From d4b8e57519e53e7ecbe584f5b51ae5a64fc3727f Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Wed, 8 Jun 2011 17:30:38 +0400 Subject: [PATCH 01/23] adding templates listing hint --- openvz/vzcreate/vzcreate.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/openvz/vzcreate/vzcreate.sh b/openvz/vzcreate/vzcreate.sh index 07614a3..764ce2a 100755 --- a/openvz/vzcreate/vzcreate.sh +++ b/openvz/vzcreate/vzcreate.sh @@ -9,6 +9,17 @@ then echo "for example: `basename $0` 1500 testvz.local 192.168.0.140 testvz debian-5.0-i386-minimal" echo "" echo "templates can be found in /var/lib/vz/template/cache/ without .tar.gz" + templates=$(ls -1 /var/lib/vz/template/cache/*.tar.gz|sed 's%\.tar\.gz%%') + tempcode=$? + if [ "$tempcode" -ne 0 -o -z "$templates" ] + then + echo "no templates found" + else + echo "found templates:" + for i in ${templates};do + echo $(basename $i) + done + fi exit 1 fi From 5434d680ce612876d3321a81b490c64eb24307c3 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 21 Jun 2011 14:27:03 +0400 Subject: [PATCH 02/23] initial import from http://files.obnovlenie.ru/~amax/openvz/prep-sqeeze.sh --- openvz/templating/prep-sqeeze.sh | 206 +++++++++++++++++++++++++++++++ 1 file changed, 206 insertions(+) create mode 100755 openvz/templating/prep-sqeeze.sh diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh new file mode 100755 index 0000000..0cc0ec9 --- /dev/null +++ b/openvz/templating/prep-sqeeze.sh @@ -0,0 +1,206 @@ +#!/bin/bash +# Copyright © 2090 Alexey Maximov +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the BSD License +# +##################################################################################################################### +# +# check user input for correct values +# +if [ -z "$1" ] ; then + echo "Usage: $0 "; + echo " should be i386 or amd64" + echo " default to /tmp" + echo "example to run: $0 i386 /var/tmp" + exit 1 +fi + +##################################################################################################################### +# +# define local variables +# +export http_proxy="http://192.168.0.1:3128/" +VZ="/var/lib/vz" +RELEASE="squeeze" +REPOS="main contrib" +MIRROR="http://ftp.cz.debian.org" +MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping" +ARCH="$1" +MY_SSH_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq7Ygask78BlVQUKV/lU3Dh45pm1fa7SY+rwiP3WVE+NUtxIaSZVJmRy/YQtPmFa86AR50ICCr8BoCSDumnjAhzNXdKKxKWXjNHZtCjLiHRW5ClUJCvqKEPXh35t++WtYXdnaQG0lKUjYrBNR+1YaI/Kxs8PRvZO8w9UmLevpN1hUu9Vu37ffso3Ss1zdbkKuSS/8pTUj0yHP+fWzee8b9xK/r/QGY8IiQUvhkC+cILQSBNKUQ+0B4h/ENlkDVog5ZXQBs9i+jdgi683/e/PU+3lFfAqHGzwiHPlzSC6krMiQg80mfDDQm9tkcymUkg9lNYfu3vuKI317wCbFXOKFZQ== amax@amazing.local" +TIMEZONE="Europe/Moscow" +BASE_PKG="rsyslog wget cron iptables traceroute logrotate less psmisc openssh-server" + +VE=$(mktemp -d) +if [ ! -z "$2" ] ; then + VE=$(mktemp -d --tmpdir "$2") +fi + +##################################################################################################################### +# +# create new minimal VE +# +debootstrap --arch=$ARCH --variant=minbase --include=$MINBASE $RELEASE $VE $MIRROR/debian +cp /etc/resolv.conf $VE/etc/ +cat << EOF > $VE/usr/sbin/policy-rc.d +#!/bin/sh +exit 101 +EOF +chmod +x $VE/usr/sbin/policy-rc.d +mount -t proc proc $VE/proc +mount -t devpts devpts $VE/dev/pts -o rw,noexec,nosuid,gid=5,mode=620 + +##################################################################################################################### +# +# Prepare locale settings +# +echo "LANG=en_US.UTF-8" > $VE/etc/default/locale +cat << EOF > $VE/etc/locale.gen +en_US.UTF-8 UTF-8 +ru_RU.CP1251 CP1251 +ru_RU.UTF-8 UTF-8 +ru_RU.KOI8-R KOI8-R +EOF +echo -n > $VE/etc/locale.alias +chroot $VE sh -c "locale-gen" + + +##################################################################################################################### +# +# tune VE settings +# +chroot $VE sh -c "ln -sf /usr/share/zoneinfo/$TIMEZONE /etc/localtime" +chroot $VE sh -c "ln -sf /proc/mounts /etc/mtab" + +echo "APT::Install-Recommends \"false\";" > $VE/etc/apt/apt.conf.d/00InstallRecommends +chmod 700 $VE/root +sed -i -e "/getty/d" $VE/etc/inittab +sed -i -e "s:RAMRUN=no:RAMRUN=yes:g" $VE/etc/default/rcS +sed -i -e "s:RAMLOCK=no:RAMLOCK=yes:g" $VE/etc/default/rcS +echo "HWCLOCKACCESS=no" >> $VE/etc/default/rcS +echo "ulimit -s 1024" > $VE/etc/lsb-base-logging.sh + +cat << EOF > $VE/etc/default/tmpfs +# SHM_SIZE sets the maximum size (in bytes) that the /dev/shm tmpfs can use. +# If this is not set then the size defaults to the value of TMPFS_SIZE +# if that is set; otherwise to the kernel's default. +# +# The size will be rounded down to a multiple of the page size, 4096 bytes. +SHM_SIZE= +TMPFS_SIZE= +RUN_SIZE=2M +LOCK_SIZE=2M +RW_SIZE=2M +EOF + + +##################################################################################################################### +# +# create new VE sources.list +# +cat << EOF > $VE/etc/apt/sources.list +deb $MIRROR/debian $RELEASE $REPOS +#deb-src $MIRROR/debian $RELEASE $REPOS +deb http://security.debian.org/ $RELEASE/updates $REPOS +#deb-src http://security.debian.org/ $RELEASE/updates $REPOS +deb $MIRROR/debian $RELEASE-updates $REPOS +#deb-src $MIRROR/debian $RELEASE-updates $REPOS +EOF + + +##################################################################################################################### +# +# update VE +# +chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y update" +chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y upgrade" +chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y install $BASE_PKG" +chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y autoremove" +chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y clean" + + + +##################################################################################################################### +# +# final tune VE +# +sed -i -e "s:SHELL=/bin/sh:SHELL=/bin/bash:g" $VE/etc/default/useradd +cat << EOF >> $VE/etc/default/ssh +# OOM-killer adjustment for sshd (see +# linux/Documentation/filesystems/proc.txt; lower values reduce likelihood +# of being killed, while -17 means the OOM-killer will ignore sshd; set to +# the empty string to skip adjustment) +SSHD_OOM_ADJUST=-17 +EOF +mkdir $VE/root/.ssh +echo $MY_SSH_KEY > $VE/root/.ssh/authorized_keys + + + +##################################################################################################################### +# +# Prepare ssh keys +# +cat << EOF > $VE/etc/init.d/ssh_gen_host_keys +#!/bin/sh +### BEGIN INIT INFO +# Provides: Generates new ssh host keys on first boot +# Required-Start: $remote_fs $syslog +# Required-Stop: $remote_fs $syslog +# Default-Start: 2 3 4 5 +# Default-Stop: +# Short-Description: Generates new ssh host keys on first boot +# Description: Generates new ssh host keys on first boot +### END INIT INFO +[ -f /usr/bin/ssh-keygen ] || exit 0 +ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N "" +ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N "" +insserv -r /etc/init.d/ssh_gen_host_keys +rm -f \$0 +EOF + +chmod 755 $VE/etc/init.d/ssh_gen_host_keys +chroot $VE sh -c "insserv /etc/init.d/ssh_gen_host_keys" + + +##################################################################################################################### +# +# umount VE and prepare to bundle +# +rm -f $VE/usr/sbin/policy-rc.d +umount -f $VE/proc +umount -f $VE/dev/pts + + +##################################################################################################################### +# +# cleanup VE +# +echo -n > $VE/etc/motd.tail +echo -n > $VE/etc/resolv.conf +echo -n > $VE/etc/network/interfaces + +rm -f $VE/etc/ssh/*key* +rm -f $VE/root/.bash_history +rm -rf $VE/var/log/news +rm -rf $VE/selinux + +find $VE/tmp/ -type f -delete + +find $VE/var/log/ -type f -delete +find $VE/var/run/ -type