From d199cc186c54c200ee55b704e47f68568c9393c7 Mon Sep 17 00:00:00 2001 From: spiritlhl <103393591+spiritLHLS@users.noreply.github.com> Date: Thu, 8 Feb 2024 11:59:18 +0000 Subject: [PATCH] 2024.02.08 --- CHANGELOG.md | 5 + README.md | 10 +- scripts/buildct.sh | 163 ++++++++++++++++++++++++------- scripts/buildct_onlyv6.sh | 164 ++++++++++++++++++++++++-------- scripts/buildvm.sh | 7 +- scripts/buildvm_extraip.sh | 7 +- scripts/buildvm_manual_ip.sh | 7 +- scripts/buildvm_onlyv6.sh | 7 +- scripts/{ssh.sh => ssh_bash.sh} | 4 +- scripts/ssh_sh.sh | 100 +++++++++++++++++++ 10 files changed, 384 insertions(+), 90 deletions(-) rename scripts/{ssh.sh => ssh_bash.sh} (99%) create mode 100644 scripts/ssh_sh.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index 9c577ef..649aa33 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,10 @@ # 更新日志 +2024.02.04 + +- 增加IPV6的子网掩码识别的精确度 +- 修复部分提示信息避免误导 + 2024.02.02 - 修复网关自动配置的时候,可能出现IPV6网络配置未加载的情况,增加预先的请求加载配置 diff --git a/README.md b/README.md index 59b46a3..743034c 100644 --- a/README.md +++ b/README.md @@ -9,14 +9,16 @@ 待开发内容: - KVM/LXC模板加载部分自定义的限制,避免机器用于滥用发包 -- LXC模板构建自定义的模板提前初始化好部分内容,避免原始模板过于干净导致初始化时间过长 ## 更新 -2024.02.04 +2024.02.08 -- 增加IPV6的子网掩码识别的精确度 -- 修复部分提示信息避免误导 +- LXC模板构建自定义的模板提前初始化好部分内容,避免原始模板过于干净导致初始化时间过长,优先级:自修补镜像 > 官方镜像 +- 已预先安装设置模板的容器仓库:[https://github.com/oneclickvirt/pve_lxc_images](https://github.com/oneclickvirt/pve_lxc_images) +- 修复镜像在下载后重复使用可能重复下载的问题 +- 增加适配 alpine fedora archlinux 待适配 devuan opensuse gentoo +- 大幅缩短LXC容器开设时间(在使用自修补镜像时) [更新日志](CHANGELOG.md) diff --git a/scripts/buildct.sh b/scripts/buildct.sh index 82f20db..962afe7 100644 --- a/scripts/buildct.sh +++ b/scripts/buildct.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2023.12.20 +# 2024.02.08 # ./buildct.sh CTID 密码 CPU核数 内存 硬盘 SSH端口 80端口 443端口 外网端口起 外网端口止 系统 存储盘 独立IPV6 # ./buildct.sh 102 1234567 1 512 5 20001 20002 20003 30000 30025 debian11 local N @@ -138,7 +138,9 @@ if [ "$system_arch" = "arch" ]; then version=${num_system} fi if [[ -z "${CN}" || "${CN}" != true ]]; then - curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "https://jenkins.linuxcontainers.org/view/LXC/job/image-${en_system}/architecture=arm64,release=${version},variant=cloud/lastSuccessfulBuild/artifact/rootfs.tar.xz" + if [ ! -f "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" ]; then + curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "https://jenkins.linuxcontainers.org/view/LXC/job/image-${en_system}/architecture=arm64,release=${version},variant=cloud/lastSuccessfulBuild/artifact/rootfs.tar.xz" + fi else # https://mirror.tuna.tsinghua.edu.cn/lxc-images/images/ URL="https://mirror.tuna.tsinghua.edu.cn/lxc-images/images/${en_system}/${version}/arm64/cloud/" @@ -147,17 +149,49 @@ if [ "$system_arch" = "arch" ]; then sorted_links=$(echo "$folder_links_dates" | sort -k2 -r) latest_folder_link=$(echo "$sorted_links" | head -n 1 | awk '{print $1}') latest_folder_url="${URL}${latest_folder_link}" - curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "${latest_folder_url}/rootfs.tar.xz" + if [ ! -f "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" ]; then + curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "${latest_folder_url}/rootfs.tar.xz" + fi fi else - system_name=$(pveam available --section system | grep "$system" | awk '{print $2}' | head -n1) - if ! pveam available --section system | grep "$system" >/dev/null; then - _red "No such system" - exit - else - _green "Use $system_name" + system_name="" + fixed_system=false + system="${en_system}-${num_system}" + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + # 如果 https://api.github.com/ 请求失败,则使用 https://githubapi.spiritlhl.workers.dev/ ,此时可能宿主机无IPV4网络 + if [ -z "$response" ]; then + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.workers.dev/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + fi + # 如果 