YunoHost/package_check
1
0
Fork 0
mirror of https://github.com/YunoHost/package_check.git synced 2024-09-03 20:06:20 +02:00
Code Issues Projects Releases Packages Wiki Activity

Bridge en variable

Browse source
This commit is contained in:
Maniack Crudelis 2017-02-10 22:04:10 +01:00
parent 3c41a45490
commit ed29018275
5 changed files with 57 additions and 52 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
sub_scripts/lxc_build.sh
View file

@ -9,6 +9,7 @@ ARG_SSH="-t"
DOMAIN=domain.tld DOMAIN=domain.tld
YUNO_PWD=admin YUNO_PWD=admin
LXC_NAME=pchecker_lxc LXC_NAME=pchecker_lxc
LXC_BRIDGE=lxc-pchecker
# Tente de définir l'interface réseau principale # Tente de définir l'interface réseau principale
main_iface=$(sudo route | grep default | awk '{print $8;}') # Prend l'interface réseau défini par default main_iface=$(sudo route | grep default | awk '{print $8;}') # Prend l'interface réseau défini par default
@ -47,9 +48,9 @@ echo "net.ipv4.ip_forward=1" | sudo tee /etc/sysctl.d/lxc_pchecker.conf >> "$LOG
sudo sysctl -p /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1 sudo sysctl -p /etc/sysctl.d/lxc_pchecker.conf >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Ajoute un brige réseau pour la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Ajoute un brige réseau pour la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC"
echo | sudo tee /etc/network/interfaces.d/lxc-pchecker <<EOF >> "$LOG_BUILD_LXC" 2>&1 echo | sudo tee /etc/network/interfaces.d/$LXC_BRIDGE <<EOF >> "$LOG_BUILD_LXC" 2>&1
auto lxc-pchecker auto $LXC_BRIDGE
iface lxc-pchecker inet static iface $LXC_BRIDGE inet static
address $PLAGE_IP.1/24 address $PLAGE_IP.1/24
bridge_ports none bridge_ports none
bridge_fd 0 bridge_fd 0
@ -57,17 +58,17 @@ iface lxc-pchecker inet static
EOF EOF
echo -e "\e[1m> Active le bridge réseau\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Active le bridge réseau\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker >> "$LOG_BUILD_LXC" 2>&1 sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Configuration réseau du conteneur\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Configuration réseau du conteneur\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo sed -i 's/^lxc.network.type = empty$/lxc.network.type = veth\nlxc.network.flags = up\nlxc.network.link = lxc-pchecker\nlxc.network.name = eth0\nlxc.network.hwaddr = 00:FF:AA:00:00:01/' /var/lib/lxc/$LXC_NAME/config >> "$LOG_BUILD_LXC" 2>&1 sudo sed -i "s/^lxc.network.type = empty$/lxc.network.type = veth\nlxc.network.flags = up\nlxc.network.link = $LXC_BRIDGE\nlxc.network.name = eth0\nlxc.network.hwaddr = 00:FF:AA:00:00:01/" /var/lib/lxc/$LXC_NAME/config >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Configuration réseau de la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Configuration réseau de la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo sed -i "s@iface eth0 inet dhcp@iface eth0 inet static\n\taddress $PLAGE_IP.2/24\n\tgateway $PLAGE_IP.1@" /var/lib/lxc/$LXC_NAME/rootfs/etc/network/interfaces >> "$LOG_BUILD_LXC" 2>&1 sudo sed -i "s@iface eth0 inet dhcp@iface eth0 inet static\n\taddress $PLAGE_IP.2/24\n\tgateway $PLAGE_IP.1@" /var/lib/lxc/$LXC_NAME/rootfs/etc/network/interfaces >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Configure le parefeu\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Configure le parefeu\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo iptables -A FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -A FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Démarrage de la machine\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Démarrage de la machine\e[0m" | tee -a "$LOG_BUILD_LXC"
@ -138,10 +139,10 @@ echo -e "\e[1m> Arrêt de la machine virtualisée\e[0m" | tee -a "$LOG_BUILD_LXC
sudo lxc-stop -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-stop -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Suppression des règles de parefeu\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Suppression des règles de parefeu\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo iptables -D FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -D FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT >> "$LOG_BUILD_LXC" 2>&1
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1 sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE >> "$LOG_BUILD_LXC" 2>&1
sudo ifdown --force lxc-pchecker >> "$LOG_BUILD_LXC" 2>&1 sudo ifdown --force $LXC_BRIDGE >> "$LOG_BUILD_LXC" 2>&1
echo -e "\e[1m> Création d'un snapshot\e[0m" | tee -a "$LOG_BUILD_LXC" echo -e "\e[1m> Création d'un snapshot\e[0m" | tee -a "$LOG_BUILD_LXC"
sudo lxc-snapshot -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1 sudo lxc-snapshot -n $LXC_NAME >> "$LOG_BUILD_LXC" 2>&1

