diff --git a/.gitignore b/.gitignore deleted file mode 100644 index 1de0e42..0000000 --- a/.gitignore +++ /dev/null @@ -1,10 +0,0 @@ -opennebula-vm-etcd/config-and-secrets.conf - -*.pyc - -.idea -.vscode - -ipxe/ - -openwrt-*-*.bin diff --git a/alpine-rebuild-initramfs.sh b/alpine-rebuild-initramfs.sh index b56454b..643cc3f 100755 --- a/alpine-rebuild-initramfs.sh +++ b/alpine-rebuild-initramfs.sh @@ -3,8 +3,8 @@ set -e set -x -MAJOR_VERSION=3.11 -MINOR_VERSION=2 +MAJOR_VERSION=3.10 +MINOR_VERSION=3 IMAGE=alpine-minirootfs-$MAJOR_VERSION.$MINOR_VERSION-x86_64.tar.gz SSH_KEYS=$(cat ~/.ssh/id_rsa.pub) RESOLVCONF=/etc/resolv.conf diff --git a/build-alpine-chroot.sh b/build-alpine-chroot.sh old mode 100755 new mode 100644 diff --git a/ceph-osd-create-start-alpine b/ceph-osd-create-start-alpine deleted file mode 100755 index a19e1da..0000000 --- a/ceph-osd-create-start-alpine +++ /dev/null @@ -1,107 +0,0 @@ -#!/bin/sh -# 17:19, 2018-02-09 -# Nico Schottelius - -# Based on ceph-disk -v prepare --bluestore /dev/sdc --osd-id ${ID} --osd-uuid $(uuidgen) --crush-device-class "ssd" - -# Create: -# - block -> link to partuuid -# - block_uuid -e> uuid if the block -# - ceph_fsid -> get from ceph-conf -# crush_device_class -> ssd, hdd -# fsid -> uuidgen! -# magic -> string "ceph osd volume v026" -# type -> bluestore - -fsid=$(ceph-conf --cluster=ceph --name=osd. --lookup fsid) -fs_uuid=$(uuidgen) -magic="ceph osd volume v026" - -set -x -set -e - -if [ $# -lt 2 ]; then - echo "$0 disk class [osdweight]" - echo "class = hdd or ssd" - exit 1 -fi - -export DEV=$1;shift -export CLASS=$1; shift - - -uuid_metadata=$(uuidgen) -uuid_block=$(uuidgen) - -osd_id=$(ceph osd create) - -dev_metadata="/dev/disk/by-partuuid/$uuid_metadata" -dev_block="/dev/disk/by-partuuid/$uuid_block" - -/usr/bin/sgdisk --new=0:0:+100M --change-name="0:ceph data" \ - --partition-guid="0:$uuid_metadata" \ - --typecode=0:4fbd7e29-9d25-41b8-afd0-062c0ceff05d \ - --mbrtogpt -- $DEV -/sbin/udevadm settle --timeout=600 - -# Using gdisk --largest-new does not change the name or set guid; -# So use 2 steps instead -/usr/bin/sgdisk --largest-new=0 --mbrtogpt -- $DEV -/sbin/udevadm settle --timeout=600 - - -lastpart=$(gdisk -l $DEV | tail -n1 | awk '{ print $1 }') -/usr/bin/sgdisk --change-name="${lastpart}:ceph block" \ - --partition-guid="${lastpart}:$uuid_block" \ - --typecode="${lastpart}:cafecafe-9b03-4f30-b4c6-b4b80ceff106" \ - --mbrtogpt -- $DEV -/sbin/udevadm settle --timeout=600 - -#echo $1 -#echo $(blkid | grep $1"2") - -#cblock=$(blkid | grep $1"2" | cut -d'"' -f4) -#echo $cblock - -/sbin/mkfs -t xfs -f -i size=2048 -- "$dev_metadata" - -mountpath=/var/lib/ceph/osd/ceph-${osd_id} - -mkdir -p "$mountpath" -mount "$dev_metadata" "$mountpath" - -ln -s $dev_block "$mountpath/block" - -echo "$uuid_block" > "$mountpath/block_uuid" -echo "$fsid" > "$mountpath/ceph_fsid" -echo "$magic" > "$mountpath/magic" -echo "$CLASS" > "$mountpath/crush_device_class" -echo $(echo $dev_block | cut -c23-) > "$mountpath/fsid" - - -# Important, otherwise --mkfs later will try to create filestore -echo bluestore > "$mountpath/type" - -ceph auth get-or-create "osd.${osd_id}" osd \ - 'allow *' mon 'allow profile osd' > $mountpath/keyring - -echo ${osd_id} > "$mountpath/whoami" -touch "$mountpath/openrc" - -ceph-osd --cluster ceph -i "${osd_id}" --mkfs -chown -R ceph:ceph "$mountpath" - -if [ $# -eq 1 ]; then - WEIGHT=$1; shift -else - devname=$(readlink -f $dev_block) - nodev=$(echo $devname | sed 's,/dev/,,') - WEIGHT=$(lsblk -l -b | awk "/^$nodev/ { print \$4/(1024^4) }") -fi - -ceph osd crush add osd.${osd_id} ${WEIGHT} host=$(hostname) - -echo "$metadata_dev /var/lib/ceph/osd/ceph-${osd_id} xfs noatime 0 0" >> /etc/fstab - -# Starting with monit, if available -ceph-osd -i ${osd_id} diff --git a/ceph-upgrade-server-to-nautilus.sh b/ceph-upgrade-server-to-nautilus.sh deleted file mode 100755 index 058e40d..0000000 --- a/ceph-upgrade-server-to-nautilus.sh +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh - -rm -f /etc/apt/sources.list.d/ceph.list - -cat > /etc/apt/sources.list < /etc/apt/sources.list.d/backports.list -apt update -apt dist-upgrade -y -apt install -t buster-backports -y ceph diff --git a/create-guacamole-session-ldap-DB b/create-guacamole-session-ldap-DB deleted file mode 100644 index ce1e5cd..0000000 --- a/create-guacamole-session-ldap-DB +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/bash -#option $1 is vm_list file name -#option $2 id DB location -#option $3 is DB user -#option $4 is DB name - -#host='localhost' - -user_arr=( $(cat $1 | awk '{print $1}' )) -vmid_arr=( $(cat $1 | awk '{print $2}' )) -port_arr=( $(cat $1 | awk '{print $3}' )) -place_arr=( $(cat $1 | awk '{print $4}' )) - -for ((i=0; i<${#user_arr[@]}; i++)) do - #create user - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_entity (name, type) VALUES ('${user_arr[i]}','USER');" - en_id=$(psql -h $2 -U $3 -d $4 -tAc "SELECT entity_id FROM guacamole_entity WHERE name = '${user_arr[i]}';") - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_user(entity_id, password_hash, password_date) VALUES ('$en_id', '\x74657374', now());" - - #create connection - cn=${user_arr[i]}${vmid_arr[i]} - echo $cn - if [ 0 -eq $(psql -h $2 -U $3 -d $4 -tAc "SELECT connection_id FROM guacamole_connection WHERE connection_name = '$cn';" | wc -l) ]; then - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_connection (connection_name, protocol) VALUES ('$cn', 'vnc');" - cn_id=$(psql -h $2 -U $3 -d $4 -tAc "SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '$cn' AND parent_id IS NULL;") - - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_connection_parameter VALUES ('$cn_id','hostname','${place_arr[i]}');" - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_connection_parameter VALUES ('$cn_id','port','${port_arr[i]}');" - - #connection permission - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_connection_permission(entity_id, connection_id, permission) VALUES ('$en_id', '$cn_id', 'READ');" - #clipboard-encoding - psql -h $2 -U $3 -d $4 -tAc "INSERT INTO guacamole_connection_parameter VALUES ('$cn_id','clipboard-encoding','UTF-8');" - - else - cn_id=$(psql -h $2 -U $3 -d $4 -tAc "SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '$cn' AND parent_id IS NULL;") - psql -h $2 -U $3 -d $4 -tAc "UPDATE guacamole_connection_parameter SET parameter_value='${place_arr[i]}' where connection_id='$cn_id' and parameter_name='hostname';" - psql -h $2 -U $3 -d $4 -tAc "UPDATE guacamole_connection_parameter SET parameter_value='${port_arr[i]}' where connection_id='$cn_id' and parameter_name='port';" - fi - -done \ No newline at end of file diff --git a/create-guacamole-session-ldap-file b/create-guacamole-session-ldap-file deleted file mode 100644 index c11b4bc..0000000 --- a/create-guacamole-session-ldap-file +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/bash -#option $1 is vm_list file name -#option $2 is DB name -#this script should be run on guacamole server - - -host='localhost' -user_arr=( $(cat $1 | awk '{print $1}' )) -vmid_arr=( $(cat $1 | awk '{print $2}' )) -port_arr=( $(cat $1 | awk '{print $3}' )) -place_arr=( $(cat $1 | awk '{print $4}' )) - -for ((i=0; i<${#user_arr[@]}; i++)) do - #create user - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_entity (name, type) VALUES ('${user_arr[i]}','USER');\"" - en_id=$(su - postgres -c "psql postgres -d $2 -tAc \"SELECT entity_id FROM guacamole_entity WHERE name = '${user_arr[i]}';\"") - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_user(entity_id, password_hash, password_date) VALUES ('$en_id', '\x74657374', now());\"" - - #create connection - cn=${user_arr[i]}${vmid_arr[i]} - - if [ 0 -eq $(su - postgres -c "psql postgres -d $2 -tAc \"SELECT connection_id FROM guacamole_connection WHERE connection_name = '$cn';\"" | wc -l) ]; then - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_connection (connection_name, protocol) VALUES ('$cn', 'vnc');\"" - cn_id=$(su - postgres -c "psql postgres -d $2 -tAc \"SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '$cn' AND parent_id IS NULL;\"") - - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_connection_parameter VALUES ('$cn_id','hostname','$host');\"" - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_connection_parameter VALUES ('$cn_id','port','${port_arr[i]}');\"" - - #connection permission - su - postgres -c "psql postgres -d $2 -tAc \"INSERT INTO guacamole_connection_permission(entity_id, connection_id, permission) VALUES ('$en_id', '$cn_id', 'READ');\"" - - else - cn_id=$(su - postgres -c "psql postgres -d $2 -tAc \"SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '$cn' AND parent_id IS NULL;\"") - su - postgres -c "psql postgres -d $2 -tAc \"UPDATE guacamole_connection_parameter SET parameter_value='$host' where connection_id='$cn_id' and parameter_name='hostname';\"" - su - postgres -c "psql postgres -d $2 -tAc \"UPDATE guacamole_connection_parameter SET parameter_value='${port_arr[i]}' where connection_id='$cn_id' and parameter_name='port';\"" - fi - -done \ No newline at end of file diff --git a/debian-devuan-netboot.sh b/debian-devuan-netboot.sh deleted file mode 100755 index 2858ae4..0000000 --- a/debian-devuan-netboot.