Merge pull request #20 from bashclub/devel

Reworked install.sh, implemented #6, updated doc, created .gitignore
Preparing first release
This commit is contained in:
Thorsten Spille 2021-04-21 00:42:07 +02:00 committed by GitHub
commit 87f40367b5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
9 changed files with 175 additions and 124 deletions

2
.gitignore vendored Normal file
View File

@ -0,0 +1,2 @@
*__pycache__*
.vscode/*

12
CHANGELOG.md Normal file
View File

@ -0,0 +1,12 @@
**** Zamba LXC Toolbox v0.1 ****
- `locales` are now configured noninteractive #21
- timezone is now configured with `pct set` command in `install.sh` #22
- changed command sequence in `install.sh` - select container first, then start the installation
- improved / updated documentation
- replaced `just-lxc` container by `debian-priv` and `debian-unpriv` container
- (un)privileged now defined as constant based on created service #6
- improved log messages in `install.sh`
- `mailpiler`: website is now also `default_host`, removed nginx default site, dns entry is still required
- changed `mailpiler` version to 1.3.11
- changed `element-web` version to 1.7.25
- `LXC_AUTHORIZED_KEY` variable now defines an `authorized_keys` file, by default the configuration of you proxmox host will be inherited (`~/.ssh/authorized_keys`)

View File

@ -7,12 +7,13 @@ The package also provides LXC container installers for `mailpiler`, `matrix-syna
### Requirements ### Requirements
Proxmox VE Server with at least one configured ZFS Pool. Proxmox VE Server with at least one configured ZFS Pool.
### Included services: ### Included services:
- `just-lxc` => Debian LXC Container only
- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported
- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support
- `zmb-standalone` => ZMB (Samba) standalone server with ZFS volume snapshot support (previous versions) - `zmb-standalone` => ZMB (Samba) standalone server with ZFS volume snapshot support (previous versions)
- `zmb-ad` => ZMB (Samba) Active Directory Domain Controller, DNS Backends `SAMBA_INTERNAL` and `BIND9_DLZ` are supported
- `zmb-member` => ZMB (Samba) AD member with ZFS volume snapshot support (previous versions)
- `mailpiler` => mailpiler mail archive [mailpiler.org](https://www.mailpiler.org/) - `mailpiler` => mailpiler mail archive [mailpiler.org](https://www.mailpiler.org/)
- `matrix` => Matrix Synapse Homeserver [matrix.org](https://matrix.org/docs/projects/server/synapse) with Element Web [Element on github](https://github.com/vector-im/element-web) - `matrix` => Matrix Synapse Homeserver [matrix.org](https://matrix.org/docs/projects/server/synapse) with Element Web [Element on github](https://github.com/vector-im/element-web)
- `debian-unpriv` => Debian unprivileged container with basic toolset
- `debian-unpriv` => Debian privileged container with basic toolset
## Usage ## Usage
Just ssh into your Proxmox machine and clone this git repository. Make sure you have installed `git`. Just ssh into your Proxmox machine and clone this git repository. Make sure you have installed `git`.
```bash ```bash

18
debian-unpriv.sh Normal file
View File

@ -0,0 +1,18 @@
#!/bin/bash
# Authors:
# (C) 2021 Idea an concept by Christian Zengel <christian@sysops.de>
# (C) 2021 Script design and prototype by Markus Helmke <m.helmke@nettwarker.de>
# (C) 2021 Script rework and documentation by Thorsten Spille <thorsten@spille-edv.de>
dpkg-reconfigure locales
source /root/zamba.conf
# Set Timezone
ln -sf /usr/share/zoneinfo/$LXC_TIMEZONE /etc/localtime
apt update
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt -y -qq dist-upgrade
DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical apt install -y -o DPkg::options::="--force-confdef" -o DPkg::options::="--force-confold" $LXC_TOOLSET
sed -i "s|\"syntax on|syntax on|g" /etc/vim/vimrc

View File

@ -17,7 +17,60 @@
############### ZAMBA INSTALL SCRIPT ############### ############### ZAMBA INSTALL SCRIPT ###############
# Load configuration file # Load configuration file
source ./zamba.conf source $PWD/zamba.conf
LXC_MP="0"
LXC_UNPRIVILEGED="1"
LXC_NESTING="0"
select opt in zmb-standalone zmb-ad zmb-member mailpiler matrix debian-unpriv debian-priv quit; do
case $opt in
debian-unpriv)
echo "Debian-only LXC container unprivileged mode selected"
break
;;
debian-priv)
echo "Debian-only LXC container privileged mode selected"
LXC_UNPRIVILEGED="0"
break
;;
zmb-standalone)
echo "Configuring LXC container '$opt'!"
