forked from bashclub/zamba-lxc-toolbox
Merge pull request #20 from bashclub/devel
Reworked install.sh, implemented #6, updated doc, created .gitignore Preparing first release
This commit is contained in:
commit
87f40367b5
2
.gitignore
vendored
Normal file
2
.gitignore
vendored
Normal file
@ -0,0 +1,2 @@
|
|||||||
|
*__pycache__*
|
||||||
|
.vscode/*
|
12
CHANGELOG.md
Normal file
12
CHANGELOG.md
Normal file
@ -0,0 +1,12 @@
|
|||||||
|
**** Zamba LXC Toolbox v0.1 ****
|
||||||
|
- `locales` are now configured noninteractive #21
|
||||||
|
- timezone is now configured with `pct set` command in `install.sh` #22
|
||||||
|
- changed command sequence in `install.sh` - select container first, then start the installation
|
||||||
|
- improved / updated documentation
|
||||||
|
- replaced `just-lxc` container by `debian-priv` and `debian-unpriv` container
|
||||||
|
- (un)privileged now defined as constant based on created service #6
|
||||||
|
- improved log messages in `install.sh`
|
||||||
|
- `mailpiler`: website is now also `default_host`, removed nginx default site, dns entry is still required
|
||||||
|
- changed `mailpiler` version to 1.3.11
|
||||||
|
- changed `element-web` version to 1.7.25
|
||||||
|
- `LXC_AUTHORIZED_KEY` variable now defines an `authorized_keys` file, by default the configuration of you proxmox host will be inherited (`~/.ssh/authorized_keys`)
|
@ -7,12 +7,13 @@ The package also provides LXC container installers for `mailpiler`, `matrix-syna
|
|||||||
### Requirements
|
### Requirements
|
||||||
Proxmox VE Server with at least one configured ZFS Pool.
|
Proxmox VE Server with at least one configured ZFS Pool.
|
||||||
### Included services:
|
### Included services:
|
||||||
- `just-lxc` => Debian LXC Container only
|
|
||||||
- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported
|
|
||||||
- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support
|
|
||||||
- `zmb-standalone` => ZMB (Samba) standalone server with ZFS volume snapshot support (previous versions)
|
- `zmb-standalone` => ZMB (Samba) standalone server with ZFS volume snapshot support (previous versions)
|
||||||
|
- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported
|
||||||
|
- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support (previous versions)
|
||||||
- `mailpiler` => mailpiler mail archive [mailpiler.org](https://www.mailpiler.org/)
|
- `mailpiler` => mailpiler mail archive [mailpiler.org](https://www.mailpiler.org/)
|
||||||
- `matrix` => Matrix Synapse Homeserver [matrix.org](https://matrix.org/docs/projects/server/synapse) with Element Web [Element on github](https://github.com/vector-im/element-web)
|
- `matrix` => Matrix Synapse Homeserver [matrix.org](https://matrix.org/docs/projects/server/synapse) with Element Web [Element on github](https://github.com/vector-im/element-web)
|
||||||
|
- `debian-unpriv` => Debian unprivileged container with basic toolset
|
||||||
|
- `debian-unpriv` => Debian privileged container with basic toolset
|
||||||
## Usage
|
## Usage
|
||||||
Just ssh into your Proxmox machine and clone this git repository. Make sure you have installed `git`.
|
Just ssh into your Proxmox machine and clone this git repository. Make sure you have installed `git`.
