From 2b917c02e8ea0181e47762be994e2bf05e844f9c Mon Sep 17 00:00:00 2001 From: Thorsten Spille Date: Sat, 17 Apr 2021 10:13:49 +0200 Subject: [PATCH 1/9] Reworked install.sh, implemented #6 --- install.sh | 107 +++++++++++++++++++++++++++++------------------------ zamba.conf | 4 -- 2 files changed, 59 insertions(+), 52 deletions(-) diff --git a/install.sh b/install.sh index 58e2f33..dcf7026 100644 --- a/install.sh +++ b/install.sh @@ -19,6 +19,59 @@ # Load configuration file source ./zamba.conf +LXC_MP="0" +LXC_UNPRIVILEGED="1" +LXC_NESTING="0" + +select opt in just_lxc zmb-standalone zmb-member zmb-ad mailpiler matrix quit; do + case $opt in + deb-unpriv) + echo "Debian-only LXC container unprivileged mode selected" + break + ;; + deb-priv) + echo "Debian-only LXC container privileged mode selected" + LXC_UNPRIVILEGED="0" + break + ;; + zmb-standalone) + echo "Configuring LXC container '$opt'!" + LXC_MP="1" + LXC_UNPRIVILEGED="0" + break + ;; + zmb-member) + echo "Configuring LXC container '$opt'!" + LXC_MP="1" + LXC_UNPRIVILEGED="0" + break + ;; + zmb-ad) + echo "Selected Zamba AD DC" + LXC_NESTING="1" + LXC_UNPRIVILEGED="0" + break + ;; + mailpiler) + echo "Configuring LXC container for '$opt'!" + LXC_NESTING="1" + break + ;; + matrix) + echo "Install Matrix chat server and element web service" + break + ;; + quit) + echo "Script aborted by user interaction." + exit 0 + ;; + *) + echo "Invalid option! Exiting..." + exit 1 + ;; + esac +done + # CHeck is the newest template available, else download it. DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2) DEB_REP=$(pveam available --section system | grep debian-10-standard | cut -d'_' -f2) @@ -53,58 +106,16 @@ else VLAN="" fi # Reconfigure conatiner -pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone Europe/Berlin -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN; +pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone Europe/Berlin -features nesting=$LXC_NESTING -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN; +sleep 2 + +if [ $LXC_MP -gt 0 ]; then + pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT +fi sleep 2; PS3="Select the Server-Function: " -select opt in just_lxc zmb-standalone zmb-member zmb-ad mailpiler matrix quit; do - case $opt in - just_lxc) - echo "Debian-only LXC container selected" - break - ;; - zmb-standalone) - echo "Configuring LXC container '$opt'!" - pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT - sleep 2; - break - ;; - zmb-member) - echo "Configuring LXC container '$opt'!" - pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT - sleep 2; - break - ;; - zmb-ad) - echo "Selected Zamba AD DC" - # Enable nesting for ntp service - pct set $LXC_NBR -features nesting=1 - sleep 2 - break - ;; - mailpiler) - echo "Configuring LXC container for '$opt'!" - pct set $LXC_NBR -features nesting=1 - sleep 2; - break - ;; - matrix) - echo "Install Matrix chat server and element web service" - break - ;; - quit) - echo "Script aborted by user interaction." - exit 0 - ;; - *) - echo "Invalid option! Exiting..." - exit 1 - ;; - esac -done - - pct start $LXC_NBR; sleep 5; # Set the root password and key diff --git a/zamba.conf b/zamba.conf index 894b599..3e3db00 100644 --- a/zamba.conf +++ b/zamba.conf @@ -23,10 +23,6 @@ LXC_SHAREFS_SIZE="100" LXC_SHAREFS_STORAGE="local-zfs" LXC_SHAREFS_MOUNTPOINT="tank" -# Define whether the container will be created in unprivileged (1) or privileged (0) mode -# For 'zmb_standalone', 'zmb_pdc', 'zmb_member' and 'mailpiler' the container needs to be created with 'unprivileged=0' -LXC_UNPRIVILEGED="0" - # Size of the RAM assigned to the container LXC_MEM="1024" From 582444e57ba90717b356345e4050410fa59efdbf Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Sat, 17 Apr 2021 15:33:59 +0200 Subject: [PATCH 2/9] Improved doc, removed just-lxc, added (un)priv ct --- README.md | 7 +-- just_lxc.sh => debian-priv.sh | 0 debian-unpriv.sh | 18 ++++++++ install.sh | 12 ++--- zamba.conf | 84 ++++++++++++++++++++--------------- zamba.conf.md | 40 +++++++---------- 6 