https://githubapi.spiritlhl.workers.dev/ 请求失败,则使用 https://githubapi.spiritlhl.top/ ,此时可能宿主机在国内 + if [ -z "$response" ]; then + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.top/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + fi + if [ $? -eq 0 ] && [ -n "$response" ]; then + system_names=(echo "$response") + fi + for sy in "${system_names[@]}"; do + if [[ $sy == "$system"* ]]; then + system_name="$sy" + fixed_system=true + if [ ! -f "/var/lib/vz/template/cache/${system_name}" ]; then + curl -o "/var/lib/vz/template/cache/${system_name}" "https://github.com/oneclickvirt/pve_lxc_images/releases/download/${en_system}/${system_name}" + fi + _blue "Use self-fixed image: ${system_name}" + break + fi + done + if [ "$fixed_system" = false ] && [ -z "$system_nam" ]; then + system_name=$(pveam available --section system | grep "$system" | awk '{print $2}' | head -n1) + if ! pveam available --section system | grep "$system" >/dev/null; then + _red "No such system" + exit 1 + else + _green "Use $system_name" + fi + if [ ! -f "/var/lib/vz/template/cache/${system_name}" ]; then + pveam download local $system_name + fi fi - pveam download local $system_name fi check_cdn() { @@ -245,7 +279,11 @@ fi user_ip="172.16.1.${num}" if [ "$system_arch" = "x86" ]; then - pct create $CTID ${storage}:vztmpl/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + if [ "$fixed_system" = true ]; then + pct create $CTID /var/lib/vz/template/cache/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + else + pct create $CTID ${storage}:vztmpl/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + fi else temp_system_name="${en_system}-arm64-${version}-cloud.tar.xz" pct create $CTID ${storage}:vztmpl/${temp_system_name} -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 @@ -271,48 +309,101 @@ else fi if [ "$independent_ipv6_status" == "N" ]; then # if [ -z "$ipv6_address" ] || [ -z "$ipv6_prefixlen" ] || [ -z "$ipv6_gateway" ] || [ "$ipv6_prefixlen" -gt 112 ]; then - pct set $CTID --net0 name=eth0,ip=${user_ip}/24,bridge=vmbr1,gw=172.16.1.1 - pct set $CTID --nameserver 1.1.1.1 - pct set $CTID --searchdomain local + pct set $CTID --net0 name=eth0,ip=${user_ip}/24,bridge=vmbr1,gw=172.16.1.1 + pct set $CTID --nameserver 1.1.1.1 + pct set $CTID --searchdomain local # else # pct set $CTID --net0 name=eth0,ip=${user_ip}/24,bridge=vmbr1,gw=172.16.1.1,ip6=${ipv6_address}/${ipv6_prefixlen},gw6=${ipv6_gateway} # pct set $CTID --nameserver 8.8.8.8,2001:4860:4860::8888 --nameserver 8.8.4.4,2001:4860:4860::8844 # fi fi sleep 3 -if echo "$system" | grep -qiE "centos|almalinux|rockylinux"; then - pct exec $CTID -- yum install -y curl +if [ "$fixed_system" = true ]; then if [[ -z "${CN}" || "${CN}" != true ]]; then - pct exec $CTID -- yum update -y - pct exec $CTID -- yum update - pct exec $CTID -- yum install -y dos2unix curl + sleep 1 else - pct exec $CTID -- yum install -y curl pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh pct exec $CTID -- chmod 777 ChangeMirrors.sh pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips pct exec $CTID -- rm -rf ChangeMirrors.sh - pct exec $CTID -- yum install -y dos2unix fi + pct exec $CTID -- service ssh restart + pct exec $CTID -- service sshd restart + pct exec $CTID -- systemctl restart sshd + pct exec $CTID -- systemctl restart ssh else - if [[ -z "${CN}" || "${CN}" != true ]]; then - pct exec $CTID -- apt-get update -y - pct exec $CTID -- dpkg --configure -a - pct exec $CTID -- apt-get update - pct exec $CTID -- apt-get install dos2unix curl -y + if echo "$system" | grep -qiE "centos|almalinux|rockylinux" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- yum update -y + pct exec $CTID -- yum install -y dos2unix curl + else + pct exec $CTID -- yum install -y curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- yum install -y dos2unix + fi + elif echo "$system" | grep -qiE "fedora" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- dnf update -y + pct exec $CTID -- dnf install -y dos2unix curl + else + pct exec $CTID -- dnf install -y curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- dnf install -y dos2unix + fi + elif echo "$system" | grep -qiE "opensuse" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- zypper update -y + pct exec $CTID -- zypper --non-interactive install dos2unix curl + else + pct exec $CTID -- zypper --non-interactive install curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- zypper --non-interactive install dos2unix + fi + elif echo "$system" | grep -qiE "alpine|archlinux" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + sleep 1 + else + pct exec $CTID -- wget https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + fi + elif echo "$system" | grep -qiE "ubuntu|debian|devuan" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- apt-get update -y + pct exec $CTID -- dpkg --configure -a + pct exec $CTID -- apt-get update + pct exec $CTID -- apt-get install dos2unix curl -y + else + pct exec $CTID -- apt-get install curl -y --fix-missing + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- apt-get install dos2unix -y + fi + fi + if echo "$system" | grep -qiE "alpine|archlinux|gentoo|openwrt" >/dev/null 2>&1; then + pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh_sh.sh -o ssh_sh.sh + pct exec $CTID -- chmod 777 ssh_sh.sh + pct exec $CTID -- dos2unix ssh_sh.sh + pct exec $CTID -- bash ssh_sh.sh else - pct exec $CTID -- apt-get install curl -y --fix-missing - pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh - pct exec $CTID -- chmod 777 ChangeMirrors.sh - pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips - pct exec $CTID -- rm -rf ChangeMirrors.sh - pct exec $CTID -- apt-get install dos2unix -y + pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh_bash.sh -o ssh_bash.sh + pct exec $CTID -- chmod 777 ssh_bash.sh + pct exec $CTID -- dos2unix ssh_bash.sh + pct exec $CTID -- bash ssh_bash.sh fi fi -pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh.sh -o ssh.sh -pct exec $CTID -- chmod 777 ssh.sh -pct exec $CTID -- dos2unix ssh.sh -pct exec $CTID -- bash ssh.sh if [ "$independent_ipv6_status" == "Y" ]; then pct exec $CTID -- echo '*/1 * * * * curl -m 6 -s ipv6.ip.sb && curl -m 6 -s ipv6.ip.sb' | crontab - fi diff --git a/scripts/buildct_onlyv6.sh b/scripts/buildct_onlyv6.sh index 173187a..1d7bcad 100644 --- a/scripts/buildct_onlyv6.sh +++ b/scripts/buildct_onlyv6.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2023.12.20 +# 2024.02.08 # ./buildct_onlyv6.sh CTID 密码 CPU核数 内存 硬盘 系统 存储盘 # ./buildct_onlyv6.sh 102 1234567 1 512 5 debian11 local @@ -145,7 +145,9 @@ if [ "$system_arch" = "arch" ]; then version=${num_system} fi if [[ -z "${CN}" || "${CN}" != true ]]; then - curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "https://jenkins.linuxcontainers.org/view/LXC/job/image-${en_system}/architecture=arm64,release=${version},variant=cloud/lastSuccessfulBuild/artifact/rootfs.tar.xz" + if [ ! -f "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" ]; then + curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "https://jenkins.linuxcontainers.org/view/LXC/job/image-${en_system}/architecture=arm64,release=${version},variant=cloud/lastSuccessfulBuild/artifact/rootfs.tar.xz" + fi else # https://mirror.tuna.tsinghua.edu.cn/lxc-images/images/ URL="https://mirror.tuna.tsinghua.edu.cn/lxc-images/images/${en_system}/${version}/arm64/cloud/" @@ -154,18 +156,49 @@ if [ "$system_arch" = "arch" ]; then sorted_links=$(echo "$folder_links_dates" | sort -k2 -r) latest_folder_link=$(echo "$sorted_links" | head -n 1 | awk '{print $1}') latest_folder_url="${URL}${latest_folder_link}" - curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "${latest_folder_url}/rootfs.tar.xz" + if [ ! -f "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" ]; then + curl -o "/var/lib/vz/template/cache/${en_system}-arm64-${version}-cloud.tar.xz" "${latest_folder_url}/rootfs.tar.xz" + fi fi else + system_name="" + fixed_system=false system="${en_system}-${num_system}" - system_name=$(pveam available --section system | grep "$system" | awk '{print $2}' | head -n1) - if ! pveam available --section system | grep "$system" >/dev/null; then - _red "No such system" - exit 1 - else - _green "Use $system_name" + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + # 如果 https://api.github.com/ 请求失败,则使用 https://githubapi.spiritlhl.workers.dev/ ,此时可能宿主机无IPV4网络 + if [ -z "$response" ]; then + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.workers.dev/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + fi + # 如果 https://githubapi.spiritlhl.workers.dev/ 请求失败,则使用 https://githubapi.spiritlhl.top/ ,此时可能宿主机在国内 + if [ -z "$response" ]; then + response=$(curl -sSL -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.top/repos/oneclickvirt/pve_lxc_images/releases/tags/${en_system}" | grep -oP '"name": "\K[^"]+\.zst' | awk 'NR%2==1') + fi + if [ $? -eq 0 ] && [ -n "$response" ]; then + system_names=(echo "$response") + fi + for sy in "${system_names[@]}"; do + if [[ $sy == "$system"* ]]; then + system_name="$sy" + fixed_system=true + if [ ! -f "/var/lib/vz/template/cache/${system_name}" ]; then + curl -o "/var/lib/vz/template/cache/${system_name}" "https://github.com/oneclickvirt/pve_lxc_images/releases/download/${en_system}/${system_name}" + fi + _blue "Use self-fixed image: ${system_name}" + break + fi + done + if [ "$fixed_system" = false ] && [ -z "$system_nam" ]; then + system_name=$(pveam available --section system | grep "$system" | awk '{print $2}' | head -n1) + if ! pveam available --section system | grep "$system" >/dev/null; then + _red "No such system" + exit 1 + else + _green "Use $system_name" + fi + if [ ! -f "/var/lib/vz/template/cache/${system_name}" ]; then + pveam download local $system_name + fi fi - pveam download local $system_name fi check_cdn() { @@ -215,7 +248,11 @@ if [ -f /usr/local/bin/pve_ipv6_gateway ]; then ipv6_gateway=$(cat /usr/local/bin/pve_ipv6_gateway) fi if [ "$system_arch" = "x86" ]; then - pct create $CTID ${storage}:vztmpl/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + if [ "$fixed_system" = true ]; then + pct create $CTID /var/lib/vz/template/cache/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + else + pct create $CTID ${storage}:vztmpl/$system_name -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 + fi else temp_system_name="${en_system}-arm64-${version}-cloud.tar.xz" pct create $CTID ${storage}:vztmpl/${temp_system_name} -cores $core -cpuunits 1024 -memory $memory -swap 128 -rootfs ${storage}:${disk} -onboot 1 -password $password -features nesting=1 @@ -227,38 +264,92 @@ pct set $CTID --net0 name=eth0,ip6="${ipv6_address_without_last_segment}${CTID}/ pct set $CTID --net1 name=eth1,ip=${user_ip}/24,bridge=vmbr1,gw=172.16.1.1 pct set $CTID --nameserver 8.8.8.8,2001:4860:4860::8888 --nameserver 8.8.4.4,2001:4860:4860::8844 sleep 3 -if echo "$system" | grep -qiE "centos|almalinux|rockylinux" >/dev/null 2>&1; then +if [ "$fixed_system" = true ]; then if [[ -z "${CN}" || "${CN}" != true ]]; then - pct exec $CTID -- yum update -y - pct exec $CTID -- yum update - pct exec $CTID -- yum install -y dos2unix curl + sleep 1 else - pct exec $CTID -- yum install -y curl pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh pct exec $CTID -- chmod 777 ChangeMirrors.sh pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips pct exec $CTID -- rm -rf ChangeMirrors.sh - pct exec $CTID -- yum install -y dos2unix fi + pct exec $CTID -- service ssh restart + pct exec $CTID -- service sshd restart + pct exec $CTID -- systemctl restart sshd + pct exec $CTID -- systemctl restart ssh else - if [[ -z "${CN}" || "${CN}" != true ]]; then - pct exec $CTID -- apt-get update -y - pct exec $CTID -- dpkg --configure -a - pct exec $CTID -- apt-get update - pct exec $CTID -- apt-get install dos2unix curl -y + if echo "$system" | grep -qiE "centos|almalinux|rockylinux" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- yum update -y + pct exec $CTID -- yum install -y dos2unix curl + else + pct exec $CTID -- yum install -y curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- yum install -y dos2unix + fi + elif echo "$system" | grep -qiE "fedora" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- dnf update -y + pct exec $CTID -- dnf install -y dos2unix curl + else + pct exec $CTID -- dnf install -y curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- dnf install -y dos2unix + fi + elif echo "$system" | grep -qiE "opensuse" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- zypper update -y + pct exec $CTID -- zypper --non-interactive install dos2unix curl + else + pct exec $CTID -- zypper --non-interactive install curl + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- zypper --non-interactive install dos2unix + fi + elif echo "$system" | grep -qiE "alpine|archlinux" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + sleep 1 + else + pct exec $CTID -- wget https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + fi + elif echo "$system" | grep -qiE "ubuntu|debian|devuan" >/dev/null 2>&1; then + if [[ -z "${CN}" || "${CN}" != true ]]; then + pct exec $CTID -- apt-get update -y + pct exec $CTID -- dpkg --configure -a + pct exec $CTID -- apt-get update + pct exec $CTID -- apt-get install dos2unix curl -y + else + pct exec $CTID -- apt-get install curl -y --fix-missing + pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh + pct exec $CTID -- chmod 777 ChangeMirrors.sh + pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + pct exec $CTID -- rm -rf ChangeMirrors.sh + pct exec $CTID -- apt-get install dos2unix -y + fi + fi + if echo "$system" | grep -qiE "alpine|archlinux|gentoo|openwrt" >/dev/null 2>&1; then + pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh_sh.sh -o ssh_sh.sh + pct exec $CTID -- chmod 777 ssh_sh.sh + pct exec $CTID -- dos2unix ssh_sh.sh + pct exec $CTID -- bash ssh_sh.sh else - pct exec $CTID -- apt-get install curl -y --fix-missing - pct exec $CTID -- curl -lk https://gitee.com/SuperManito/LinuxMirrors/raw/main/ChangeMirrors.sh -o ChangeMirrors.sh - pct exec $CTID -- chmod 777 ChangeMirrors.sh - pct exec $CTID -- ./ChangeMirrors.sh --source mirrors.tuna.tsinghua.edu.cn --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips - pct exec $CTID -- rm -rf ChangeMirrors.sh - pct exec $CTID -- apt-get install dos2unix -y + pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh_bash.sh -o ssh_bash.sh + pct exec $CTID -- chmod 777 ssh_bash.sh + pct exec $CTID -- dos2unix ssh_bash.sh + pct exec $CTID -- bash ssh_bash.sh fi fi -pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/pve/main/scripts/ssh.sh -o ssh.sh -pct exec $CTID -- chmod 777 ssh.sh -pct exec $CTID -- dos2unix ssh.sh -pct exec $CTID -- bash ssh.sh pct exec $CTID -- echo '*/1 * * * * curl -m 6 -s ipv6.ip.sb && curl -m 6 -s ipv6.ip.sb' | crontab - # 禁止PVE自动修改网络接口设置 pct exec $CTID -- touch /etc/network/.pve-ignore.interfaces @@ -267,18 +358,11 @@ pct exec $CTID -- touch /etc/.pve-ignore.resolv.conf # 禁止PVE自动修改主机名设置 pct exec $CTID -- touch /etc/.pve-ignore.hosts pct exec $CTID -- touch /etc/.pve-ignore.hostname +# 设置容器的滥用限制 # pct exec $CTID -- curl -L ${cdn_success_url}https://raw.githubusercontent.com/spiritLHLS/lxc/main/config.sh -o config.sh # pct exec $CTID -- chmod +x config.sh # pct exec $CTID -- bash config.sh -# if [ -z "$ipv6_address" ] || [ -z "$ipv6_prefixlen" ] || [ -z "$ipv6_gateway" ] || [ "$ipv6_prefixlen" -gt 112 ]; then -# : -# else -# sleep 3 -# pct exec $CTID -- systemctl restart networking -# pct reboot $CTID -# fi - echo "$CTID $password $core $memory $disk $system_ori $storage ${ipv6_address_without_last_segment}${CTID}" >>"ct${CTID}" # 容器的相关信息将会存储到对应的容器的NOTE中,可在WEB端查看 data=$(echo " CTID root密码-password CPU核数-CPU 内存-memory 硬盘-disk 系统-system 存储盘-storage 外网IPV6-ipv6") diff --git a/scripts/buildvm.sh b/scripts/buildvm.sh index b113e5e..81448a6 100644 --- a/scripts/buildvm.sh +++ b/scripts/buildvm.