f -delete +find $VE/var/lock/ -type f -delete +find $VE/var/tmp/ -type f -delete + +find $VE/var/lib/apt/lists/ -type f -delete +find $VE/var/cache/apt/ -type f -delete +find $VE/var/cache/debconf/ -type f -name \*-old -delete + + +# crap idea +#rm -rf $VE/etc/init.d/mountoverflowtmp + +### compress image +( cd $VE && tar --numeric-owner --one-file-system -czf /vz/template/cache/debian-6.0.1-$ARCH-minimal.tar.gz . ) + + From 665865a14a8eebdfccf84314d1cf824b7b7fac43 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Thu, 23 Jun 2011 17:23:34 +0400 Subject: [PATCH 03/23] a bit of error handling, more packages, ssh keys as array --- openvz/templating/prep-sqeeze.sh | 40 +++++++++++++++++++++++++------- 1 file changed, 31 insertions(+), 9 deletions(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index 0cc0ec9..10a1951 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -20,17 +20,20 @@ fi # # define local variables # -export http_proxy="http://192.168.0.1:3128/" +#export http_proxy="http://192.168.0.1:3128/" VZ="/var/lib/vz" RELEASE="squeeze" -REPOS="main contrib" -MIRROR="http://ftp.cz.debian.org" -MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping" +REPOS="main contrib non-free" +MIRROR="http://ftp.de.debian.org" +MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping,sudo,less,vim-nox,tcpdump,tcpflow,mc,iptraf,psmisc,zip,unzip,bzip2,openssh-server,telnet,dialog" ARCH="$1" -MY_SSH_KEY="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq7Ygask78BlVQUKV/lU3Dh45pm1fa7SY+rwiP3WVE+NUtxIaSZVJmRy/YQtPmFa86AR50ICCr8BoCSDumnjAhzNXdKKxKWXjNHZtCjLiHRW5ClUJCvqKEPXh35t++WtYXdnaQG0lKUjYrBNR+1YaI/Kxs8PRvZO8w9UmLevpN1hUu9Vu37ffso3Ss1zdbkKuSS/8pTUj0yHP+fWzee8b9xK/r/QGY8IiQUvhkC+cILQSBNKUQ+0B4h/ENlkDVog5ZXQBs9i+jdgi683/e/PU+3lFfAqHGzwiHPlzSC6krMiQg80mfDDQm9tkcymUkg9lNYfu3vuKI317wCbFXOKFZQ== amax@amazing.local" +MY_SSH_KEYS[1]="ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAsOPDZ+dZ9h3WVXZjU0S9x8412ZifCRYA0dZVW/uUH8ZyuboKxkQe91R0UAPP8LMl5UgqiXeajkA9q0nBeFhwfJUI7qphiMM0fNrfDH/BEzXCcvQC8II5AtnLwQvFis9F0zEiplju6nUiyBzOUpQyFsgl4wfaNLcJgxnJXHs05xc= rsa-key-20101024" +MY_SSH_KEYS[2]="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq7Ygask78BlVQUKV/lU3Dh45pm1fa7SY+rwiP3WVE+NUtxIaSZVJmRy/YQtPmFa86AR50ICCr8BoCSDumnjAhzNXdKKxKWXjNHZtCjLiHRW5ClUJCvqKEPXh35t++WtYXdnaQG0lKUjYrBNR+1YaI/Kxs8PRvZO8w9UmLevpN1hUu9Vu37ffso3Ss1zdbkKuSS/8pTUj0yHP+fWzee8b9xK/r/QGY8IiQUvhkC+cILQSBNKUQ+0B4h/ENlkDVog5ZXQBs9i+jdgi683/e/PU+3lFfAqHGzwiHPlzSC6krMiQg80mfDDQm9tkcymUkg9lNYfu3vuKI317wCbFXOKFZQ== amax@amazing.local" TIMEZONE="Europe/Moscow" -BASE_PKG="rsyslog wget cron iptables traceroute logrotate less psmisc openssh-server" +BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exim4-config bsd-mailx" + +#exit 1 VE=$(mktemp -d) if [ ! -z "$2" ] ; then VE=$(mktemp -d --tmpdir "$2") @@ -40,7 +43,16 @@ fi # # create new minimal VE # +if ! [ -x /usr/sbin/debootstrap ];then + echo "/usr/sbin/debootstrap not found or not executable, consider installing debootstrap package" + exit 1 +fi debootstrap --arch=$ARCH --variant=minbase --include=$MINBASE $RELEASE $VE $MIRROR/debian +if [ $? -ne 0 ];then + echo "deboostrap failed, process aborted, removing $VE" + echo rm -rf $VE + exit 1 +fi cp /etc/resolv.conf $VE/etc/ cat << EOF > $VE/usr/sbin/policy-rc.d #!/bin/sh @@ -132,8 +144,18 @@ cat << EOF >> $VE/etc/default/ssh # the empty string to skip adjustment) SSHD_OOM_ADJUST=-17 EOF -mkdir $VE/root/.ssh -echo $MY_SSH_KEY > $VE/root/.ssh/authorized_keys + +if [ -z "${!MY_SSH_KEYS[*]}" ];then + echo "SSH KEYS are empty, skipping..." +else + mkdir $VE/root/.ssh + chmod 0640 $VE/root/.ssh + echo -n > $VE/root/.ssh/authorized_keys + for I in ${!MY_SSH_KEYS[*]}; do + echo "${MY_SSH_KEYS[$I]}" >> $VE/root/.ssh/authorized_keys + done + chmod 0640 $VE/root/.ssh/authorized_keys +fi @@ -201,6 +223,6 @@ find $VE/var/cache/debconf/ -type f -name \*-old -delete #rm -rf $VE/etc/init.d/mountoverflowtmp ### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf /vz/template/cache/debian-6.0.1-$ARCH-minimal.tar.gz . ) +( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.1-$ARCH-minimal.tar.gz" . ) From 09e6e9317ddc4db569e13421a5b8237127ad9dc9 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Thu, 23 Jun 2011 18:12:08 +0400 Subject: [PATCH 04/23] adding default exim config; removing amax's key,commenting keys --- openvz/templating/prep-sqeeze.sh | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index 10a1951..9ed2240 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -27,8 +27,7 @@ REPOS="main contrib non-free" MIRROR="http://ftp.de.debian.org" MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping,sudo,less,vim-nox,tcpdump,tcpflow,mc,iptraf,psmisc,zip,unzip,bzip2,openssh-server,telnet,dialog" ARCH="$1" -MY_SSH_KEYS[1]="ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAsOPDZ+dZ9h3WVXZjU0S9x8412ZifCRYA0dZVW/uUH8ZyuboKxkQe91R0UAPP8LMl5UgqiXeajkA9q0nBeFhwfJUI7qphiMM0fNrfDH/BEzXCcvQC8II5AtnLwQvFis9F0zEiplju6nUiyBzOUpQyFsgl4wfaNLcJgxnJXHs05xc= rsa-key-20101024" -MY_SSH_KEYS[2]="ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAq7Ygask78BlVQUKV/lU3Dh45pm1fa7SY+rwiP3WVE+NUtxIaSZVJmRy/YQtPmFa86AR50ICCr8BoCSDumnjAhzNXdKKxKWXjNHZtCjLiHRW5ClUJCvqKEPXh35t++WtYXdnaQG0lKUjYrBNR+1YaI/Kxs8PRvZO8w9UmLevpN1hUu9Vu37ffso3Ss1zdbkKuSS/8pTUj0yHP+fWzee8b9xK/r/QGY8IiQUvhkC+cILQSBNKUQ+0B4h/ENlkDVog5ZXQBs9i+jdgi683/e/PU+3lFfAqHGzwiHPlzSC6krMiQg80mfDDQm9tkcymUkg9lNYfu3vuKI317wCbFXOKFZQ== amax@amazing.local" +#MY_SSH_KEYS[1]="ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAsOPDZ+dZ9h3WVXZjU0S9x8412ZifCRYA0dZVW/uUH8ZyuboKxkQe91R0UAPP8LMl5UgqiXeajkA9q0nBeFhwfJUI7qphiMM0fNrfDH/BEzXCcvQC8II5AtnLwQvFis9F0zEiplju6nUiyBzOUpQyFsgl4wfaNLcJgxnJXHs05xc= rsa-key-20101024" TIMEZONE="Europe/Moscow" BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exim4-config bsd-mailx" @@ -157,6 +156,33 @@ else chmod 0640 $VE/root/.ssh/authorized_keys fi +#disabling exim autostart +chroot $VE sh -c "update-rc.d exim4 disable" + +#setting basic exim configuration +cat << EOF > $VE/etc/exim4/update-exim4.conf.conf +# /etc/exim4/update-exim4.conf.conf +# +# Edit this file and /etc/mailname by hand and execute update-exim4.conf +# yourself or use 'dpkg-reconfigure exim4-config' +# +# This is a Debian specific file +dc_eximconfig_configtype='satellite' +dc_other_hostnames='freshvz.local' +dc_local_interfaces='127.0.0.1 ; ::1' +dc_readhost='freshvz.local' +dc_relay_domains='' +dc_minimaldns='false' +dc_relay_nets='' +dc_smarthost='mailrelay.local' +CFILEMODE='644' +dc_use_split_config='false' +dc_hide_mailname='true' +dc_mailname_in_oh='true' +dc_localdelivery='mail_spool' +EOF + +echo "freshvz.local" > $VE/etc/mailname ##################################################################################################################### From 731457306a8f3402e84f0623a8d60cf94f0ccfd4 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 26 Jul 2011 19:57:33 +0400 Subject: [PATCH 05/23] updating squeeze version, make temp dir work on lenny too --- openvz/templating/prep-sqeeze.