LXC_MP="1"
LXC_UNPRIVILEGED="0"
break
;;
zmb-member)
echo "Configuring LXC container '$opt'!"
LXC_MP="1"
LXC_UNPRIVILEGED="0"
break
;;
zmb-ad)
echo "Selected Zamba AD DC"
LXC_NESTING="1"
LXC_UNPRIVILEGED="0"
break
;;
mailpiler)
echo "Configuring LXC container for '$opt'!"
LXC_NESTING="1"
break
;;
matrix)
echo "Install Matrix chat server and element web service"
break
;;
quit)
echo "Script aborted by user interaction."
exit 0
;;
*)
echo "Invalid option! Exiting..."
exit 1
;;
esac
done
# CHeck is the newest template available, else download it. # CHeck is the newest template available, else download it.
DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2) DEB_LOC=$(pveam list $LXC_TEMPLATE_STORAGE | grep debian-10-standard | cut -d'_' -f2)
@ -53,66 +106,30 @@ else
VLAN="" VLAN=""
fi fi
# Reconfigure conatiner # Reconfigure conatiner
pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone $LXC_TIMEZONE -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN; pct set $LXC_NBR -memory $LXC_MEM -swap $LXC_SWAP -hostname $LXC_HOSTNAME \-nameserver $LXC_DNS -searchdomain $LXC_DOMAIN -onboot 1 -timezone $LXC_TIMEZONE -features nesting=$LXC_NESTING -net0 name=eth0,bridge=$LXC_BRIDGE,firewall=1,gw=$LXC_GW,ip=$LXC_IP,type=veth$VLAN;
sleep 2
if [ $LXC_MP -gt 0 ]; then
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
fi
sleep 2; sleep 2;
PS3="Select the Server-Function: " PS3="Select the Server-Function: "
select opt in just_lxc zmb-standalone zmb-member zmb-ad mailpiler matrix quit; do
case $opt in
just_lxc)
echo "Debian-only LXC container selected"
break
;;
zmb-standalone)
echo "Configuring LXC container '$opt'!"
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
sleep 2;
break
;;
zmb-member)
echo "Configuring LXC container '$opt'!"
pct set $LXC_NBR -mp0 $LXC_SHAREFS_STORAGE:$LXC_SHAREFS_SIZE,mp=/$LXC_SHAREFS_MOUNTPOINT
sleep 2;
break
;;
zmb-ad)
echo "Selected Zamba AD DC"
# Enable nesting for ntp service
pct set $LXC_NBR -features nesting=1
sleep 2
break
;;
mailpiler)
echo "Configuring LXC container for '$opt'!"
pct set $LXC_NBR -features nesting=1
sleep 2;
break
;;
matrix)
echo "Install Matrix chat server and element web service"
break
;;
quit)
echo "Script aborted by user interaction."
exit 0
;;
*)
echo "Invalid option! Exiting..."
exit 1
;;
esac
done
pct start $LXC_NBR; pct start $LXC_NBR;
sleep 5; sleep 5;
# Set the root password and key # Set the root password and key
echo "Setting root password"
echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd; echo -e "$LXC_PWD\n$LXC_PWD" | lxc-attach -n$LXC_NBR passwd;
echo "Creating /root/.ssh"
lxc-attach -n$LXC_NBR mkdir /root/.ssh; lxc-attach -n$LXC_NBR mkdir /root/.ssh;
echo -e "$LXC_AUTHORIZED_KEY" | lxc-attach -n$LXC_NBR tee /root/.ssh/authorized_keys; echo "Copying authorized_keys"
pct push $LXC_NBR $LXC_AUTHORIZED_KEY /root/.ssh/authorized_keys
echo "Copying sources.list"
pct push $LXC_NBR ./sources.list /etc/apt/sources.list pct push $LXC_NBR ./sources.list /etc/apt/sources.list
echo "Copying zamba.conf"
pct push $LXC_NBR ./zamba.conf /root/zamba.conf pct push $LXC_NBR ./zamba.conf /root/zamba.conf
echo "Copying install script"
pct push $LXC_NBR ./$opt.sh /root/$opt.sh pct push $LXC_NBR ./$opt.sh /root/$opt.sh
echo "Install '$opt'!" echo "Install '$opt'!"