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/bin/sh -# Nico Schottelius, 2019-12-09 -# the ugly code is llnu - -set -e -set -x - -if [ $# -ne 2 ]; then - echo $0 suite out-directory - echo out-directory: into which directory to place resulting files - echo suite is for instance ascii, beowulf, etc - exit 1 -fi - -suite=$1; shift -outdir=$1; shift - -date=$(date +%F) -mkdir -p ${outdir} - -basename=${suite}-${date} -abs_outdir=$(cd ${outdir} && pwd -P) - -chroot_dir=${abs_outdir}/${basename} -kernel=${abs_outdir}/kernel-${basename} -initramfs=${abs_outdir}/initramfs-${basename} - -keyurl=https://code.ungleich.ch/ungleich-public/__ungleich_staff_ssh_access/raw/master/files - -debootstrap "${suite}" "${chroot_dir}" - -# need non-free for firmware-bnx2 -echo "deb http://pkgmaster.devuan.org/merged ${suite} main contrib non-free" > ${chroot_dir}/etc/apt/sources.list - -chroot ${chroot_dir} apt update -chroot ${chroot_dir} apt install -y openssh-server rdnssd linux-image-amd64 firmware-bnx2 ifenslave vlan - -echo "unconfigured-host" > ${chroot_dir}/etc/hostname - -cp ${chroot_dir}/boot/vmlinuz-* ${kernel} - -echo '* * * * * root ip -o -6 addr show | grep -E -v " lo |one" > /etc/issue' > ${chroot_dir}/etc/cron.d/ipv6addr - -mkdir -p ${chroot_dir}/root/.ssh - -for key in fnux balazs dominique jinguk nico; do - curl -s ${keyurl}/${key}.pub >> ${chroot_dir}/root/.ssh/authorized_keys -done - -# Fix possible permission issue from above -chown -R root:root ${chroot_dir}/root/ - -################################################################################ -# networking - -# echo bonding - -cat > ${chroot_dir}/etc/network/interfaces << EOF -auto lo -iface lo inet loopback - -auto bond0 -iface bond0 inet manual - bond-miimon 500 - bond-mode 4 - post-up /sbin/ip link set \$IFACE mtu 9000 - bond-slaves none - -auto eth0 -iface eth0 inet manual - bond-master bond0 - post-up /sbin/ip link set \$IFACE mtu 9000 - -auto eth1 -iface eth1 inet manual - bond-master bond0 - post-up /sbin/ip link set \$IFACE mtu 9000 - -# server network -auto bond0.11 -iface bond0.11 inet6 auto - post-up /sbin/ip link set \$IFACE mtu 9000 - vlan-raw-device bond0 -EOF - -# find the boot interfaces at boot - not needed, always eth0/eth1 -# cat > ${chroot_dir}/etc/rc.local < /etc/network/interfaces.d/bootinterface << eof -# auto \$dev -# iface \$dev inet6 auto -# eof - -# ifup "\${dev}" - -# exit 0 -# EOF - -# chmod a+rx "${chroot_dir}/etc/rc.local" - -# ensure there is /init in the initramfs -> otherwise there is a kernel panic -# reason: initramfs is designed to be PRE regular os, so /init usually hands over to /sbin/init -# in our case, they are just the same -ln -fs /sbin/init ${chroot_dir}/init - -# Finally building the initramfs -( cd ${chroot_dir} ; find . | cpio -H newc -o | gzip -9 > ${initramfs} ) - -# Fix paranoid permissions -chmod a+rx ${abs_outdir} -chmod a+r ${kernel} ${initramfs} diff --git a/debian-use-old-iptables b/debian-use-old-iptables deleted file mode 100755 index 50d47c1..0000000 --- a/debian-use-old-iptables +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -# reverting for a running system that still needs access to old style -# rules - -update-alternatives --set iptables /usr/sbin/iptables-legacy -update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy -update-alternatives --set arptables /usr/sbin/arptables-legacy -update-alternatives --set ebtables /usr/sbin/ebtables-legacy diff --git a/detect-dns64-prefix.py b/detect-dns64-prefix.py deleted file mode 100644 index 1179ca4..0000000 --- a/detect-dns64-prefix.py +++ /dev/null @@ -1,25 +0,0 @@ -#!/usr/bin/env python3 -# Nico Schottelius, 2020-01-07 -# Detect the DNS64 prefix -# Based on https://tools.ietf.org/html/draft-ietf-behave-nat64-discovery-heuristic-05 -# -# How it works: -# - ipv4only.arpa only has A records. -# - a DNS64 server will add AAAA records -# - we take this response (if any) and derive the IPv6 prefix from it -# - -import dns.resolver -import ipaddress - - -if __name__ == '__main__': - dns64_prefix = None - answers = dns.resolver.query('ipv4only.arpa', 'AAAA') - - for rdata in answers: - address = str(rdata) - network = ipaddress.IPv6Network("{}/96".format(address), - strict=False) - # print("{}: {}".format(rdata, network)) - print("{}".format(network)) diff --git a/devuan-netboot.sh b/devuan-netboot.sh new file mode 100644 index 0000000..6e7f39c --- /dev/null +++ b/devuan-netboot.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +date=$(date +%F) +suite=ascii + +dir=${suit}-${date} + +debootstrap ${suite} diff --git a/etcd_import_opennebula_vm.py b/etcd_import_opennebula_vm.py deleted file mode 100644 index d2c94c9..0000000 --- a/etcd_import_opennebula_vm.py +++ /dev/null @@ -1,28 +0,0 @@ -import json -import pprint -#import etcd3 - -with open("nico-vm-one.json", "r") as fd: - vmcontent = fd.read() - -#vm = json.loads(vmcontent.decode('utf-8')) -vm = json.loads(vmcontent) -pprint.pprint(vm['TEMPLATE']['DISK']) - -# storing info - -for_etcd={} -for_etcd['data_version'] = "1" -for_etcd['vm_id'] = vm['ID'] -for_etcd['owner'] = vm['UNAME'] - -for_etcd['disks'] = [] -for disk in vm['TEMPLATE']['DISK']: - disk_etcd = {} - disk_etcd['image_name'] = disk['IMAGE'] - disk_etcd['image_id'] = disk['IMAGE_ID'] - disk_etcd['datastore_name'] = disk['DATASTORE'] - disk_etcd['datastore_id'] = disk['DATASTORE_ID'] - for_etcd['disks'].append(disk_etcd) - -pprint.pprint(for_etcd) diff --git a/opennebula-images/fedora-build-opennebula-image.sh b/fedora-build-opennebula-image.sh similarity index 76% rename from opennebula-images/fedora-build-opennebula-image.sh rename to fedora-build-opennebula-image.sh index b4bc5c6..77d6a0b 100755 --- a/opennebula-images/fedora-build-opennebula-image.sh +++ b/fedora-build-opennebula-image.sh @@ -9,7 +9,7 @@ # definitely opinionated. # Depends on the following packages (as of Fedora 31): -# qemu-img util-linux coreutils dnf curl e2fsprogs +# qemu-img util-linux coreutils dnf curl # Run locally (without network) with: # qemu-system-x86_64 -enable-kvm -m 1G -drive file=$IMAGE,format=qcow2 @@ -18,9 +18,9 @@ set -e set -x # XXX: Handle command-line arguments? -RELEASE=32 +RELEASE=31 ARCH=x86_64 -IMAGE_PATH=fedora-$RELEASE-$(date +%+F).img.qcow2 +IMAGE_PATH=fedora-$RELEASE-$(date --iso-8601).img.qcow2 IMAGE_SIZE=10G NBD_DEVICE=/dev/nbd1 @@ -68,7 +68,7 @@ trap cleanup EXIT # Create partition table, format partitions. sfdisk --no-reread "$NBD_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF +# TODO: use non-$BIGCORP DNS service. +echo 'nameserver 1.1.1.1' >> /mnt/etc/resolv.conf # See https://github.com/OpenNebula/addon-context-linux/issues/121 for details. # network-scripts.x86_64 : Legacy scripts for manipulating of network devices @@ -123,32 +119,15 @@ curl -L "$ONE_CONTEXT_RPM_URL" > "/mnt$ONE_CONTEXT_RPM_PATH" run_root dnf -y install "$ONE_CONTEXT_RPM_PATH" run_root rm "$ONE_CONTEXT_RPM_PATH" -# Install resize2fs, which is required to resize the root file-system. -run_root dnf -y install e2fsprogs - # Initalize base services. run_root systemd-machine-id-setup +run_root systemctl enable systemd-networkd.service run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime run_root systemctl enable systemd-timesyncd.service -# Install haveged due to lack of entropy in ONE environment. -run_root dnf -y install haveged -run_root systemctl enable haveged.service - # Install kernel and bootloader. -# Note: linux-firmware is not required our environment and takes almost 200M -# uncompressed but is a direct dependency of kernel-core... run_root dnf -y install kernel grub2 - -# Add support for virtio block devices at boot time. -cat > /mnt/etc/dracut.conf.d/virtio-blk.conf <> ~/rc_test_result -for ((i=0; i<${#osd_max_backfills[@]}; i++)) do - echo "| "${osd_list[$i]}" |"${osd_recovery_sleep_hdd[$i]}" | "${osd_recovery_op_priority[$i]}" | "${osd_recovery_max_single_start}" | "${osd_recovery_sleep_hybrid[$i]}" | "${osd_max_backfills[$i]}" | "${osd_recovery_max_active[$i]}" | "${osd_recovery_priority[$i]}" | "${osd_client_op_priority[$i]}" |" >> ~/rc_test_result -done \ No newline at end of file diff --git a/ldap-get-emails b/ldap-get-emails deleted file mode 100755 index 733811a..0000000 --- a/ldap-get-emails +++ /dev/null @@ -1,31 +0,0 @@ -#!/bin/sh -# -# List mail addresses found under base DN $1 (defaults to dc=ungleich,dc=ch) - -set -e - -# Hardcoded parameters. -LDAP_SERVER="ldaps://ldap1.ungleich.ch" -LDAP_BIND_DN="cn=manager,dc=ungleich,dc=ch" - -if [ "$1" != "" ]; then - LDAP_SEARCH_BASE="$1" -else - LDAP_SEARCH_BASE="dc=ungleich,dc=ch" -fi - -# Read secrets from environment. -if [ "$LDAP_BIND_PASSWD" = "" ]; then - echo "You have to define LDAP_BIND_PASSWD before launching this script." >&2 - exit 1 -fi - -# Extract mail addresses from LDAP directory. -ldap_search_result="$( - ldapsearch -x -H "$LDAP_SERVER" \ - -D "$LDAP_BIND_DN" \ - -w "$LDAP_BIND_PASSWD" \ - -b "$LDAP_SEARCH_BASE" mail - )" - -echo "$ldap_search_result" | grep 'mail:' | cut -d ' ' -f 2 - diff --git a/legacy/README.md b/legacy/README.md deleted file mode 100644 index 97eae65..0000000 --- a/legacy/README.md +++ /dev/null @@ -1,2 +0,0 @@ -This directory contains old scripts that are not used anymore but might still -be useful. diff --git a/legacy/freebsd-build-opennebula-image-generic.sh b/legacy/freebsd-build-opennebula-image-generic.sh deleted file mode 100755 index d251f56..0000000 --- a/legacy/freebsd-build-opennebula-image-generic.sh +++ /dev/null @@ -1,243 +0,0 @@ -#!/bin/sh -# -# Copyright 2020 -- Evilham -# This is BSD licensed as it's based on BSD-licensed code -# -# We could have used e.g. something like: -# - https://git.sr.ht/~sircmpwn/builds.sr.ht/tree/master/images/freebsd/genimg -# -# But we actually do want to compile the kernel, so that the IPv6-only images -# are different and don't support INET. - -# Explode if something goes wrong -set -e - -# What are we building? -# These are the only configuration options. -# They default to current environment. -# RELEASE: should be 'CURRENT' for current or 'X.Y' Defaults to 'CURRENT'. -# ARCH: probably amd64 for DCL -# VMFORMATS: defaults to qcow2, can also be raw. See man mkimg. -# OPENNEBULA_CONTEXT_VERSION: For DCL's OpenNebula that'd be 5.10.0 (default) -# OPENNEBULA_CONTEXT_REVISION: Defaults to 1. -RELEASE=${RELEASE:-CURRENT} -if [ "${RELEASE}" == "CURRENT" ]; then - SRCBRANCH="master" -else - SRCBRANCH="releng/${RELEASE}" -fi -ARCH=${ARCH:-amd64} -VMFORMATS=${VMFORMATS:-qcow2} -OPENNEBULA_CONTEXT_VERSION=${OPENNEBULA_CONTEXT_VERSION:-5.10.0} -OPENNEBULA_CONTEXT_REVISION=${OPENNEBULA_CONTEXT_REVISION:-1} - -# Didn't see a need to make these configurable. -CHROOTDIR="/scratch" -SRCDIR="${CHROOTDIR}/usr/src" -OUR_DIR="$(realpath $(dirname "${0}"))" -OUR_SRCCONF="${SRCDIR}/release/src.conf" -OUR_RELEASE_CONF="${SRCDIR}/release/release.conf" -# Shorthand for the package file name. -OPENNEBULA_CONTEXT="one-context-${OPENNEBULA_CONTEXT_VERSION}_${OPENNEBULA_CONTEXT_REVISION}.txz" - -setup_sources() { - # Let's use git, we might need to install it - if ! which git 2>&1 > /dev/null; then - pkg install -y git - fi - - if [ ! -d "$(dirname ${SRCDIR})" ]; then - mkdir -p "$(dirname ${SRCDIR})" - fi - - # Checkout needed branch - if [ ! -d "${SRCDIR}" ]; then - git clone "https://github.com/freebsd/freebsd" \ - --branch "${SRCBRANCH}" "${SRCDIR}" - else - GIT_CMD="git -C ${SRCDIR}" - ${GIT_CMD} clean -df - ${GIT_CMD} reset --hard - ${GIT_CMD} fetch - ${GIT_CMD} checkout "${SRCBRANCH}" - ${GIT_CMD} pull - fi - - # Add settings for IPv6-only kernel - cat > "${SRCDIR}/sys/${ARCH}/conf/GENERIC-IPV6ONLY" << EOF -include GENERIC -ident GENERIC-IPV6ONLY -makeoptions MKMODULESENV+="WITHOUT_INET_SUPPORT=" -nooptions INET -nodevice gre -EOF - # Fix vmimage.subr to install custom package and fix other things - cat >> "${SRCDIR}/release/tools/vmimage.subr" << EOF -vm_extra_install_ports() { - # Make sure we install the opennbula context package - cp "/${OPENNEBULA_CONTEXT}" "\${DESTDIR}/tmp/${OPENNEBULA_CONTEXT}" - chroot \${DESTDIR} \${EMULATOR} env ASSUME_ALWAYS_YES=yes \\ - /usr/sbin/pkg add '/tmp/${OPENNEBULA_CONTEXT}' - - # Now make sure the system has better defaults - cat >> "\${DESTDIR}/etc/rc.conf" << eof -# Update to latest patch on first boot -firstboot_freebsd_update_enable="YES" -# Enable OpenNebula's service. -one_context_enable="YES" -# Enable SSH for customers -sshd_enable="YES" -# Clear tmp on boot -clear_tmp_enable="YES" -# Disable sendmail by default -sendmail_enable="NONE" -# Disable crash dumps -dumpdev="NO" -eof - # Enable root access with SSH key. - # It is user's responsibility to further secure their system. - sed -i '' -E \ - 's/(^#[ ]*|^)PermitRootLogin .