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index 9ed2240..3fbcac2 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -35,7 +35,7 @@ BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exi #exit 1 VE=$(mktemp -d) if [ ! -z "$2" ] ; then - VE=$(mktemp -d --tmpdir "$2") + VE=$(TMPDIR="$2" mktemp -d) fi ##################################################################################################################### @@ -249,6 +249,6 @@ find $VE/var/cache/debconf/ -type f -name \*-old -delete #rm -rf $VE/etc/init.d/mountoverflowtmp ### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.1-$ARCH-minimal.tar.gz" . ) +( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.2-$ARCH-minimal.tar.gz" . ) From b94a7cc5ed542cfce2e4491bbfd7a717dccc2e96 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 26 Jul 2011 20:08:54 +0400 Subject: [PATCH 06/23] renaming default config file to example one, prevent overwrite of production configs --- openvz/vzcreate/{vzcreate.conf => vzcreate.conf.example} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename openvz/vzcreate/{vzcreate.conf => vzcreate.conf.example} (100%) diff --git a/openvz/vzcreate/vzcreate.conf b/openvz/vzcreate/vzcreate.conf.example similarity index 100% rename from openvz/vzcreate/vzcreate.conf rename to openvz/vzcreate/vzcreate.conf.example From 77e94aeb83181d20f86cd028491db24bc9e1161c Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 8 Nov 2011 16:58:04 +0400 Subject: [PATCH 07/23] adding more config files --- copyenv | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/copyenv b/copyenv index 7c3ba27..35feedc 100755 --- a/copyenv +++ b/copyenv @@ -68,10 +68,10 @@ if [ "x$AUTHCOPY" = "xYES" ];then if [ $? -eq 0 -a ! -z "$akey" ];then ssh "$RHOST" "mkdir -p ~/.ssh;chmod 700 .ssh;echo "$akey" > $AKEY_TMPL;chmod 600 $AKEY_TMPL" else - echo "$AKEY_FILE wasn't copied - empty/unable to read, skipping" + echo "$AKEY_FILE wasn't copyied - empty/unable to read, skipping" fi fi -for i in bin .vimrc .screenrc .profile .bashrc .gitconfig .hgrc ;do +for i in bin .vimrc .vim .screenrc .profile .bash_profile .bashrc .gitconfig .hgrc .tmux.conf ;do if [ -r $i ];then scp -r "$i" "$RHOST": fi From 14cb6668fad36b888a0735d898f06b7322bf4fd3 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sun, 18 Dec 2011 02:34:01 +0400 Subject: [PATCH 08/23] updating squeeze version to 6.0.3 --- openvz/templating/prep-sqeeze.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index 3fbcac2..c4c2e35 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -249,6 +249,6 @@ find $VE/var/cache/debconf/ -type f -name \*-old -delete #rm -rf $VE/etc/init.d/mountoverflowtmp ### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.2-$ARCH-minimal.tar.gz" . ) +( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.3-$ARCH-minimal.tar.gz" . ) From 8c8c3a3a7d837c24109aeb2e4dbc468b2078ea70 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 14 Feb 2012 22:04:22 +0400 Subject: [PATCH 09/23] updating debian version to 6.0.4 --- openvz/templating/prep-sqeeze.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index c4c2e35..d8f98fa 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -249,6 +249,6 @@ find $VE/var/cache/debconf/ -type f -name \*-old -delete #rm -rf $VE/etc/init.d/mountoverflowtmp ### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.3-$ARCH-minimal.tar.gz" . ) +( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.4-$ARCH-minimal.tar.gz" . ) From feaa541b44b946f7f847134858d67528f28a0154 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sat, 3 Mar 2012 02:18:15 +0400 Subject: [PATCH 10/23] adding ip route to be in default template --- openvz/templating/prep-sqeeze.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index d8f98fa..f33e7fa 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -29,7 +29,7 @@ MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping,sudo,less,v ARCH="$1" #MY_SSH_KEYS[1]="ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAsOPDZ+dZ9h3WVXZjU0S9x8412ZifCRYA0dZVW/uUH8ZyuboKxkQe91R0UAPP8LMl5UgqiXeajkA9q0nBeFhwfJUI7qphiMM0fNrfDH/BEzXCcvQC8II5AtnLwQvFis9F0zEiplju6nUiyBzOUpQyFsgl4wfaNLcJgxnJXHs05xc= rsa-key-20101024" TIMEZONE="Europe/Moscow" -BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exim4-config bsd-mailx" +BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exim4-config bsd-mailx iproute" #exit 1 From 5da512391838a44b96deb545d8ef06ace1f2fb46 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Mon, 26 Mar 2012 01:20:43 +0400 Subject: [PATCH 11/23] adding script to build debian kernel from openvz patch + vanilla; initial version --- openvz/kernel/create-ovz-kernel-for-debian.sh | 135 ++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100755 openvz/kernel/create-ovz-kernel-for-debian.sh diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh new file mode 100755 index 0000000..d6d3ace --- /dev/null +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -0,0 +1,135 @@ +#!/bin/bash + +#buildir base +BUILDDIR="/usr/src" + +#building tools, like make-kpkg +NEEDPACKAGES="build-essential kernel-package" + + +#kernel.org url for vanilla kernel +KERNEL_BASE_URL="http://www.kernel.org/pub/linux/kernel/v2.6" +OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" + +declare -A KERNELINFO +KERNELINFO["base"]="2.6.32" +KERNELINFO["ovzname"]="042stab049.6" +KERNELINFO["rhelid"]="6" +KERNELINFO["rhelbranch"]="rhel6-2.6.32" +KERNELINFO["arch"]="x86_64" +#http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab049.6/configs/config-2.6.32-042stab049.6.x86_64 +#http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab049.6/patches/patch-042stab049.6-combined.gz +#http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.bz2 + +#runtime configuration +kernel_name="linux-${KERNELINFO["base"]}" +patch_url="${OPENVZ_BASE_URL}/${KERNELINFO["rhelbranch"]}/${KERNELINFO["ovzname"]}/patches/patch-${KERNELINFO["ovzname"]}-combined.gz" +patch_filename="patch-${KERNELINFO["ovzname"]}-combined" +config_url="${OPENVZ_BASE_URL}/${KERNELINFO["rhelbranch"]}/${KERNELINFO["ovzname"]}/configs/config-${KERNELINFO["base"]}-${KERNELINFO["ovzname"]}.${KERNELINFO["arch"]}" +config_filename="config-${KERNELINFO["base"]}-${KERNELINFO["ovzname"]}.${KERNELINFO["arch"]}" + +############ +cd $BUILDDIR || exit 1 + +#checking packages +do_exit=0 +for i in $NEEDPACKAGES;do + dpkg -p "$i" >/dev/null + if [ $? -ne 0 ];then + echo "missing package $i" + do_exit=1 + fi +done +if [ $do_exit -ne 0 ];then echo "exiting";exit 1;fi + +#need to download compressed kernel image if it doesn't exist yet +if ! [ -f "$kernel_name.tar.bz2" ];then + wget "${KERNEL_BASE_URL}/${kernel_name}.tar.bz2" -O "${kernel_name}.tar.bz2" + if [ $? -ne 0 ];then #failed + echo "download kernel tarball failed, exiting" + exit 1 + fi +else + echo "kernel tarball already exists, skipping download" +fi + +#clearing old build directory, just in case +if [ -d "./${kernel_name}" ];then + echo "removing old dir ./${kernel_name}" + rm -rf "./${kernel_name}" + if [ $? -ne 0 ];then #failed + echo "remove failed, exiting" + exit 1 + fi +fi + +#unpacking archive +tar -xf "${kernel_name}.tar.bz2" +if [ $? -ne 0 ];then #failed + echo "unpacking failed, exiting" + exit 1 +fi + +#downloading config +if ! [ -f "$config_filename" ];then + wget "$config_url" -O "$config_filename" + if [ $? -ne 0 ];then #failed + echo "download config failed, exiting" + exit 1 + fi +else + echo "config file already exists, skipping download" +fi + +#..patch now +if ! [ -f "$patch_filename" ];then + wget "$patch_url" -O "$patch_filename.gz" + if [ $? -ne 0 ];then #failed + echo "download patch failed, exiting" + exit 1 + fi + gzip -d "$patch_filename" + if [ $? -ne 0 ];then #failed + echo "unzip of patch failed, exiting" + exit 1 + fi + +else + echo "patch file already exists, skipping download" +fi + +#everything is downloaded, patching now +set -e +cd ${kernel_name} +#dry run for patch +patch --dry-run --verbose -p1 < "../$patch_filename" > ../patch.log +patch_retcode=$? +if [ $patch_retcode -ne 0 ];then + echo "patch failed to apply clean. check ../patch.log. exiting" + exit 1 +fi + +set +e + +#checking if patch has failed hunks +fgrep -q 'FAILED at' "../patch.log" +if [ $? -eq 0 ]; then #grep found some failed strings or just patch failed, we should abort now + echo "patch failed to apply clean. check ../patch.log. exiting" + exit 1 +else + echo "patch should apply clean now, trying..." + patch --verbose -p1 < "../$patch_filename" > ../patch.log + if [ $? -ne 0 ]; then #patch failed somehow anyway + echo "patch failed to apply clean. check ../patch.log. exiting" + exit 1 + fi +fi + +#kernel is patched now, copying config +cp ../"$config_filename" .config + +#compiling +#how much cpu we have? +cpucount=$(fgrep processor /proc/cpuinfo|wc -l) +CMD="make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${KERNELINFO["ovzname"]}-el${KERNELINFO["rhelid"]}-openvz --revision ${KERNELINFO["base"]}~coolcold binary-arch kernel_source" +echo $CMD From f2094547d31e6451e703bd6fd60d701fc6fe13f5 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sun, 8 Apr 2012 07:26:27 +0400 Subject: [PATCH 12/23] adding command-line configration support;adding fakeroot to packages/build phase --- openvz/kernel/create-ovz-kernel-for-debian.sh | 184 +++++++++++++++--- 1 file changed, 161 insertions(+), 23 deletions(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index d6d3ace..6d33f7d 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -4,13 +4,13 @@ BUILDDIR="/usr/src" #building tools, like make-kpkg -NEEDPACKAGES="build-essential kernel-package" - +NEEDPACKAGES="build-essential kernel-package fakeroot" #kernel.org url for vanilla kernel KERNEL_BASE_URL="http://www.kernel.org/pub/linux/kernel/v2.6" OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" +declare -A opts declare -A KERNELINFO KERNELINFO["base"]="2.6.32" KERNELINFO["ovzname"]="042stab049.6" @@ -21,15 +21,137 @@ KERNELINFO["arch"]="x86_64" #http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab049.6/patches/patch-042stab049.6-combined.gz #http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.bz2 +PROGNAME=$(basename $0) + +print_usage() { + + local hpart + hpart=$(host_to_localpart) + + echo "Usage: $PROGNAME [-B ] [-O ] [-R ] [-b ] [-A ] [-L ] [-D ]" + echo "" + echo "-B - specifies base (vanilla) kernel version to use, currently this is 2.6.32." + echo "-O - specifies version for kernel patch which openvz guys have." + echo "-R - specifies rhel version id, now latest rhel is 6, previous was 5." + echo "-b - specifies rhel kernel branch, for now should be rhel6-2.6.32, for rhel 5 should be something like rhel5-2.6.18." + echo "-A - specifies processor architecture to use. For now applyed only for config downloading, as building for i386 almost has no reasons." + echo "-L - specifies string appended to package, this will allow to distinguish your custom kernel from mirads of others. Highly recommended to be specified by hand, if missed will be set to 2nd level domain or hostname. For this machine defaults to \"${hpart}\" ." + echo "-D - specifies directory where to do kernel builds, as it may requires some space, like 10-15GB. Defaults to $BUILDDIR ." + #TODO add routine to get localname from last 2 parts of fqnd, like server1.openvzroles.somehoster.ru -> somehoster.ru + echo "" + echo "" + echo "As default options should be sane, you may need to change parameter." +} + +print_help() { + echo "$PROGNAME" + echo "" + print_usage + echo "" + echo "This script should build kernel in debian way from openvz patches for rhel and vanilla kernel" +} + +str_to_localpart() { + if [[ -z $1 ]];then return 1;fi + + local hdata hparts localpart + + hdata=(${1//./ }); #changing dots into spaces, then creating array from this + hparts=${#hdata[@]} + if [[ $hparts -gt 1 ]];then + for i in $(($hparts - 2)) $(($hparts - 1));do + if [[ -z $localpart ]];then + localpart="${hdata[i]}" + else + localpart="${localpart}.${hdata[i]}" + fi + done + else + localpart=${hdata[0]} + fi + echo $localpart +} +host_to_localpart() { + local hpart + hpart=$(hostname --fqdn) + hpart=$(str_to_localpart $hpart) + echo "$hpart" +} +show_opts() { + echo "The next options will be used for building kernel" + for i in "base" "ovzname" "rhelid" "rhelbranch" "arch" "localname" "builddir";do + echo "$i: ${opts[$i]}" + done +} + +#saving arguments count +argcount=$# + +while getopts ":hB:O:R:b:A:L:D:" Option; do + case $Option in + h) + print_help + exit $STATE_UNKNOWN + ;; + B) + opts["base"]="${OPTARG}" + ;; + O) + opts["ovzname"]="${OPTARG}" + ;; + R) + opts["rhelid"]="${OPTARG}" + ;; + b) + opts["rhelbranch"]="${OPTARG}" + ;; + A) + opts["arch"]="${OPTARG}" + ;; + L) + opts["localname"]="${OPTARG}" + ;; + D) + opts["builddir"]="${OPTARG}" + ;; + *) + print_help + exit 2 + ;; + esac +done +shift $(($OPTIND - 1)) + +#let's show building options +for i in "base" "ovzname" "rhelid" "rhelbranch" "arch";do + opts[$i]=${opts[$i]:-${KERNELINFO[$i]}} +done +opts["localname"]=${opts["localname"]:-$(host_to_localpart)} +opts["builddir"]=${opts["builddir"]:-${BUILDDIR}} + +#echo -e "\n\n"; +echo "----------------------" +show_opts + #runtime configuration -kernel_name="linux-${KERNELINFO["base"]}" -patch_url="${OPENVZ_BASE_URL}/${KERNELINFO["rhelbranch"]}/${KERNELINFO["ovzname"]}/patches/patch-${KERNELINFO["ovzname"]}-combined.gz" -patch_filename="patch-${KERNELINFO["ovzname"]}-combined" -config_url="${OPENVZ_BASE_URL}/${KERNELINFO["rhelbranch"]}/${KERNELINFO["ovzname"]}/configs/config-${KERNELINFO["base"]}-${KERNELINFO["ovzname"]}.${KERNELINFO["arch"]}" -config_filename="config-${KERNELINFO["base"]}-${KERNELINFO["ovzname"]}.${KERNELINFO["arch"]}" +kernel_name="linux-${opts["base"]}" +patch_url="${OPENVZ_BASE_URL}/${opts["rhelbranch"]}/${opts["ovzname"]}/patches/patch-${opts["ovzname"]}-combined.gz" +patch_filename="patch-${opts["ovzname"]}-combined" +config_url="${OPENVZ_BASE_URL}/${opts["rhelbranch"]}/${opts["ovzname"]}/configs/config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" +config_filename="config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" -############ -cd $BUILDDIR || exit 1 + +#giving user time to think a bit +if [[ $argcount -lt 1 ]];then + echo -e "\n\n" + echo "No parameters were specified, build will start in 10 seconds with settings from above. Press Ctrl+C to stop bulding or Enter to start" + echo "use \"$0 -h\" to obtain help" + read -t 10 || true +fi + +############ here we go ######### +echo -e "\n" +echo "#### Building has begun ####" #checking packages do_exit=0 @@ -42,15 +164,24 @@ for i in $NEEDPACKAGES;do done if [ $do_exit -ne 0 ];then echo "exiting";exit 1;fi +echo "changing directory to ${opts["builddir"]} ..." +cd "${opts["builddir"]}" +if [ $? -ne 0 ];then #failed + echo "can't change directory to ${opts["builddir"]}, exiting" + exit 1 +fi + + #need to download compressed kernel image if it doesn't exist yet if ! [ -f "$kernel_name.tar.bz2" ];then - wget "${KERNEL_BASE_URL}/${kernel_name}.tar.bz2" -O "${kernel_name}.tar.bz2" + urltoget="${KERNEL_BASE_URL}/${kernel_name}.tar.bz2" + wget "$urltoget" -O "${kernel_name}.tar.bz2" if [ $? -ne 0 ];then #failed - echo "download kernel tarball failed, exiting" + echo "download kernel tarball from $urltoget failed, exiting" exit 1 fi else - echo "kernel tarball already exists, skipping download" + echo "kernel tarball $kernel_name.tar.bz2 already exists, skipping download" fi #clearing old build directory, just in case @@ -74,18 +205,18 @@ fi if ! [ -f "$config_filename" ];then wget "$config_url" -O "$config_filename" if [ $? -ne 0 ];then #failed - echo "download config failed, exiting" + echo "download config from $config_url failed, exiting" exit 1 fi else - echo "config file already exists, skipping download" + echo "config file $config_filename already exists, skipping download" fi #..patch now if ! [ -f "$patch_filename" ];then wget "$patch_url" -O "$patch_filename.gz" if [ $? -ne 0 ];then #failed - echo "download patch failed, exiting" + echo "download patch from $patch_url failed, exiting" exit 1 fi gzip -d "$patch_filename" @@ -95,22 +226,18 @@ if ! [ -f "$patch_filename" ];then fi else - echo "patch file already exists, skipping download" + echo "patch file $patch_filename already exists, skipping download" fi #everything is downloaded, patching now -set -e cd ${kernel_name} #dry run for patch patch --dry-run --verbose -p1 < "../$patch_filename" > ../patch.log -patch_retcode=$? -if [ $patch_retcode -ne 0 ];then +if [ $? -ne 0 ];then echo "patch failed to apply clean. check ../patch.log. exiting" exit 