41 lines
1.2 KiB
Bash
Executable file
41 lines
1.2 KiB
Bash
Executable file
#!/bin/bash
|
|
|
|
set -e
|
|
|
|
user="${1}"
|
|
base_dir="/var/lib/machines"
|
|
base_subvol="bip.f28.ro"
|
|
|
|
if [ -z "${user}" ] ; then
|
|
echo Please provide the username to create
|
|
exit 1
|
|
fi
|
|
|
|
adduser -G ctr-only "${user}"
|
|
su - "${user}" -c "ssh-keygen -f ~/.ssh/id_rsa -N ''; echo -n 'command=\"sudo /usr/local/bin/ctr-wrapper.sh\",no-port-forwarding,no-agent-forwarding,no-x11-forwarding ' > ~/.ssh/authorized_keys; cat ~/.ssh/id_rsa.pub >> ~/.ssh/authorized_keys; chmod 0600 ~/.ssh/authorized_keys; cat ~/.ssh/id_rsa"
|
|
new_subvol="$(echo ${base_subvol} | cut -d . -f 1)"."${user}"
|
|
btrfs sub snap "${base_dir}"/"${base_subvol}" "${base_dir}"/"${new_subvol}"
|
|
machinectl enable "${new_subvol}"
|
|
|
|
mkdir -p /etc/systemd/nspawn
|
|
cur_port="$(grep '^Port=' /etc/ctr-port.conf | tail -1 | cut -d = -f 2 )"
|
|
nex_port="$(expr ${cur_port} + 1)"
|
|
cat > /etc/systemd/nspawn/"${new_subvol}".nspawn <<EOF
|
|
[Exec]
|
|
Boot=yes
|
|
|
|
[Network]
|
|
Private=yes
|
|
VirtualEthernet=yes
|
|
Port=${nex_port}
|
|
|
|
[Files]
|
|
#BindReadOnly=/etc/resolv.conf
|
|
EOF
|
|
echo -e "# ${new_subvol}\nPort=${nex_port}" >> /etc/ctr-port.conf
|
|
|
|
sed -i "s/CHANGE_PORT/${nex_port}/g" "${base_dir}"/"${new_subvol}"/etc/bip.conf
|
|
sed -i "s/CHANGE_USER/${user}/g" "${base_dir}"/"${new_subvol}"/etc/bip.conf
|
|
|
|
machinectl start "${new_subvol}"
|
|
|