lxc-attach -n$LXC_NBR bash /root/$opt.sh lxc-attach -n$LXC_NBR bash /root/$opt.sh

View File

@ -94,7 +94,7 @@ cd /etc/nginx/sites-available
cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/ cp /tmp/piler-$PILER_VERSION/contrib/webserver/piler-nginx.conf /etc/nginx/sites-available/
ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf ln -s /etc/nginx/sites-available/piler-nginx.conf /etc/nginx/sites-enabled/piler-nginx.conf
sed -i "s|PILER_HOST|$PILER_FQDN|g" /etc/nginx/sites-available/piler-nginx.conf sed -i "s|PILER_HOST|$PILER_FQDN default_host|g" /etc/nginx/sites-available/piler-nginx.conf
sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf sed -i "s|/var/run/php/php7.4-fpm.sock|/var/run/php/php$PILER_PHP_VERSION-fpm.sock|g" /etc/nginx/sites-available/piler-nginx.conf
sed -i "/server_name.*/a \\ sed -i "/server_name.*/a \\
@ -114,10 +114,10 @@ sed -i "/server_name.*/a \\
sed -i "/^server {.*/i\ sed -i "/^server {.*/i\
server {\n\ server {\n\
listen 80;\n\ listen 80;\n\
server_name $PILER_FQDN;\n\ server_name $PILER_FQDN default_host;\n\
server_tokens off;\n\ server_tokens off;\n\
# HTTP to HTTPS redirect.\n\ # HTTP to HTTPS redirect.\n\
return 301 https://$PILER_FQDN;\n\ return 301 https://\$host\$request_uri;\n\
}" /etc/nginx/sites-available/piler-nginx.conf }" /etc/nginx/sites-available/piler-nginx.conf
cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak cp /usr/local/etc/piler/config-site.php /usr/local/etc/piler/config-site.php.bak
@ -137,7 +137,7 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
\$config['ENABLE_ON_THE_FLY_VERIFICATION'] = 1; \$config['ENABLE_ON_THE_FLY_VERIFICATION'] = 1;
// general settings. // general settings.
\$config['TIMEZONE'] = 'Europe/Berlin'; \$config['TIMEZONE'] = '$LXC_TIMEZONE';
// authentication // authentication
// Enable authentication against an imap server // Enable authentication against an imap server
@ -179,9 +179,9 @@ cat >> /usr/local/etc/piler/config-site.php <<EOF
\$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $PILER_SPHINX_VERSION, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331. \$config['SPHINX_STRICT_SCHEMA'] = 1; // required for Sphinx $PILER_SPHINX_VERSION, see https://bitbucket.org/jsuto/piler/issues/1085/sphinx-331.
EOF EOF
rm /etc/nginx/sites-enabled/default
nginx -t && systemctl restart nginx nginx -t && systemctl restart nginx
apt autoremove -y apt autoremove -y
apt clean -y apt clean -y

View File

@ -11,59 +11,62 @@
############### Linux Container Section ############### ############### Linux Container Section ###############
# The storage, where your container tmeplates are located (in most cases: local) # Defines the Proxmox storage where your LXC container template are stored (default: local)
LXC_TEMPLATE_STORAGE="local" LXC_TEMPLATE_STORAGE="local"
# Define the size and storage location of the container's root filesystem # Defines the size in GB of the LXC container's root filesystem (default: 32)