1 fi -set +e - #checking if patch has failed hunks fgrep -q 'FAILED at' "../patch.log" if [ $? -eq 0 ]; then #grep found some failed strings or just patch failed, we should abort now @@ -122,6 +249,8 @@ else if [ $? -ne 0 ]; then #patch failed somehow anyway echo "patch failed to apply clean. check ../patch.log. exiting" exit 1 + else + echo "patch applyed without error" fi fi @@ -131,5 +260,14 @@ cp ../"$config_filename" .config #compiling #how much cpu we have? cpucount=$(fgrep processor /proc/cpuinfo|wc -l) -CMD="make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${KERNELINFO["ovzname"]}-el${KERNELINFO["rhelid"]}-openvz --revision ${KERNELINFO["base"]}~coolcold binary-arch kernel_source" -echo $CMD +CMD="fakeroot make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${opts["ovzname"]}-el${opts["rhelid"]}-openvz --revision ${opts["base"]}~${opts["localname"]} binary-arch kernel_source" +echo -e "\n" +echo "using next command to create package:" +echo "$CMD" +sh -c "$CMD" +build_result=$? +if [[ $build_result -ne 0 ]];then + echo "build failed" +else + echo "build succeeded, debian packages may be found in ${opts["builddir"]}" +fi From 0354c7e3b9955390360e157e955cf950935b95b3 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Tue, 10 Apr 2012 00:15:47 +0400 Subject: [PATCH 13/23] addnat now reads config as well --- openvz/vzcreate/addnat.sh | 13 ++++--------- 1 file changed, 4 insertions(+), 9 deletions(-) diff --git a/openvz/vzcreate/addnat.sh b/openvz/vzcreate/addnat.sh index ec7c9d5..1cbbd9d 100755 --- a/openvz/vzcreate/addnat.sh +++ b/openvz/vzcreate/addnat.sh @@ -4,8 +4,8 @@ vzconfig=vzcreate.conf ARGS=1 if [[ $# -ne "$ARGS" ]] then - echo "usage: `basename $0` >" - echo "for example: `basename $0` 10.10.10.5" + echo "usage: `basename $0` " + echo "for example: `basename $0` 10.10.10.5/32" exit 1 fi @@ -16,14 +16,9 @@ else echo "failed to read config $vzconfig" exit 2 fi -nsstring="" -for i in $nameservers;do - #echo "nameserver is $i" - nsstring="$nsstring --nameserver $i" -done #echo "my ip is $myip" -if [ -z "$nsstring" ];then echo "nameservers list is empty!";exit 2;fi if [ -z "$myip" ];then echo "myip is empty!";exit 2;fi +if [ -z "$GINIF" ];then echo "GINIF is empty!";exit 2;fi -iptables -t nat -A POSTROUTING -s $1 -o eth0 -j SNAT --to $myip +iptables -t nat -A POSTROUTING -s $1 -o $GINIF -j SNAT --to $myip From 748d6ddac83d32b77f96c075e81ec03ded5db43c Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sun, 29 Apr 2012 23:09:24 +0400 Subject: [PATCH 14/23] do not building debug kernel version by default --- openvz/kernel/create-ovz-kernel-for-debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 6d33f7d..25a762d 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -260,7 +260,7 @@ cp ../"$config_filename" .config #compiling #how much cpu we have? cpucount=$(fgrep processor /proc/cpuinfo|wc -l) -CMD="fakeroot make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${opts["ovzname"]}-el${opts["rhelid"]}-openvz --revision ${opts["base"]}~${opts["localname"]} binary-arch kernel_source" +CMD="fakeroot make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${opts["ovzname"]}-el${opts["rhelid"]}-openvz --revision ${opts["base"]}~${opts["localname"]} kernel_image kernel_source kernel_headers" echo -e "\n" echo "using next command to create package:" echo "$CMD" From d135e2d971f7e9a17df2dbf8dfc85043b6c8b03c Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sun, 29 Apr 2012 23:24:28 +0400 Subject: [PATCH 15/23] adding license, short description --- openvz/kernel/create-ovz-kernel-for-debian.sh | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 25a762d..b3fcc36 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -1,4 +1,23 @@ #!/bin/bash +# Copyright (C) 2012, Roman Ovchinnikov, coolthecold@gmail.com +# + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + +# This script should build kernel in debian way from openvz patches for rhel and vanilla kernel. +# use -h option to show help #buildir base BUILDDIR="/usr/src" From 297ef1e6409b585cd79cbae2ecc33ede0167003b Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Sun, 29 Apr 2012 23:26:35 +0400 Subject: [PATCH 16/23] adding -h option into help section --- openvz/kernel/create-ovz-kernel-for-debian.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index b3fcc36..7570daa 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -47,8 +47,9 @@ print_usage() { local hpart hpart=$(host_to_localpart) - echo "Usage: $PROGNAME [-B ] [-O ] [-R ] [-b ] [-A ] [-L ] [-D ]" + echo "Usage: $PROGNAME [-h] [-B ] [-O ] [-R ] [-b ] [-A ] [-L ] [-D ]" echo "" + echo "-h - show this help" echo "-B - specifies base (vanilla) kernel version to use, currently this is 2.6.32." echo "-O - specifies version for kernel patch which openvz guys have." echo "-R - specifies rhel version id, now latest rhel is 6, previous was 5." @@ -110,7 +111,7 @@ while getopts ":hB:O:R:b:A:L:D:" Option; do case $Option in h) print_help - exit $STATE_UNKNOWN + exit 0 ;; B) opts["base"]="${OPTARG}" From d1bb06313258f9bddbf36b2915876097090b8136 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Mon, 30 Apr 2012 00:44:50 +0400 Subject: [PATCH 17/23] bumping new stable version --- openvz/kernel/create-ovz-kernel-for-debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 7570daa..2e847f1 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -32,7 +32,7 @@ OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" declare -A opts declare -A KERNELINFO KERNELINFO["base"]="2.6.32" -KERNELINFO["ovzname"]="042stab049.6" +KERNELINFO["ovzname"]="042stab053.5" KERNELINFO["rhelid"]="6" KERNELINFO["rhelbranch"]="rhel6-2.6.32" KERNELINFO["arch"]="x86_64" From a5a56976fb84de9c6914072daa8daadad7d358bf Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Fri, 4 May 2012 00:58:24 +0400 Subject: [PATCH 18/23] fixing cpucount, packages check before timeout --- openvz/kernel/create-ovz-kernel-for-debian.sh | 33 +++++++++++-------- 1 file changed, 19 insertions(+), 14 deletions(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 2e847f1..01f5b30 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -56,8 +56,7 @@ print_usage() { echo "-b - specifies rhel kernel branch, for now should be rhel6-2.6.32, for rhel 5 should be something like rhel5-2.6.18." echo "-A - specifies processor architecture to use. For now applyed only for config downloading, as building for i386 almost has no reasons." echo "-L - specifies string appended to package, this will allow to distinguish your custom kernel from mirads of others. Highly recommended to be specified by hand, if missed will be set to 2nd level domain or hostname. For this machine defaults to \"${hpart}\" ." - echo "-D - specifies directory where to do kernel builds, as it may requires some space, like 10-15GB. Defaults to $BUILDDIR ." - #TODO add routine to get localname from last 2 parts of fqnd, like server1.openvzroles.somehoster.ru -> somehoster.ru + echo "-D - specifies directory where to do kernel builds, as it may require some space, like 10-15GB. Defaults to $BUILDDIR ." echo "" echo "" echo "As default options should be sane, you may need to change parameter." @@ -160,6 +159,23 @@ patch_filename="patch-${opts["ovzname"]}-combined" config_url="${OPENVZ_BASE_URL}/${opts["rhelbranch"]}/${opts["ovzname"]}/configs/config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" config_filename="config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" +#requirements +echo "checking requirements..." + +#checking packages +do_exit=0 +for i in $NEEDPACKAGES;do + dpkg -p "$i" >/dev/null + if [ $? -ne 0 ];then + echo "missing package $i" + do_exit=1 + fi +done +if [ $do_exit -ne 0 ];then + echo "exiting";exit 1 +else + echo "done" +fi #giving user time to think a bit if [[ $argcount -lt 1 ]];then @@ -173,17 +189,6 @@ fi echo -e "\n" echo "#### Building has begun ####" -#checking packages -do_exit=0 -for i in $NEEDPACKAGES;do - dpkg -p "$i" >/dev/null - if [ $? -ne 0 ];then - echo "missing package $i" - do_exit=1 - fi -done -if [ $do_exit -ne 0 ];then echo "exiting";exit 1;fi - echo "changing directory to ${opts["builddir"]} ..." cd "${opts["builddir"]}" if [ $? -ne 0 ];then #failed @@ -279,7 +284,7 @@ cp ../"$config_filename" .config #compiling #how much cpu we have? -cpucount=$(fgrep processor /proc/cpuinfo|wc -l) +cpucount=$(grep -cw ^processor /proc/cpuinfo) CMD="fakeroot make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${opts["ovzname"]}-el${opts["rhelid"]}-openvz --revision ${opts["base"]}~${opts["localname"]} kernel_image kernel_source kernel_headers" echo -e "\n" echo "using next command to create package:" From 2af3a2c8fcde86c45c2259e96db74ad254623726 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Mon, 14 May 2012 16:26:20 +0400 Subject: [PATCH 19/23] changing debian version to 6.0.5 --- openvz/templating/prep-sqeeze.