Rigo/zamba-lxc-toolbox
1
0
Fork 0
forked from bashclub/zamba-lxc-toolbox
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #36 from diddip21/devel

Browse Source 
hostname prefix | summary to pct description
This commit is contained in:
Thorsten Spille
2021-08-13 15:14:25 +02:00
committed by GitHub
parent 4b651877c0 510bdbb1a6
commit 3a1ee6a2bf
7 changed files with 288 additions and 224 deletions
Download Patch File Download Diff File Expand all files Collapse all files

240
conf/README.md
View File

@@ -1 +1,239 @@
# USE THIS FOLDER TO STORE YOUR OWN ZMB CONFIGS # USE THIS FOLDER TO STORE YOUR OWN ZMB CONFIGS
# `zamba.conf` options reference
This is the reference of all config options you can set in `zamba.conf`
<br>
## Linux Container Section
In this section all settings relevant for the LXC container.
<br>
### LXC_TEMPLATE_STORAGE
Defines the Proxmox storage where your LXC container template are stored (default: local)
```bash
LXC_TEMPLATE_STORAGE="local"
```
### LXC_ROOTFS_SIZE
Defines the size in GB of the LXC container's root filesystem (default: 32)
```bash
LXC_ROOTFS_SIZE="32"
```
Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`.
### LXC_ROOTFS_STORAGE
Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs)
```bash
LXC_ROOTFS_STORAGE="local-zfs"
```
### LXC_SHAREFS_SIZE
Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100)
```bash
LXC_SHAREFS_SIZE="100"
```
### LXC_SHAREFS_STORAGE
Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs)
```bash
LXC_SHAREFS_STORAGE="local-zfs"
```
### LXC_SHAREFS_MOUNTPOINT
Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
```bash
LXC_SHAREFS_MOUNTPOINT="tank"
```
### LXC_MEM
Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
```bash
LXC_MEM="1024"
```
### LXC_SWAP
Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024)
```bash
LXC_SWAP="1024"
```
### LXC_HOSTNAME
Defines the hostname of your LXC container
```bash
LXC_HOSTNAME="${service}.zmbrocks"
```
### LXC_DOMAIN
Defines the domain name / search domain of your LXC container
```bash
LXC_DOMAIN="zmb.rocks"
```
### LXC_DHCP
Enable DHCP on LAN (eth0) - (Obtain an IP address automatically) [true/false]
```bash
LXC_DHCP=false
```
### LXC_IP
Defines the local IP address and subnet of your LXC container in CIDR format
```bash
LXC_IP="10.10.80.20/24"
```
### LXC_GW
Defines the default gateway IP address of your LXC container
```bash
LXC_GW="10.10.80.254"
```
### LXC_DNS
Defines the DNS server ip address of your LXC container
```bash
LXC_DNS="10.10.80.254"
```
`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
### LXC_BRIDGE
Defines the network bridge to bind the network adapter of your LXC container
```bash
LXC_BRIDGE="vmbr0"
```
### LXC_VLAN
Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty.
```bash
LXC_VLAN="80"
```
### LXC_PWD
Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour.
```bash
LXC_PWD="S3cr3tp@ssw0rd"
```
### LXC_AUTHORIZED_KEY
Defines an authorized_keys file to push into the LXC container.
By default the authorized_keys will be inherited from your proxmox host.
```bash
LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys"
```
### LXC_TOOLSET
Define your (administrative) tools, you always want to have installed into your LXC container
```bash
LXC_TOOLSET="vim htop net-tools dnsutils sysstat mc"
```
### LXC_TIMEZONE
Define the local timezone of your LXC container (default: Euroe/Berlin)
```bash
LXC_TIMEZONE="Europe/Berlin"
```
### LXC_LOCALE
Define system language on LXC container (locales)
With this paramater you can generate additional locales, the default language will be inherited from proxmox host.
```bash
LXC_LOCALE="en_US.UTF-8""
```
### Set dark background for vim syntax highlighting (0 or 1)
```bash
LXC_VIM_BG_DARK=1
```
## Zamba Server Section
This section configures the Zamba server (AD DC, AD member and standalone)
<br>
### ZMB_REALM
Defines the REALM for the Active Directory (AD DC, AD member)
```bash
ZMB_REALM="ZMB.ROCKS"
```
### ZMB_DOMAIN
Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
```bash
ZMB_DOMAIN="ZMB"
```
### ZMB_ADMIN_USER
Defines the name of your domain administrator account (AD DC, AD member, standalone)
```bash
ZMB_ADMIN_USER="Administrator"
```
### ZMB_ADMIN_PASS
Defines the domain administrator's password (AD DC, AD member).
```bash
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
```
Please use 'single quotation marks' to avoid unexpected behaviour.
`zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail.
### ZMB_SHARE
Defines the name of your Zamba share
```bash
ZMB_SHARE="share"
```
<br>
## Mailpiler section
This section configures the mailpiler email archive
<br>
### PILER_FQDN
Defines the (public) FQDN of your piler mail archive
```bash
PILER_FQDN="piler.zmb.rocks"
```
### PILER_SMARTHOST
Defines the smarthost for piler mail archive
```bash
PILER_SMARTHOST="10.10.80.20"
```
<br>
## Matrix section
This section configures the matrix chat server
<br>
### MATRIX_FQDN
Define the FQDN of your Matrix server
```bash
MATRIX_FQDN="matrix.zmb.rocks"
```
### MATRIX_ELEMENT_FQDN
Define the FQDN for the Element Web virtual host
```bash
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
```
### MATRIX_ELEMENT_VERSION
Define the version of Element Web
```bash
MATRIX_ELEMENT_VERSION="v1.7.24"
```
## Nextcloud Section
This section configures the nextcloud server
<br>
### Define the FQDN of your Nextcloud server
```bash
NEXTCLOUD_FQDN="nc1.zmb.rocks"
```
### The initial admin-user which will be configured
```bash
NEXTCLOUD_ADMIN_USR="zmb-admin"
```
### Build a strong password for this user. Username and password will shown at the end of the instalation.
```bash
NEXTCLOUD_ADMIN_PWD="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 32 | head -n 1)"
```
### Defines the data directory, which will be createt under LXC_SHAREFS_MOUNTPOINT
```bash
NEXTCLOUD_DATA="nc_data"
```
### Defines the trusted reverse proxy, which will enable the detection of source ip to fail2ban
```bash
NEXTCLOUD_REVPROX="192.168.100.254"
```
## Check_MK Section
This section configures the checkmk server
<br>
### Define the name of your checkmk instance
```bash
CMK_INSTANCE=zmbrocks
```
### Define the password of user 'cmkadmin'
```bash
CMK_ADMIN_PW='Ju5t@n0thers3cur3p@ssw0rd'
```
### checkmk edition (raw or free)
#### raw = completely free
#### free = limited version of the enterprise edition (25 hosts, 1 instance)
```bash
CMK_EDITION=raw
```

