xavier/nixos-infra
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Added the console mode (default to "console") and dry run options.

Browse Source
This commit is contained in:
xavier
2026-04-30 14:00:48 +02:00
parent f1ddf089e1
commit fa4808f34d
1 changed files with 46 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nixos-infra/scripts/create-lxc-nixos.sh
+46 -21
View File
@@ -5,32 +5,37 @@ set -euo pipefail
# Check if docopts is installed (for Bash) # Check if docopts is installed (for Bash)
if ! command -v docopts &> /dev/null; then if ! command -v docopts &> /dev/null; then
echo "❌ Error: 'docopts' is required for Bash." >&2 echo "❌ Error: 'docopts' is required for Bash." >&2
echo "Install it with: wget https://raw.githubusercontent.com/docopt/docopts/master/docopts && chmod +x docopts && sudo mv docopts /usr/local/bin/" >&2 echo "See https://github.com/docopt/docopts to install it." >&2
exit 1 exit 1
fi fi
# --- Usage and Documentation --- # --- Usage and Documentation ---
usage="Usage: usage="Create and configure an LXC container on a remote Proxmox VE 9 server.
Usage:
$0 <short_name> [options] $0 <short_name> [options]
Options: Options:
-h, --help Show this message. -h, --help Show this message.
-t, --template TEMPLATE LXC template (e.g., local:vztmpl/nixos-unstable-amd64-default_20260428_0830-rootfs.tar.gz). -t, --template TEMPLATE LXC template (e.g. local:vztmpl/nixos-unstable).
-r, --rootfs-size SIZE Root filesystem size (e.g., 8G). -r, --rootfs-size SIZE Root filesystem size (e.g. 8G).
-c, --cores CORES Number of CPU cores. -c, --cores CORES Number of CPU cores.
-m, --memory MEMORY RAM in MiB. -m, --memory MEMORY RAM in MiB.
-s, --swap SWAP Swap in MiB. -s, --swap SWAP Swap in MiB.
-p, --password PASSWORD Root password for the container. -p, --password PASSWORD Root password for the container.
-b, --bridge BRIDGE Network bridge (e.g., vmbr0). -b, --bridge BRIDGE Network bridge (e.g. vmbr0).
-v, --vlan VLAN VLAN tag (e.g., tag=10). -v, --vlan VLAN VLAN tag (e.g. tag=10).
-d, --domain DOMAIN DNS domain. -d, --domain DOMAIN DNS domain.
-u, --unprivileged UNPRIV Unprivileged container (0 or 1). -u, --unprivileged UNPRIV Unprivileged container (0 or 1).
-i, --ip IP Static IP (e.g., 192.168.1.100/24). -i, --ip IP Static IP (e.g. 192.168.1.100/24).
--pve-host HOST Proxmox host (e.g., pve). -C, --cmode CMODE Console mode (console or tty). Default: console.
-T, --tags TAGS Tags for the container (optional).
--pve-host HOST Proxmox host (e.g. pve).
--pve-user USER Proxmox user (default: admin). --pve-user USER Proxmox user (default: admin).
--pve-port PORT SSH port for Proxmox (default: 22). --pve-port PORT SSH port for Proxmox (default: 22).
--pve-password PASSWORD Password for SSH authentication on Proxmox. --pve-password PASSWORD Password for SSH authentication on Proxmox.
--pve-ssh-key KEY SSH key file for authentication (e.g., ~/.ssh/id_admin). --pve-ssh-key KEY SSH key file for authentication.
--dry-run Simulate container creation without execution.
" "
# --- Default Parameters (Environment Variables) --- # --- Default Parameters (Environment Variables) ---
@@ -40,9 +45,10 @@ PVE_USER="${PVE_USER:-admin}"
PVE_PORT="${PVE_PORT:-22}" PVE_PORT="${PVE_PORT:-22}"
PVE_PASSWORD="${PVE_PASSWORD:-}" PVE_PASSWORD="${PVE_PASSWORD:-}"
PVE_SSH_KEY="${PVE_SSH_KEY:-}" PVE_SSH_KEY="${PVE_SSH_KEY:-}"
DRY_RUN="${DRY_RUN:-false}"
# LXC Container # LXC Container
TEMPLATE="${TEMPLATE:-local:vztmpl/nixos-unstable-amd64-default_20260428_0830-rootfs.tar.gz}" TEMPLATE="${TEMPLATE:-local:vztmpl/nixos-unstable-amd64-default_20260428}"
ROOTFS_SIZE="${ROOTFS_SIZE:-8G}" ROOTFS_SIZE="${ROOTFS_SIZE:-8G}"
CORES="${CORES:-2}" CORES="${CORES:-2}"
MEMORY="${MEMORY:-2048}" MEMORY="${MEMORY:-2048}"
@@ -53,6 +59,8 @@ VLAN="${VLAN:-}"
DOMAIN="${DOMAIN:-lagraula.fr}" DOMAIN="${DOMAIN:-lagraula.fr}"
UNPRIVILEGED="${UNPRIVILEGED:-0}" UNPRIVILEGED="${UNPRIVILEGED:-0}"
IP="${IP:-}" IP="${IP:-}"
CMODE="${CMODE:-console}"
TAGS="${TAGS:-}"
# --- Parse Arguments with docopts (Lowest Priority) --- # --- Parse Arguments with docopts (Lowest Priority) ---
args=$(docopts -h "$usage" : "$@") args=$(docopts -h "$usage" : "$@")
@@ -66,7 +74,7 @@ if [ -z "$SHORT_NAME" ]; then
exit 1 exit 1
fi fi
# --- Override with /etc/nixos-infra/hosts/<short_name> (Medium Priority) --- # --- Override with /etc/nixos-infra/hosts/<short_name> (Medium Priority)
if [ -f "/etc/nixos-infra/hosts/$SHORT_NAME" ]; then if [ -f "/etc/nixos-infra/hosts/$SHORT_NAME" ]; then
echo "📄 Applying parameters from /etc/nixos-infra/hosts/$SHORT_NAME..." echo "📄 Applying parameters from /etc/nixos-infra/hosts/$SHORT_NAME..."