files changed, 93 insertions(+), 68 deletions(-) rename just_lxc.sh => debian-priv.sh (100%) create mode 100644 debian-unpriv.sh diff --git a/README.md b/README.md index a99f683..3ed2b97 100644 --- a/README.md +++ b/README.md @@ -7,12 +7,13 @@ The package also provides LXC container installers for `mailpiler`, `matrix-syna ### Requirements Proxmox VE Server with at least one configured ZFS Pool. ### Included services: -- `just-lxc` => Debian LXC Container only -- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported -- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support - `zmb-standalone` => ZMB (Samba) standalone server with ZFS volume snapshot support (previous versions) +- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported +- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support (previous versions) - `mailpiler` => mailpiler mail archive [mailpiler.org](https://www.mailpiler.org/) - `matrix` => Matrix Synapse Homeserver [matrix.org](https://matrix.org/docs/projects/server/synapse) with Element Web [Element on github](https://github.com/vector-im/element-web) +- `debian-unpriv` => Debian unprivileged container with basic toolset +- `debian-unpriv` => Debian privileged container with basic toolset ## Usage Just ssh into your Proxmox machine and clone this git repository. Make sure you have installed `git`. ```bash diff --git a/just_lxc.sh b/debian-priv.sh similarity index 100% rename from just_lxc.sh rename to debian-priv.sh diff --git a/debian-unpriv.sh b/debian-unpriv.sh new file mode 100644 index 0000000..881a310 --- /dev/null +++ b/debian-unpriv.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +# Authors: +# (C) 2021 Idea an concept by Christian Zengel +# (C) 2021 Script design and prototype by Markus Helmke +# (C) 2021 Script rework and documentation by Thorsten Spille + +dpkg-reconfigure locales + +source /root/zamba.conf + +# Set Timezone +ln -sf /usr/share/zoneinfo/$LXC_TIMEZONE /etc/localtime + +apt update +DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade +DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" $LXC_TOOLSET +sed -i "s|\"syntax on|syntax on|g" /etc/vim/vimrc diff --git a/install.sh b/install.sh index dcf7026..fabcdee 100644 --- a/install.sh +++ b/install.sh @@ -17,19 +17,19 @@ ############### ZAMBA INSTALL SCRIPT ############### # Load configuration file -source ./zamba.conf +source $PWD/zamba.conf LXC_MP="0" LXC_UNPRIVILEGED="1" LXC_NESTING="0" -select opt in just_lxc zmb-standalone zmb-member zmb-ad mailpiler matrix quit; do +select opt in zmb-standalone zmb-ad zmb-member mailpiler matrix debian-unpriv debian-priv quit; do case $opt in - deb-unpriv) + debian-unpriv) echo "Debian-only LXC container unprivileged mode selected" break ;; - deb-priv) + debian-priv) echo "Debian-only LXC container privileged mode selected" LXC_UNPRIVILEGED="0" break @@ -120,8 +120,8 @@ pct start $LXC_NBR; sleep 5; # Set the root password and key echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd; -lxc-attach -n$LXC_NBR mkdir /root/.ssh; -echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys; +lxc-attach -n$LXC_NBR mkdir -p /root/.ssh; +pct push $LXC_AUTHORIZED_KEY /root/.ssh/authorized_keys pct push $LXC_NBR ./sources.list /etc/apt/sources.list pct push $LXC_NBR ./zamba.conf /root/zamba.conf pct push $LXC_NBR ./$opt.sh /root/$opt.sh diff --git a/zamba.conf b/zamba.conf index 3e3db00..a089c57 100644 --- a/zamba.conf +++ b/zamba.conf @@ -11,96 +11,110 @@ ############### Linux Container Section ############### -# The storage, where your container tmeplates are located (in most cases: local) +# Defines the Proxmox storage where your LXC container template are stored (default: local) LXC_TEMPLATE_STORAGE="local" -# Define the size and storage location of the container's root filesystem +# Defines the size in GB of the LXC container's root filesystem (default: 32) +# Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`. LXC_ROOTFS_SIZE="32" +# Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs) LXC_ROOTFS_STORAGE="local-zfs" -# Define