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2024.01.31 +# 2024.02.08 # ./buildvm.sh VMID 用户名 密码 CPU核数 内存 硬盘 SSH端口 80端口 443端口 外网端口起 外网端口止 系统 存储盘 独立IPV6 # ./buildvm.sh 102 test1 1234567 1 512 5 40001 40002 40003 50000 50025 debian11 local N @@ -153,6 +153,7 @@ if [ "$system_arch" = "x86" ]; then ver="auto_build" url="${cdn_success_url}https://github.com/oneclickvirt/pve_kvm_images/releases/download/images/${image}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use auto-fixed image: ${image}" break fi done @@ -176,10 +177,12 @@ if [ "$system_arch" = "x86" ]; then if [[ "$system" == "centos8-stream" ]]; then url="https://api.ilolicon.com/centos8-stream.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else if [[ -n "$ver" ]]; then url="${cdn_success_url}https://github.com/oneclickvirt/kvm_images/releases/download/${ver}/${system}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else _red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images " _red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 " @@ -202,7 +205,7 @@ elif [ "$system_arch" = "arch" ]; then _red "无法安装对应系统,请查看 http://cloud-images.ubuntu.com 支持的系统镜像 " exit 1 fi - if [ -n "$file_path" ] && [ -f "$file_path" ]; then + if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then case "$system" in ubuntu14) version="trusty" diff --git a/scripts/buildvm_extraip.sh b/scripts/buildvm_extraip.sh index 0bea458..99ed365 100644 --- a/scripts/buildvm_extraip.sh +++ b/scripts/buildvm_extraip.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2024.01.31 +# 2024.02.08 # 自动选择要绑定的IPV4地址 # ./buildvm_extraip.sh VMID 用户名 密码 CPU核数 内存 硬盘 系统 存储盘 是否附加IPV6(默认为N) # ./buildvm_extraip.sh 152 test1 1234567 1 512 5 debian11 local N @@ -149,6 +149,7 @@ if [ "$system_arch" = "x86" ]; then ver="auto_build" url="${cdn_success_url}https://github.com/oneclickvirt/pve_kvm_images/releases/download/images/${image}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use auto-fixed image: ${image}" break fi done @@ -172,10 +173,12 @@ if [ "$system_arch" = "x86" ]; then if [[ "$system" == "centos8-stream" ]]; then url="https://api.ilolicon.com/centos8-stream.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else if [[ -n "$ver" ]]; then url="${cdn_success_url}https://github.com/oneclickvirt/kvm_images/releases/download/${ver}/${system}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else _red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images " _red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 " @@ -198,7 +201,7 @@ elif [ "$system_arch" = "arch" ]; then _red "无法安装对应系统,请查看 http://cloud-images.ubuntu.com 支持的系统镜像 " exit 1 fi - if [ -n "$file_path" ] && [ -f "$file_path" ]; then + if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then case "$system" in ubuntu14) version="trusty" diff --git a/scripts/buildvm_manual_ip.sh b/scripts/buildvm_manual_ip.sh index 335ca04..f880c86 100644 --- a/scripts/buildvm_manual_ip.sh +++ b/scripts/buildvm_manual_ip.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2024.01.31 +# 2024.02.08 # 手动指定要绑定的IPV4地址 # ./buildvm_manual_ip.sh VMID 用户名 密码 CPU核数 内存 硬盘 系统 存储盘 IPV4地址 是否附加IPV6(默认为N) @@ -178,6 +178,7 @@ if [ "$system_arch" = "x86" ]; then ver="auto_build" url="${cdn_success_url}https://github.com/oneclickvirt/pve_kvm_images/releases/download/images/${image}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use auto-fixed image: ${image}" break fi done @@ -201,10 +202,12 @@ if [ "$system_arch" = "x86" ]; then if [[ "$system" == "centos8-stream" ]]; then url="https://api.ilolicon.com/centos8-stream.