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh index f33e7fa..a84b954 100755 --- a/openvz/templating/prep-sqeeze.sh +++ b/openvz/templating/prep-sqeeze.sh @@ -249,6 +249,6 @@ find $VE/var/cache/debconf/ -type f -name \*-old -delete #rm -rf $VE/etc/init.d/mountoverflowtmp ### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.4-$ARCH-minimal.tar.gz" . ) +( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.5-$ARCH-minimal.tar.gz" . ) From 02540e1894fec1015296981f72324540088e2ade Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Mon, 21 May 2012 15:51:35 +0400 Subject: [PATCH 20/23] setting new stable version 042stab055.10 --- openvz/kernel/create-ovz-kernel-for-debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 01f5b30..dcaa63b 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -32,7 +32,7 @@ OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" declare -A opts declare -A KERNELINFO KERNELINFO["base"]="2.6.32" -KERNELINFO["ovzname"]="042stab053.5" +KERNELINFO["ovzname"]="042stab055.10" KERNELINFO["rhelid"]="6" KERNELINFO["rhelbranch"]="rhel6-2.6.32" KERNELINFO["arch"]="x86_64" From 78c18d5238757c37096b60b7a113121ec24ad5ce Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Fri, 22 Jun 2012 16:49:59 +0400 Subject: [PATCH 21/23] updating kernel version, remove dpkg messages --- openvz/kernel/create-ovz-kernel-for-debian.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index dcaa63b..5009c32 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -32,7 +32,7 @@ OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" declare -A opts declare -A KERNELINFO KERNELINFO["base"]="2.6.32" -KERNELINFO["ovzname"]="042stab055.10" +KERNELINFO["ovzname"]="042stab055.16" KERNELINFO["rhelid"]="6" KERNELINFO["rhelbranch"]="rhel6-2.6.32" KERNELINFO["arch"]="x86_64" @@ -165,7 +165,7 @@ echo "checking requirements..." #checking packages do_exit=0 for i in $NEEDPACKAGES;do - dpkg -p "$i" >/dev/null + dpkg -p "$i" 1>/dev/null 2>&1 if [ $? -ne 0 ];then echo "missing package $i" do_exit=1 From a98c2d259ec8537ac40a03535fd2dc996525b912 Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Mon, 2 Jul 2012 15:56:59 +0400 Subject: [PATCH 22/23] updating to latest stable 042stab057.1 --- openvz/kernel/create-ovz-kernel-for-debian.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh index 5009c32..128ca92 100755 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ b/openvz/kernel/create-ovz-kernel-for-debian.sh @@ -32,7 +32,7 @@ OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" declare -A opts declare -A KERNELINFO KERNELINFO["base"]="2.6.32" -KERNELINFO["ovzname"]="042stab055.16" +KERNELINFO["ovzname"]="042stab057.1" KERNELINFO["rhelid"]="6" KERNELINFO["rhelbranch"]="rhel6-2.6.32" KERNELINFO["arch"]="x86_64" From a8fedd44e7a1d03423de1897b3043c3c0829576d Mon Sep 17 00:00:00 2001 From: Roman Ovchinnikov Date: Thu, 6 Sep 2012 03:40:00 +0400 Subject: [PATCH 23/23] removing openvz tools, setting notice about this in readme --- README.mdown | 4 +- openvz/kernel/create-ovz-kernel-for-debian.sh | 298 ------------------ openvz/templating/prep-sqeeze.sh | 254 --------------- openvz/vzcreate/addnat.sh | 24 -- openvz/vzcreate/fwdport.sh | 12 - openvz/vzcreate/vzcreate.conf.example | 4 - openvz/vzcreate/vzcreate.sh | 44 --- 7 files changed, 1 insertion(+), 639 deletions(-) delete mode 100755 openvz/kernel/create-ovz-kernel-for-debian.sh delete mode 100755 openvz/templating/prep-sqeeze.sh delete mode 100755 openvz/vzcreate/addnat.sh delete mode 100755 openvz/vzcreate/fwdport.sh delete mode 100644 openvz/vzcreate/vzcreate.conf.example delete mode 100755 openvz/vzcreate/vzcreate.sh diff --git a/README.mdown b/README.mdown index a3dcd83..96ca5a6 100644 --- a/README.mdown +++ b/README.mdown @@ -6,6 +6,4 @@ ### openvz: ### -* vzcreate.sh - script to create openvz containers and setting reasonable persystem defaults. -* addnat.sh - script to add SNAT to container with ip from private network -* fwdport.sh - script to forward port from host's external ip into container's internal network +openvz scripts moved to separate repo - https://github.com/CoolCold/openvz-tools diff --git a/openvz/kernel/create-ovz-kernel-for-debian.sh b/openvz/kernel/create-ovz-kernel-for-debian.sh deleted file mode 100755 index 128ca92..0000000 --- a/openvz/kernel/create-ovz-kernel-for-debian.sh +++ /dev/null @@ -1,298 +0,0 @@ -#!/bin/bash -# Copyright (C) 2012, Roman Ovchinnikov, coolthecold@gmail.com -# - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - -# This script should build kernel in debian way from openvz patches for rhel and vanilla kernel. -# use -h option to show help - -#buildir base -BUILDDIR="/usr/src" - -#building tools, like make-kpkg -NEEDPACKAGES="build-essential kernel-package fakeroot" - -#kernel.org url for vanilla kernel -KERNEL_BASE_URL="http://www.kernel.org/pub/linux/kernel/v2.6" -OPENVZ_BASE_URL="http://download.openvz.org/kernel/branches" - -declare -A opts -declare -A KERNELINFO -KERNELINFO["base"]="2.6.32" -KERNELINFO["ovzname"]="042stab057.1" -KERNELINFO["rhelid"]="6" -KERNELINFO["rhelbranch"]="rhel6-2.6.32" -KERNELINFO["arch"]="x86_64" -#http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab049.6/configs/config-2.6.32-042stab049.6.x86_64 -#http://download.openvz.org/kernel/branches/rhel6-2.6.32/042stab049.6/patches/patch-042stab049.6-combined.gz -#http://www.kernel.org/pub/linux/kernel/v2.6/linux-2.6.32.tar.bz2 - -PROGNAME=$(basename $0) - -print_usage() { - - local hpart - hpart=$(host_to_localpart) - - echo "Usage: $PROGNAME [-h] [-B ] [-O ] [-R ] [-b ] [-A ] [-L ] [-D ]" - echo "" - echo "-h - show this help" - echo "-B - specifies base (vanilla) kernel version to use, currently this is 2.6.32." - echo "-O - specifies version for kernel patch which openvz guys have." - echo "-R - specifies rhel version id, now latest rhel is 6, previous was 5." - echo "-b - specifies rhel kernel branch, for now should be rhel6-2.6.32, for rhel 5 should be something like rhel5-2.6.18." - echo "-A - specifies processor architecture to use. For now applyed only for config downloading, as building for i386 almost has no reasons." - echo "-L - specifies string appended to package, this will allow to distinguish your custom kernel from mirads of others. Highly recommended to be specified by hand, if missed will be set to 2nd level domain or hostname. For this machine defaults to \"${hpart}\" ." - echo "-D - specifies directory where to do kernel builds, as it may require some space, like 10-15GB. Defaults to $BUILDDIR ." - echo "" - echo "" - echo "As default options should be sane, you may need to change parameter." -} - -print_help() { - echo "$PROGNAME" - echo "" - print_usage - echo "" - echo "This script should build kernel in debian way from openvz patches for rhel and vanilla kernel" -} - -str_to_localpart() { - if [[ -z $1 ]];then return 1;fi - - local hdata hparts localpart - - hdata=(${1//./ }); #changing dots into spaces, then creating array from this - hparts=${#hdata[@]} - if [[ $hparts -gt 1 ]];then - for i in $(($hparts - 2)) $(($hparts - 1));do - if [[ -z $localpart ]];then - localpart="${hdata[i]}" - else - localpart="${localpart}.