the size, storage location and mountpoint of the container's shared filesystem (required for 'zmb_standalone' and 'zmb_member') +# Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100) LXC_SHAREFS_SIZE="100" +# Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs) LXC_SHAREFS_STORAGE="local-zfs" +# Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank) LXC_SHAREFS_MOUNTPOINT="tank" -# Size of the RAM assigned to the container +# Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024) LXC_MEM="1024" -# Size of the SWAP assigned to the container +# Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024) LXC_SWAP="1024" -# The hostname (eg. zamba1 or mailpiler1) +# Defines the hostname of your LXC container LXC_HOSTNAME="zamba" -# The domain suffix (the domain name / search domain of th container, results to the FQDN 'LXC_HOTNAME.LXC_DOMAIN') +# Defines the domain name / search domain of your LXC container LXC_DOMAIN="zmb.rocks" -# IP-address and subnet -LXC_IP="10.10.80.20/24" +# Defines the local IP address and subnet of your LXC container in CIDR format +LXC_IP="192.168.100.200/24" -# Gateway -LXC_GW="10.10.80.10" +# Defines the default gateway IP address of your LXC container +LXC_GW="192.168.100.254" -# DNS-server (should be your AD DC) -LXC_DNS="10.10.80.10" +# Defines the DNS server ip address of your LXC container +# `zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS +# For other services this should be your active directory domain controller (if present, else a DNS server of your choice) +LXC_DNS="192.168.100.254" -# Networkbridge for this container +# Defines the network bridge to bind the network adapter of your LXC container LXC_BRIDGE="vmbr0" -# Optional VLAN number for this container -LXC_VLAN="" +# Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty. +LXC_VLAN= -# root password - take care to delete from this file. Please use 'single quatation marks' to avoid unexpected behaviour. +# Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour. LXC_PWD='S3cr3tp@ssw0rd' -# SSH-Key to add to authorized_keys -LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx" +# Defines an authorized_keys file to push into the LXC container. +# By default the authorized_keys will be inherited from your proxmox host. +LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys" -# Define some optional packages to install (your favourite tools on linux systems) -LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git" +# Define your (administrative) tools, you always want to have installed into your LXC container +LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https" -# Define system timezone on LXC container +# Define the local timezone of your LXC container (default: Euroe/Berlin) LXC_TIMEZONE="Europe/Berlin" # Define system language on LXC container (locales) +# This parameter is not used yet, but will be integrated in future releases. LXC_LOCALE="de_DE.utf8" ############### Zamba-Server-Section ############### -# Domain Entries to samba/smb.conf. Will be also uses for samba domain-provisioning when zmb-pdc will choosen. +# Defines the REALM for the Active Directory (AD DC, AD member) ZMB_REALM="ZMB.ROCKS" +# Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone) ZMB_DOMAIN="ZMB" -# Select the Zamba AD DNS backend, supported are SAMBA_INTERNAL or BIND9_DLZ +# Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND9_DLZ` for more advanced usage ZMB_DNS_BACKEND="SAMBA_INTERNAL" -# The Domain-Admin and password for zamba installation -ZMB_ADMIN_USER="Administrator" -# The Domain admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour. -ZMB_ADMIN_PASS='MYPASSWORD' +# Defines the name of your domain administrator account (AD DC, AD member, standalone) +ZMB_ADMIN_USER="administrator" +# The admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour +# `zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail +ZMB_ADMIN_PASS='1c@nd0@nyth1n9' -# Name of the Zamba Share +# Defines the name of your Zamba share ZMB_SHARE="share" ############### Mailpiler-Section ############### -# The FQDN vor the Hostname. This must be exactly the same like the LXC_HOSTNAME / LXC_DOMAIN at section above. +# Defines the (public) FQDN of your piler mail archive PILER_FQDN="piler.zmb.rocks" -PILER_SMARTHOST="10.10.80.20" +# Defines the smarthost for piler mail archive +PILER_SMARTHOST="your.mailserver.tld" +# Defines the version number of piler mail archive to install PILER_VERSION="1.3.10" +# Defines the version of sphinx to install PILER_SPHINX_VERSION="3.3.1" +# Defines the php version to install PILER_PHP_VERSION="7.4" ############### Matrix-Section ############### -# The FQDN vor the Hostname. This should be the same like the LXC_HOSTNAME / LXC_DOMAIN at section above. +# Define the FQDN of your Matrix server MATRIX_FQDN="matrix.zmb.rocks" -# Virtual host to run the Element Web messenger +# Define the FQDN for the Element Web virtual host MATRIX_ELEMENT_FQDN="element.zmb.rocks" -# Element Web version +# Define the version of Element Web MATRIX_ELEMENT_VERSION="v1.7.24" -# Virtuel host to run the Jitsi Meet +# Define the FQDN for the Jitsi Meet virtual host MATRIX_JITSI_FQDN="meet.zmb.rocks" diff --git a/zamba.conf.md b/zamba.conf.md index c3b471a..1dfdd40 100644 --- a/zamba.conf.md +++ b/zamba.conf.md @@ -37,13 +37,6 @@ Defines the mountpoint of the filesystem shared by Zamba inside your LXC contain ```bash LXC_SHAREFS_MOUNTPOINT="tank" ``` -### LXC_UNPRIVILEGED -Defines if the LXC container will be created in `unpprivileged` or `privileged` mode (default: 1) -```bash -LXC_UNPRIVILEGED="1" -``` -Privileged also means the container runs as `root` user. Set this option only, if it's required for the service. -`Zamba AD DC`, `Zamba AD member`, `Zamba standalone` and `mailpiler` are required to run in privileged mode. ### LXC_MEM Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024) ```bash @@ -60,7 +53,7 @@ Defines the hostname of your LXC container LXC_SWAP="zamba" ``` ### LXC_DOMAIN -Defines the domain name /search domain of your LXC container +Defines the domain name / search domain of your LXC container ```bash LXC_DOMAIN="zmb.rocks" ``` @@ -75,12 +68,14 @@ Defines the default gateway IP address of your LXC container LXC_GW="10.10.80.254" ``` ### LXC_DNS -Defines the DNS server ip addres of your LXC container +Defines the DNS server ip address of your LXC container ```bash LXC_DNS="10.10.80.254" ``` +`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS +For other services this should be your active directory domain controller (if present, else a DNS server of your choice) ### LXC_BRIDGE -Defines the network bridge to bind the network adapter of your LXC container to +Defines the network bridge to bind the network adapter of your LXC container ```bash LXC_BRIDGE="vmbr0" ``` @@ -90,19 +85,20 @@ Defines the vlan id of the LXC container's network interface, if the network ada LXC_VLAN="80" ``` ### LXC_PWD -Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour. +Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour. ```bash LXC_PWD="S3cr3tp@ssw0rd" ``` ### LXC_AUTHORIZED_KEY -If you have a SSH key to add to the LXC container's `root` account authorized_keys, you can paste it here. +Defines an authorized_keys file to push into the LXC container. +By default the authorized_keys will be inherited from your proxmox host. ```bash -LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx" +LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys" ``` ### LXC_TOOLSET -Define your (administrative) tools, you always want to have instlled into yout LXC container +Define your (administrative) tools, you always want to have installed into your LXC container ```bash -LXC_TOOLSET="net-tools dnsutils mc sysstat lsb-release curl git" +LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https" ``` ### LXC_TIMEZONE Define the local timezone of your LXC container (default: Euroe/Berlin) @@ -110,7 +106,7 @@ Define the local timezone of your LXC container (default: Euroe/Berlin) LXC_TIMEZONE="Europe/Berlin" ``` ### LXC_LOCALE -Define system language on LXC container +Define system