*/PermitRootLogin without-password/' \ - "\${DESTDIR}/etc/ssh/sshd_config" -} -EOF - # Skip building iso images - rm "${SRCDIR}/release/${ARCH}/mkisoimages.sh" - # This is a hack to not build the memstick - cat > "${SRCDIR}/release/${ARCH}/make-memstick.sh" < \${CHROOTDIR}/etc/src-env.conf -} - -## Set the directory within which the release will be built. -CHROOTDIR="${CHROOTDIR}" - -## Set to override the default target architecture and kernel -TARGET="${ARCH}" -TARGET_ARCH="${ARCH}" -KERNEL="${KERNEL_CONFIG}" - -## Set to specify a custom make.conf and/or src.conf -SRC_CONF="${OUR_SRCCONF}" - -# Since these are VMs, users should add other components if they want to. -NODOC=YES -NOPORTS=YES -NOSRC=YES - -# We manage sources manually -SRC_UPDATE_SKIP=YES - -## Set to pass additional flags to make(1) for the build chroot setup, such -## as TARGET/TARGET_ARCH. -# This was necessary for "cross-compiling" -CHROOT_MAKEENV="MK_LLVM_TARGET_X86=yes" - -WITH_VMIMAGES=YES - -# VM image size, see man 1 truncate -VMSIZE="10G" - -# List of disk image formats, see man mkgimg. -VMFORMATS="${VMFORMATS}" - -# These variables have to be exported because they are needed in subprocesses. -export NOSWAP=YES -# Custom ports -# - firstboot-freebsd-update helps us not have to create an image for each -# patch level. We still will have to do it for each minor version update. -# - bash is apparently needed for one-context -export VM_EXTRA_PACKAGES="firstboot-freebsd-update bash" -EOF -} - -_do_run_release() { - . "${SRCDIR}/release/release.sh" -} -run_release() { - _do_run_release -c "${OUR_RELEASE_CONF}" -} - - -build_image() { - # Generate configuration - echo "${2}" > "${OUR_SRCCONF}" - KERNEL_CONFIG="${1}" - gen_releaseconf > "${OUR_RELEASE_CONF}" - # Be paranoid about files and stuff - sync - # Continue with the release script - run_release - # Be paranoid about files and stuff - sync - - mv "${CHROOTDIR}/R/vmimages" "${OUR_DIR}/FreeBSD-${RELEASE}-${1}" - - # Be paranoid about files and stuff - sync -} - -our_main() { - case "$1" in - --dualstack) - BUILD_DUALSTACK=yes - ;; - --ipv6only) - BUILD_IPV6ONLY=yes - ;; - *) - cat << EOF -Run with --dualstack or --ipv6only depending on the image you want. -EOF - exit 1 - ;; - esac - setup_sources - setup_our_env - # Fetch OpenNebula's context package - fetch "https://github.com/OpenNebula/addon-context-linux/releases/download/v${OPENNEBULA_CONTEXT_VERSION}/${OPENNEBULA_CONTEXT}" \ - -o "${CHROOTDIR}/${OPENNEBULA_CONTEXT}" - # Do run - if [ -n "${BUILD_DUALSTACK}" ]; then - build_image "GENERIC" - fi - if [ -n "${BUILD_IPV6ONLY}" ]; then - build_image "GENERIC-IPV6ONLY" "$(cat << EOF -WITHOUT_INET=yes -WITHOUT_INET_SUPPORT=yes -EOF -)" - fi - - cat << EOF - -*************** DONE *************** -You will find the images under "${OUR_DIR}". -************************************ -EOF -} - -our_main "${@}" diff --git a/legacy/freebsd-build-opennebula-image.sh b/legacy/freebsd-build-opennebula-image.sh deleted file mode 100755 index 266f639..0000000 --- a/legacy/freebsd-build-opennebula-image.sh +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -# -# Copyright 2020 -- Evilham -# This is BSD licensed as it's based on BSD-licensed code -# -# -# This builds all needed FreeBSD images for ungleich's Data Center Light -# When there are new releases, they should be updated here and the script -# should run. -# 11.4 is scheduled end of June 2020 -# 12.2 is scheduled end of October 2020 -# - -SUPPORTED_RELEASES="11.3 12.1" - -# This should run in a DCL VM with an OK amount of cores (4/8 minimum), -# 4G RAM, and storage of roughly 20G + 5G * #resulting_images. -# -# This is because there is the base system, a 'pristine chroot', and during the -# build there can be 2 copies of the resulting system written to the system. -# Since there are 4 combinations of images: -# {STABLE,RELEASE} x {dualstack, IPv6ONLY} -# -# That means we'll need to assign about 40G storage to be on the safe side. - -date=$(date -I) -for release in ${SUPPORTED_RELEASES}; do - for build in dualstack ipv6only; do - env RELEASE=${release} sh freebsd-build-opennebula-image-generic.sh --${build} \ - | tee "freebsd-${release}-${build}-${date}.log" - done -done diff --git a/magiccommand b/magiccommand deleted file mode 100755 index e724d8e..0000000 --- a/magiccommand +++ /dev/null @@ -1,2 +0,0 @@ -* * * * * root ip -o -6 addr show | grep -E -v "lo |one" | awk '{print $1" " $2": "$4}' >> /dev/tty1 - diff --git a/map-osd-to-disktype b/map-osd-to-disktype deleted file mode 100755 index c609c87..0000000 --- a/map-osd-to-disktype +++ /dev/null @@ -1,36 +0,0 @@ -#!/bin/sh - -# This script will find the locally active osd-s and display their information with the help of Megacli tools. -# Assumes that you run it on a host which has at least 1 osd that matches hdd or ssd disk device class in ceph osd df tree output. -# -# An example for usage: -# for NUM in 14 2 3 4 6 ; do printf "server$NUM\n" >> /tmp/osd_infos; ssh root@server"$NUM".place6.ungleich.ch "/opt/ungleich-tools/map-osd-to-disktype" >> /tmp/osd_infos ; printf "\n \n" >> /tmp/osd_infos; done -# -# llnu's most hacky/advanced script at the time of writing (2020-05-27) - - -# Future functionality (arguments, and filtering): -#OSDTYPE=ssd - - -# Tempfile -/opt/ungleich-tools/megaclisas-status > /tmp/megaclisas-status.out - -# Gets osd numbers of a particular device class, and gets their mountpoints on the host, and puts them into a tempfile -#for osd in $(ceph osd tree | grep $OSDTYPE | grep -v down | cut -b 1-3); do findmnt -t xfs -n -o TARGET,SOURCE | grep "ceph-$osd " | cut -c 24- >> /tmp/list_osd_mountpoint.out; done -for osd in $(ceph osd tree | grep 'ssd\|hdd' | grep -v down | cut -b 1-3); do lsblk -p -o NAME,MOUNTPOINT | grep -w "/var/lib/ceph/osd/ceph-$osd" | cut -c 3- >> /tmp/list_osd_mountpoint.out ; done - -# Gets the Megacli mappings for the mountpoints -for MOUNT in $(cat /tmp/list_osd_mountpoint.out | awk '{print $1}' | sed 's/[0-9]*//g') ; do cat /tmp/megaclisas-status.out | grep $MOUNT | awk '{print $1}' >> /tmp/megacli-mappings.out; done - -# Gets the hardware types for the Megacli mappings -for megacli_mappings in $(cat /tmp/megacli-mappings.out); do awk '/Disk info/,0' /tmp/megaclisas-status.out | grep -w "$megacli_mappings"p0 | cut -d '|' -f 2-6,8 >> /tmp/disk_types.out; done - -# Formatting, to get the local $OSDTYPE osd-s -for osd_num in $(cat /tmp/list_osd_mountpoint.out | awk '{print $2}' | cut -c 24- ); do printf "%-7s%s\n" "osd-$osd_num" >> /tmp/local_osds.out; done - -# Combine and display the outputs -paste /tmp/local_osds.out /tmp/disk_types.out -d '|' - -# Cleanup *.out files in the temp dir -rm /tmp/*.out diff --git a/megaclisas-status b/megaclisas-status deleted file mode 100755 index 3495502..0000000 --- a/megaclisas-status +++ /dev/null @@ -1,875 +0,0 @@ -#!/usr/bin/python -# $Id: megaclisas-status,v 1.68 2016/10/21 14:38:56 root Exp root $ -# -# Written by Adam Cecile -# Modified by Vincent S. Cojot -# - -import os -import re -import sys -import pdb -if sys.platform == 'win32': - import ctypes - -def_megaclipath = "/opt/MegaRAID/MegaCli/MegaCli64" - -# Non-Nagios Mode defaults -nagiosmode = False -nagiosoutput='' -nagiosgoodarray = 0 -nagiosbadarray = 0 -nagiosgooddisk = 0 -nagiosbaddisk = 0 - -# Sane defaults -printarray = True -printcontroller = True -debugmode = False -notempmode = False -totaldrivenumber = 0 - -# Hardcode a max of 16 HBA and 128 LDs for now. LDTable must be initialized to accept populating list of LD's into each ctlr's list. -MaxNumHBA = 16 -MaxNumLD = 128 -LDTable = [ [] * MaxNumHBA for i in range(MaxNumLD) ] -NestedLDTable = [[False for i in range(MaxNumHBA)] for j in range(MaxNumLD)] - -# Outputs is a 'dict' of all MegaCLI outputs so we can re-use them during loops.. -Outputs = {} - -# Startup -def print_usage(): - print 'Usage: megaraid-status [--nagios|--debug|--notemp]' - -# We need root access to query -if __name__ == '__main__': - try: - root_or_admin = os.geteuid() == 0 - except AttributeError: - root_or_admin = ctypes.windll.shell32.IsUserAnAdmin() !