YunoHost/package_check
1
0
Fork 0
mirror of https://github.com/YunoHost/package_check.git synced 2024-09-03 20:06:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Étapes plus lisibles

Browse source
This commit is contained in:
Maniack Crudelis 2016-12-17 19:13:22 +01:00
parent 910440947f
commit 3d3ff735bc
3 changed files with 39 additions and 39 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
sub_scripts/lxc_build.sh
View file

@ -15,18 +15,18 @@ touch "$script_dir/../pcheck.lock" # Met en place le lock de Package check, le t
# Check user
echo $(whoami) > "$script_dir/setup_user"
echo "> Update et install lxc lxctl" | tee "$LOG_BUILD_LXC"
echo -e "\e[1m> Update et install lxc lxctl\e[0m" | tee "$LOG_BUILD_LXC"
sudo apt-get update >> "$LOG_BUILD_LXC" 2>&1
sudo apt-get install -y lxc lxctl >> "$LOG_BUILD_LXC" 2>&1
echo "> Création d'une machine debian jessie minimaliste" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Création d'une machine debian jessie minimaliste\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-create -n $LXC_NAME -t debian -- -r jessie >> "$LOG_BUILD_LXC" 2>&1
echo "> Autoriser l'ip forwarding, pour router vers la machine virtuelle." | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Autoriser l'ip forwarding, pour router vers la machine virtuelle.\e[0m" | tee -a "$LOG_BUILD_LXC"
echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1
sudo sysctl -p /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1
echo "> Ajoute un brige réseau pour la machine virtualisée" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Ajoute un brige réseau pour la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC"
echo | sudo tee /etc/network/interfaces.d/lxc-pchecker <<EOF >> "$LOG_BUILD_LXC" 2>&1
auto lxc-pchecker
iface lxc-pchecker inet static
@ -36,41 +36,41 @@ iface lxc-pchecker inet static
bridge_maxwait 0
EOF
echo "> Active le bridge réseau" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Active le bridge réseau\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker >> "$LOG_BUILD_LXC" 2>&1
echo "> Configuration réseau du conteneur" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Configuration réseau du conteneur\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo sed -i 's/^lxc.network.type = empty$/lxc.network.type = veth\nlxc.network.flags = up\nlxc.network.link = lxc-pchecker\nlxc.network.name = eth0\nlxc.network.veth.pair = $LXC_NAME\nlxc.network.hwaddr = 00:FF:AA:00:00:01/' /var/lib/lxc/$LXC_NAME/config >> "$LOG_BUILD_LXC" 2>&1
echo "> Configuration réseau de la machine virtualisée" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Configuration réseau de la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo sed -i "s@iface eth0 inet dhcp@iface eth0 inet static\n\taddress $PLAGE_IP.2/24\n\tgateway $PLAGE_IP.1@" /var/lib/lxc/$LXC_NAME/rootfs/etc/network/interfaces >> "$LOG_BUILD_LXC" 2>&1
echo "> Configure le parefeu" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Configure le parefeu\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo iptables -A FORWARD -i lxc-pchecker -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -A FORWARD -i eth0 -o lxc-pchecker -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1
echo "> Démarrage de la machine" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Démarrage de la machine\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-start -n $LXC_NAME -d >> "$LOG_BUILD_LXC" 2>&1
sleep 3
sudo lxc-ls -f >> "$LOG_BUILD_LXC" 2>&1
echo "> Update et install aptitude sudo git" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Update et install aptitude sudo git\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-attach -n $LXC_NAME -- apt-get update
sudo lxc-attach -n $LXC_NAME -- apt-get install -y aptitude sudo git
echo "> Installation des paquets standard et ssh-server" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Installation des paquets standard et ssh-server\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-attach -n $LXC_NAME -- aptitude install -y ~pstandard ~prequired ~pimportant task-ssh-server