${hdata[i]}" - fi - done - else - localpart=${hdata[0]} - fi - echo $localpart -} -host_to_localpart() { - local hpart - hpart=$(hostname --fqdn) - hpart=$(str_to_localpart $hpart) - echo "$hpart" -} -show_opts() { - echo "The next options will be used for building kernel" - for i in "base" "ovzname" "rhelid" "rhelbranch" "arch" "localname" "builddir";do - echo "$i: ${opts[$i]}" - done -} - -#saving arguments count -argcount=$# - -while getopts ":hB:O:R:b:A:L:D:" Option; do - case $Option in - h) - print_help - exit 0 - ;; - B) - opts["base"]="${OPTARG}" - ;; - O) - opts["ovzname"]="${OPTARG}" - ;; - R) - opts["rhelid"]="${OPTARG}" - ;; - b) - opts["rhelbranch"]="${OPTARG}" - ;; - A) - opts["arch"]="${OPTARG}" - ;; - L) - opts["localname"]="${OPTARG}" - ;; - D) - opts["builddir"]="${OPTARG}" - ;; - *) - print_help - exit 2 - ;; - esac -done -shift $(($OPTIND - 1)) - -#let's show building options -for i in "base" "ovzname" "rhelid" "rhelbranch" "arch";do - opts[$i]=${opts[$i]:-${KERNELINFO[$i]}} -done -opts["localname"]=${opts["localname"]:-$(host_to_localpart)} -opts["builddir"]=${opts["builddir"]:-${BUILDDIR}} - -#echo -e "\n\n"; -echo "----------------------" -show_opts - -#runtime configuration -kernel_name="linux-${opts["base"]}" -patch_url="${OPENVZ_BASE_URL}/${opts["rhelbranch"]}/${opts["ovzname"]}/patches/patch-${opts["ovzname"]}-combined.gz" -patch_filename="patch-${opts["ovzname"]}-combined" -config_url="${OPENVZ_BASE_URL}/${opts["rhelbranch"]}/${opts["ovzname"]}/configs/config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" -config_filename="config-${opts["base"]}-${opts["ovzname"]}.${opts["arch"]}" - -#requirements -echo "checking requirements..." - -#checking packages -do_exit=0 -for i in $NEEDPACKAGES;do - dpkg -p "$i" 1>/dev/null 2>&1 - if [ $? -ne 0 ];then - echo "missing package $i" - do_exit=1 - fi -done -if [ $do_exit -ne 0 ];then - echo "exiting";exit 1 -else - echo "done" -fi - -#giving user time to think a bit -if [[ $argcount -lt 1 ]];then - echo -e "\n\n" - echo "No parameters were specified, build will start in 10 seconds with settings from above. Press Ctrl+C to stop bulding or Enter to start" - echo "use \"$0 -h\" to obtain help" - read -t 10 || true -fi - -############ here we go ######### -echo -e "\n" -echo "#### Building has begun ####" - -echo "changing directory to ${opts["builddir"]} ..." -cd "${opts["builddir"]}" -if [ $? -ne 0 ];then #failed - echo "can't change directory to ${opts["builddir"]}, exiting" - exit 1 -fi - - -#need to download compressed kernel image if it doesn't exist yet -if ! [ -f "$kernel_name.tar.bz2" ];then - urltoget="${KERNEL_BASE_URL}/${kernel_name}.tar.bz2" - wget "$urltoget" -O "${kernel_name}.tar.bz2" - if [ $? -ne 0 ];then #failed - echo "download kernel tarball from $urltoget failed, exiting" - exit 1 - fi -else - echo "kernel tarball $kernel_name.tar.bz2 already exists, skipping download" -fi - -#clearing old build directory, just in case -if [ -d "./${kernel_name}" ];then - echo "removing old dir ./${kernel_name}" - rm -rf "./${kernel_name}" - if [ $? -ne 0 ];then #failed - echo "remove failed, exiting" - exit 1 - fi -fi - -#unpacking archive -tar -xf "${kernel_name}.tar.bz2" -if [ $? -ne 0 ];then #failed - echo "unpacking failed, exiting" - exit 1 -fi - -#downloading config -if ! [ -f "$config_filename" ];then - wget "$config_url" -O "$config_filename" - if [ $? -ne 0 ];then #failed - echo "download config from $config_url failed, exiting" - exit 1 - fi -else - echo "config file $config_filename already exists, skipping download" -fi - -#..patch now -if ! [ -f "$patch_filename" ];then - wget "$patch_url" -O "$patch_filename.gz" - if [ $? -ne 0 ];then #failed - echo "download patch from $patch_url failed, exiting" - exit 1 - fi - gzip -d "$patch_filename" - if [ $? -ne 0 ];then #failed - echo "unzip of patch failed, exiting" - exit 1 - fi - -else - echo "patch file $patch_filename already exists, skipping download" -fi - -#everything is downloaded, patching now -cd ${kernel_name} -#dry run for patch -patch --dry-run --verbose -p1 < "../$patch_filename" > ../patch.log -if [ $? -ne 0 ];then - echo "patch failed to apply clean. check ../patch.log. exiting" - exit 1 -fi - -#checking if patch has failed hunks -fgrep -q 'FAILED at' "../patch.log" -if [ $? -eq 0 ]; then #grep found some failed strings or just patch failed, we should abort now - echo "patch failed to apply clean. check ../patch.log. exiting" - exit 1 -else - echo "patch should apply clean now, trying..." - patch --verbose -p1 < "../$patch_filename" > ../patch.log - if [ $? -ne 0 ]; then #patch failed somehow anyway - echo "patch failed to apply clean. check ../patch.log. exiting" - exit 1 - else - echo "patch applyed without error" - fi -fi - -#kernel is patched now, copying config -cp ../"$config_filename" .config - -#compiling -#how much cpu we have? -cpucount=$(grep -cw ^processor /proc/cpuinfo) -CMD="fakeroot make-kpkg --jobs $cpucount --initrd --arch_in_name --append-to-version -${opts["ovzname"]}-el${opts["rhelid"]}-openvz --revision ${opts["base"]}~${opts["localname"]} kernel_image kernel_source kernel_headers" -echo -e "\n" -echo "using next command to create package:" -echo "$CMD" -sh -c "$CMD" -build_result=$? -if [[ $build_result -ne 0 ]];then - echo "build failed" -else - echo "build succeeded, debian packages may be found in ${opts["builddir"]}" -fi diff --git a/openvz/templating/prep-sqeeze.sh b/openvz/templating/prep-sqeeze.sh deleted file mode 100755 index a84b954..0000000 --- a/openvz/templating/prep-sqeeze.sh +++ /dev/null @@ -1,254 +0,0 @@ -#!/bin/bash -# Copyright © 2090 Alexey Maximov -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the BSD License -# -##################################################################################################################### -# -# check user input for correct values -# -if [ -z "$1" ] ; then - echo "Usage: $0 "; - echo " should be i386 or amd64" - echo " default to /tmp" - echo "example to run: $0 i386 /var/tmp" - exit 1 -fi - -##################################################################################################################### -# -# define local variables -# -#export http_proxy="http://192.168.0.1:3128/" -VZ="/var/lib/vz" -RELEASE="squeeze" -REPOS="main contrib non-free" -MIRROR="http://ftp.de.debian.org" -MINBASE="netbase,net-tools,ifupdown,procps,locales,nano,iputils-ping,sudo,less,vim-nox,tcpdump,tcpflow,mc,iptraf,psmisc,zip,unzip,bzip2,openssh-server,telnet,dialog" -ARCH="$1" -#MY_SSH_KEYS[1]="ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIEAsOPDZ+dZ9h3WVXZjU0S9x8412ZifCRYA0dZVW/uUH8ZyuboKxkQe91R0UAPP8LMl5UgqiXeajkA9q0nBeFhwfJUI7qphiMM0fNrfDH/BEzXCcvQC8II5AtnLwQvFis9F0zEiplju6nUiyBzOUpQyFsgl4wfaNLcJgxnJXHs05xc= rsa-key-20101024" -TIMEZONE="Europe/Moscow" -BASE_PKG="rsyslog wget cron iptables traceroute logrotate exim4-daemon-light exim4-config bsd-mailx iproute" - - -#exit 1 -VE=$(mktemp -d) -if [ ! -z "$2" ] ; then - VE=$(TMPDIR="$2" mktemp -d) -fi - -##################################################################################################################### -# -# create new minimal VE -# -if ! [ -x /usr/sbin/debootstrap ];then - echo "/usr/sbin/debootstrap not found or not executable, consider installing debootstrap package" - exit 1 -fi -debootstrap --arch=$ARCH --variant=minbase --include=$MINBASE $RELEASE $VE $MIRROR/debian -if [ $? -ne 0 ];then - echo "deboostrap failed, process aborted, removing $VE" - echo rm -rf $VE - exit 1 -fi -cp /etc/resolv.conf $VE/etc/ -cat << EOF > $VE/usr/sbin/policy-rc.d -#!