# Depending on your environment, you should consider increasing the size for use of `mailpiler` or `matrix`.
LXC_ROOTFS_SIZE="32" LXC_ROOTFS_SIZE="32"
# Defines the Proxmox storage where your LXC container's root filesystem will be generated (default: local-zfs)
LXC_ROOTFS_STORAGE="local-zfs" LXC_ROOTFS_STORAGE="local-zfs"
# Define the size, storage location and mountpoint of the container's shared filesystem (required for 'zmb_standalone' and 'zmb_member') # Defines the size in GB your LXC container's filesystem shared by Zamba (AD member & standalone) (default: 100)
LXC_SHAREFS_SIZE="100" LXC_SHAREFS_SIZE="100"
# Defines the Proxmox storage where your LXC container's filesystem shared by Zamba will be generated (default: local-zfs)
LXC_SHAREFS_STORAGE="local-zfs" LXC_SHAREFS_STORAGE="local-zfs"
# Defines the mountpoint of the filesystem shared by Zamba inside your LXC container (default: tank)
LXC_SHAREFS_MOUNTPOINT="tank" LXC_SHAREFS_MOUNTPOINT="tank"
# Define whether the container will be created in unprivileged (1) or privileged (0) mode # Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
# For 'zmb_standalone', 'zmb_pdc', 'zmb_member' and 'mailpiler' the container needs to be created with 'unprivileged=0'
LXC_UNPRIVILEGED="0"
# Size of the RAM assigned to the container
LXC_MEM="1024" LXC_MEM="1024"
# Size of the SWAP assigned to the container # Defines the amount of swap space in MB your LXC container is allowed to use (default: 1024)
LXC_SWAP="1024" LXC_SWAP="1024"
# The hostname (eg. zamba1 or mailpiler1) # Defines the hostname of your LXC container
LXC_HOSTNAME="zamba" LXC_HOSTNAME="zamba"
# The domain suffix (the domain name / search domain of th container, results to the FQDN 'LXC_HOTNAME.LXC_DOMAIN') # Defines the domain name / search domain of your LXC container
LXC_DOMAIN="zmb.rocks" LXC_DOMAIN="zmb.rocks"
# IP-address and subnet # Defines the local IP address and subnet of your LXC container in CIDR format
LXC_IP="10.10.80.20/24" LXC_IP="192.168.100.200/24"
# Gateway # Defines the default gateway IP address of your LXC container
LXC_GW="10.10.80.10" LXC_GW="192.168.100.254"
# DNS-server (should be your AD DC) # Defines the DNS server ip address of your LXC container
LXC_DNS="10.10.80.10" # `zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
# For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
LXC_DNS="192.168.100.254"
# Networkbridge for this container # Defines the network bridge to bind the network adapter of your LXC container
LXC_BRIDGE="vmbr0" LXC_BRIDGE="vmbr0"
# Optional VLAN number for this container # Defines the vlan id of the LXC container's network interface, if the network adapter should be connected untagged, just leave the value empty.
LXC_VLAN="" LXC_VLAN=
# root password - take care to delete from this file. Please use 'single quatation marks' to avoid unexpected behaviour. # Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour.
LXC_PWD='S3cr3tp@ssw0rd' LXC_PWD='S3cr3tp@ssw0rd'
# SSH-Key to add to authorized_keys # Defines an authorized_keys file to push into the LXC container.
LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx" # By default the authorized_keys will be inherited from your proxmox host.