10
conf/zamba.conf.example
View File

@@ -34,7 +34,7 @@ LXC_MEM="1024"
LXC_SWAP="1024" LXC_SWAP="1024"
# Defines the hostname of your LXC container # Defines the hostname of your LXC container
LXC_HOSTNAME="zamba" LXC_HOSTNAME="${service}"
# Defines the domain name / search domain of your LXC container # Defines the domain name / search domain of your LXC container
LXC_DOMAIN="zmb.rocks" LXC_DOMAIN="zmb.rocks"
@@ -73,8 +73,10 @@ LXC_TOOLSET="vim htop net-tools dnsutils sysstat mc"
LXC_TIMEZONE="Europe/Berlin" LXC_TIMEZONE="Europe/Berlin"
# Define system language on LXC container (locales) # Define system language on LXC container (locales)
# With thi paramater you can generate additional locales, the default language will be inherited from proxmox host. # With this paramater you can generate additional locales, the default language will be inherited from proxmox host.
LXC_LOCALE="en_US.UTF-8" # en_US.UTF-8 english
# de_DE.UTF-8 german (default)
LXC_LOCALE="de_DE.UTF-8"
# Set dark background for vim syntax highlighting (0 or 1) # Set dark background for vim syntax highlighting (0 or 1)
LXC_VIM_BG_DARK=1 LXC_VIM_BG_DARK=1
@@ -112,7 +114,7 @@ MATRIX_ELEMENT_FQDN="element.zmb.rocks"
############### Nextcloud-Section ############### ############### Nextcloud-Section ###############
# Define the FQDN of your Matrix server # Define the FQDN of your Nextcloud server
NEXTCLOUD_FQDN="nc1.zmb.rocks" NEXTCLOUD_FQDN="nc1.zmb.rocks"
# The initial admin-user which will be configured # The initial admin-user which will be configured