|
||||||
```bash
|
```bash
|
||||||
|
18
debian-unpriv.sh
Normal file
18
debian-unpriv.sh
Normal file
@ -0,0 +1,18 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
|
||||||
|
# Authors:
|
||||||
|
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
|
||||||
|
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
|
||||||
|
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
|
||||||
|
|
||||||
|
dpkg-reconfigure locales
|
||||||
|
|
||||||
|
source /root/zamba.conf
|
||||||
|
|
||||||
|
# Set Timezone
|
||||||
|
ln -sf /usr/share/zoneinfo/$LXC_TIMEZONE /etc/localtime
|
||||||
|
|
||||||
|
apt update
|
||||||
|
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
|
||||||
|
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" $LXC_TOOLSET
|
||||||
|
sed -i "s|\"syntax on|syntax on|g" /etc/vim/vimrc
|
117
install.sh
117
install.sh
@ -17,7 +17,60 @@
|
|||||||
############### ZAMBA INSTALL SCRIPT ###############
|
############### ZAMBA INSTALL SCRIPT ###############
|
||||||
|
|
||||||
# Load configuration file
|
# Load configuration file
|
||||||
source ./zamba.conf
|
source $PWD/zamba.conf
|
||||||
|
|
||||||
|
LXC_MP="0"
|
||||||
|
LXC_UNPRIVILEGED="1"
|
||||||
|
LXC_NESTING="0"
|
||||||
|
|
||||||
|
select opt in zmb-standalone zmb-ad zmb-member mailpiler matrix debian-unpriv debian-priv quit; do
|
||||||
|
case $opt in
|
||||||
|
debian-unpriv)
|
||||||
|
echo "Debian-only LXC container unprivileged mode selected"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
debian-priv)
|
||||||
|
echo "Debian-only LXC container privileged mode selected"
|
||||||
|
LXC_UNPRIVILEGED="0"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
zmb-standalone)
|
||||||
|
echo "Configuring LXC container '$opt'!"
|
||||||
|
LXC_MP="1"
|
||||||
|
LXC_UNPRIVILEGED="0"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
zmb-member)
|
||||||
|
echo "Configuring LXC container '$opt'!"
|
||||||
|
LXC_MP="1"
|
||||||
|
LXC_UNPRIVILEGED="0"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
zmb-ad)
|
||||||
|
echo "Selected Zamba AD DC"
|
||||||
|
LXC_NESTING="1"
|
||||||
|
LXC_UNPRIVILEGED="0"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
mailpiler)
|
||||||
|
echo "Configuring LXC container for '$opt'!"
|
||||||
|
LXC_NESTING="1"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
matrix)
|
||||||
|
echo "Install Matrix chat server and element web service"
|
||||||
|
break
|
||||||
|
;;
|
||||||
|
quit)
|
||||||
|
echo "Script aborted by user interaction."
|
||||||
|
exit 0
|
||||||
|
;;
|
||||||
|
*)
|
||||||
|
echo "Invalid option! Exiting..."
|
||||||
|
exit 1
|
||||||
|
;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
# CHeck is the newest template available, else download it.
|
# CHeck is the newest template available, else download it.
|
||||||
DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2)
|
DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2)
|
||||||
@ -53,66 +106,30 @@ else
|
|||||||
VLAN=""
|
VLAN=""
|
||||||
fi
|
fi
|
||||||
# Reconfigure conatiner
|
# Reconfigure conatiner
|
||||||
pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone $LXC_TIMEZONE -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN;
|
pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone $LXC_TIMEZONE -features nesting=$LXC_NESTING -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN;
|
||||||
|
sleep 2
|
||||||
|
|
||||||
|
if [ $LXC_MP -gt 0 ]; then
|
||||||
|
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
|
||||||
|
fi
|
||||||
sleep 2;
|
sleep 2;
|
||||||
|
|
||||||
PS3="Select the Server-Function: "
|
PS3="Select the Server-Function: "
|
||||||
|
|
||||||
select opt in just_lxc zmb-standalone zmb-member zmb-ad mailpiler matrix quit; do
|
|
||||||
case $opt in
|
|
||||||
just_lxc)
|
|
||||||
echo "Debian-only LXC container selected"
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
zmb-standalone)
|
|
||||||
echo "Configuring LXC container '$opt'!"
|
|
||||||
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
|
|
||||||
sleep 2;
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
zmb-member)
|
|
||||||
echo "Configuring LXC container '$opt'!"
|
|
||||||
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
|
|
||||||
sleep 2;
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
zmb-ad)
|
|
||||||
echo "Selected Zamba AD DC"
|
|
||||||
# Enable nesting for ntp service
|
|
||||||
pct set $LXC_NBR -features nesting=1
|
|
||||||
sleep 2
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
mailpiler)
|
|
||||||
echo "Configuring LXC container for '$opt'!"
