  4. # Deploy script used for initilizing an Arch based container on Proxmox

  5. # You should have cowsay installed because it's awesome!

  6. ##########################

  7. 

  8. # This will not work currently because of a bug somewhere along apparmour,

  9. # lxd, lcx, or systemd. Seems most of the blame is on apparmour who refuse

  10. # to do anything about it. Until that is fixed, this script will not work,

  11. # so say so instead of realizing the issue, forgetting about it after a few

  12. # weeks, then spending another few hours wondering what the hell is going

  13. # on, and then finding my original post on launchpad.

  14. #

  15. # If this is bypassed, you will get a container which when booting will

  16. # not have any network interface.

  17. echo " !!!!! THIS DOES NOT WORK WITH NEW PROXMOX !!!!!"

  18. echo "   Check out hak8or post on https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1811248"

  19. exit

  20. 

  21. # Header for this script

  22. TITLE="Deployment_Script"

  23. DEPTH=0

  24. if [[ $DEPTH == 0 ]]; then

  25.     TAGSTR="-->"

  26. elif [[ $DEPTH == 1 ]]; then

  27.     TAGSTR="--->"

  28. elif [[ $DEPTH == 2 ]]; then

  29.     TAGSTR="----->"

  30. elif [[ $DEPTH == 3 ]]; then

  31.     TAGSTR="------>"

  32. fi

  33. echo "====== $TITLE ======"

  34. 

  35. # IP address of the Proxmox host

  36. PROXMOX_IP_ADDR=10.10.10.200

  37. PROXMOX_PORT=2221

  38. if [[ -z $PROXMOX_IP_ADDR ]]; then

  39.     echo "$TAGSTR PROXMOX_IP_ADDR was not set!"

  40.     exit

  41. fi

  42. 

  43. # Verify we can talk to the proxmox host.

  44. REPLYFROMSERVER=$(ssh root@$PROXMOX_IP_ADDR -p $PROXMOX_PORT  $"echo "Hello World"")

  45. if [[ $REPLYFROMSERVER != "Hello World" ]]; then

  46.     echo "$TAGSTR Failed to verify SSH connectivty with proxmox host."

  47.     exit

  48. fi

  49. 

  50. # Retrieve the IP address of a container as IPv4,IPv6. Arg1 is the container ID.

  51. FN_get_IPaddr (){

  52.     # IPv6 address fetch. We can't use the -4 or -6 flags because escaping turns into a nightmare.

  53.     IPv6ADDR=$(ssh root@$PROXMOX_IP_ADDR -p $PROXMOX_PORT "pct exec $1 ip addr show dev eth0 | grep \"inet6 fe80\"")

  54.     IPv6ADDR=$(echo $IPv6ADDR | awk '{a=$2; split(a, b, "/"); print b[1]}')

  55. 

  56.     # IPv4 address fetch

  57.     IPv4ADDR=$(ssh root@$PROXMOX_IP_ADDR -p $PROXMOX_PORT "pct exec $1 ip addr show dev eth0 | grep \"inet 10\"")

  58.     IPv4ADDR=$(echo $IPv4ADDR | awk '{a=$2; split(a, b, "/"); print b[1]}')

  59. }

  60. 

  61. # Run a script on the the proxmox container. Arg 1 is container ID, arg 2 is script file.

  62. # 

  63. # This uses the proxmox host as a proxy, meaning it writes the script into the host, and

  64. # then copies from proxmox to the guest, and executes on the guest. Only useful when you

  65. # can't copy to script directly to the guest, like when ssh isn't running yet.

  66. #

  67. # Run script over SSH instead of using this when possible. For example:

  68. # ssh root@$IPv6ADDR 'bash -s' < somescript.sh

  69. FN_exec_script_proxy_container(){

  70.     scp -P $PROXMOX_PORT $2 root@$PROXMOX_IP_ADDR:/tmp/$2 > /dev/null

  71. 

  72.     ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR /usr/bin/env bash <<- AcRP030Cclfad6

  73.         pct push $1 /tmp/$2 /tmp/$2 > /dev/null

  74.         pct exec $1 chmod +x /tmp/$2

  75.         pct exec $1 /tmp/$2

  76. AcRP030Cclfad6

  77. }

  78. 