LXC_AUTHORIZED_KEY=~/.ssh/authorized_keys
# Define some optional packages to install (your favourite tools on linux systems) # Define your (administrative) tools, you always want to have installed into your LXC container
LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git" LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https"
# Define system timezone on LXC container # Define the local timezone of your LXC container (default: Euroe/Berlin)
LXC_TIMEZONE="Europe/Berlin" LXC_TIMEZONE="Europe/Berlin"
# Define system language on LXC container (locales) # Define system language on LXC container (locales)
@ -71,40 +74,46 @@ LXC_LOCALE=de_DE.UTF-8
############### Zamba-Server-Section ############### ############### Zamba-Server-Section ###############
# Domain Entries to samba/smb.conf. Will be also uses for samba domain-provisioning when zmb-pdc will choosen. # Defines the REALM for the Active Directory (AD DC, AD member)
ZMB_REALM="ZMB.ROCKS" ZMB_REALM="ZMB.ROCKS"
# Defines the domain name in your Active Directory or Workgroup (AD DC, AD member, standalone)
ZMB_DOMAIN="ZMB" ZMB_DOMAIN="ZMB"
# Select the Zamba AD DNS backend, supported are SAMBA_INTERNAL or BIND9_DLZ # Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND9_DLZ` for more advanced usage
ZMB_DNS_BACKEND="SAMBA_INTERNAL" ZMB_DNS_BACKEND="SAMBA_INTERNAL"
# The Domain-Admin and password for zamba installation # Defines the name of your domain administrator account (AD DC, AD member, standalone)
ZMB_ADMIN_USER="Administrator" ZMB_ADMIN_USER="administrator"
# The Domain admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour. # The admin password for zamba installation. Please use 'single quatation marks' to avoid unexpected behaviour
ZMB_ADMIN_PASS='MYPASSWORD' # `zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail
ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
# Name of the Zamba Share # Defines the name of your Zamba share
ZMB_SHARE="share" ZMB_SHARE="share"
############### Mailpiler-Section ############### ############### Mailpiler-Section ###############
# The FQDN vor the Hostname. This must be exactly the same like the LXC_HOSTNAME / LXC_DOMAIN at section above. # Defines the (public) FQDN of your piler mail archive
PILER_FQDN="piler.zmb.rocks" PILER_FQDN="piler.zmb.rocks"
PILER_SMARTHOST="10.10.80.20" # Defines the smarthost for piler mail archive
PILER_VERSION="1.3.10" PILER_SMARTHOST="your.mailserver.tld"
# Defines the version number of piler mail archive to install
PILER_VERSION="1.3.11"
# Defines the version of sphinx to install
PILER_SPHINX_VERSION="3.3.1" PILER_SPHINX_VERSION="3.3.1"
# Defines the php version to install
PILER_PHP_VERSION="7.4" PILER_PHP_VERSION="7.4"
############### Matrix-Section ############### ############### Matrix-Section ###############
# The FQDN vor the Hostname. This should be the same like the LXC_HOSTNAME / LXC_DOMAIN at section above. # Define the FQDN of your Matrix server
MATRIX_FQDN="matrix.zmb.rocks" MATRIX_FQDN="matrix.zmb.rocks"
# Virtual host to run the Element Web messenger # Define the FQDN for the Element Web virtual host
MATRIX_ELEMENT_FQDN="element.zmb.rocks" MATRIX_ELEMENT_FQDN="element.zmb.rocks"
# Element Web version # Define the version of Element Web
MATRIX_ELEMENT_VERSION="v1.7.24" MATRIX_ELEMENT_VERSION="v1.7.25"
# Virtuel host to run the Jitsi Meet # Define the FQDN for the Jitsi Meet virtual host
MATRIX_JITSI_FQDN="meet.zmb.rocks" MATRIX_JITSI_FQDN="meet.zmb.rocks"

View File

@ -37,13 +37,6 @@ Defines the mountpoint of the filesystem shared by Zamba inside your LXC contain
```bash ```bash
LXC_SHAREFS_MOUNTPOINT="tank" LXC_SHAREFS_MOUNTPOINT="tank"
``` ```
### LXC_UNPRIVILEGED
Defines if the LXC container will be created in `unpprivileged` or `privileged` mode (default: 1)
```bash
LXC_UNPRIVILEGED="1"
```
Privileged also means the container runs as `root` user. Set this option only, if it's required for the service.
`Zamba AD DC`, `Zamba AD member`, `Zamba standalone` and `mailpiler` are required to run in privileged mode.
### LXC_MEM ### LXC_MEM
Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024) Defines the amount of RAM in MB your LXC container is allowed to use (default: 1024)
```bash ```bash
@ -60,7 +53,7 @@ Defines the hostname of your LXC container
LXC_SWAP="zamba" LXC_SWAP="zamba"
``` ```
### LXC_DOMAIN ### LXC_DOMAIN
Defines the domain name /search domain of your LXC container Defines the domain name / search domain of your LXC container
```bash ```bash
LXC_DOMAIN="zmb.rocks" LXC_DOMAIN="zmb.rocks"
``` ```
@ -75,12 +68,14 @@ Defines the default gateway IP address of your LXC container
LXC_GW="10.10.80.254" LXC_GW="10.10.80.254"
``` ```
### LXC_DNS ### LXC_DNS
Defines the DNS server ip addres of your LXC container Defines the DNS server ip address of your LXC container
```bash ```bash
LXC_DNS="10.10.80.254" LXC_DNS="10.10.80.254"
``` ```
`zmb-ad` used this DNS server for installation, after installation and domain provisioning it will be used as forwarding DNS
For other services this should be your active directory domain controller (if present, else a DNS server of your choice)
### LXC_BRIDGE ### LXC_BRIDGE
Defines the network bridge to bind the network adapter of your LXC container to Defines the network bridge to bind the network adapter of your LXC container
```bash ```bash
LXC_BRIDGE="vmbr0" LXC_BRIDGE="vmbr0"
``` ```
@ -90,19 +85,20 @@ Defines the vlan id of the LXC container's network interface, if the network ada
LXC_VLAN="80" LXC_VLAN="80"
``` ```
### LXC_PWD ### LXC_PWD
Defines the `root` password of your LXC container. Please use 'single quatation marks' to avoid unexpected behaviour. Defines the `root` password of your LXC container. Please use 'single quotation marks' to avoid unexpected behaviour.