36
install.sh
View File

@@ -53,6 +53,27 @@ shift $((OPTIND-1))
echo "Loading config file '$config'..." echo "Loading config file '$config'..."
source $config source $config
# Check config Settings
echo "Check Setting 'Timezone'"
if [[ $LXC_TIMEZONE != $(timedatectl list-timezones | grep $LXC_TIMEZONE) ]]; then
echo "Unknown LXC_TIMEZONE setting (list available Timezones 'timedatectl list-timezones')"; exit 0
fi
echo "Check Setting 'Template Storage'"
pvstorage=$(pvesh get storage --noborder --noheader);
if [[ $LXC_TEMPLATE_STORAGE != $(echo "$pvstorage" | grep $LXC_TEMPLATE_STORAGE$) ]]; then
echo "Unknown LXC_TEMPLATE_STORAGE, please check your storage name"; exit 0
fi
echo "Check Setting 'Rootfs Storage'"
if [[ $LXC_ROOTFS_STORAGE != $(echo "$pvstorage" | grep $LXC_ROOTFS_STORAGE$) ]]; then
echo "Unknown LXC_ROOTFS_STORAGE, please check your storage name"; exit 0
fi
echo "Check Setting 'Sharefs Storage'"
if [[ $LXC_SHAREFS_STORAGE != $(echo "$pvstorage" | grep $LXC_SHAREFS_STORAGE$) ]]; then
echo "Unknown LXC_SHAREFS_STORAGE, please check your storage name"; exit 0
fi
echo -e "Settings \e[0;92mOK\e[0m"
OPTS=$(ls -d $PWD/src/*/ | grep -v __ | xargs basename -a) OPTS=$(ls -d $PWD/src/*/ | grep -v __ | xargs basename -a)
valid=0 valid=0
@@ -90,9 +111,11 @@ if [[ "$valid" != "1" ]]; then
usage 1 usage 1
fi fi
source $config
source $PWD/src/$service/constants-service.conf source $PWD/src/$service/constants-service.conf
LXC_HOSTNAME="${LXC_HOSTNAME/-/}"
# CHeck is the newest template available, else download it. # Check is the newest template available, else download it.
DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2) DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2)
DEB_REP=$(pveam available --section system | grep debian-10-standard | cut -d'_' -f2) DEB_REP=$(pveam available --section system | grep debian-10-standard | cut -d'_' -f2)
@@ -126,7 +149,10 @@ sleep 2;
# Check vlan configuration # Check vlan configuration
if [[ $LXC_VLAN != "" ]];then VLAN=",tag=$LXC_VLAN"; else VLAN=""; fi if [[ $LXC_VLAN != "" ]];then VLAN=",tag=$LXC_VLAN"; else VLAN=""; fi
# Reconfigure conatiner # Reconfigure conatiner
pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME -onboot 1 -timezone $LXC_TIMEZONE -features nesting=$LXC_NESTING; PVE_VER=$(pveversion | grep 'pve-manager' | cut -d'/' -f2 | sed 's/[^0-9]//g')
pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME -onboot 1 -features nesting=$LXC_NESTING;
# timezone switch added in Version 6.3
if [ $PVE_VER -ge 630 ];then pct set $LXC_NBR -timezone $LXC_TIMEZONE;fi
if [ $LXC_DHCP == true ]; then if [ $LXC_DHCP == true ]; then
pct set $LXC_NBR -net0 name=eth0,bridge=$LXC_BRIDGE,ip=dhcp,type=veth$VLAN; pct set $LXC_NBR -net0 name=eth0,bridge=$LXC_BRIDGE,ip=dhcp,type=veth$VLAN;
else else
@@ -159,8 +185,14 @@ lxc-attach -n$LXC_NBR bash /root/lxc-base.sh
echo "Install '$service'!" echo "Install '$service'!"
lxc-attach -n$LXC_NBR bash /root/install-service.sh lxc-attach -n$LXC_NBR bash /root/install-service.sh
summary=$(pct exec $LXC_NBR -- bash -c '[ -f /root/summary ] && cat /root/summary')
if [[ $summary != "" ]];then pct set $LXC_NBR --description="$(echo -e "$summary")"; fi
if [[ $service == "zmb-ad" ]]; then if [[ $service == "zmb-ad" ]]; then
pct stop $LXC_NBR pct stop $LXC_NBR
pct set $LXC_NBR \-nameserver $(echo $LXC_IP | cut -d'/' -f 1) pct set $LXC_NBR \-nameserver $(echo $LXC_IP | cut -d'/' -f 1)
pct start $LXC_NBR pct start $LXC_NBR
fi fi
# timezone switch added in Version 6.3
if [ $PVE_VER -lt 630 ]; then echo "echo "$LXC_TIMEZONE" > /etc/timezone" | pct enter $LXC_NBR; fi