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else if [[ -n "$ver" ]]; then url="${cdn_success_url}https://github.com/oneclickvirt/kvm_images/releases/download/${ver}/${system}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else _red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images " _red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 " @@ -227,7 +230,7 @@ elif [ "$system_arch" = "arch" ]; then _red "无法安装对应系统,请查看 http://cloud-images.ubuntu.com 支持的系统镜像 " exit 1 fi - if [ -n "$file_path" ] && [ -f "$file_path" ]; then + if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then case "$system" in ubuntu14) version="trusty" diff --git a/scripts/buildvm_onlyv6.sh b/scripts/buildvm_onlyv6.sh index 325812a..bbe63eb 100644 --- a/scripts/buildvm_onlyv6.sh +++ b/scripts/buildvm_onlyv6.sh @@ -1,7 +1,7 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2024.01.31 +# 2024.02.08 # 自动选择要绑定的IPV6地址 # ./buildvm_onlyv6.sh VMID 用户名 密码 CPU核数 内存 硬盘 系统 存储盘 # ./buildvm_onlyv6.sh 152 test1 1234567 1 512 5 debian11 local @@ -161,6 +161,7 @@ if [ "$system_arch" = "x86" ]; then ver="auto_build" url="${cdn_success_url}https://github.com/oneclickvirt/pve_kvm_images/releases/download/images/${image}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use auto-fixed image: ${image}" break fi done @@ -184,10 +185,12 @@ if [ "$system_arch" = "x86" ]; then if [[ "$system" == "centos8-stream" ]]; then url="https://api.ilolicon.com/centos8-stream.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else if [[ -n "$ver" ]]; then url="${cdn_success_url}https://github.com/oneclickvirt/kvm_images/releases/download/${ver}/${system}.qcow2" curl -Lk -o "$file_path" "$url" + _blue "Use manual-fixed image: ${system}" else _red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images " _red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 " @@ -210,7 +213,7 @@ elif [ "$system_arch" = "arch" ]; then _red "无法安装对应系统,请查看 http://cloud-images.ubuntu.com 支持的系统镜像 " exit 1 fi - if [ -n "$file_path" ] && [ -f "$file_path" ]; then + if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then case "$system" in ubuntu14) version="trusty" diff --git a/scripts/ssh.sh b/scripts/ssh_bash.sh similarity index 99% rename from scripts/ssh.sh rename to scripts/ssh_bash.sh index af4069d..8df3e17 100644 --- a/scripts/ssh.sh +++ b/scripts/ssh_bash.sh @@ -1,15 +1,15 @@ #!/bin/bash # from # https://github.com/spiritLHLS/pve -# 2024.02.04 +# 2024.02.08 if [ -f "/etc/resolv.conf" ]; then cp /etc/resolv.conf /etc/resolv.conf.bak echo "nameserver 8.8.8.8" | tee -a /etc/resolv.conf >/dev/null echo "nameserver 8.8.4.4" | tee -a /etc/resolv.conf >/dev/null fi - temp_file_apt_fix="/tmp/apt_fix.txt" +# devuan opensuse REGEX=("debian|astra" "ubuntu" "centos|red hat|kernel|oracle linux|alma|rocky" "'amazon linux'" "fedora" "arch" "freebsd") RELEASE=("Debian" "Ubuntu" "CentOS" "CentOS" "Fedora" "Arch" "FreeBSD") PACKAGE_UPDATE=("! apt-get update && apt-get --fix-broken install -y && apt-get update" "apt-get update" "yum -y update" "yum -y update" "yum -y update" "pacman -Sy" "pkg update") diff --git a/scripts/ssh_sh.sh b/scripts/ssh_sh.sh new file mode 100644 index 0000000..117bfc2 --- /dev/null +++ b/scripts/ssh_sh.sh @@ -0,0 +1,100 @@ +#!