43
sub_scripts/lxc_check.sh
View file

@ -9,6 +9,7 @@ if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$(
PLAGE_IP=$(cat "$script_dir/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2) PLAGE_IP=$(cat "$script_dir/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
ARG_SSH="-t" ARG_SSH="-t"
LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2) LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2)
LXC_BRIDGE=$(cat "$script_dir/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2)
if [ -e "$script_dir/../config" ]; then if [ -e "$script_dir/../config" ]; then
main_iface=$(cat "$script_dir/../config" | grep iface= | cut -d '=' -f2) main_iface=$(cat "$script_dir/../config" | grep iface= | cut -d '=' -f2)
else # Si le fichier de config n'existe pas else # Si le fichier de config n'existe pas
@ -29,19 +30,19 @@ STOP_CONTAINER () {
START_NETWORK () { START_NETWORK () {
echo "Initialisation du réseau pour le conteneur." echo "Initialisation du réseau pour le conteneur."
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE
# Activation des règles iptables # Activation des règles iptables
sudo iptables -A FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT
sudo iptables -A FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
} }
STOP_NETWORK () { STOP_NETWORK () {
echo "Arrêt du réseau pour le conteneur." echo "Arrêt du réseau pour le conteneur."
sudo iptables -D FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT > /dev/null 2>&1 sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT > /dev/null 2>&1
sudo iptables -D FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT > /dev/null 2>&1 sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT > /dev/null 2>&1
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE > /dev/null 2>&1 sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE > /dev/null 2>&1
sudo ifdown --force lxc-pchecker > /dev/null 2>&1 sudo ifdown --force $LXC_BRIDGE > /dev/null 2>&1
} }
REBOOT_CONTENEUR () { REBOOT_CONTENEUR () {
@ -141,13 +142,13 @@ LXC_NETWORK_CONFIG () {
echo "lxc.network.flags = up" | sudo tee -a /var/lib/lxc/$LXC_NAME/config echo "lxc.network.flags = up" | sudo tee -a /var/lib/lxc/$LXC_NAME/config
fi fi
fi fi
if ! sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q "^lxc.network.link = lxc-pchecker"; then if ! sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q "^lxc.network.link = $LXC_BRIDGE"; then
lxc_network=1 lxc_network=1
check_repair=1 check_repair=1
if sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q ".*lxc.network.link"; then if sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q ".*lxc.network.link"; then
sudo sed -i "s/.*lxc.network.link.*/lxc.network.link = lxc-pchecker/g" /var/lib/lxc/$LXC_NAME/config sudo sed -i "s/.*lxc.network.link.*/lxc.network.link = $LXC_BRIDGE" /var/lib/lxc/$LXC_NAME/config
else else
echo "lxc.network.link = lxc-pchecker" | sudo tee -a /var/lib/lxc/$LXC_NAME/config echo "lxc.network.link = $LXC_BRIDGE" | sudo tee -a /var/lib/lxc/$LXC_NAME/config
fi fi
fi fi
if ! sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q "^lxc.network.name = eth0"; then if ! sudo cat /var/lib/lxc/$LXC_NAME/config | grep -q "^lxc.network.name = eth0"; then
@ -193,9 +194,9 @@ check_repair=0
### Test de la configuration réseau ### Test de la configuration réseau
echo -e "\e[1m> Test de la configuration réseau du côté de l'hôte:\e[0m" echo -e "\e[1m> Test de la configuration réseau du côté de l'hôte:\e[0m"
CREATE_BRIDGE () { CREATE_BRIDGE () {
echo | sudo tee /etc/network/interfaces.d/lxc-pchecker <<EOF echo | sudo tee /etc/network/interfaces.d/$LXC_BRIDGE <<EOF