2
src/matrix/constants-service.conf
View File

@@ -17,4 +17,4 @@ LXC_UNPRIVILEGED="1"
LXC_NESTING="0" LXC_NESTING="0"
# Define the version of Element Web # Define the version of Element Web
MATRIX_ELEMENT_VERSION="v1.7.25" MATRIX_ELEMENT_VERSION="v1.7.34"

5
src/nextcloud/install-service.sh
View File

@@ -410,7 +410,10 @@ bash /$LXC_SHAREFS_MOUNTPOINT/$NEXTCLOUD_DATA/config_nextcloud.sh
EOF EOF
echo "*/5 * * * * www-data /usr/bin/php -f /var/www/nextcloud/cron.php > /dev/null 2>&1" > /etc/cron.d/nextcloud echo "*/5 * * * * www-data /usr/bin/php -f /var/www/nextcloud/cron.php > /dev/null 2>&1" > /etc/cron.d/nextcloud
echo -e "\n######################################################################\n\n Please note this user and password for the nextcloud login:\n '$NEXTCLOUD_ADMIN_USR' / '$NEXTCLOUD_ADMIN_PWD'\n Enjoy your Nextcloud intallation.\n\n######################################################################" echo "\n\n"
echo "######################################################################\n\n Please note this user and password for the nextcloud login:\n '$NEXTCLOUD_ADMIN_USR' / '$NEXTCLOUD_ADMIN_PWD'\n Enjoy your Nextcloud intallation.\n\n######################################################################" > /root/summary
echo -e "$(cat /root/summary)"
systemctl stop nginx php$NEXTCLOUD_PHP_VERSION-fpm systemctl stop nginx php$NEXTCLOUD_PHP_VERSION-fpm
systemctl restart postgresql php$NEXTCLOUD_PHP_VERSION-fpm redis-server nginx systemctl restart postgresql php$NEXTCLOUD_PHP_VERSION-fpm redis-server nginx

5
src/open3a/install-service.sh
View File

@@ -52,4 +52,7 @@ chmod +x /etc/cron.daily/open3a-backup
systemctl enable --now php7.3-fpm systemctl enable --now php7.3-fpm
systemctl restart nginx systemctl restart nginx
echo -e "Your open3a installation is now complete. Please continue with setup in your Browser:\nURL:\t\thttp://$LXC_IP\nLogin:\t\tAdmin\nPassword:\tAdmin\n\nMysql-Settings:\nServer:\t\tlocalhost\nUser:\t\topen3a\nPassword:\t$MYSQL_PASSWORD\nDatabase:\topen3a" echo "Your open3a installation is now complete. Please continue with setup in your Browser:\nURL:\t\thttp://$LXC_IP\nLogin:\t\tAdmin\nPassword:\tAdmin\n\nMysql-Settings:\nServer:\t\tlocalhost\nUser:\t\topen3a\nPassword:\t$MYSQL_PASSWORD\nDatabase:\topen3a" > /root/summary
echo -e "$(cat /root/summary)"
exit 0