language on LXC container (locales) ```bash LXC_LOCALE="de_DE.utf8" ``` @@ -137,21 +133,17 @@ Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND ZMB_DNS_BACKEND="SAMBA_INTERNAL" ``` ### ZMB_ADMIN_USER -Defines the name of your domain administrator account (AD DC, AD member) +Defines the name of your domain administrator account (AD DC, AD member, standalone) ```bash ZMB_ADMIN_USER="Administrator" ``` ### ZMB_ADMIN_PASS -Defines the domain administrator's password (AD DC, AD member). Please use 'single quatation marks' to avoid unexpected behaviour. +Defines the domain administrator's password (AD DC, AD member). ```bash ZMB_ADMIN_PASS='1c@nd0@nyth1n9' ``` -### ZMB_DOMAIN_ADMINS_GROUP -Defines the domain admins group of your active directory. -```bash -ZMB_DOMAIN_ADMINS_GROUP="domain admins" -``` -On Windows Servers this group depends on the configured OS language. +Please use 'single quotation marks' to avoid unexpected behaviour. +`zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail. ### ZMB_SHARE Defines the name of your Zamba share ```bash From 3e4edaabccf5b57e792f6173dea8f0b1227addf8 Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Tue, 20 Apr 2021 01:33:23 +0200 Subject: [PATCH 3/9] Createg .gitignore --- .gitignore | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 .gitignore diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..6b2a1e2 --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*__pycache__* +.vscode/* \ No newline at end of file From 50f88fb1e01758dee7903caff33783f44e1352d6 Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Tue, 20 Apr 2021 23:25:26 +0200 Subject: [PATCH 4/9] Added CHANGELOG.md --- CHANGELOG.md | 7 +++++++ 1 file changed, 7 insertions(+) create mode 100644 CHANGELOG.md diff --git a/CHANGELOG.md b/CHANGELOG.md new file mode 100644 index 0000000..c58bb9a --- /dev/null +++ b/CHANGELOG.md @@ -0,0 +1,7 @@ +**** Version 0.1 **** +- `locales` are now configured noninteractive #21 +- timezone is now configured with `pct set` command in `install.sh` #22 +- changed command sequence in `install.sh` - select container first, then start the installation +- improved / updated documentation +- replaced `just-lxc` container by `debian-priv` and `debian-unpriv` container +- (un)privileged now defined as constant based on created service #6 \ No newline at end of file From 8a0ad63111ff651147ace15d8029a2c42bdc6243 Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Tue, 20 Apr 2021 23:26:12 +0200 Subject: [PATCH 5/9] Fixed `install.sh` --- install.sh | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/install.sh b/install.sh index c528bb1..35b2f2e 100644 --- a/install.sh +++ b/install.sh @@ -119,11 +119,17 @@ PS3="Select the Server-Function: " pct start $LXC_NBR; sleep 5; # Set the root password and key +echo "Setting root password" echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd; -lxc-attach -n$LXC_NBR mkdir -p /root/.ssh; -pct push $LXC_AUTHORIZED_KEY /root/.ssh/authorized_keys +echo "Creating /root/.ssh" +lxc-attach -n$LXC_NBR mkdir /root/.ssh; +echo "Copying authorized_keys" +pct push $LXC_NBR $LXC_AUTHORIZED_KEY /root/.ssh/authorized_keys +echo "Copying sources.list" pct push $LXC_NBR ./sources.list /etc/apt/sources.list +echo "Copying zamba.conf" pct push $LXC_NBR ./zamba.conf /root/zamba.conf +echo "Copying install script" pct push $LXC_NBR ./$opt.sh /root/$opt.sh echo "Install '$opt'!" lxc-attach -n$LXC_NBR bash /root/$opt.sh From d542770a16599e0c4e27eb07bacc816510b78f52 Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Tue, 20 Apr 2021 23:28:11 +0200 Subject: [PATCH 6/9] improved log messages --- CHANGELOG.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index c58bb9a..8b31309 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,4 +4,5 @@ - changed command sequence in `install.sh` - select container first, then start the installation - improved / updated documentation - replaced `just-lxc` container by `debian-priv` and `debian-unpriv` container -- (un)privileged now defined as constant based on created service #6 \ No newline at end of file +- (un)privileged now defined as constant based on created service #6 +- improved log messages in `install.sh` \ No newline at end of file From 17bfa30b448a4989dc439a893d417a71c7976e3b Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Wed, 21 Apr 2021 00:32:44 +0200 Subject: [PATCH 7/9] Updated changelog --- CHANGELOG.