auto lxc-pchecker auto $LXC_BRIDGE
iface lxc-pchecker inet static iface $LXC_BRIDGE inet static
address $PLAGE_IP.1/24 address $PLAGE_IP.1/24
bridge_ports none bridge_ports none
bridge_fd 0 bridge_fd 0
@ -203,7 +204,7 @@ CREATE_BRIDGE () {
EOF EOF
} }
# Test la présence du fichier de config du bridge lxc-pchecher # Test la présence du fichier de config du bridge lxc-pchecher
if ! test -e /etc/network/interfaces.d/lxc-pchecker if ! test -e /etc/network/interfaces.d/$LXC_BRIDGE
then then
echo -e "\e[91mLe fichier de configuration du bridge est introuvable.\nIl va être recréé.\e[0m" echo -e "\e[91mLe fichier de configuration du bridge est introuvable.\nIl va être recréé.\e[0m"
check_repair=1 check_repair=1
@ -215,12 +216,12 @@ fi
bridge=0 bridge=0
while test "$bridge" -ne 1 while test "$bridge" -ne 1
do do
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE
if sudo ifconfig | grep -q lxc-pchecker if sudo ifconfig | grep -q $LXC_BRIDGE
then then
echo -e "\e[92mLe bridge démarre correctement.\e[0m" echo -e "\e[92mLe bridge démarre correctement.\e[0m"
# Vérifie que le bridge obtient une adresse IP # Vérifie que le bridge obtient une adresse IP
if sudo ifconfig | grep -A 10 lxc-pchecker | grep "inet adr" | grep -q -F "$PLAGE_IP.1 " if sudo ifconfig | grep -A 10 $LXC_BRIDGE | grep "inet adr" | grep -q -F "$PLAGE_IP.1 "
then then
echo -e "\e[92mLe bridge obtient correctement son adresse IP.\e[0m" echo -e "\e[92mLe bridge obtient correctement son adresse IP.\e[0m"
else else
@ -228,7 +229,7 @@ do
echo -e "\e[91mLe bridge n'obtient pas la bonne adresse IP. Tentative de réparation...\e[0m" echo -e "\e[91mLe bridge n'obtient pas la bonne adresse IP. Tentative de réparation...\e[0m"
check_repair=1 check_repair=1
CREATE_BRIDGE CREATE_BRIDGE
sudo ifdown --force lxc-pchecker sudo ifdown --force $LXC_BRIDGE
bridge=-1 # Bridge à -1 pour indiquer que cette erreur s'est déjà présentée. bridge=-1 # Bridge à -1 pour indiquer que cette erreur s'est déjà présentée.
continue # Retourne au début de la boucle pour réessayer continue # Retourne au début de la boucle pour réessayer
else else
@ -243,7 +244,7 @@ do
echo -e "\e[91mLe bridge ne démarre pas. Tentative de réparation...\e[0m" echo -e "\e[91mLe bridge ne démarre pas. Tentative de réparation...\e[0m"
check_repair=1 check_repair=1
CREATE_BRIDGE CREATE_BRIDGE
sudo ifdown --force lxc-pchecker sudo ifdown --force $LXC_BRIDGE
bridge=-2 # Bridge à -1 pour indiquer que cette erreur s'est déjà présentée. bridge=-2 # Bridge à -1 pour indiquer que cette erreur s'est déjà présentée.
continue # Retourne au début de la boucle pour réessayer continue # Retourne au début de la boucle pour réessayer
else else
@ -257,11 +258,11 @@ do
done done
# Test l'application des règles iptables # Test l'application des règles iptables
sudo iptables -A FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT
sudo iptables -A FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
if sudo iptables -C FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT && sudo iptables -C FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT && sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE if sudo iptables -C FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT && sudo iptables -C FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT && sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
then then
echo -e "\e[92mLes règles iptables sont appliquées correctement.\e[0m" echo -e "\e[92mLes règles iptables sont appliquées correctement.\e[0m"
else else