set -a set -a
@@ -96,7 +104,8 @@ fi
if [ -z "$TEMPLATE" ] || [ -z "$ROOTFS_SIZE" ] || [ -z "$CORES" ] || \ if [ -z "$TEMPLATE" ] || [ -z "$ROOTFS_SIZE" ] || [ -z "$CORES" ] || \
[ -z "$MEMORY" ] || [ -z "$SWAP" ] || [ -z "$PASSWORD" ] || \ [ -z "$MEMORY" ] || [ -z "$SWAP" ] || [ -z "$PASSWORD" ] || \
[ -z "$BRIDGE" ] || [ -z "$DOMAIN" ] || [ -z "$UNPRIVILEGED" ] || \ [ -z "$BRIDGE" ] || [ -z "$DOMAIN" ] || [ -z "$UNPRIVILEGED" ] || \
[ -z "$PVE_HOST" ] || [ -z "$PVE_USER" ] || [ -z "$PVE_PORT" ]; then [ -z "$CMODE" ] || [ -z "$PVE_HOST" ] || [ -z "$PVE_USER" ] || \
[ -z "$PVE_PORT" ]; then
echo "❌ Error: One or more critical parameters are missing." >&2 echo "❌ Error: One or more critical parameters are missing." >&2
exit 1 exit 1
fi fi
@@ -104,7 +113,7 @@ fi
# Authentication Validation # Authentication Validation
if [ -z "$PVE_PASSWORD" ]; then if [ -z "$PVE_PASSWORD" ]; then
if [ -z "$PVE_SSH_KEY" ]; then if [ -z "$PVE_SSH_KEY" ]; then
echo "❌ Error: No authentication parameter (password or SSH key) is defined." >&2 echo "❌ Error: No authentication parameter is defined." >&2
exit 1 exit 1
elif [ ! -f "$PVE_SSH_KEY" ]; then elif [ ! -f "$PVE_SSH_KEY" ]; then
echo "❌ Error: SSH key file '$PVE_SSH_KEY' does not exist." >&2 echo "❌ Error: SSH key file '$PVE_SSH_KEY' does not exist." >&2
@@ -115,12 +124,11 @@ fi
# --- SSH Connection to Proxmox Server --- # --- SSH Connection to Proxmox Server ---
run_proxmox() { run_proxmox() {
local ssh_cmd="ssh -p $PVE_PORT" local ssh_cmd="ssh -p $PVE_PORT"
# Priority to SSH key if it is provided and exists
if [ -n "$PVE_SSH_KEY" ] && [ -f "$PVE_SSH_KEY" ]; then if [ -n "$PVE_SSH_KEY" ] && [ -f "$PVE_SSH_KEY" ]; then
ssh_cmd="$ssh_cmd -i $PVE_SSH_KEY" ssh_cmd="$ssh_cmd -i $PVE_SSH_KEY"
else else
# Use password if SSH key is not available ssh_cmd="$ssh_cmd -o PreferredAuthentications=password \
ssh_cmd="$ssh_cmd -o PreferredAuthentications=password -o StrictHostKeyChecking=no" -o StrictHostKeyChecking=no"
fi fi
$ssh_cmd "$PVE_USER@$PVE_HOST" "$1" $ssh_cmd "$PVE_USER@$PVE_HOST" "$1"
} }
@@ -136,10 +144,27 @@ fi
# --- Container Creation --- # --- Container Creation ---
echo "🚀 Creating LXC container $SHORT_NAME on $PVE_HOST..." echo "🚀 Creating LXC container $SHORT_NAME on $PVE_HOST..."
LXC_ID=$(run_proxmox "pct create $ROOTFS_SIZE $TEMPLATE --cores $CORES --memory $MEMORY --swap $SWAP --hostname $SHORT_NAME.$DOMAIN --password $PASSWORD --unprivileged $UNPRIVILEGED --net0 $NET_OPTS --onboot 1" | grep -oP '\d+') CREATE_CMD="pct create $ROOTFS_SIZE $TEMPLATE --cores $CORES \
if [ -z "$LXC_ID" ]; then --memory $MEMORY --swap $SWAP --hostname $SHORT_NAME.$DOMAIN \
echo "❌ Error: Failed to create the container." >&2 --password $PASSWORD --unprivileged $UNPRIVILEGED --net0 $NET_OPTS \
exit 1 --onboot 1 --cmode $CMODE"
if [ -n "$TAGS" ]; then
CREATE_CMD="$CREATE_CMD --tags $TAGS"
fi fi
echo "✅ LXC container $SHORT_NAME created successfully (ID: $LXC_ID)." # Display the command (with password masked)
DISPLAY_CMD=$(echo "$CREATE_CMD" |
sed "s/--password [^ ]*/--password \*\*\*\*\*/g")
echo "🔧 Command to execute on $PVE_HOST: $DISPLAY_CMD"
# Execute or simulate
if [ "$DRY_RUN" = "true" ]; then
echo "🧪 Dry run: Skipping actual execution."
else
LXC_ID=$(run_proxmox "$CREATE_CMD" | grep -oP '\d+')
if [ -z "$LXC_ID" ]; then
echo "❌ Error: Failed to create the container." >&2
exit 1
fi
echo "✅ LXC container $SHORT_NAME created successfully (ID: $LXC_ID)."
fi