  79. # Runs a single script or copies the contents of a directory and executes a script that has

  80. # the same name as the directory but with the .sh extension appended.

  81. #

  82. # Arg1 is the file name, Arg2 is the ip address.

  83. FN_copyandorexec(){

  84.     # Check if it's just a normal file (not directory).

  85.     if [[ -f $1 ]]; then

  86.         ssh root@$2 'bash -s' < $1

  87.     fi

  88. 

  89.     # If it's a directory, copy the contents.

  90.     if [[ -d $1 ]]; then

  91.         # This may take a while, so let user know something is happening.

  92.         echo "$TAGSTR Copying contents of $1"

  93. 

  94.         # Use Rsync in case it's many files.

  95.         # Flag -a: Archive (recursive, copy symbolic links, modification times, etc)

  96.         # Flag -z: Compress (use compression when sending)

  97.         # Flag -e: specifies remote shell to use (to disable fingerprint verification)

  98.         rsync -aze "ssh -q -o StrictHostKeyChecking=no" $1 root@[$2]:/tmp

  99. 

  100.         # Execute the presumed script inside the directory.

  101.         ssh root@$2 "cd /tmp/$1; ./$1.sh"

  102.     fi

  103. }

  104. 

  105. # Check if we are referring to a specific container.

  106. if [[ $1 == "-ID" ]]; then

  107.     # Make sure we have a container ID

  108.     if [[ -z $2 ]]; then

  109.         echo "$TAGSTR No container ID was given!"

  110.         exit

  111.     fi

  112. 

  113.     # Get the machines IPv4 and IPv6 address.

  114.     FN_get_IPaddr $2

  115. 

  116.     # Check if this is a snapshot operation

  117.     if [[ $3 == "-snapshot" ]]; then

  118.         # If no snapshot name given, abort.

  119.         if [[ -z $4 ]]; then

  120.             echo "$TAGSTR No snapshot name given!"

  121.             exit

  122.         fi

  123. 

  124.         # Check if the snapshot exists on proxmox for this VMID.

  125.         SNAPSHOT_LIST=$(ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR "pct listsnapshot $2")

  126.         SNAPSHOT_LIST=$(echo "$SNAPSHOT_LIST" | awk '{print $1}' | grep $4)

  127.         if [[ -z $SNAPSHOT_LIST ]]; then

  128.             # Create a snapshot with this name.

  129.             echo "$TAGSTR Creating a snapshot called $4 for VMID $2!"

  130.             ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR "pct snapshot $2 $4"

  131.         else

  132.             # Restore to the snapshot

  133.             echo "$TAGSTR Rollbacking VMID $2 to snapshot $4!"

  134.             ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR "pct rollback $2 $4"

  135. 

  136.             echo "$TAGSTR Starting VMID $2!"

  137.             ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR "pct start $2"

  138.         fi

  139.         echo "$TAGSTR $IPv4ADDR, $IPv6ADDR"

  140.         exit

  141.     fi

  142. 

  143.     # Check if a script/dir was provided.

  144.     if [[ -z $3 ]]; then

  145.         # No script found, just return the ip address.

  146.         echo "$IPv4ADDR, $IPv6ADDR"

  147.         exit

  148.     else

  149.         # A script/dir was found, verify it exists.

  150.         if [[ -e $3 ]]; then

  151.             FN_copyandorexec $3 $IPv6ADDR

  152.             echo "$TAGSTR $IPv4ADDR, $IPv6ADDR"

  153.             exit

  154.         else

  155.             echo "$TAGSTR Directory or file $3 was not found."

  156.             exit

  157.         fi

  158.     fi

  159. fi

  160. 

  161. # Make sure SSH public key is in proxmox host. This overwrites if it exists.

  162. scp -P $PROXMOX_PORT $HOME/.ssh/id_rsa.pub root@$PROXMOX_IP_ADDR:/tmp/id_rsa.pub > /dev/null

  163. 

  164. # No specific container was provided, so we create one.