echo "> Renseigne /etc/hosts sur l'invité" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Renseigne /etc/hosts sur l'invité\e[0m" | tee -a "$LOG_BUILD_LXC"
echo "127.0.0.1 $LXC_NAME" | sudo tee -a /var/lib/lxc/$LXC_NAME/rootfs/etc/hosts >> "$LOG_BUILD_LXC" 2>&1
echo "> Ajoute l'user pchecker" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Ajoute l'user pchecker\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-attach -n $LXC_NAME -- useradd -m -p pchecker pchecker >> "$LOG_BUILD_LXC" 2>&1
echo "> Autorise pchecker à utiliser sudo sans mot de passe" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Autorise pchecker à utiliser sudo sans mot de passe\e[0m" | tee -a "$LOG_BUILD_LXC"
echo "pchecker ALL=(ALL:ALL) NOPASSWD: ALL" | sudo tee -a /var/lib/lxc/$LXC_NAME/rootfs/etc/sudoers >> "$LOG_BUILD_LXC" 2>&1
echo "> Mise en place de la connexion ssh vers l'invité." | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Mise en place de la connexion ssh vers l'invité.\e[0m" | tee -a "$LOG_BUILD_LXC"
if [ -e $HOME/.ssh/$LXC_NAME ]; then
rm -f $HOME/.ssh/$LXC_NAME $HOME/.ssh/$LXC_NAME.pub
ssh-keygen -f $HOME/.ssh/known_hosts -R $PLAGE_IP.2
@ -95,35 +95,35 @@ if [ "$?" -ne 0 ]; then # Si l'utilisateur tarde trop, la connexion sera refusé
fi
ssh $ARG_SSH $LXC_NAME "git clone https://github.com/YunoHost/install_script /tmp/install_script" >> "$LOG_BUILD_LXC" 2>&1
echo "> Installation de Yunohost..." | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Installation de Yunohost...\e[0m" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "cd /tmp/install_script; sudo ./install_yunohost -a" | tee -a "$LOG_BUILD_LXC" 2>&1
echo "> Post install Yunohost" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Post install Yunohost\e[0m" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost tools postinstall --domain $DOMAIN --password $YUNO_PWD" | tee -a "$LOG_BUILD_LXC" 2>&1
USER_TEST=$(cat "$(dirname "$script_dir")/package_check.sh" | grep USER_TEST= | cut -d '=' -f2)
PASSWORD_TEST=$(cat "$(dirname "$script_dir")/package_check.sh" | grep PASSWORD_TEST= | cut -d '=' -f2)
SOUS_DOMAIN="sous.$DOMAIN"
# echo "Le mot de passe Yunohost est \'$YUNO_PWD\'"
echo "> Ajout du sous domaine de test" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Ajout du sous domaine de test\e[0m" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost domain add \"$SOUS_DOMAIN\" --admin-password=\"$YUNO_PWD\""
USER_TEST_CLEAN=${USER_TEST//"_"/""}
echo "> Ajout de l'utilisateur de test" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Ajout de l'utilisateur de test\e[0m" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost user create --firstname \"$USER_TEST_CLEAN\" --mail \"$USER_TEST_CLEAN@$DOMAIN\" --lastname \"$USER_TEST_CLEAN\" --password \"$PASSWORD_TEST\" \"$USER_TEST\" --admin-password=\"$YUNO_PWD\""
echo -e "\n> Vérification de l'état de Yunohost" | tee -a "$LOG_BUILD_LXC"
echo -e -e "\e[1m\n> Vérification de l'état de Yunohost\e[0m" | tee -a "$LOG_BUILD_LXC"
ssh $ARG_SSH $LXC_NAME "sudo yunohost -v" | tee -a "$LOG_BUILD_LXC" 2>&1
echo "> Arrêt de la machine virtualisée" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Arrêt de la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-stop -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1
echo "> Suppression des règles de parefeu" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Suppression des règles de parefeu\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo iptables -D FORWARD -i lxc-pchecker -o eth0 -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -D FORWARD -i eth0 -o lxc-pchecker -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1
sudo ifdown --force lxc-pchecker >> "$LOG_BUILD_LXC" 2>&1
echo "> Création d'un snapshot" | tee -a "$LOG_BUILD_LXC"
echo -e "\e[1m> Création d'un snapshot\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-snapshot -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1
# Il sera nommé snap0 et stocké dans /var/lib/lxcsnaps/$LXC_NAME/snap0/