/bin/sh +# from +# https://github.com/spiritLHLS/pve +# 2024.02.08 + +if [ -f "/etc/resolv.conf" ]; then + cp /etc/resolv.conf /etc/resolv.conf.bak + echo "nameserver 8.8.8.8" | tee -a /etc/resolv.conf >/dev/null + echo "nameserver 8.8.4.4" | tee -a /etc/resolv.conf >/dev/null +fi +if [ "$(cat /etc/os-release | grep -E '^ID=' | cut -d '=' -f 2 | tr -d '"')" == "alpine" ]; then + apk update + apk add --no-cache openssh-server + apk add --no-cache sshpass + apk add --no-cache openssh-keygen + apk add --no-cache bash + apk add --no-cache curl + apk add --no-cache wget + apk add --no-cache lsof + cd /etc/ssh + ssh-keygen -A + chattr -i /etc/ssh/sshd_config + sed -i '/^#PermitRootLogin\|PermitRootLogin/c PermitRootLogin yes' /etc/ssh/sshd_config + sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config + sed -i '/^#ListenAddress\|ListenAddress/c ListenAddress 0.0.0.0' /etc/ssh/sshd_config + sed -i '/^#AddressFamily\|AddressFamily/c AddressFamily any' /etc/ssh/sshd_config + sed -i "s/^#\?\(Port\).*/\1 22/" /etc/ssh/sshd_config + sed -i -E 's/^#?(Port).*/\1 22/' /etc/ssh/sshd_config + sed -i '/^#UsePAM\|UsePAM/c #UsePAM no' /etc/ssh/sshd_config + sed -E -i 's/preserve_hostname:[[:space:]]*false/preserve_hostname: true/g' /etc/cloud/cloud.cfg + sed -E -i 's/disable_root:[[:space:]]*true/disable_root: false/g' /etc/cloud/cloud.cfg + sed -E -i 's/ssh_pwauth:[[:space:]]*false/ssh_pwauth: true/g' /etc/cloud/cloud.cfg + /usr/sbin/sshd + rc-update add sshd default + chattr +i /etc/ssh/sshd_config +elif [ "$(cat /etc/os-release | grep -E '^ID=' | cut -d '=' -f 2 | tr -d '"')" == "openwrt" ]; then + opkg update + opkg install openssh-server + opkg install bash + opkg install openssh-keygen + opkg install shadow-chpasswd + opkg install chattr + opkg install cronie + opkg install cron + /etc/init.d/sshd enable + /etc/init.d/sshd start + cd /etc/ssh + ssh-keygen -A + chattr -i /etc/ssh/sshd_config + sed -i "s/^#\?Port.*/Port 22/g" /etc/ssh/sshd_config + sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config + sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config + sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config + sed -i 's/#ListenAddress ::/ListenAddress ::/' /etc/ssh/sshd_config + sed -i 's/#AddressFamily any/AddressFamily any/' /etc/ssh/sshd_config + sed -i "s/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g" /etc/ssh/sshd_config + sed -i '/^AuthorizedKeysFile/s/^/#/' /etc/ssh/sshd_config + chattr +i /etc/ssh/sshd_config + /etc/init.d/sshd restart +elif [ "$(grep . /etc/issue 2>/dev/null | cut -d \\ -f1 | sed '/^[ ]*$/d')" =~ *"Arch"* ]; then + curl -slk https://raw.githubusercontent.com/SuperManito/LinuxMirrors/main/ChangeMirrors.sh -o ChangeMirrors.sh + chmod 777 ChangeMirrors.sh + ./ChangeMirrors.sh --use-official-source --web-protocol http --intranet false --close-firewall true --backup true --updata-software false --clean-cache false --ignore-backup-tips + rm -rf /etc/pacman.d/gnupg/ + pacman-key --init + pacman-key --populate archlinux + pacman -Syyuu + pacman -Sy --needed openssh + pacman -Sy --needed bash + pacman -Sy --needed chattr + pacman -Sy --needed cronie + pacman -Sy --needed cron + systemctl enable sshd + systemctl start sshd + chattr -i /etc/ssh/sshd_config + sed -i "s/^#\?Port.*/Port 22/g" /etc/ssh/sshd_config + sed -i "s/^#\?PermitRootLogin.*/PermitRootLogin yes/g" /etc/ssh/sshd_config + sed -i "s/^#\?PasswordAuthentication.*/PasswordAuthentication yes/g" /etc/ssh/sshd_config + sed -i 's/#ListenAddress 0.0.0.0/ListenAddress 0.0.0.0/' /etc/ssh/sshd_config + sed -i 's/#ListenAddress ::/ListenAddress ::/' /etc/ssh/sshd_config + sed -i 's/#AddressFamily any/AddressFamily any/' /etc/ssh/sshd_config + sed -i "s/^#\?PubkeyAuthentication.*/PubkeyAuthentication no/g" /etc/ssh/sshd_config + sed -i '/^AuthorizedKeysFile/s/^/#/' /etc/ssh/sshd_config + chattr +i /etc/ssh/sshd_config + systemctl restart sshd +fi +# gentoo +/etc/init.d/cron enable || true +/etc/init.d/cron start || true +if [ -f "/etc/motd" ]; then + echo '' >/etc/motd + echo 'Related repo https://github.com/oneclickvirt/pve_lxc_images' >>/etc/motd + echo '--by https://t.me/spiritlhl' >>/etc/motd +fi +if [ -f "/etc/banner" ]; then + echo '' >/etc/banner + echo 'Related repo https://github.com/oneclickvirt/pve_lxc_images' >>/etc/banner + echo '--by https://t.me/spiritlhl' >>/etc/banner +fi +rm -f "$0"