  165. # Can pass small script like this: https://stackoverflow.com/a/3872762/516959

  166. echo "$TAGSTR Creating container"

  167. VMID=$(ssh -p $PROXMOX_PORT root@$PROXMOX_IP_ADDR /usr/bin/env bash <<-'AcRP030CAlfad6'

  168.     # use the highest VMID+1 as our new VMID. This returns 1 if no VMID's exist.

  169.     VMID=$(pct list | awk 'NR > 1 {print $1}' | sort -nr | head -n1)

  170.     VMID=$(($VMID + 1))

  171. 

  172.     # VMID's less than 100 are for internal proxmox use, make sure we are >= 100.

  173.     # This also could mean there were no proxmox boxes created.

  174.     if [[ $VMID -lt 100 ]]; then

  175.         VMID=100

  176.     fi

  177. 

  178.     # Get the IP Addresses

  179.     CTIP=10.10.10.$(($VMID + 100))/24

  180.     CTGW=10.10.10.1

  181.     CTIPv6=2001:470:8a74::$(($VMID + 100))/64

  182.     CTGWv6=2001:470:8a74::1

  183. 

  184.     # Create a new container with the VMID

  185.     # Use Below to create a new container template. Can also right click in proxmox GUI

  186.     # but that does not handle clearing pacman cache, etc.

  187.     #   https://forum.proxmox.com/threads/customize-a-lxc-template.23461/

  188.     #   https://forum.proxmox.com/threads/lxc-create-template-from-existing-container.24239/

  189.     # For Arch linux:

  190.     #   1. Login via pct enter instead of ssh

  191.     #   2. Remove all contents of ~/.ssh folder

  192.     #   3. Clear pacman cache with yay -Scc

  193.     #   4. Exit and shutdown the container

  194.     #   5. Remove Network interface via proxmox web GUI

  195.     #   6. Create a backup (not snapshot!)

  196.     #   7. Copy backup from /var/lib/vz/dump to /var/lib/vz/template/cache

  197.     #   8. Rename file to better template name.

  198.     TEMPLATE=archlinux_custombase_2-16-2019.tar.lzo

  199.     #TEMPLATE=archlinux_custombase_4-24-2018.tar.lzo

  200.     #TEMPLATE=archlinux-base_20170704-1_amd64.tar.gz

  201.     #TEMPLATE=archlinux_bootstrapped_11-14-2017.tar.gz

  202.     pct create $VMID /var/lib/vz/template/cache/$TEMPLATE -ssh-public-keys /tmp/id_rsa.pub -storage local-zfs -net0 name=eth0,bridge=vmbr2004,ip=$CTIP,gw=$CTGW,ip6=$CTIPv6,gw6=$CTGWv6, -ostype archlinux > /dev/null

  203. 

  204.     # Start the container.

  205.     pct start $VMID > /dev/null

  206. 

  207.     # And say all went well.

  208.     echo "$VMID"

  209. AcRP030CAlfad6

  210. )

  211. 

  212. # Send and execute our arch init script.

  213. FN_exec_script_proxy_container $VMID arch_setup.sh

  214. 

  215. # Wait a bit for the vm to initilize fully.

  216. sleep 2

  217. 

  218. # Get the IPv4 and IPv6 addresses of our noew container.

  219. FN_get_IPaddr $VMID

  220. 

  221. # Wipe the fingerprint of the host in case it was used earlier.

  222. ssh-keygen -R $IPv6ADDR > /dev/null

  223. ssh-keygen -R $IPv4ADDR > /dev/null

  224. 

  225. # Run any potential secondary script.

  226. if [[ -n $1 ]]; then

  227.     # A script was found, verify it exists.

  228.     if [[ -e $1 ]]; then

  229.         FN_copyandorexec $1 $IPv6ADDR

  230.     else

  231.         echo "$TAGSTR Directory or file $1 was not found."

  232.         exit

  233.     fi

  234. fi

  235. 

  236. # Lastly, say we are done and what the IP address is to the terminal.

  237. echo "$TAGSTR Completed $TITLE"

  238. cowsay "Arch setup all done! VMID: $VMID, IPv4: $IPv4ADDR, IPv6: $IPv6ADDR"