21
sub_scripts/lxc_launcher.sh
View file

@ -2,18 +2,19 @@
ARG_SSH="-t" ARG_SSH="-t"
PLAGE_IP=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2) PLAGE_IP=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
main_iface=$(cat "$script_dir/../config" | grep iface= | cut -d '=' -f2) LXC_BRIDGE=$(cat "$script_dir/sub_scripts/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2)
main_iface=$(cat "$script_dir/config" | grep iface= | cut -d '=' -f2)
echo -e "Chargement des fonctions de lxc_launcher.sh" echo -e "Chargement des fonctions de lxc_launcher.sh"
LXC_INIT () { LXC_INIT () {
# Activation du bridge réseau # Activation du bridge réseau
echo "Initialisation du réseau pour le conteneur." echo "Initialisation du réseau pour le conteneur."
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker | tee -a "$RESULT" 2>&1 sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE | tee -a "$RESULT" 2>&1
# Activation des règles iptables # Activation des règles iptables
sudo iptables -A FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT | tee -a "$RESULT" 2>&1 sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT | tee -a "$RESULT" 2>&1
sudo iptables -A FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT | tee -a "$RESULT" 2>&1 sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT | tee -a "$RESULT" 2>&1
sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE | tee -a "$RESULT" 2>&1 sudo iptables -t nat -A POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE | tee -a "$RESULT" 2>&1
if [ "$no_lxc" -eq 0 ]; then if [ "$no_lxc" -eq 0 ]; then
@ -91,21 +92,21 @@ LXC_STOP () {
LXC_TURNOFF () { LXC_TURNOFF () {
echo "Arrêt du réseau pour le conteneur." echo "Arrêt du réseau pour le conteneur."
# Suppression des règles de parefeu # Suppression des règles de parefeu
if sudo iptables -C FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT 2> /dev/null if sudo iptables -C FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT 2> /dev/null
then then
sudo iptables -D FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT >> "$RESULT" 2>&1 sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT >> "$RESULT" 2>&1
fi fi
if sudo iptables -C FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT 2> /dev/null if sudo iptables -C FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT 2> /dev/null
then then
sudo iptables -D FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT | tee -a "$RESULT" 2>&1 sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT | tee -a "$RESULT" 2>&1
fi fi
if sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null if sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null
then then
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE | tee -a "$RESULT" 2>&1 sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE | tee -a "$RESULT" 2>&1
fi fi
# Et arrêt du bridge # Et arrêt du bridge
if sudo ifquery lxc-pchecker --state > /dev/null if sudo ifquery $LXC_BRIDGE --state > /dev/null
then then
sudo ifdown --force lxc-pchecker | tee -a "$RESULT" 2>&1 sudo ifdown --force $LXC_BRIDGE | tee -a "$RESULT" 2>&1
fi fi
} }

5
sub_scripts/lxc_remove.sh
View file

@ -4,6 +4,7 @@
if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$(echo $PWD/$(dirname "$0" | cut -d '.' -f2) | sed 's@/$@@')"; fi if [ "${0:0:1}" == "/" ]; then script_dir="$(dirname "$0")"; else script_dir="$(echo $PWD/$(dirname "$0" | cut -d '.' -f2) | sed 's@/$@@')"; fi
LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2) LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2)
LXC_BRIDGE=$(cat "$script_dir/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2)
# Check user # Check user
if [ "$(whoami)" != "$(cat "$script_dir/setup_user")" ] && test -e "$script_dir/setup_user"; then if [ "$(whoami)" != "$(cat "$script_dir/setup_user")" ] && test -e "$script_dir/setup_user"; then
@ -19,10 +20,10 @@ sudo rm /etc/sysctl.d/lxc_pchecker.conf
sudo sysctl -p sudo sysctl -p
echo -e "\e[1m> Désactive le bridge réseau\e[0m" echo -e "\e[1m> Désactive le bridge réseau\e[0m"
sudo ifdown --force lxc-pchecker sudo ifdown --force $LXC_BRIDGE
echo -e "\e[1m> Supprime le brige réseau\e[0m" echo -e "\e[1m> Supprime le brige réseau\e[0m"
sudo rm /etc/network/interfaces.d/lxc-pchecker sudo rm /etc/network/interfaces.d/$LXC_BRIDGE
echo -e "\e[1m> Suppression de la machine et de son snapshots\e[0m" echo -e "\e[1m> Suppression de la machine et de son snapshots\e[0m"
sudo lxc-snapshot -n $LXC_NAME -d snap0 sudo lxc-snapshot -n $LXC_NAME -d snap0