=0 - if not root_or_admin: - print '# This script requires Administrator privileges' - sys.exit(5) - -# Check command line arguments to enable nagios or not -if len(sys.argv) > 2: - print_usage() - sys.exit(1) - -if len(sys.argv) > 1: - if sys.argv[1] == '--nagios': - nagiosmode = True - elif sys.argv[1] == '--debug': - debugmode = True - elif sys.argv[1] == '--notemp': - notempmode = True - else: - print_usage() - sys.exit(1) -# Functions -def dbgprint(msg): - if (debugmode): - sys.stderr.write ( str('# DEBUG : '+msg+'\n')) - -def is_exe(fpath): - return os.path.isfile(fpath) and os.access(fpath, os.X_OK) - -def which(program): - import os - fpath, fname = os.path.split(program) - if fpath: - if is_exe(program): - return program - else: - # Add some defaults - os.environ["PATH"] += os.pathsep + '/opt/MegaRAID/MegaCli' - os.environ["PATH"] += os.pathsep + '/ms/dist/hwmgmt/bin' - os.environ["PATH"] += os.pathsep + os.path.dirname(os.path.realpath(sys.argv[0])) - for path in os.environ["PATH"].split(os.pathsep): - dbgprint ('Looking in PATH '+str(path)) - path = path.strip('"') - exe_file = os.path.join(path, program) - if is_exe(exe_file): - dbgprint ('Found "'+program+'" at '+exe_file) - return exe_file - return None - -# Find MegaCli -for megabin in "MegaCli64","MegaCli","megacli", "MegaCli.exe": - dbgprint ('Looking for '+str(megabin)+' in PATH next..') - megaclipath = which(megabin) - if (megaclipath != None): - dbgprint ('Will use MegaCLI from here: '+str(megaclipath)) - break - -# Check binary exists (and +x), if not print an error message -if (megaclipath != None): - if os.path.exists(megaclipath) and os.access(megaclipath, os.X_OK): - pass - else: - if nagiosmode: - print 'UNKNOWN - Cannot find '+megaclipath - else: - print 'Cannot find ' + megaclipath + 'in your PATH. Please install it.' - sys.exit(3) -else: - print 'Cannot find "MegaCli64","MegaCli" or "megacli" or "MegaCli.exe" in your PATH. Please install it.' - sys.exit(3) - - -#### pdb.set_trace() - -def returnWdthFromArrayCol(glarray,idx): - maxwdth = 0 - for glrow in glarray: - if ( len(glrow[idx]) > maxwdth): - maxwdth = len(glrow[idx]) - return maxwdth - -# Get command output -def getOutput(cmd): - lines = [] - if ( Outputs.has_key(cmd) ): - dbgprint ("Got Cached value: "+str(cmd)) - lines = Outputs[cmd] - else: - dbgprint ("Not a Cached value: "+str(cmd)) - output = os.popen(cmd) - for line in output: - if not re.match(r'^$',line.strip()): - lines.append(line.strip()) - Outputs[cmd] = lines - return lines - -def returnControllerNumber(output): - for line in output: - if re.match(r'^Controller Count.*$',line.strip()): - return int(line.split(':')[1].strip().strip('.')) - -def returnTotalDriveNumber(output): - for line in output: - if re.match(r'Number of Physical Drives on Adapter.*$',line.strip()): - return int(line.split(':')[1].strip()) - -def returnRebuildProgress(output): - percent = 0 - tmpstr = '' - for line in output: - if re.match(r'^Rebuild Progress on Device at Enclosure.*, Slot .* Completed ',line.strip()): - tmpstr = line.split('Completed')[1].strip() - percent = int(tmpstr.split('%')[0].strip()) - return percent - -def returnConfDriveNumber(output): - # Count the configured drives - confdrives = 0 - for line in output: - if re.match(r'.*Number of PDs:.*$',line.strip()): - confdrives += int(line.split(':')[2].strip()) - return int(confdrives) - -def returnUnConfDriveNumber(output): - # Count the configured drives - confdrives = 0 - for line in output: - if re.match(r'^Firmware state: Unconfigured.*$',line.strip()): - confdrives += 1 - return int(confdrives) - -def returnControllerModel(output): - for line in output: - if re.match(r'^Product Name.*$',line.strip()): - return line.split(':')[1].strip() - -def returnMemorySize(output): - for line in output: - if re.match(r'^Memory Size.*$',line.strip()): - return line.split(':')[1].strip() - -def returnFirmwareVersion(output): - for line in output: - if re.match(r'^FW Package Build.*$',line.strip()): - return line.split(':')[1].strip() - -def returnROCTemp(output): - ROCtemp = '' - tmpstr = '' - if (notempmode): - return str('N/A') - else: - for line in output: - if re.match(r'^ROC temperature :.*$',line.strip()): - tmpstr = line.split(':')[1].strip() - ROCtemp = re.sub(' +.*$', '', tmpstr) - if ( ROCtemp != '' ): - return str(str(ROCtemp)+'C') - else: - return str('N/A') - -def returnBBUPresence(output): - BBU = '' - tmpstr = '' - for line in output: - if re.match(r'^BBU +:.*$',line.strip()): - tmpstr = line.split(':')[1].strip() - BBU = re.sub(' +.*$', '', tmpstr) - break - if ( BBU != '' ): - return str(BBU) - else: - return str('N/A') - -def returnBBUStatus(output): - BBUStatus = '' - tmpstr = '' - for line in output: - if re.match(r'^ *Battery Replacement required +:.*$',line.strip()): - tmpstr = line.split(':')[1].strip() - BBUStatus = re.sub(' +.*$', '', tmpstr) - break - if ( BBUStatus == 'Yes' ): - return str('REPL') - else: - return str('Good') - -def returnArrayNumber(output): - i = 0 - for line in output: - if re.match(r'^(CacheCade )?Virtual Drive:.*$',line.strip()): - i += 1 - return i - -def returnHBAPCIInfo(output): - busprefix = '0000' - busid = '' - devid = '' - functionid = '' - pcipath = '' - for line in output: - if re.match(r'^Bus Number.*:.*$',line.strip()): - busid = str(line.strip().split(':')[1].strip()).zfill(2) - if re.match(r'^Device Number.*:.*$',line.strip()): - devid = str(line.strip().split(':')[1].strip()).zfill(2) - if re.match(r'^Function Number.*:.*$',line.strip()): - functionid = str(line.strip().split(':')[1].strip()).zfill(1) - if busid: - pcipath = str(busprefix + ':' + busid + ':' + devid + '.' + functionid) - dbgprint("Array PCI path : "+pcipath) - return str(pcipath) - else: - return None - -def returnHBAInfo(table,output,controllerid): - controllermodel = 'Unknown' - controllerram = 'Unknown' - controllerrev = 'Unknown' - controllertemp = '' - controllermodel = returnControllerModel(output) - controllerram = returnMemorySize(output) - controllerrev = returnFirmwareVersion(output) - controllertemp = returnROCTemp(output) - controllerbbu = returnBBUPresence(output) - if controllerbbu == 'Present': - cmd = '%s -AdpBbuCmd -GetBbuStatus -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - controllerbbu = returnBBUStatus(output) - - if controllermodel != 'Unknown': - table.append([ 'c'+str(controllerid), controllermodel, controllerram, str(controllertemp), str(controllerbbu), str('FW: '+controllerrev) ]) - -def returnArrayInfo(output,controllerid,arrayid,arrayindex): - id = 'c'+str(controllerid)+'u'+str(arrayid) - operationlinennumber = False - linenumber = 0 - targetid = '' - raidtype = '' - raidlvl = '' - size = '' - state = 'N/A' - strpsz = '' - dskcache = 'N/A' - properties = '' - spandepth = 0 - diskperspan = 0 - cachecade_info = 'None' - - for line in output: - if re.match(r'^(CacheCade )?Virtual Drive:.*(Target Id: [0-9]+).*$',line.strip()): - # Extract the SCSI Target ID - targetid = line.strip().split(':')[2].split(')')[0].strip() - elif re.match(r'^RAID Level.*?:.*$',line.strip()): - # Extract the primary raid type, decide on X0 RAID level later when we hit Span Depth - raidlvl = int(line.strip().split(':')[1].split(',')[0].split('-')[1].strip()) - elif re.match(r'^Size.*?:.*$',line.strip()): - # Size reported in MB - if re.match(r'^.*MB$',line.strip().split(':')[1]): - size = line.strip().split(':')[1].strip('MB').strip() - if ( float(size) > 1000): - size = str(int(round((float(size) / 1000))))+'G' - else: - size = str(int(round(float(size))))+'M' - # Size reported in TB - elif re.match(r'^.*TB$',line.strip().split(':')[1]): - size = line.strip().split(':')[1].strip('TB').strip() - size = str(int(round((float(size) * 1000))))+'G' - # Size reported in GB (default) - else: - size = line.strip().split(':')[1].strip('GB').strip() - size = str(int(round((float(size)))))+'G' - elif re.match(r'^Span Depth.*?:.*$',line.strip()): - # If Span Depth is greater than 1 chances are we have a RAID 10, 50 or 60 - spandepth = line.strip().split(':')[1].strip() - elif re.match(r'^State.*?:.*$',line.strip()): - state = line.strip().split(':')[1].strip() - elif re.match(r'^Strip Size.*?:.*$',line.strip()): - strpsz = line.strip().split(':')[1].strip() - elif re.match(r'^Number Of Drives per span.*:.*$',line.strip()): - diskperspan = int(line.strip().split(':')[1].strip()) - elif re.match(r'^Current Cache Policy.*?:.*$',line.strip()): - props = line.strip().split(':')[1].strip() - if re.search('ReadAdaptive', props): - properties += 'ADRA' - if re.search('ReadAhead', props): - properties += 'RA' - if re.match('ReadAheadNone', props): - properties += 'NORA' - if re.search('WriteBack', props): - properties += ',WB' - if re.match('WriteThrough', props): - properties += ',WT' - elif re.match(r'^Disk Cache Policy.*?:.*$',line.strip()): - props = line.strip().split(':')[1].strip() - if re.search('Disabled', props): - dskcache = 'Disabled' - if re.search('Disk.s Default', props): - dskcache = 'Default' - if re.search('Enabled', props): - dskcache = 'Enabled' - elif re.match(r'^Ongoing Progresses.*?:.*$',line.strip()): - operationlinennumber = linenumber - elif re.match(r'Cache Cade Type\s*:.*$', line): - cachecade_info = "Type : " + line.strip().split(':')[1].strip() - elif re.match(r'^Target Id of the Associated LDs\s*:.*$', line): - associated=[] - for array in line.split(':')[1].strip().split(','): - if array.isdigit(): - associated.append('c%du%d' % (controllerid, int(array))) - if len(associated) >= 1: - cachecade_info = "Associated : %s" %(', '.join(associated)) - linenumber += 1 - - # If there was an ongoing operation, find the relevant line in the previous output - if operationlinennumber: - inprogress = output[operationlinennumber + 1] - else: - inprogress = 'None' - - # Compute the RAID level - NestedLDTable[int(controllerid)][int(arrayindex)] = False - if raidlvl == '': - raidtype = str('N/A') - else: - if (int(spandepth) >= 2): - raidtype = str('RAID-' + str(raidlvl) + '0') - NestedLDTable[controllerid][int(arrayindex)] = True - else: - if(raidlvl == 1): - if(diskperspan > 2): - raidtype = str('RAID-10') - NestedLDTable[controllerid][int(arrayindex)] = True - else: - raidtype = str('RAID-' + str(raidlvl)) - else: - raidtype = str('RAID-' + str(raidlvl)) - - dbgprint('RAID Level: ' + str(raidlvl) - + ' Span Depth: ' + str(spandepth) - + ' Disk Per Span: ' + str(diskperspan) - + ' Raid Type: ' + str(raidtype)) - return [id,raidtype,size,strpsz,properties,dskcache,state,targetid,cachecade_info,inprogress] - -def returnDiskInfo(output,controllerid): - arrayid = False - arrayindex = -1 - sarrayid = 'Unknown' - diskid = False - oldenclid = False - enclid = False - spanid = False - slotid = False - lsidid = 'Unknown' - table = [] - fstate = 'Offline' - substate = 'Unknown' - model = 'Unknown' - speed = 'Unknown' - dsize = 'Unknown' - temp = 'Unk0C' - percent = 0 - for line in output: - if re.match(r'^Span: [0-9]+ - Number of PDs:',line.strip()): - spanid = line.split(':')[1].strip() - spanid = re.sub(' - Number of PDs.