```bash ```bash
LXC_PWD="S3cr3tp@ssw0rd" LXC_PWD="S3cr3tp@ssw0rd"
``` ```
### LXC_AUTHORIZED_KEY ### LXC_AUTHORIZED_KEY
If you have a SSH key to add to the LXC container's `root` account authorized_keys, you can paste it here. Defines an authorized_keys file to push into the LXC container.
By default the authorized_keys will be inherited from your proxmox host.
```bash ```bash
LXC_AUTHORIZED_KEY="ssh-rsa xxxxxxxx" LXC_AUTHORIZED_KEY="/root/.ssh/authorized_keys"
``` ```
### LXC_TOOLSET ### LXC_TOOLSET
Define your (administrative) tools, you always want to have instlled into yout LXC container Define your (administrative) tools, you always want to have installed into your LXC container
```bash ```bash
LXC_TOOLSET="net-tools dnsutils mc sysstat lsb-release curl git" LXC_TOOLSET="vim htop net-tools dnsutils mc sysstat lsb-release curl git gnupg2 apt-transport-https"
``` ```
### LXC_TIMEZONE ### LXC_TIMEZONE
Define the local timezone of your LXC container (default: Euroe/Berlin) Define the local timezone of your LXC container (default: Euroe/Berlin)
@ -110,7 +106,7 @@ Define the local timezone of your LXC container (default: Euroe/Berlin)
LXC_TIMEZONE="Europe/Berlin" LXC_TIMEZONE="Europe/Berlin"
``` ```
### LXC_LOCALE ### LXC_LOCALE
Define system language on LXC container Define system language on LXC container (locales)
```bash ```bash
LXC_LOCALE="de_DE.utf8" LXC_LOCALE="de_DE.utf8"
``` ```
@ -137,21 +133,17 @@ Defines the desired DNS server backend, supported are `SAMBA_INTERNAL` and `BIND
ZMB_DNS_BACKEND="SAMBA_INTERNAL" ZMB_DNS_BACKEND="SAMBA_INTERNAL"
``` ```
### ZMB_ADMIN_USER ### ZMB_ADMIN_USER
Defines the name of your domain administrator account (AD DC, AD member) Defines the name of your domain administrator account (AD DC, AD member, standalone)
```bash ```bash
ZMB_ADMIN_USER="Administrator" ZMB_ADMIN_USER="Administrator"
``` ```
### ZMB_ADMIN_PASS ### ZMB_ADMIN_PASS
Defines the domain administrator's password (AD DC, AD member). Please use 'single quatation marks' to avoid unexpected behaviour. Defines the domain administrator's password (AD DC, AD member).
```bash ```bash
ZMB_ADMIN_PASS='1c@nd0@nyth1n9' ZMB_ADMIN_PASS='1c@nd0@nyth1n9'
``` ```
### ZMB_DOMAIN_ADMINS_GROUP Please use 'single quotation marks' to avoid unexpected behaviour.
Defines the domain admins group of your active directory. `zmb-ad` domain administrator has to meet the password complexity policy, if password is too weak, domain provisioning will fail.
```bash
ZMB_DOMAIN_ADMINS_GROUP="domain admins"
```
On Windows Servers this group depends on the configured OS language.
### ZMB_SHARE ### ZMB_SHARE
Defines the name of your Zamba share Defines the name of your Zamba share
```bash ```bash