|
|
||||||
pct set $LXC_NBR -features nesting=1
|
|
||||||
sleep 2;
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
matrix)
|
|
||||||
echo "Install Matrix chat server and element web service"
|
|
||||||
break
|
|
||||||
;;
|
|
||||||
quit)
|
|
||||||
echo "Script aborted by user interaction."
|
|
||||||
exit 0
|
|
||||||
;;
|
|
||||||
*)
|
|
||||||
echo "Invalid option! Exiting..."
|
|
||||||
exit 1
|
|
||||||
;;
|
|
||||||
esac
|
|
||||||
done
|
|
||||||
|
|
||||||
|
|
||||||
pct start $LXC_NBR;
|
pct start $LXC_NBR;
|
||||||
sleep 5;
|
sleep 5;
|
||||||
# Set the root password and key
|
# Set the root password and key
|
||||||
|
echo "Setting root password"
|
||||||
echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
|
echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
|
||||||
|
echo "Creating /root/.ssh"
|
||||||
lxc-attach -n$LXC_NBR mkdir /root/.ssh;
|
lxc-attach -n$LXC_NBR mkdir /root/.ssh;
|
||||||
echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys;
|
echo "Copying authorized_keys"
|
||||||
|
pct push $LXC_NBR $LXC_AUTHORIZED_KEY /root/.ssh/authorized_keys
|
||||||
|
echo "Copying sources.list"
|
||||||
pct push $LXC_NBR ./sources.list /etc/apt/sources.list
|
pct push $LXC_NBR ./sources.list /etc/apt/sources.list
|
||||||
|
echo "Copying zamba.conf"
|
||||||
pct push $LXC_NBR ./zamba.conf /root/zamba.conf
|
pct push $LXC_NBR ./zamba.conf /root/zamba.conf
|
||||||
|
echo "Copying install script"
|
||||||
pct push $LXC_NBR ./$opt.sh /root/$opt.sh
|
pct push $LXC_NBR ./$opt.sh /root/$opt.sh
|
||||||
echo "Install '$opt'!"
|
echo "Install '$opt'!"
|
||||||
lxc-attach -n$LXC_NBR bash /root/$opt.sh
|
lxc-attach -n$LXC_NBR bash /root/$opt.sh
|
||||||
|
12
mailpiler.sh
12
mailpiler.sh
@ -94,7 +94,7 @@ cd /etc/nginx/sites-available
|
|||||||
cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/
|
cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/
|
||||||
ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf
|
ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf
|
||||||
|
|
||||||
sed -i "s|PILER_HOST|$PILER_FQDN|g" /etc/nginx/sites-available/piler-nginx.conf
|
sed -i "s|PILER_HOST|$PILER_FQDN default_host|g" /etc/nginx/sites-available/piler-nginx.conf
|
||||||
sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf
|
sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf
|
||||||
|
|
||||||
sed -i "/server_name.*/a \\
|
sed -i "/server_name.*/a \\
|
||||||
@ -114,10 +114,10 @@ sed -i "/server_name.*/a \\
|
|||||||
sed -i "/^server {.*/i\
|
sed -i "/^server {.*/i\
|
||||||
server {\n\
|
server {\n\
|
||||||
listen 80;\n\
|
listen 80;\n\
|
||||||
server_name $PILER_FQDN;\n\
|
server_name $PILER_FQDN default_host;\n\
|
||||||
server_tokens off;\n\
|
server_tokens off;\n\
|
||||||
# HTTP to HTTPS redirect.\n\
|
# HTTP to HTTPS redirect.\n\
|
||||||
return 301 https://$PILER_FQDN;\n\
|
return 301 https://\$host\$request_uri;\n\
|
||||||
}" /etc/nginx/sites-available/piler-nginx.conf
|
}" /etc/nginx/sites-available/piler-nginx.conf
|
||||||
|
|
||||||
cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak
|
cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak
|
||||||
@ -137,7 +137,7 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
|
|||||||
\$config['ENABLE_ON_THE_FLY_VERIFICATION'] = 1;
|
\$config['ENABLE_ON_THE_FLY_VERIFICATION'] = 1;
|
||||||
|
|
||||||
// general settings.
|
// general settings.
|
||||||
\$config['TIMEZONE'] = 'Europe/Berlin';
|
\$config['TIMEZONE'] = '$LXC_TIMEZONE';
|
||||||
|
|
||||||
// authentication
|
// authentication
|
||||||
// Enable authentication against an imap server
|
// Enable authentication against an imap server
|
||||||
@ -179,9 +179,9 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
|
|||||||
\$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $PILER_SPHINX_VERSION, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331.
|
\$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $PILER_SPHINX_VERSION, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331.