*', '', spanid) - elif re.match(r'Enclosure Device ID: .*$',line.strip()): - # We match here early in the analysis so reset the vars if this is a new disk we're reading.. - oldenclid = enclid - enclid = line.split(':')[1].strip() - if oldenclid != False: - fstate = 'Offline' - model = 'Unknown' - speed = 'Unknown' - temp = 'Unk0C' - slotid = False - lsidid = 'Unknown' - elif re.match(r'^Coerced Size: ',line.strip()): - dsize = line.split(':')[1].strip() - dsize = re.sub(' \[.*\.*$', '', dsize) - dsize = re.sub('[0-9][0-9] GB', ' Gb', dsize) - elif re.match(r'^(CacheCade )?Virtual (Disk|Drive): [0-9]+.*$',line.strip()): - arrayindex += 1 - arrayid = line.split('(')[0].split(':')[1].strip() - elif re.match(r'PD: [0-9]+ Information.*$',line.strip()): - diskid = line.split()[1].strip() - elif re.match(r'^Device Id: .*$',line.strip()): - lsidid = line.split(':')[1].strip() - elif re.match(r'Slot Number: .*$',line.strip()): - slotid = line.split(':')[1].strip() - elif re.match(r'Firmware state: .*$',line.strip()): - fstate = line.split(':')[1].strip() - subfstate = re.sub('\(.*', '', fstate) - dbgprint('Firmware State: '+str(fstate)+' '+str(subfstate)) - elif re.match(r'Inquiry Data: .*$',line.strip()): - model = line.split(':')[1].strip() - model = re.sub(' +', ' ', model) - # Sub code - manuf = re.sub(' .*', '', model) - dtype = re.sub(manuf+' ', '', model) - dtype = re.sub(' .*', '', dtype) - hwserial = re.sub('.*'+dtype+' *', '', model) - elif re.match(r'^Media Type: .*$',line.strip()): - mtype = line.split(':')[1].strip() - if mtype == 'Hard Disk Device': - mtype = 'HDD' - else: - if mtype == 'Solid State Device': - mtype = 'SSD' - else: - mtype = 'N/A' - elif re.match(r'Device Speed: .*$',line.strip()): - speed = line.split(':')[1].strip() - elif re.match(r'Drive Temperature :.*$',line.strip()): - if (notempmode): - temp = 'N/A' - else: - # Drive temp is amongst the last few lines matched, decide here if we add information to the table.. - temp = line.split(':')[1].strip() - temp = re.sub(' \(.*\)', '', temp) - if model != 'Unknown': - dbgprint('Disk Info: '+str(arrayid)+' '+str(diskid)+' '+str(oldenclid)) - if subfstate == 'Rebuild': - cmd = '%s pdrbld -showprog -physdrv\[%s:%s\] -a%d -NoLog' % (megaclipath, enclid, slotid, controllerid) - output = getOutput(cmd) - percent = returnRebuildProgress(output) - fstate = str('Rebuilding (%d%%)' % (percent)) - - if (( NestedLDTable[controllerid][int(arrayindex)] == True) and (spanid != False)): - sarrayid = str(arrayid)+"s"+spanid - else: - sarrayid = str(arrayid) - table.append([sarrayid, str(diskid), mtype, model, dsize, fstate , speed, temp, enclid, slotid, lsidid]) - return table - - -def returnUnconfDiskInfo(output,controllerid): - arrayid = False - diskid = False - olddiskid = False - enclid = False - slotid = False - lsidid = 'Unknown' - table = [] - fstate = 'Offline' - substate = 'Unknown' - model = 'Unknown' - speed = 'Unknown' - mtype = 'Unknown' - dsize = 'Unknown' - temp = 'Unk0C' - for line in output: - if re.match(r'Enclosure Device ID: .*$',line.strip()): - # We match here early in the analysis so reset the vars if this is a new disk we're reading.. - oldenclid = enclid - enclid = line.split(':')[1].strip() - if oldenclid != False: - arrayid = False - fstate = 'Offline' - model = 'Unknown' - speed = 'Unknown' - temp = 'Unk0C' - slotid = False - lsidid = 'Unknown' - - elif re.match(r'^Coerced Size: ',line.strip()): - dsize = line.split(':')[1].strip() - dsize = re.sub(' \[.*\.*$', '', dsize) - dsize = re.sub('[0-9][0-9] GB', ' Gb', dsize) - elif re.match(r'^Drive.s position: DiskGroup: [0-9]+,.*$',line.strip()): - arrayid = line.split(',')[1].split(':')[1].strip() - elif re.match(r'^Device Id: [0-9]+.*$',line.strip()): - diskid = line.split(':')[1].strip() - elif re.match(r'^Device Id: .*$',line.strip()): - lsidid = line.split(':')[1].strip() - elif re.match(r'Slot Number: .*$',line.strip()): - slotid = line.split(':')[1].strip() - elif re.match(r'Firmware state: .*$',line.strip()): - fstate = line.split(':')[1].strip() - subfstate = re.sub('\(.*', '', fstate) - dbgprint('Firmware State: '+str(fstate)+' '+str(subfstate)) - elif re.match(r'Inquiry Data: .*$',line.strip()): - model = line.split(':')[1].strip() - model = re.sub(' +', ' ', model) - manuf = re.sub(' .*', '', model) - dtype = re.sub(manuf+' ', '', model) - dtype = re.sub(' .*', '', dtype) - hwserial = re.sub('.*'+dtype+' *', '', model) - elif re.match(r'^Media Type: .*$',line.strip()): - mtype = line.split(':')[1].strip() - if mtype == 'Hard Disk Device': - mtype = 'HDD' - else: - if mtype == 'Solid State Device': - mtype = 'SSD' - else: - mtype = 'N/A' - elif re.match(r'Device Speed: .*$',line.strip()): - speed = line.split(':')[1].strip() - elif re.match(r'Drive Temperature :.*$',line.strip()): - temp = line.split(':')[1].strip() - temp = re.sub('\(.*\)', '', temp) - # Drive temp is amongst the last few lines matched, decide here if we add information to the table.. - if arrayid == False: - if subfstate == 'Unconfigured': - dbgprint('Unconfigured Disk: Arrayid: '+str(arrayid)+' DiskId: '+str(diskid)+' '+str(olddiskid)+' '+str(fstate)) - elif subfstate == 'Online, Spun Up': - dbgprint('Online Disk: Arrayid: '+str(arrayid)+' DiskId: '+str(diskid)+' '+str(olddiskid)+' '+str(fstate)) - table.append([ mtype, model, dsize, fstate, speed, temp, enclid, slotid, lsidid]) - return table - -cmd = '%s -adpCount -NoLog' % (megaclipath) -output = getOutput(cmd) -controllernumber = returnControllerNumber(output) - -bad = False - -# List available controller -if printcontroller: - if controllernumber: - if not nagiosmode: - print '-- Controller information --' - - i = 0 - controllerid = 0 - mlen = 0 - hbainfo = [] - while controllerid < controllernumber: - cmd = '%s -AdpAllInfo -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - returnHBAInfo(hbainfo, output,controllerid) - controllerid += 1 - mlen = returnWdthFromArrayCol(hbainfo,1) - - controllerid = 0 - for hba in hbainfo: - hbafmt = str('%-5s | %-'+str(mlen)+'s | %-6s | %-4s | %-6s | %-12s ') - # Header - if ( i == 0 ): - if not nagiosmode: - print hbafmt % ("-- ID","H/W Model","RAM","Temp","BBU", "Firmware") - if not nagiosmode: - print hbafmt % ( - hba[0], - hba[1], - hba[2], - hba[3], - hba[4], - hba[5]) - i += 1 - if not nagiosmode: - print '' - else: - print "No MegaRAID or PERC adapter detected on your system!" - exit(1) - -if printarray: - if not nagiosmode: - print '-- Array information --' - - controllerid = 0 - pcipath = '' - diskpath = '' - i = 0 ; j = 0 - mlen = 0 ; rlen = 0 ; clen = 0 - while controllerid < controllernumber: - arrayindex = 0 - - cmd = '%s -LDInfo -lall -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraynumber = returnArrayNumber(output) - # We need to explore each HBA to look for gaps in LD's - ldid = 0 ; ldcount = 0 - while ldcount < arraynumber: - cmd = '%s -LDInfo -l%d -a%d -NoLog' % (megaclipath, ldid, controllerid) - output = getOutput(cmd) - for line in output: - if re.match(r'^Adapter.*Virtual Drive .* Does not Exist',line.strip()): - ldid += 1 - elif re.match(r'^(CacheCade )?Virtual Drive:',line.strip()): - LDTable[controllerid].append ( ldid ) - #NestedLDTable[controllerid][int(arrayindex)] = False - ldcount += 1 - ldid += 1 - - while arrayindex < arraynumber: - ldid = LDTable[controllerid][arrayindex] - cmd = '%s -LDInfo -l%d -a%d -NoLog' % (megaclipath, ldid, controllerid) - output = getOutput(cmd) - arrayinfo = returnArrayInfo(output, controllerid, ldid, arrayindex) - if ( len(arrayinfo[1]) > rlen): - rlen = len(arrayinfo[1]) - if ( len(arrayinfo[4]) > mlen): - mlen = len(arrayinfo[4]) - if ( len(arrayinfo[8]) > clen): - clen = len(arrayinfo[8]) - arrayindex += 1 - controllerid += 1 - - controllerid = 0 - while controllerid < controllernumber: - arrayindex = 0 - - cmd = '%s -AdpGetPciInfo -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - pcipath = returnHBAPCIInfo(output) - - cmd = '%s -LDInfo -lall -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraynumber = returnArrayNumber(output) - while arrayindex < arraynumber: - ldid = LDTable[controllerid][arrayindex] - cmd = '%s -LDInfo -l%d -a%d -NoLog' % (megaclipath, ldid, controllerid) - output = getOutput(cmd) - arrayinfo = returnArrayInfo(output,controllerid, ldid, arrayindex) - - if pcipath: - diskprefix = str('/dev/disk/by-path/pci-' + pcipath + '-scsi-0:') - for j in range (8): - diskpath = diskprefix + str(j) + ':' + str(arrayinfo[7]) + ':0' - if os.path.exists(diskpath): - arrayinfo[7] = os.path.realpath(diskpath) - else: - arrayinfo[7] = 'N/A' - - # Pad the string length, just to make sure it's aligned with the headers... - if (rlen < len("Type")): - rlen = len("Type") - if (mlen < len("Flags")): - mlen = len("Flags") - if (clen < len("CacheCade")): - clen = len("CacheCade") - - ldfmt = str('%-5s | %-'+str(rlen)+'s | %7s | %7s | %'+str(mlen)+'s | %8s | %8s | %8s | %-'+str(clen)+'s |%-12s ') - # Header - if ( i == 0 ): - if not nagiosmode: - print ldfmt % ("-- ID", "Type", "Size", "Strpsz", "Flags", "DskCache", "Status", "OS Path", "CacheCade", "InProgress" ) - if not nagiosmode: - print ldfmt % ( - arrayinfo[0], - arrayinfo[1], - arrayinfo[2], - arrayinfo[3], - arrayinfo[4], - arrayinfo[5], - arrayinfo[6], - arrayinfo[7], - arrayinfo[8], - arrayinfo[9]) - dbgprint("Array state : "+arrayinfo[6]) - if arrayinfo[6] not in [ 'Optimal', 'N/A' ]: - bad = True - nagiosbadarray=nagiosbadarray+1 - else: - nagiosgoodarray=nagiosgoodarray+1 - arrayindex += 1 - i += 1 - controllerid += 1 - if not nagiosmode: - print '' - -controllerid = 0 -while controllerid < controllernumber: - cmd = '%s -PDGetNum -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - totaldrivenumber += returnTotalDriveNumber(output) - controllerid += 1 - -if totaldrivenumber: - if not nagiosmode: - print '-- Disk information --' - - i = 0 - dlen = 0 ; mlen = 0 ; flen = 0 - controllerid = 0 - while controllerid < controllernumber: - arrayid = 0 - cmd = '%s -LDInfo -lall -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraynumber = returnArrayNumber(output) - #### BUG: -LdPdInfo shows all PD on the adapter, not just for said LD.. - #### while arrayid <= arraynumber: - cmd = '%s -LdPdInfo -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraydisk = returnDiskInfo(output,controllerid) - for array in arraydisk: - dbgprint('Disk c'+str(controllerid)+'u'+array[0]+'p'+array[1] + ' status : ' + array[5]) - if array[5] not in [ 'Online', 'Online, Spun Up' ]: - bad = True - nagiosbaddisk=nagiosbaddisk+1 - else: - nagiosgooddisk=nagiosgooddisk+1 - - if ( returnWdthFromArrayCol(arraydisk,0) > dlen): - dlen = returnWdthFromArrayCol(arraydisk,0) - if ( returnWdthFromArrayCol(arraydisk,3) > mlen): - mlen = returnWdthFromArrayCol(arraydisk,3) - if ( returnWdthFromArrayCol(arraydisk,5) > flen): - flen = returnWdthFromArrayCol(arraydisk,5) - controllerid += 1 - - controllerid = 0 - while controllerid < controllernumber: - arrayid = 0 - - cmd = '%s -LDInfo -lall -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraynumber = returnArrayNumber(output) - #### BUG: -LdPdInfo shows all PD on the adapter, not just for said LD.. - #### while arrayid <= arraynumber: - - cmd = '%s -LdPdInfo -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraydisk = returnDiskInfo(output,controllerid) - - # Adjust print format with width computed above - drvfmt = "%-"+str(dlen+5)+"s | %-4s | %-"+str(mlen)+"s | %-8s | %-"+str(flen)+"s | %-8s | %-4s | %-8s | %-8s" - for array in arraydisk: - # Header - if ( i == 0 ): - if not nagiosmode: - print drvfmt % ( - "-- ID", "Type", "Drive Model", "Size", "Status", "Speed", "Temp", "Slot ID", "LSI Device ID") - # Drive information - if not nagiosmode: - print drvfmt % ( - str('c'+str(controllerid)+'u'+array[0]+'p'+array[1]), # c0p0 - array[2], # HDD/SDD - array[3], # Model Information (Variable len) - array[4], # Size - array[5], # Status (Variable len) - array[6], # Speed - array[7], # Temp - str('['+array[8]+':'+array[9]+']'), # Slot ID - array[10]) # LSI ID - i = i + 1 - controllerid += 1 - if not nagiosmode: - print '' - -controllerid = 0 -totalconfdrivenumber = 0 -totalunconfdrivenumber = 0 -totaldrivenumber = 0 -while controllerid < controllernumber: - cmd = '%s -LdPdInfo -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - totalconfdrivenumber += returnConfDriveNumber(output) - - cmd = '%s -PDGetNum -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - totaldrivenumber += returnTotalDriveNumber(output) - - cmd = '%s -PDList -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - totalunconfdrivenumber += returnUnConfDriveNumber(output) - - controllerid += 1 - -dbgprint('Total Drives in system : ' + str(totaldrivenumber)) -dbgprint('Total Configured Drives : ' + str(totalconfdrivenumber)) -dbgprint('Total Unconfigured Drives : ' + str(totalunconfdrivenumber)) - -if totalunconfdrivenumber: - if not nagiosmode: - print '-- Unconfigured Disk information --' - - controllerid = 0 - while controllerid < controllernumber: - arrayid = 0 - - cmd = '%s -LDInfo -lall -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraynumber = returnArrayNumber(output) - #### BUG: -LdPdInfo shows all PD on the adapter, not just for given LD.. - #### while arrayid <= arraynumber: - - cmd = '%s -PDList -a%d -NoLog' % (megaclipath, controllerid) - output = getOutput(cmd) - arraydisk = returnUnconfDiskInfo(output,controllerid) - for array in arraydisk: - dbgprint('Disk c'+str(controllerid)+'uXpY status : ' + array[3]) - if array[3] not in [ 'Online', 'Unconfigured(good), Spun Up', 'Unconfigured(good), Spun down', 'JBOD','Hotspare, Spun Up','Hotspare, Spun down' ]: - bad = True - nagiosbaddisk=nagiosbaddisk+1 - else: - nagiosgooddisk=nagiosgooddisk+1 - - mlen = returnWdthFromArrayCol(arraydisk,1) - flen = returnWdthFromArrayCol(arraydisk,3) - - # Adjust print format with widths computed above - drvfmt = "%-7s | %-4s | %-"+str(mlen)+"s | %-8s | %-"+str(flen+2)+"s | %-8s | %-4s | %-8s | %-8s" - i = 0 - for array in arraydisk: - # Header - if ( i == 0 ): - if not nagiosmode: - print drvfmt % ( - "-- ID", "Type", "Drive Model", "Size", "Status", "Speed", "Temp", "Slot ID", "LSI Device ID") - # Drive information - if not nagiosmode: - print drvfmt % ( - str('c'+str(controllerid)+'uXpY'), # cXpY - array[0], # HDD/SDD - array[1], # Model Information (Variable len) - array[2], # Size - array[3], # Status (Variable len) - array[4], # Speed - array[5], # Temp - str('['+array[6]+':'+array[7]+']'), # Slot ID - array[8]) # LSI ID - i = i + 1 - controllerid += 1 - if not nagiosmode: - print '' - -if nagiosmode: - if bad: - print 'RAID ERROR - Arrays: OK:'+str(nagiosgoodarray)+' Bad:'+str(nagiosbadarray)+' - Disks: OK:'+str(nagiosgooddisk)+' Bad:'+str(nagiosbaddisk) - sys.exit(2) - else: - print 'RAID OK - Arrays: OK:'+str(nagiosgoodarray)+' Bad:'+str(nagiosbadarray)+' - Disks: OK:'+str(nagiosgooddisk)+' Bad:'+str(nagiosbaddisk) -else: - if bad: - print '\nThere is at least one disk/array in a NOT OPTIMAL state.' - sys.exit(1) diff --git a/mikrotik-configure-crs326-dumb.sh b/mikrotik-configure-crs326-dumb.sh deleted file mode 100755 index a2689d7..0000000 --- a/mikrotik-configure-crs326-dumb.sh +++ /dev/null @@ -1,59 +0,0 @@ -#!/bin/sh -# Nico Schottelius, 2020-08-03 -# Setup a standard crs326 - - - -if [ $# -ne 4 ]; then - echo "$0 " - echo "Example:" - echo "$0 fe80::764d:28ff:fe09:9355%eth1 2a0a:e5c0:2::/64 mikrotik-crs326-8 \$(pass ...)" - exit 1 -fi - -ip=$1; shift -newip=$1; shift -hostname=$1; shift -password=$1; shift - -target=$ip -bridge=bridge - -conf() { - echo $@ - ssh admin@${target} "$@" -} - -commastring() { - echo $@ | sed 's/ /,/g' -} - -conf "/system identity set name=$hostname" -conf "/interface bridge add name=$bridge" - -################################################################################ -# MTU - -for i in $(seq 1 24); do - conf "/interface ethernet set ether$i mtu=9200 l2mtu=9204" - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes" -done - - -for i in $(seq 1 2); do - conf "/interface ethernet set sfp-sfpplus$i mtu=9200 l2mtu=9204" - conf "/interface bridge port add bridge=$bridge interface=sfp-sfpplus$i hw=yes" -done - - -################################################################################ -# IPv6 address, password - -conf "/ipv6 address add eui-64=yes advertise=no address=$newip interface=$bridge" -conf "/ipv6 address print" -conf "/password old-password=\"\" new-password=$password confirm-new-password=$password" - -# Show neigh -conf "/interface bridge host print where !local" - -echo "do not forget to set a password" diff --git a/mikrotik-configure-crs326-with-vlans.sh b/mikrotik-configure-crs326-with-vlans.sh deleted file mode 100755 index 4ae1b62..0000000 --- a/mikrotik-configure-crs326-with-vlans.sh +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/sh -# Nico Schottelius, 2020-08-03 -# Setup a standard crs326 - - - -if [ $# -ne 2 ]; then - echo "$0 " - echo "Example:" - echo "$0 fe80::764d:28ff:fe09:9355%eth1 mikrotik-crs326-8" - exit 1 -fi - -ip=$1; shift -hostname=$1; shift -password=$1; shift - -target=$ip -bridge=bridgevlans - -internal=10 -coworking=15 -server=11 -other="8 16 18 33 34" - -tagged="ether23 ether24 sfp-sfpplus1" - -net_internal=2a0a:e5c0:2::/64 - -conf() { - echo $@ - ssh admin@${target} "$@" -} - -commastring() { - echo $@ | sed 's/ /,/g' -} - -#set -x - - -# do this out of band -- see mikrotik-setup.sh -#conf "/password new-password=$password confirm-new-password=$password old-password=\"\"" - -conf "/system identity set name=$hostname" -conf "/interface bridge add name=$bridge" - -################################################################################ -# MTU - -for i in $(seq 1 24); do - conf "/interface ethernet set ether$i mtu=9200 l2mtu=9204" -done - - -for i in $(seq 1 2); do - conf "/interface ethernet set sfp-sfpplus$i mtu=9200 l2mtu=9204" -done - - -################################################################################ -# VLANs - -# Internal ports 1-16 -ifaces="" -for i in $(seq 1 16); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$internal" - ifaces="ether$i ${ifaces}" -done - -# also tag the bridge for the vlan interface we need later -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged),$bridge untagged=$(commastring $ifaces) vlan-ids=$internal" - -# Coworking 17-18 -ifaces="" -for i in $(seq 17 18); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$coworking" - ifaces="ether$i ${ifaces}" -done -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$coworking" - -# Server 19-20 -ifaces="" -for i in $(seq 19 20); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$server" - ifaces="ether$i ${ifaces}" -done -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$server" - -# Not modified 21-22 - -# Tagged 23-24, sfp-sfpplus1 -for iface in $tagged; do - conf "/interface bridge port add bridge=$bridge interface=$iface hw=yes" -done - -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) vlan-ids=$(commastring $other)" -conf "/interface vlan add interface=$bridge vlan-id=$internal mtu=9200 name=internal" -conf "/ipv6 address add eui-64=yes advertise=no address=$net_internal interface=internal" -conf "/interface bridge set $bridge vlan-filtering=yes" - -# Show neigh -conf "/interface bridge host print where !local" diff --git a/mikrotik-configure-crs326.sh b/mikrotik-configure-crs326.sh deleted file mode 100755 index 5f3b330..0000000 --- a/mikrotik-configure-crs326.sh +++ /dev/null @@ -1,103 +0,0 @@ -#!