19
sub_scripts/lxc_upgrade.sh
View file

@ -12,6 +12,7 @@ touch "$script_dir/../pcheck.lock" # Met en place le lock de Package check
PLAGE_IP=$(cat "$script_dir/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2) PLAGE_IP=$(cat "$script_dir/lxc_build.sh" | grep PLAGE_IP= | cut -d '"' -f2)
LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2) LXC_NAME=$(cat "$script_dir/lxc_build.sh" | grep LXC_NAME= | cut -d '=' -f2)
LXC_BRIDGE=$(cat "$script_dir/lxc_build.sh" | grep LXC_BRIDGE= | cut -d '=' -f2)
if [ -e "$script_dir/../config" ]; then if [ -e "$script_dir/../config" ]; then
main_iface=$(cat "$script_dir/../config" | grep iface= | cut -d '=' -f2) main_iface=$(cat "$script_dir/../config" | grep iface= | cut -d '=' -f2)
else # Si le fichier de config n'existe pas else # Si le fichier de config n'existe pas
@ -34,19 +35,19 @@ if [ "$(whoami)" != "$(cat "$script_dir/setup_user")" ] && test -e "$script_dir/
fi fi
echo "\e[1m> Active le bridge réseau\e[0m" echo "\e[1m> Active le bridge réseau\e[0m"
if ! sudo ifquery lxc-pchecker --state > /dev/null if ! sudo ifquery $LXC_BRIDGE --state > /dev/null
then then
sudo ifup lxc-pchecker --interfaces=/etc/network/interfaces.d/lxc-pchecker sudo ifup $LXC_BRIDGE --interfaces=/etc/network/interfaces.d/$LXC_BRIDGE
fi fi
echo "\e[1m> Configure le parefeu\e[0m" echo "\e[1m> Configure le parefeu\e[0m"
if ! sudo iptables -D FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT 2> /dev/null if ! sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT 2> /dev/null
then then
sudo iptables -A FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT sudo iptables -A FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT
fi fi
if ! sudo iptables -C FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT 2> /dev/null if ! sudo iptables -C FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT 2> /dev/null
then then
sudo iptables -A FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT sudo iptables -A FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT
fi fi
if ! sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null if ! sudo iptables -t nat -C POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE 2> /dev/null
then then
@ -82,10 +83,10 @@ echo "\e[1m> Arrêt de la machine virtualisée\e[0m"
sudo lxc-stop -n $LXC_NAME sudo lxc-stop -n $LXC_NAME
echo "\e[1m> Suppression des règles de parefeu\e[0m" echo "\e[1m> Suppression des règles de parefeu\e[0m"
sudo iptables -D FORWARD -i lxc-pchecker -o $main_iface -j ACCEPT sudo iptables -D FORWARD -i $LXC_BRIDGE -o $main_iface -j ACCEPT
sudo iptables -D FORWARD -i $main_iface -o lxc-pchecker -j ACCEPT sudo iptables -D FORWARD -i $main_iface -o $LXC_BRIDGE -j ACCEPT
sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE sudo iptables -t nat -D POSTROUTING -s $PLAGE_IP.0/24 -j MASQUERADE
sudo ifdown --force lxc-pchecker sudo ifdown --force $LXC_BRIDGE
if [ "$update_apt" -eq 1 ] if [ "$update_apt" -eq 1 ]