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
rm /etc/nginx/sites-enabled/default
|
||||||
|
|
||||||
nginx -t && systemctl restart nginx
|
nginx -t && systemctl restart nginx
|
||||||
|
|
||||||
apt autoremove -y
|
apt autoremove -y
|
||||||
apt clean -y
|
apt clean -y
|
||||||
|
|
||||||
|
|
||||||
|
91
zamba.conf
91
zamba.conf
@ -11,59 +11,62 @@
|
|||||||
|
|
||||||
############### Linux Container Section ###############
|
############### Linux Container Section ###############
|
||||||
|
|
||||||
# The storage, where your container tmeplates are located (in most cases: local)
|
# Defines the Proxmox storage where your LXC container template are stored (default: local)
|
||||||
LXC_TEMPLATE_STORAGE="local"
|
LXC_TEMPLATE_STORAGE="local"
|
||||||
|
|
||||||
# Define the size and storage location of the container's root filesystem
|
# Defines the size in GB of the LXC container's root filesystem (default: 32)
|
||||||
|
# Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`.
|
||||||
LXC_ROOTFS_SIZE="32"
|
LXC_ROOTFS_SIZE="32"
|
||||||
|
# Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs)
|
||||||
LXC_ROOTFS_STORAGE="local-zfs"
|
LXC_ROOTFS_STORAGE="local-zfs"
|
||||||
|
|
||||||
# Define the size, storage location and mountpoint of the container's shared filesystem (required for 'zmb_standalone' and 'zmb_member')
|
# Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100)
|
||||||
LXC_SHAREFS_SIZE="100"
|
LXC_SHAREFS_SIZE="100"
|
||||||
|
# Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs)
|
||||||
LXC_SHAREFS_STORAGE="local-zfs"
|
LXC_SHAREFS_STORAGE="local-zfs"
|
||||||
|
# Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
|
||||||
LXC_SHAREFS_MOUNTPOINT="tank"
|
LXC_SHAREFS_MOUNTPOINT="tank"
|
||||||
|
|
||||||
# Define whether the container will be created in unprivileged (1) or privileged (0) mode
|
# Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
|
||||||
# For 'zmb_standalone', 'zmb_pdc', 'zmb_member' and 'mailpiler' the container needs to be created with 'unprivileged=0'
|
|
||||||
LXC_UNPRIVILEGED="0"
|
|
||||||
|
|
||||||
# Size of the RAM assigned to the container
|
|
||||||
LXC_MEM="1024"
|
LXC_MEM="1024"
|
||||||
|
|
||||||
# Size of the SWAP assigned to the container
|
# Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024)
|
||||||
LXC_SWAP="1024"
|
LXC_SWAP="1024"
|
||||||
|
|
||||||
# The hostname (eg. zamba1 or mailpiler1)
|
# Defines the hostname of your LXC container
|
||||||
LXC_HOSTNAME="zamba"
|
LXC_HOSTNAME="zamba"
|
||||||
|
|
||||||
# The domain suffix (the domain name / search domain of th container, results to the FQDN 'LXC_HOTNAME.LXC_DOMAIN')
|
# Defines the domain name / search domain of your LXC container
|
||||||
LXC_DOMAIN="zmb.rocks"
|
LXC_DOMAIN="zmb.rocks"
|
||||||
|
|
||||||
# IP-address and subnet
|
# Defines the local IP address and subnet of your LXC container in CIDR format
|
||||||
LXC_IP="10.10.80.20/24"
|
LXC_IP="192.168.100.200/24"
|
||||||
|
|
||||||
# Gateway
|
# Defines the default gateway IP address of your LXC container
|
||||||
LXC_GW="10.10.80.10"
|
LXC_GW="192.168.100.254"
|
||||||
|
|
||||||
# DNS-server (should be your AD DC)
|
# Defines the DNS server ip address of your LXC container
|
||||||
LXC_DNS="10.10.80.10"
|
# `zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
|
||||||
|
# For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
|
||||||
|
LXC_DNS="192.168.100.254"
|
||||||
|
|
||||||
# Networkbridge for this container
|
# Defines the network bridge to bind the network adapter of your LXC container
|
||||||
LXC_BRIDGE="vmbr0"
|
LXC_BRIDGE="vmbr0"
|
||||||
|
|
||||||
# Optional VLAN number for this container
|
# Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty.