/bin/sh -exit 101 -EOF -chmod +x $VE/usr/sbin/policy-rc.d -mount -t proc proc $VE/proc -mount -t devpts devpts $VE/dev/pts -o rw,noexec,nosuid,gid=5,mode=620 - -##################################################################################################################### -# -# Prepare locale settings -# -echo "LANG=en_US.UTF-8" > $VE/etc/default/locale -cat << EOF > $VE/etc/locale.gen -en_US.UTF-8 UTF-8 -ru_RU.CP1251 CP1251 -ru_RU.UTF-8 UTF-8 -ru_RU.KOI8-R KOI8-R -EOF -echo -n > $VE/etc/locale.alias -chroot $VE sh -c "locale-gen" - - -##################################################################################################################### -# -# tune VE settings -# -chroot $VE sh -c "ln -sf /usr/share/zoneinfo/$TIMEZONE /etc/localtime" -chroot $VE sh -c "ln -sf /proc/mounts /etc/mtab" - -echo "APT::Install-Recommends \"false\";" > $VE/etc/apt/apt.conf.d/00InstallRecommends -chmod 700 $VE/root -sed -i -e "/getty/d" $VE/etc/inittab -sed -i -e "s:RAMRUN=no:RAMRUN=yes:g" $VE/etc/default/rcS -sed -i -e "s:RAMLOCK=no:RAMLOCK=yes:g" $VE/etc/default/rcS -echo "HWCLOCKACCESS=no" >> $VE/etc/default/rcS -echo "ulimit -s 1024" > $VE/etc/lsb-base-logging.sh - -cat << EOF > $VE/etc/default/tmpfs -# SHM_SIZE sets the maximum size (in bytes) that the /dev/shm tmpfs can use. -# If this is not set then the size defaults to the value of TMPFS_SIZE -# if that is set; otherwise to the kernel's default. -# -# The size will be rounded down to a multiple of the page size, 4096 bytes. -SHM_SIZE= -TMPFS_SIZE= -RUN_SIZE=2M -LOCK_SIZE=2M -RW_SIZE=2M -EOF - - -##################################################################################################################### -# -# create new VE sources.list -# -cat << EOF > $VE/etc/apt/sources.list -deb $MIRROR/debian $RELEASE $REPOS -#deb-src $MIRROR/debian $RELEASE $REPOS -deb http://security.debian.org/ $RELEASE/updates $REPOS -#deb-src http://security.debian.org/ $RELEASE/updates $REPOS -deb $MIRROR/debian $RELEASE-updates $REPOS -#deb-src $MIRROR/debian $RELEASE-updates $REPOS -EOF - - -##################################################################################################################### -# -# update VE -# -chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y update" -chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y upgrade" -chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y install $BASE_PKG" -chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y autoremove" -chroot $VE sh -c "DEBIAN_FRONTEND=noninteractive apt-get -y clean" - - - -##################################################################################################################### -# -# final tune VE -# -sed -i -e "s:SHELL=/bin/sh:SHELL=/bin/bash:g" $VE/etc/default/useradd -cat << EOF >> $VE/etc/default/ssh -# OOM-killer adjustment for sshd (see -# linux/Documentation/filesystems/proc.txt; lower values reduce likelihood -# of being killed, while -17 means the OOM-killer will ignore sshd; set to -# the empty string to skip adjustment) -SSHD_OOM_ADJUST=-17 -EOF - -if [ -z "${!MY_SSH_KEYS[*]}" ];then - echo "SSH KEYS are empty, skipping..." -else - mkdir $VE/root/.ssh - chmod 0640 $VE/root/.ssh - echo -n > $VE/root/.ssh/authorized_keys - for I in ${!MY_SSH_KEYS[*]}; do - echo "${MY_SSH_KEYS[$I]}" >> $VE/root/.ssh/authorized_keys - done - chmod 0640 $VE/root/.ssh/authorized_keys -fi - -#disabling exim autostart -chroot $VE sh -c "update-rc.d exim4 disable" - -#setting basic exim configuration -cat << EOF > $VE/etc/exim4/update-exim4.conf.conf -# /etc/exim4/update-exim4.conf.conf -# -# Edit this file and /etc/mailname by hand and execute update-exim4.conf -# yourself or use 'dpkg-reconfigure exim4-config' -# -# This is a Debian specific file -dc_eximconfig_configtype='satellite' -dc_other_hostnames='freshvz.local' -dc_local_interfaces='127.0.0.1 ; ::1' -dc_readhost='freshvz.local' -dc_relay_domains='' -dc_minimaldns='false' -dc_relay_nets='' -dc_smarthost='mailrelay.local' -CFILEMODE='644' -dc_use_split_config='false' -dc_hide_mailname='true' -dc_mailname_in_oh='true' -dc_localdelivery='mail_spool' -EOF - -echo "freshvz.local" > $VE/etc/mailname - - -##################################################################################################################### -# -# Prepare ssh keys -# -cat << EOF > $VE/etc/init.d/ssh_gen_host_keys -#!/bin/sh -### BEGIN INIT INFO -# Provides: Generates new ssh host keys on first boot -# Required-Start: $remote_fs $syslog -# Required-Stop: $remote_fs $syslog -# Default-Start: 2 3 4 5 -# Default-Stop: -# Short-Description: Generates new ssh host keys on first boot -# Description: Generates new ssh host keys on first boot -### END INIT INFO -[ -f /usr/bin/ssh-keygen ] || exit 0 -ssh-keygen -f /etc/ssh/ssh_host_rsa_key -t rsa -N "" -ssh-keygen -f /etc/ssh/ssh_host_dsa_key -t dsa -N "" -insserv -r /etc/init.d/ssh_gen_host_keys -rm -f \$0 -EOF - -chmod 755 $VE/etc/init.d/ssh_gen_host_keys -chroot $VE sh -c "insserv /etc/init.d/ssh_gen_host_keys" - - -##################################################################################################################### -# -# umount VE and prepare to bundle -# -rm -f $VE/usr/sbin/policy-rc.d -umount -f $VE/proc -umount -f $VE/dev/pts - - -##################################################################################################################### -# -# cleanup VE -# -echo -n > $VE/etc/motd.tail -echo -n > $VE/etc/resolv.conf -echo -n > $VE/etc/network/interfaces - -rm -f $VE/etc/ssh/*key* -rm -f $VE/root/.bash_history -rm -rf $VE/var/log/news -rm -rf $VE/selinux - -find $VE/tmp/ -type f -delete - -find $VE/var/log/ -type f -delete -find $VE/var/run/ -type f -delete -find $VE/var/lock/ -type f -delete -find $VE/var/tmp/ -type f -delete - -find $VE/var/lib/apt/lists/ -type f -delete -find $VE/var/cache/apt/ -type f -delete -find $VE/var/cache/debconf/ -type f -name \*-old -delete - - -# crap idea -#rm -rf $VE/etc/init.d/mountoverflowtmp - -### compress image -( cd $VE && tar --numeric-owner --one-file-system -czf "$VZ/template/cache/debian-6.0.5-$ARCH-minimal.tar.gz" . ) - - diff --git a/openvz/vzcreate/addnat.sh b/openvz/vzcreate/addnat.sh deleted file mode 100755 index 1cbbd9d..0000000 --- a/openvz/vzcreate/addnat.sh +++ /dev/null @@ -1,24 +0,0 @@ -#!/bin/bash -vzconfig=vzcreate.conf - -ARGS=1 -if [[ $# -ne "$ARGS" ]] -then - echo "usage: `basename $0` " - echo "for example: `basename $0` 10.10.10.5/32" - exit 1 - -fi - -if [ -r $vzconfig ]; then - . $vzconfig -else - echo "failed to read config $vzconfig" - exit 2 -fi -#echo "my ip is $myip" - -if [ -z "$myip" ];then echo "myip is empty!";exit 2;fi -if [ -z "$GINIF" ];then echo "GINIF is empty!";exit 2;fi - -iptables -t nat -A POSTROUTING -s $1 -o $GINIF -j SNAT --to $myip diff --git a/openvz/vzcreate/fwdport.sh b/openvz/vzcreate/fwdport.sh deleted file mode 100755 index 72e2b5b..0000000 --- a/openvz/vzcreate/fwdport.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash -ARGS=3 -if [[ $# -ne "$ARGS" ]] -then - echo "usage: `basename $0` " - echo "for example: `basename $0` 10.10.10.5 2221 22" - exit 1 - -fi - -#enabling forwarding for nginx -iptables -t nat -A PREROUTING -p tcp -d 87.118.90.42 --dport $2 -i eth0 -j DNAT --to-destination $1:$3 diff --git a/openvz/vzcreate/vzcreate.conf.example b/openvz/vzcreate/vzcreate.conf.example deleted file mode 100644 index 0f97aa9..0000000 --- a/openvz/vzcreate/vzcreate.conf.example +++ /dev/null @@ -1,4 +0,0 @@ -#nameserver should be space delimited -nameservers="10.10.40.1 127.0.0.1" -myip="1.1.1.1" - diff --git a/openvz/vzcreate/vzcreate.sh b/openvz/vzcreate/vzcreate.sh deleted file mode 100755 index 764ce2a..0000000 --- a/openvz/vzcreate/vzcreate.sh +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -vzconfig=vzcreate.conf - - -ARGS=5 -if [[ $# -lt "$ARGS" ]] -then - echo "usage: `basename $0`