214
zamba.conf.md
View File

@@ -1,214 +0,0 @@
# `zamba.conf` options reference
This is the reference of all config options you can set in `zamba.conf`
<br>
## Linux Container Section
In this section all settings relevant for the LXC container.
<br>
### LXC_TEMPLATE_STORAGE
Defines the Proxmox storage where your LXC container template are stored (default: local)
```bash
LXC_TEMPLATE_STORAGE="local"
```
### LXC_ROOTFS_SIZE
Defines the size in GB of the LXC container's root filesystem (default: 32)
```bash
LXC_ROOTFS_SIZE="32"
```
Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`.
### LXC_ROOTFS_STORAGE
Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs)
```bash
LXC_ROOTFS_STORAGE="local-zfs"
```
### LXC_SHAREFS_SIZE
Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100)
```bash
LXC_SHAREFS_SIZE="100"
```
### LXC_SHAREFS_STORAGE
Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs)
```bash
LXC_SHAREFS_STORAGE="local-zfs"
```
### LXC_SHAREFS_MOUNTPOINT
Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
```bash
LXC_SHAREFS_MOUNTPOINT="tank"
```
### LXC_MEM
Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
```bash
LXC_MEM="1024"
```
### LXC_SWAP
Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024)
```bash
LXC_SWAP="1024"
```
### LXC_HOSTNAME
Defines the hostname of your LXC container
```bash
LXC_SWAP="zamba"
```
### LXC_DOMAIN
Defines the domain name / search domain of your LXC container
```bash
LXC_DOMAIN="zmb.rocks"
```
### LXC_DHCP
Enable DHCP on LAN (eth0) - (Obtain an IP address automatically) [true/false]
```bash
LXC_DHCP=false
```
### LXC_IP
Defines the local IP address and subnet of your LXC container in CIDR format
```bash
LXC_IP="10.10.80.20/24"
```
### LXC_GW
Defines the default gateway IP address of your LXC container
```bash
LXC_GW="10.10.80.254"
```
### LXC_DNS
Defines the DNS server ip address of your LXC container
```bash
LXC_DNS="10.10.80.254"
```
`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
### LXC_BRIDGE
Defines the network bridge to bind the network adapter of your LXC container
```bash
LXC_BRIDGE="vmbr0"
```
### LXC_VLAN
Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty.
```bash
LXC_VLAN="80"
```
### LXC_PWD
Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour.
```bash
LXC_PWD="S3cr3tp@ssw0rd"
```
### LXC_AUTHORIZED_KEY
Defines an authorized_keys file to push into the LXC container.
By default the authorized_keys will be inherited from your proxmox host.
```bash
LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys"
```
### LXC_TOOLSET
Define your (administrative) tools, you always want to have installed into your LXC container
```bash
LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https"
```
### LXC_TIMEZONE
Define the local timezone of your LXC container (default: Euroe/Berlin)
```bash
LXC_TIMEZONE="Europe/Berlin"
```
### LXC_LOCALE
Define system language on LXC container (locales)
```bash
LXC_LOCALE="de_DE.utf8"
```
This parameter is not used yet, but will be integrated in future releases.
<br>
## Zamba Server Section
This section configures the Zamba server (AD DC, AD member and standalone)
<br>
### ZMB_REALM
Defines the REALM for the Active Directory (AD DC, AD member)
```bash
ZMB_REALM="ZMB.ROCKS"
```
### ZMB_DOMAIN
Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
```bash
ZMB_DOMAIN="ZMB"
```
### ZMB_DNS_BACKEND
Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND9_DLZ` for more advanced usage
```bash
ZMB_DNS_BACKEND="SAMBA_INTERNAL"
```
### ZMB_ADMIN_USER
Defines the name of your domain administrator account (AD DC, AD member, standalone)
```bash
ZMB_ADMIN_USER="Administrator"
```
### ZMB_ADMIN_PASS
Defines the domain administrator's password (AD DC, AD member).
```bash
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
```
Please use 'single quotation marks' to avoid unexpected behaviour.
`zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail.
### ZMB_SHARE
Defines the name of your Zamba share
```bash
ZMB_SHARE="share"
```
<br>
## Mailpiler section
This section configures the mailpiler email archive
<br>
### PILER_FQDN
Defines the (public) FQDN of your piler mail archive
```bash
PILER_FQDN="piler.zmb.rocks"
```
### PILER_SMARTHOST
Defines the smarthost for piler mail archive
```bash
PILER_SMARTHOST="10.10.80.20"
```
### PILER_VERSION
Defines the version number of piler mail archive to install
```bash
PILER_VERSION="1.3.10"
```
### PILER_SPHINX_VERSION
Defines the version of sphinx to install
```bash
PILER_SPHINX_VERSION="3.3.1"
```
### PILER_PHP_VERSION
Defines the php version to install
```bash
PILER_PHP_VERSION="7.4"
```
<br>
## Matrix section
This section configures the matrix chat server
<br>
### MATRIX_FQDN
Define the FQDN of your Matrix server
```bash
MATRIX_FQDN="matrix.zmb.rocks"
```
### MATRIX_ELEMENT_FQDN
Define the FQDN for the Element Web virtual host
```bash
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
```
### MATRIX_ELEMENT_VERSION
Define the version of Element Web
```bash
MATRIX_ELEMENT_VERSION="v1.7.24"
```
### MATRIX_JITSI_FQDN
Define the FQDN for the Jitsi Meet virtual host
```bash
MATRIX_JITSI_FQDN="meet.zmb.rocks"
```