#!/bin/bash # /var/lib/lxc/nunatak/config # example config file: ### Container #lxc.utsname = nunatak #lxc.rootfs = /var/lib/lxc/nunatak/rootfs #lxc.arch = x86_64 ##lxc.console = /var/log/lxc/nunatak.console #lxc.tty = 6 #lxc.pts = 1024 # ### Capabilities #lxc.cap.drop = mac_admin #lxc.cap.drop = mac_override #lxc.cap.drop = sys_admin #lxc.cap.drop = sys_module ### Devices ## Allow all devices ##lxc.cgroup.devices.allow = a ## Deny all devices #lxc.cgroup.devices.deny = a ## Allow to mknod all devices (but not using them) #lxc.cgroup.devices.allow = c *:* m #lxc.cgroup.devices.allow = b *:* m # ## /dev/console #lxc.cgroup.devices.allow = c 5:1 rwm ## /dev/fuse #lxc.cgroup.devices.allow = c 10:229 rwm ## /dev/null #lxc.cgroup.devices.allow = c 1:3 rwm ## /dev/ptmx #lxc.cgroup.devices.allow = c 5:2 rwm ## /dev/pts/* #lxc.cgroup.devices.allow = c 136:* rwm ## /dev/random #lxc.cgroup.devices.allow = c 1:8 rwm ## /dev/rtc #lxc.cgroup.devices.allow = c 254:0 rwm ## /dev/tty #lxc.cgroup.devices.allow = c 5:0 rwm ## /dev/urandom #lxc.cgroup.devices.allow = c 1:9 rwm ## /dev/zero #lxc.cgroup.devices.allow = c 1:5 rwm # ### Limits ##lxc.cgroup.cpu.shares = 1024 ##lxc.cgroup.cpuset.cpus = 0 ##lxc.cgroup.memory.limit_in_bytes = 256M ##lxc.cgroup.memory.memsw.limit_in_bytes = 1G # ### Filesystem #lxc.mount.entry = proc /var/lib/lxc/nunatak/rootfs/proc proc nodev,noexec,nosuid 0 0 #lxc.mount.entry = sysfs /var/lib/lxc/nunatak/rootfs/sys sysfs defaults,ro 0 0 ##lxc.mount.entry = /srv/nunatak /var/lib/lxc/nunatak/rootfs/srv/nunatak none defaults,bind 0 0 # ### Network #lxc.network.type = veth #lxc.network.flags = up ##lxc.network.hwaddr = 00:FF:00:00:00:02 #lxc.network.link = br0 ##lxc.network.name = eth0 #lxc.network.ipv4 = 199.27.180.210/25 #lxc.network.ipv4.gateway = 199.27.180.254 [ -z "$2" ] && echo "use: $0 LXCNAME FQDN vserver-block-ip-last-octet" && exit 1 olddir="`pwd`" cd /var/lib/lxc name=$1 fqdn=$2 ip="$2" echo "making dir and rsyncing .rootfs-template/ to $name/rootfs" if [ -d $name/rootfs ]; then echo "$name/rootfs exists, skipping rsync of template (you made your own rootfs I guess"'!)' else mkdir -p $name/rootfs ionice -c3 rsync -a --stats .rootfs-template/ $name/rootfs echo "setting up hostname, mailname, fixing postfix config" echo $name > $name/rootfs/etc/hostname echo $fqdn > $name/rootfs/etc/mailname sed "s/nunatak\.sizone\.org/$fqdn/" < $name/rootfs/etc/postfix/main.cf > /tmp/postfix-main.cf.$$ mv /tmp/postfix-main.cf.$$ $name/rootfs/etc/postfix/main.cf fi echo "rsyncing inittab for terminal on screen console..." rsync -avP .rootfs-template/etc/inittab $name/rootfs/etc echo "creating config file..." sed -e "s#nunatak#$name#g" -e "s#199\.27\.180\.210/25#199.27.180.$ip/25#g" < .config.template > $name/config echo "symlinking config to /etc/lxc/auto/$name" ln -s /var/lib/lxc/$name/config /etc/lxc/auto/$name echo "config created in $name/config, symlinked $name/config to /etc/lxc/$name" echo "warning postfix listening on localhost only." echo "start server - * IN A NEW SCREEN WINDOW* as it will be console - with lxc-start -n $name " cd "$olddir"