12
sub_scripts/lxc_remove.sh
View file

@ -14,24 +14,24 @@ fi
touch "$script_dir/../pcheck.lock" # Met en place le lock de Package check
echo "> Retire l'ip forwarding."
echo "\e[1m> Retire l'ip forwarding.\e[0m"
sudo rm /etc/sysctl.d/lxc_pchecker.conf
sudo sysctl -p
echo "> Désactive le bridge réseau"
echo "\e[1m> Désactive le bridge réseau\e[0m"
sudo ifdown --force lxc-pchecker
echo "> Supprime le brige réseau"
echo "\e[1m> Supprime le brige réseau\e[0m"
sudo rm /etc/network/interfaces.d/lxc-pchecker
echo "> Suppression de la machine et de son snapshots"
echo "\e[1m> Suppression de la machine et de son snapshots\e[0m"
sudo lxc-snapshot -n $LXC_NAME -d snap0
sudo rm -f /var/lib/lxcsnaps/$LXC_NAME/snap0.tar.gz
sudo lxc-destroy -n $LXC_NAME -f
echo "> Remove lxc lxctl"
echo "\e[1m> Remove lxc lxctl\e[0m"
sudo apt-get remove lxc lxctl
echo "> Suppression des lignes de pchecker_lxc dans .ssh/config"
echo "\e[1m> Suppression des lignes de pchecker_lxc dans .ssh/config\e[0m"
BEGIN_LINE=$(cat $HOME/.ssh/config | grep -n "^# ssh pchecker_lxc$" | cut -d':' -f 1)
sed -i "$BEGIN_LINE,/^IdentityFile/d" $HOME/.ssh/config

20
sub_scripts/lxc_upgrade.sh
View file

@ -21,13 +21,13 @@ if [ "$(whoami)" != "$(cat "$script_dir/setup_user")" ] && test -e "$script_dir/
exit 0
fi
echo "> Active le bridge réseau"
echo "\e[1m> Active le bridge réseau\e[0m"
if ! sudo ifquery lxc-pchecker --state > /dev/null
then
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker
fi
echo "> Configure le parefeu"
echo "\e[1m> Configure le parefeu\e[0m"
if ! sudo iptables -D FORWARD -i lxc-pchecker -o eth0 -j ACCEPT 2> /dev/null
then
sudo iptables -A FORWARD -i lxc-pchecker -o eth0 -j ACCEPT
@ -41,7 +41,7 @@ then
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
fi
echo "> Démarrage de la machine"
echo "\e[1m> Démarrage de la machine\e[0m"
if [ $(sudo lxc-info --name $LXC_NAME | grep -c "STOPPED") -eq 0 ]; then
# Si la machine n'est pas à l'arrêt.
sudo lxc-stop -n $LXC_NAME # Arrête la machine LXC
@ -53,23 +53,23 @@ sudo lxc-start -n $LXC_NAME -d
sleep 3
sudo lxc-ls -f
echo "> Update"
echo "\e[1m> Update\e[0m"
update_apt=0
sudo lxc-attach -n $LXC_NAME -- apt-get update
sudo lxc-attach -n $LXC_NAME -- apt-get dist-upgrade --dry-run | grep -q "^Inst " # Vérifie si il y aura des mises à jour.
if [ "$?" -eq 0 ]; then
update_apt=1
fi
echo "> Upgrade"
echo "\e[1m> Upgrade\e[0m"
sudo lxc-attach -n $LXC_NAME -- apt-get dist-upgrade -y
echo "> Clean"
echo "\e[1m> Clean\e[0m"
sudo lxc-attach -n $LXC_NAME -- apt-get autoremove -y
sudo lxc-attach -n $LXC_NAME -- apt-get autoclean
echo "> Arrêt de la machine virtualisée"
echo "\e[1m> Arrêt de la machine virtualisée\e[0m"
sudo lxc-stop -n $LXC_NAME
echo "> Suppression des règles de parefeu"
echo "\e[1m> Suppression des règles de parefeu\e[0m"
sudo iptables -D FORWARD -i lxc-pchecker -o eth0 -j ACCEPT
sudo iptables -D FORWARD -i eth0 -o lxc-pchecker -j ACCEPT
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
@ -78,9 +78,9 @@ sudo ifdown --force lxc-pchecker
if [ "$update_apt" -eq 1 ]
then
echo "> Archivage du snapshot"
echo "\e[1m> Archivage du snapshot\e[0m"
sudo tar -cz --acls --xattrs -f /var/lib/lxcsnaps/$LXC_NAME/snap0.tar.gz /var/lib/lxcsnaps/$LXC_NAME/snap0
echo "> Remplacement du snapshot"
echo "\e[1m> Remplacement du snapshot\e[0m"
sudo lxc-snapshot -n $LXC_NAME -d snap0
sudo lxc-snapshot -n $LXC_NAME
fi