|
||||||
LXC_VLAN=""
|
LXC_VLAN=
|
||||||
|
|
||||||
# root password - take care to delete from this file. Please use 'single quatation marks' to avoid unexpected behaviour.
|
# Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour.
|
||||||
LXC_PWD='S3cr3tp@ssw0rd'
|
LXC_PWD='S3cr3tp@ssw0rd'
|
||||||
|
|
||||||
# SSH-Key to add to authorized_keys
|
# Defines an authorized_keys file to push into the LXC container.
|
||||||
LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx"
|
# By default the authorized_keys will be inherited from your proxmox host.
|
||||||
|
LXC_AUTHORIZED_KEY=~/.ssh/authorized_keys
|
||||||
|
|
||||||
# Define some optional packages to install (your favourite tools on linux systems)
|
# Define your (administrative) tools, you always want to have installed into your LXC container
|
||||||
LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git"
|
LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https"
|
||||||
|
|
||||||
# Define system timezone on LXC container
|
# Define the local timezone of your LXC container (default: Euroe/Berlin)
|
||||||
LXC_TIMEZONE="Europe/Berlin"
|
LXC_TIMEZONE="Europe/Berlin"
|
||||||
|
|
||||||
# Define system language on LXC container (locales)
|
# Define system language on LXC container (locales)
|
||||||
@ -71,40 +74,46 @@ LXC_LOCALE=de_DE.UTF-8
|
|||||||
|
|
||||||
############### Zamba-Server-Section ###############
|
############### Zamba-Server-Section ###############
|
||||||
|
|
||||||
# Domain Entries to samba/smb.conf. Will be also uses for samba domain-provisioning when zmb-pdc will choosen.
|
# Defines the REALM for the Active Directory (AD DC, AD member)
|
||||||
ZMB_REALM="ZMB.ROCKS"
|
ZMB_REALM="ZMB.ROCKS"
|
||||||
|
# Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
|
||||||
ZMB_DOMAIN="ZMB"
|
ZMB_DOMAIN="ZMB"
|
||||||
|
|
||||||
# Select the Zamba AD DNS backend, supported are SAMBA_INTERNAL or BIND9_DLZ
|
# Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND9_DLZ` for more advanced usage
|
||||||
ZMB_DNS_BACKEND="SAMBA_INTERNAL"
|
ZMB_DNS_BACKEND="SAMBA_INTERNAL"
|
||||||
|
|
||||||
# The Domain-Admin and password for zamba installation
|
# Defines the name of your domain administrator account (AD DC, AD member, standalone)
|
||||||
ZMB_ADMIN_USER="Administrator"
|
ZMB_ADMIN_USER="administrator"
|
||||||
# The Domain admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour.
|
# The admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour
|
||||||
ZMB_ADMIN_PASS='MYPASSWORD'
|
# `zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail
|
||||||
|
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
|
||||||
|
|
||||||
# Name of the Zamba Share
|
# Defines the name of your Zamba share
|
||||||
ZMB_SHARE="share"
|
ZMB_SHARE="share"