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8b31309..d423b7a 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,8 +1,12 @@ -**** Version 0.1 **** +**** Zamba LXC Toolbox v0.1 **** - `locales` are now configured noninteractive #21 - timezone is now configured with `pct set` command in `install.sh` #22 - changed command sequence in `install.sh` - select container first, then start the installation - improved / updated documentation - replaced `just-lxc` container by `debian-priv` and `debian-unpriv` container - (un)privileged now defined as constant based on created service #6 -- improved log messages in `install.sh` \ No newline at end of file +- improved log messages in `install.sh` +- `mailpiler`: website is now also `default_host`, removed nginx default site, dns entry is still required +- changed `mailpiler` version to 1.3.11 +- changed `element-web` version to 1.7.25 +- `LXC_AUTHORIZED_KEY` variable now defines an `authorized_keys` file, by default the configuration of you proxmox host will be inherited (`~/.ssh/authorized_keys`) \ No newline at end of file From 0ca77ba86de41a511e7073f19ab0f0a8ec02e926 Mon Sep 17 00:00:00 2001 From: thorstenspille Date: Wed, 21 Apr 2021 00:33:18 +0200 Subject: [PATCH 8/9] mailpiler - reworked webserver config --- mailpiler.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/mailpiler.sh b/mailpiler.sh index ca58533..9b65461 100644 --- a/mailpiler.sh +++ b/mailpiler.sh @@ -94,7 +94,7 @@ cd /etc/nginx/sites-available cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/ ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf -sed -i "s|PILER_HOST|$PILER_FQDN|g" /etc/nginx/sites-available/piler-nginx.conf +sed -i "s|PILER_HOST|$PILER_FQDN default_host|g" /etc/nginx/sites-available/piler-nginx.conf sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf sed -i "/server_name.*/a \\ @@ -114,10 +114,10 @@ sed -i "/server_name.*/a \\ sed -i "/^server {.*/i\ server {\n\ listen 80;\n\ - server_name $PILER_FQDN;\n\ + server_name $PILER_FQDN default_host;\n\ server_tokens off;\n\ # HTTP to HTTPS redirect.\n\ - return 301 https://$PILER_FQDN;\n\ + return 301 https://\$host\$request_uri;\n\ }" /etc/nginx/sites-available/piler-nginx.conf cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak @@ -137,7 +137,7 @@ cat >> /usr/local/etc/piler/config-site.php <> /usr/local/etc/piler/config-site.php < Date: Wed, 21 Apr 2021 00:33:53 +0200 Subject: [PATCH 9/9] Changed ssh-keys, mailpiler and element version --- zamba.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/zamba.conf b/zamba.conf index 6f9e8c4..59816c5 100644 --- a/zamba.conf +++ b/zamba.conf @@ -61,7 +61,7 @@ LXC_PWD='S3cr3tp@ssw0rd' # Defines an authorized_keys file to push into the LXC container. # By default the authorized_keys will be inherited from your proxmox host. -LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys" +LXC_AUTHORIZED_KEY=~/.ssh/authorized_keys # Define your (administrative) tools, you always want to have installed into your LXC container LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https" @@ -98,7 +98,7 @@ PILER_FQDN="piler.zmb.rocks" # Defines the smarthost for piler mail archive PILER_SMARTHOST="your.mailserver.tld" # Defines the version number of piler mail archive to install -PILER_VERSION="1.3.10" +PILER_VERSION="1.3.11" # Defines the version of sphinx to install PILER_SPHINX_VERSION="3.3.1" # Defines the php version to install @@ -113,7 +113,7 @@ MATRIX_FQDN="matrix.zmb.rocks" MATRIX_ELEMENT_FQDN="element.zmb.rocks" # Define the version of Element Web -MATRIX_ELEMENT_VERSION="v1.7.24" +MATRIX_ELEMENT_VERSION="v1.7.25" # Define the FQDN for the Jitsi Meet virtual host MATRIX_JITSI_FQDN="meet.zmb.rocks"