|
||||||
|
|
||||||
############### Mailpiler-Section ###############
|
############### Mailpiler-Section ###############
|
||||||
|
|
||||||
# The FQDN vor the Hostname. This must be exactly the same like the LXC_HOSTNAME / LXC_DOMAIN at section above.
|
# Defines the (public) FQDN of your piler mail archive
|
||||||
PILER_FQDN="piler.zmb.rocks"
|
PILER_FQDN="piler.zmb.rocks"
|
||||||
PILER_SMARTHOST="10.10.80.20"
|
# Defines the smarthost for piler mail archive
|
||||||
PILER_VERSION="1.3.10"
|
PILER_SMARTHOST="your.mailserver.tld"
|
||||||
|
# Defines the version number of piler mail archive to install
|
||||||
|
PILER_VERSION="1.3.11"
|
||||||
|
# Defines the version of sphinx to install
|
||||||
PILER_SPHINX_VERSION="3.3.1"
|
PILER_SPHINX_VERSION="3.3.1"
|
||||||
|
# Defines the php version to install
|
||||||
PILER_PHP_VERSION="7.4"
|
PILER_PHP_VERSION="7.4"
|
||||||
|
|
||||||
############### Matrix-Section ###############
|
############### Matrix-Section ###############
|
||||||
|
|
||||||
# The FQDN vor the Hostname. This should be the same like the LXC_HOSTNAME / LXC_DOMAIN at section above.
|
# Define the FQDN of your Matrix server
|
||||||
MATRIX_FQDN="matrix.zmb.rocks"
|
MATRIX_FQDN="matrix.zmb.rocks"
|
||||||
|
|
||||||
# Virtual host to run the Element Web messenger
|
# Define the FQDN for the Element Web virtual host
|
||||||
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
|
MATRIX_ELEMENT_FQDN="element.zmb.rocks"
|
||||||
|
|
||||||
# Element Web version
|
# Define the version of Element Web
|
||||||
MATRIX_ELEMENT_VERSION="v1.7.24"
|
MATRIX_ELEMENT_VERSION="v1.7.25"
|
||||||
|
|
||||||
# Virtuel host to run the Jitsi Meet
|
# Define the FQDN for the Jitsi Meet virtual host
|
||||||
MATRIX_JITSI_FQDN="meet.zmb.rocks"
|
MATRIX_JITSI_FQDN="meet.zmb.rocks"
|
||||||
|
@ -37,13 +37,6 @@ Defines the mountpoint of the filesystem shared by Zamba inside your LXC contain
|
|||||||
```bash
|
```bash
|
||||||
LXC_SHAREFS_MOUNTPOINT="tank"
|
LXC_SHAREFS_MOUNTPOINT="tank"
|
||||||
```
|
```
|
||||||
### LXC_UNPRIVILEGED
|
|
||||||
Defines if the LXC container will be created in `unpprivileged` or `privileged` mode (default: 1)
|
|
||||||
```bash
|
|
||||||
LXC_UNPRIVILEGED="1"
|
|
||||||
```
|
|
||||||
Privileged also means the container runs as `root` user. Set this option only, if it's required for the service.
|
|
||||||
`Zamba AD DC`, `Zamba AD member`, `Zamba standalone` and `mailpiler` are required to run in privileged mode.
|
|
||||||
### LXC_MEM
|
### LXC_MEM
|
||||||
Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
|
Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
|
||||||
```bash
|
```bash
|
||||||
@ -75,12 +68,14 @@ Defines the default gateway IP address of your LXC container
|
|||||||
LXC_GW="10.10.80.254"
|
LXC_GW="10.10.80.254"
|
||||||
```
|
```
|
||||||
### LXC_DNS
|
### LXC_DNS
|
||||||
Defines the DNS server ip addres of your LXC container
|
Defines the DNS server ip address of your LXC container
|
||||||
```bash
|
```bash
|
||||||
LXC_DNS="10.10.80.254"
|
LXC_DNS="10.10.80.254"
|
||||||
```
|
```
|
||||||
|
`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
|
||||||
|
For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
|
||||||
### LXC_BRIDGE
|
### LXC_BRIDGE
|
||||||
Defines the network bridge to bind the network adapter of your LXC container to
|
Defines the network bridge to bind the network adapter of your LXC container
|
||||||
```bash
|
```bash
|
||||||
LXC_BRIDGE="vmbr0"
|
LXC_BRIDGE="vmbr0"
|
||||||
```
|
```
|
||||||
@ -90,19 +85,20 @@ Defines the vlan id of the LXC container's network interface, if the network ada
|
|||||||
LXC_VLAN="80"
|
LXC_VLAN="80"
|
||||||
```
|
```
|
||||||
### LXC_PWD
|
### LXC_PWD
|
||||||
Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour.
|
Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour.
|
||||||
```bash
|
```bash
|
||||||
LXC_PWD="S3cr3tp@ssw0rd"
|
LXC_PWD="S3cr3tp@ssw0rd"
|
||||||
```
|
```
|
||||||
### LXC_AUTHORIZED_KEY
|
### LXC_AUTHORIZED_KEY
|
||||||
If you have a SSH key to add to the LXC container's `root` account authorized_keys, you can paste it here.
|
Defines an authorized_keys file to push into the LXC container.
|
||||||
|
By default the authorized_keys will be inherited from your proxmox host.
|
||||||
```bash
|
```bash
|
||||||
LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx"
|
LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys"
|
||||||
```
|
```
|
||||||
### LXC_TOOLSET
|
### LXC_TOOLSET
|
||||||
Define your (administrative) tools, you always want to have instlled into yout LXC container
|
Define your (administrative) tools, you always want to have installed into your LXC container
|
||||||
```bash
|
```bash
|
||||||
LXC_TOOLSET="net-tools dnsutils mc sysstat lsb-release curl git"
|
LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https"
|
||||||
```
|
```
|
||||||
### LXC_TIMEZONE
|
### LXC_TIMEZONE
|
||||||
Define the local timezone of your LXC container (default: Euroe/Berlin)
|
Define the local timezone of your LXC container (default: Euroe/Berlin)
|
||||||
@ -110,7 +106,7 @@ Define the local timezone of your LXC container (default: Euroe/Berlin)
|
|||||||
LXC_TIMEZONE="Europe/Berlin"
|
LXC_TIMEZONE="Europe/Berlin"
|
||||||
```
|
```
|
||||||
### LXC_LOCALE
|
### LXC_LOCALE
|
||||||
Define system language on LXC container
|
Define system language on LXC container (locales)
|
||||||
```bash
|
```bash
|
||||||
LXC_LOCALE="de_DE.utf8"
|
LXC_LOCALE="de_DE.utf8"
|
||||||
```
|
```
|
||||||
@ -137,21 +133,17 @@ Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND
|
|||||||
ZMB_DNS_BACKEND="SAMBA_INTERNAL"
|
ZMB_DNS_BACKEND="SAMBA_INTERNAL"
|
||||||
```
|
```
|
||||||
### ZMB_ADMIN_USER
|
### ZMB_ADMIN_USER
|
||||||
Defines the name of your domain administrator account (AD DC, AD member)
|
Defines the name of your domain administrator account (AD DC, AD member, standalone)
|
||||||
```bash
|
```bash
|
||||||
ZMB_ADMIN_USER="Administrator"
|
ZMB_ADMIN_USER="Administrator"
|
||||||
```
|
```
|
||||||
### ZMB_ADMIN_PASS
|
### ZMB_ADMIN_PASS
|
||||||
Defines the domain administrator's password (AD DC, AD member). Please use 'single quatation marks' to avoid unexpected behaviour.
|
Defines the domain administrator's password (AD DC, AD member).
|
||||||
```bash
|
```bash
|
||||||
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
|
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
|
||||||
```
|
```
|
||||||
### ZMB_DOMAIN_ADMINS_GROUP
|
Please use 'single quotation marks' to avoid unexpected behaviour.
|
||||||
Defines the domain admins group of your active directory.
|
`zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail.
|
||||||
```bash
|
|
||||||
ZMB_DOMAIN_ADMINS_GROUP="domain admins"
|
|
||||||
```
|
|
||||||
On Windows Servers this group depends on the configured OS language.
|
|
||||||
### ZMB_SHARE
|
### ZMB_SHARE
|
||||||
Defines the name of your Zamba share
|
Defines the name of your Zamba share
|
||||||
```bash
|
```bash
|
||||||
|
Loading…
Reference in New Issue
Block a user