/bin/sh -# Nico Schottelius, 2020-08-03 -# Setup a standard crs326 - - - -if [ $# -ne 3 ]; then - echo "$0 " - echo "Example:" - echo "$0 fe80::764d:28ff:fe09:9355%eth1 mikrotik-crs326-8 $(pass place6-linthal/mikrotik)" - exit 1 -fi - -ip=$1; shift -hostname=$1; shift -password=$1; shift - -target=$ip -bridge=bridgevlans - -internal=10 -coworking=15 -server=11 -other="8 16 18 33 34" - -tagged="ether23 ether24 sfp-sfpplus1" - -net_internal=2a0a:e5c0:2::/64 - -conf() { - echo $@ - ssh admin@${target} "$@" -} - -commastring() { - echo $@ | sed 's/ /,/g' -} - -set -x - - -# do this out of band -- see mikrotik-setup.sh -#conf "/password new-password=$password confirm-new-password=$password old-password=\"\"" - -conf "/system identity set name=$hostname" -conf "/interface bridge add name=$bridge" - -################################################################################ -# MTU - -for i in $(seq 1 24); do - conf "/interface ethernet set ether$i mtu=9200 l2mtu=9204" -done - - -for i in $(seq 1 2); do - conf "/interface ethernet set sfp-sfpplus$i mtu=9200 l2mtu=9204" -done - - -################################################################################ -# VLANs - -# Internal ports 1-16 -ifaces="" -for i in $(seq 1 16); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$internal" - ifaces="ether$i ${ifaces}" -done - -# also tag the bridge for the vlan interface we need later -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged),$bridge untagged=$(commastring $ifaces) vlan-ids=$internal" - -# Coworking 17-18 -ifaces="" -for i in $(seq 17 18); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$coworking" - ifaces="ether$i ${ifaces}" -done -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$coworking" - -# Server 19-20 -ifaces="" -for i in $(seq 19 20); do - conf "/interface bridge port add bridge=$bridge interface=ether$i hw=yes pvid=$server" - ifaces="ether$i ${ifaces}" -done -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) untagged=$(commastring $ifaces) vlan-ids=$server" - -# Not modified 21-22 - -# Tagged 23-24, sfp-sfpplus1 -for iface in ; do - conf "/interface bridge port add bridge=$bridge interface=$iface hw=yes" -done - -conf "/interface bridge vlan add bridge=$bridge tagged=$(commastring $tagged) lan-ids=$(commastring $other)" -conf "/interface vlan add interface=$bridge vlan-id=$internal name=MGMT" -conf "/ipv6 address add eui-64=yes advertise=no address=$net_internal interface=MGMT" -conf "/interface bridge set $bridge vlan-filtering=yes" - -# Show neigh -conf "/interface bridge host print where !local" diff --git a/mikrotik-setup.sh b/mikrotik-setup.sh old mode 100755 new mode 100644 index e3654e5..dbe2c4f --- a/mikrotik-setup.sh +++ b/mikrotik-setup.sh @@ -16,12 +16,7 @@ conf() { ssh admin@${target} "$@" } copy() { - if echo ${target} | grep -q :; then - ltarget="[$target]" - else - ltarget="$target" - fi - scp "$1" admin@${ltarget}: + scp "$1" admin@${target}: } # store ssh key in the admin user! diff --git a/mikrotik-update.sh b/mikrotik-update.sh index 027bdba..b2c0fc6 100755 --- a/mikrotik-update.sh +++ b/mikrotik-update.sh @@ -1,19 +1,13 @@ -#!/bin/sh +#!/bin # Nico Schottelius, 2019-12-02 # Update mikrotik routers to the latest package if [ $# -lt 2 ]; then echo "$0 router [router...]" cat < "$conf" < "$conf" < "$conf" <> "$conf" </dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - qemu-nbd --disconnect "$NBD_DEVICE" || true -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ "$(lsb_release --short --id)" != "Alpine" ]; then - echo "WARNING: this script has been designed to run on an Alpine system." >&2 - echo "WARNING: Not running Alpine. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Create base QCOW2 image. -qemu-img create -f qcow2 "$IMAGE_PATH" "$IMAGE_SIZE" -modprobe nbd max_part=16 -qemu-nbd --connect="$NBD_DEVICE" "$IMAGE_PATH" - -# Wait for qemu-nbd to settle. -sleep 1 - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -sfdisk --no-reread "$NBD_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF - -# Configure package sources and update package index. -run_root setup-timezone -z UTC -if [ "$RELEASE" = "edge" ] -then - cat >/mnt/etc/apk/repositories </mnt/etc/apk/repositories <>/mnt/etc/fstab </mnt/boot/extlinux.conf < "/mnt$ONE_CONTEXT_APK_PATH" -run_root apk add --allow-untrusted "$ONE_CONTEXT_APK_PATH" -run_root rm "$ONE_CONTEXT_APK_PATH" - -# Remove resolvconf: handled by uncloud-init. -run_root rm /etc/resolv.conf - -# Make sure everything is written to disk before exiting. -sync diff --git a/opennebula-images/arch-build-opennebula-image.sh b/opennebula-images/arch-build-opennebula-image.sh deleted file mode 100755 index 00c454f..0000000 --- a/opennebula-images/arch-build-opennebula-image.sh +++ /dev/null @@ -1,154 +0,0 @@ -#!/bin/sh - -# This script generates Debian images for OpenNebula. -# -# Test image locally (without network) with: -# qemu-system-x86_64 -enable-kvm -m 1G -drive file=$IMAGE,format=qcow2 - -set -e -set -x - -# XXX: Handle command-line arguments? -ARCH=amd64 -IMAGE_PATH=arch-$(date --iso-8601).img.qcow2 -IMAGE_SIZE=10G -NBD_DEVICE=/dev/nbd0 - -# TODO: find the package definition and built ourself, publish in some RPM repository. -ONE_CONTEXT_DEB_URL="https://github.com/OpenNebula/addon-context-linux/releases/download/v5.10.0/one-context_5.10.0-1.deb" -ONE_CONTEXT_DEB_PATH=/root/one-context.deb - -cleanup() { - # The order here is important. - umount /mnt/dev/pts 2>/dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - qemu-nbd --disconnect "$NBD_DEVICE" || true -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ $(lsb_release --short --id) != "Arch" ]; then - echo "WARNING: this script has been designed to run on an Ubuntu system." >&2 - echo "WARNING: Not running Ubuntu. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Create base QCOW2 image. -qemu-img create -f qcow2 "$IMAGE_PATH" "$IMAGE_SIZE" -modprobe nbd max_part=16 -qemu-nbd --connect="$NBD_DEVICE" "$IMAGE_PATH" - -# Wait for qemu-nbd to settle. -sleep 1 - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -sfdisk --no-reread "$NBD_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF - -# Configure package sources and update package index. -cat > /mnt/etc/pacman.d/mirrorlist << EOF -## -## Arch Linux repository mirrorlist -## Generated on 2020-05-12 -## - -## Switzerland -Server = http://pkg.adfinis-sygroup.ch/archlinux/$repo/os/$arch -Server = https://pkg.adfinis-sygroup.ch/archlinux/$repo/os/$arch -Server = http://mirror.init7.net/archlinux/$repo/os/$arch -Server = https://mirror.init7.net/archlinux/$repo/os/$arch -Server = http://mirror.puzzle.ch/archlinux/$repo/os/$arch -Server = https://mirror.puzzle.ch/archlinux/$repo/os/$arch -Server = https://mirror.ungleich.ch/mirror/packages/archlinux/$repo/os/$arch -EOF -run_root pacman --sync --refresh --upgrade - -# Initalize base services. -run_root systemd-machine-id-setup - -run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime -run_root systemctl enable systemd-timesyncd.service - -# Install kernel and generate initramfs. -run_root pacman --sync linux mkinitcpio -run_rot mkinitcpio -P - -# Install and configure bootloader. -run_root pacman --sync grub -run_root grub-install --target=i386-pc "${NBD_DEVICE}" -run_root grub-mkconfig -o /boot/grub/grub.cfg - -# Install en configure SSH daemon. -run_root pacman --sync openssh-server - -# Install haveged due to lack of entropy in ONE environment. -run_root pacman --sync haveged -run_root systemctl enable haveged.service - -# Generate fstab file. -boot_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p1") -root_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p2") -cat >>/mnt/etc/fstab </dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - losetup -d "$LOOPBACK_DEVICE" -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ ! -f '/etc/centos-release' ]; then - echo "WARNING: this script has been designed to run on a CentOS system." >&2 - echo "WARNING: Not running CentOS. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Create base RAW image (no LOOPBACK support in RHEL/CentOS). -qemu-img create -f raw "$IMAGE_PATH" "$IMAGE_SIZE" -losetup "$LOOPBACK_DEVICE" "$IMAGE_PATH" - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -{ -sfdisk --no-reread "$LOOPBACK_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF - -# See https://github.com/OpenNebula/addon-context-linux/issues/121 for details. -# network-scripts.x86_64 : Legacy scripts for manipulating of network devices -run_root dnf -y install network-scripts - -# Install (magic?) one-context RPM and hope things works as expected. -curl -L "$ONE_CONTEXT_RPM_URL" > "/mnt$ONE_CONTEXT_RPM_PATH" -run_root dnf -y install "$ONE_CONTEXT_RPM_PATH" -run_root rm "$ONE_CONTEXT_RPM_PATH" - -# Install resize2fs, which is required to resize the root file-system. -run_root dnf -y install e2fsprogs - -# Initalize base services. -run_root systemd-machine-id-setup -run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime - -# Install and configure NTP client. -run_root dnf install -y chrony -run_root systemctl enable chronyd.service - -# Install kernel and bootloader. -# Note: linux-firmware is not required our environment and takes almost 200M -# uncompressed but is a direct dependency of kernel-core... -run_root dnf -y install kernel grub2 - -# Add support for virtio block devices at boot time. -cat > /mnt/etc/dracut.conf.d/virtio-blk.conf <>/mnt/etc/fstab </dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - losetup -d "$LOOPBACK_DEVICE" -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ ! -f '/etc/centos-release' ]; then - echo "WARNING: this script has been designed to run on a CentOS system." >&2 - echo "WARNING: Not running CentOS. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Install requirements -yum install -y qemu cryptsetup dnf - -# Create base RAW image (no LOOPBACK support in RHEL/CentOS). -qemu-img create -f raw "$IMAGE_PATH" "$IMAGE_SIZE" -losetup "$LOOPBACK_DEVICE" "$IMAGE_PATH" - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -parted --script "$LOOPBACK_DEVICE" \ - mklabel msdos \ - mkpart primary ext4 1M 500M \ - mkpart primary ext4 500M 100% - -partprobe "$LOOPBACK_DEVICE" - -mkfs.ext4 "${LOOPBACK_DEVICE}p1" -echo -n "$LUKS_PASSPHRASE" | cryptsetup luksFormat -v -d - "${LOOPBACK_DEVICE}p2" -echo -n "$LUKS_PASSPHRASE" | cryptsetup open -v -d - "${LOOPBACK_DEVICE}p2" "$LUKS_DEVICE_NAME" -mkfs.ext4 "$LUKS_DEVICE" - -# Mount partitions, install base OS. -mount "${LUKS_DEVICE}" /mnt -mkdir /mnt/boot -mount "${LOOPBACK_DEVICE}p1" /mnt/boot - -# Add --setopt=reposdir=rpm-repositories if you do not run on CentOS 7. -dnf -y \ - --releasever=$RELEASE \ - --installroot=/mnt \ - --disablerepo='*' \ - --enablerepo=base \ - --enablerepo=extras \ - --setopt=install_weak_deps=False install \ - bash basesystem systemd dnf centos-release cryptsetup dnf passwd - -mount --bind /dev /mnt/dev -mount --bind /dev/pts /mnt/dev/pts -mount --bind /dev/shm /mnt/dev/shm -mount --bind /proc /mnt/proc -mount --bind /run /mnt/run -mount --bind /sys /mnt/sys - -# Guest networking is to be handled by the one-context package. -# See https://github.com/OpenNebula/addon-context-linux for details. -# Note: as of writing, one-context does not support NetworkManager or -# systemd-networkd. - -# Required to resolve package mirror in chroot. -cp /etc/resolv.conf /mnt/etc/resolv.conf - -# Initialize /etc/hosts. -cat > /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 -EOF - -# Setup root password -run_root passwd - -# Install one-context RPM and hope things works as expected. -curl -L "$ONE_CONTEXT_RPM_URL" > "/mnt$ONE_CONTEXT_RPM_PATH" -run_root dnf -y install "$ONE_CONTEXT_RPM_PATH" -run_root rm "$ONE_CONTEXT_RPM_PATH" -for script in $DISABLED_ONE_SCRIPTS; do - run_root rm "/etc/one-context.d/$script" -done - -# Install resize2fs, which is required to resize the root file-system. -run_root dnf -y install e2fsprogs - -# Initalize base services. -run_root systemd-machine-id-setup -run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime - -# Install and configure NTP client. -run_root dnf install -y chrony -run_root systemctl enable chronyd.service - -# Install kernel and bootloader. -# Note: linux-firmware is not required our environment and takes almost 200M -# uncompressed but is a direct dependency of kernel-core... -run_root dnf -y install kernel grub2 - -# Add support for virtio block devices at boot time, configure bootloader. -cat > /mnt/etc/dracut.conf.d/virtio-blk.conf <> /mnt/etc/crypttab - -run_root dracut -v --force --kver $kernel_version -run_root grub2-install --target=i386-pc "${LOOPBACK_DEVICE}" -run_root grub2-mkconfig -o /boot/grub2/grub.cfg - -# Install en configure SSH daemon. -run_root dnf -y install openssh-server -run_root systemctl enable sshd - -# Generate fstab file. -boot_uuid=$(blkid -o value "${LOOPBACK_DEVICE}p1" | head -n 1) -root_uuid=$(blkid -o value "$LUKS_DEVICE" | head -n 1) -cat >>/mnt/etc/fstab </dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - qemu-nbd --disconnect "$NBD_DEVICE" || true -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ $(lsb_release --short --id) != "Debian" ]; then - echo "WARNING: this script has been designed to run on an Debian system." >&2 - echo "WARNING: Not running Debian. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Create base QCOW2 image. -qemu-img create -f qcow2 "$IMAGE_PATH" "$IMAGE_SIZE" -modprobe nbd max_part=16 -qemu-nbd --connect="$NBD_DEVICE" "$IMAGE_PATH" - -# Wait for qemu-nbd to settle. -sleep 1 - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -sfdisk --no-reread "$NBD_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 $HOSTNAME localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 $HOSTNAME localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF - -run_root hostnamectl set-hostname $HOSTNAME - -# Configure package sources and update package index. -cat >/mnt/etc/apt/sources.list < "/mnt$ONE_CONTEXT_DEB_PATH" -run_root apt-get -y install "$ONE_CONTEXT_DEB_PATH" -run_root rm "$ONE_CONTEXT_DEB_PATH" - -# Manually install legacy network scripts used by one-context. -run_root apt-get -y install ifupdown - -# Initalize base services. -run_root systemd-machine-id-setup - -run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime -run_root systemctl enable systemd-timesyncd.service - -# Install kernel and bootloader. Do not autoconfigure grub. -run_root 'echo "grub-pc grub-pc/install_devices_empty boolean true" | debconf-set-selections' -run_root DEBIAN_FRONTEND=noninteractive apt-get -y install locales linux-image-amd64 grub-pc - -# Configure grub. -run_root grub-install --target=i386-pc "${NBD_DEVICE}" -run_root grub-mkconfig -o /boot/grub/grub.cfg - -# Install en configure SSH daemon. -run_root apt-get -y install openssh-server - -# Install haveged due to lack of entropy in ONE environment. -run_root apt-get -y install haveged -run_root systemctl enable haveged.service - -# Generate locales. -run_root 'sed -i "s/^# *\(en_GB.UTF-8\)/\1/" etc/locale.gen' -run_root locale-gen - -# Generate fstab file. -boot_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p1") -root_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p2") -cat >>/mnt/etc/fstab <&2 - exit 1 -fi - -# Allocate and partition/format disk image. -disk=$(mktemp) -truncate -s 6G $disk -mdconfig -a -t vnode -f $disk -u md0 -gpart create -s gpt /dev/md0 -gpart add -t freebsd-boot -l bootfs -b 40 -s 512K md0 -gpart bootcode -b /boot/pmbr -p /boot/gptboot -i 1 md0 -gpart add -t freebsd-ufs -l rootfs -b 1M -s 5G md0 -newfs -U /dev/md0p2 - -# Mount allocated image. -mount /dev/md0p2 /mnt -mkdir -p /mnt/dev -mount -t devfs devfs /mnt/dev - -# Download and extract base system. -dist_files="kernel.txz base.txz" -dist_dir="/usr/freebsd-dist/$ARCH/$RELEASE" - -mkdir -p "$dist_dir" -for f in $dist_files -do - fetch -m -o "$dist_dir/$f" "$DIST_BASE/$f" - tar -C /mnt -xJf "$dist_dir/$f" -done - -# Configure new system. -echo "/dev/gpt/rootfs / ufs rw,noatime 1 1" >/mnt/etc/fstab -touch /mnt/firstboot -echo 'autoboot_delay="-1"' >>/mnt/boot/loader.conf - -cat >>/mnt/etc/rc.conf <>/mnt/etc/ssh/sshd_config </mnt/usr/local/etc/pkg/repos/FreeBSD.conf </dev/null || true - umount /mnt/dev/shm 2>/dev/null || true - umount /mnt/dev 2>/dev/null || true - umount /mnt/proc 2>/dev/null || true - umount /mnt/run 2>/dev/null || true - umount /mnt/sys 2>/dev/null || true - umount /mnt/boot 2>/dev/null || true - umount /mnt 2>/dev/null || true - qemu-nbd --disconnect "$NBD_DEVICE" || true -} - -run_root() { - chroot /mnt /usr/bin/env \ - PATH=/sbin:/usr/sbin:/bin:/usr/bin \ - sh -c "$*" -} - -if [ "$(whoami)" != 'root' ]; then - echo "This script must be run as root." >&2 - exit 1 -fi - -if [ $(lsb_release --short --id) != "Ubuntu" ]; then - echo "WARNING: this script has been designed to run on an Ubuntu system." >&2 - echo "WARNING: Not running Ubuntu. Giving you 5 seconds to abort." >&2 - sleep 5 -fi - -# Create base QCOW2 image. -qemu-img create -f qcow2 "$IMAGE_PATH" "$IMAGE_SIZE" -modprobe nbd max_part=16 -qemu-nbd --connect="$NBD_DEVICE" "$IMAGE_PATH" - -# Wait for qemu-nbd to settle. -sleep 1 - -# Don't forget to cleanup, even if the script crash. -trap cleanup EXIT - -# Create partition table, format partitions. -sfdisk --no-reread "$NBD_DEVICE" < /mnt/etc/hosts << EOF -127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 -::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 - -EOF - -# Configure package sources and update package index. -cat >/mnt/etc/apt/sources.list < "/mnt$ONE_CONTEXT_DEB_PATH" -run_root apt-get -y install "$ONE_CONTEXT_DEB_PATH" -run_root rm "$ONE_CONTEXT_DEB_PATH" - -# Manually install legacy network scripts used by one-context. -run_root apt-get -y install ifupdown - -# Initalize base services. -run_root systemd-machine-id-setup - -run_root ln -sf /usr/share/zoneinfo/UTC /etc/localtime -run_root systemctl enable systemd-timesyncd.service - -# Install kernel and bootloader. Do not autoconfigure grub. -run_root echo "grub-pc grub-pc/install_devices_empty boolean true" | debconf-set-selections -run_root DEBIAN_FRONTEND=noninteractive apt-get -y install locales linux-base linux-image-generic grub-pc - -# Configure grub. -run_root grub-install --target=i386-pc "${NBD_DEVICE}" -run_root grub-mkconfig -o /boot/grub/grub.cfg - -# Install en configure SSH daemon. -run_root apt-get -y install openssh-server - -# Generate fstab file. -boot_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p1") -root_uuid=$(blkid --match-tag UUID --output value "${NBD_DEVICE}p2") -cat >>/mnt/etc/fstab < ${my_hostname}.public_key - -cat </dev/null || true - sudo ip addr add 192.168.61.2/24 dev "$dev" -fi - -# don't care about other/old known_host entries -ssh-keygen -R ${viirb_ip} - -while ! ping -c1 ${viirb_ip}; do - echo "Cannot ping $viirb_ip yet - waiting" - sleep 1 -done - -cat ~/.ssh/id_rsa.pub | ssh root@${viirb_ip} "cat > /etc/dropbear/authorized_keys" - -# Don't re-download if we already have it -wget -c http://downloads.openwrt.org/releases/${version}/targets/ramips/mt76x8/${filename} -scp ${filename} root@${viirb_ip}:/tmp -ssh root@${viirb_ip} "sysupgrade /tmp/*.bin" - -# It still pings for some time - wait for the reboot to happen -echo "Waiting for VIIRB to really disappear" -sleep 15 - -wait=0 -found="" - -while [ $wait -lt 180 ]; do - ping -c1 ${viirb_ip} >/dev/null - - if [ $? -eq 0 ]; then - found=yes - # wait for ssh to come up - sleep 10 - break - fi - - sleep 1 - wait=$((wait+1)) - done - -if [ ! "$found" ]; then - echo "Did not find updated viirb - debug / restart it" - exit 1 -fi - -echo "VIIRB successfully updated to ${version}" diff --git a/viirb-2-configure-fully-after-upgrade.sh b/viirb-2-configure-fully-after-upgrade.sh deleted file mode 100755 index 94fc628..0000000 --- a/viirb-2-configure-fully-after-upgrade.sh +++ /dev/null @@ -1,220 +0,0 @@ -#!/bin/sh -# 2020-06-13, Nico Schottelius -# See https://ungleich.ch/u/products/viirb-ipv6-box/ - -if [ $# -ne 2 ]; then - echo "$0 viirb-ip-address viirb-id" - echo " viirb-ip-address: where to find the viirb" - echo " viirb-id: number in decimal format" - exit 1 -fi - - -set -x -viirb_ip=$1; shift -id=$1; shift -hex_id=$(printf "%0.2x\n" "$id") -viirb_hostname=viirb${id} - -prefix_base=2a0a:e5c1:3 -my_prefix=${prefix_base}${hex_id} -my_network=${my_prefix}::/48 - -my_wireguard_ip=${my_prefix}::42 -my_lan_ip=${my_prefix}:cafe::42 -my_wifi_ip=${my_prefix}:7ea::42 - -# wireguard -private_key=$(wg genkey) -public_key=$(echo $private_key | wg pubkey) - -vpn_endpoint_host=vpn-2a0ae5c1300.ungleich.ch -vpn_endpoint_pubkey=ft68G2RID7gZ6PXjFCSCOdJ9yspRg+tUw0YrNK9cTxE= - -ping -c3 ${viirb_ip} -if [ $? -ne 0 ]; then - echo "Cannot reach ${viirb_ip}, aborting" - exit 1 -fi - -cat < ${viirb_hostname}.public_key diff --git a/viirb-3-configure-vpnendpoint.sh b/viirb-3-configure-vpnendpoint.sh deleted file mode 100755 index ac3b742..0000000 --- a/viirb-3-configure-vpnendpoint.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/sh -# 2020-06-13, Nico Schottelius -# See https://ungleich.ch/u/products/viirb-ipv6-box/ - -if [ $# -ne 3 ]; then - echo "$0 your-dot-cdist viirb-id public-key" - echo " your-dot-cdist: path to YOUR ungleich-dot-cdist repo" - echo " viirb-id: number in decimal format" - echo " wireguard public key" - exit 1 -fi - -set -x -dot_cdist=$1; shift -id=$1; shift -public_key=$1; shift - -hex_id=$(printf "%0.2x\n" "$id") -viirb_hostname=viirb${id} - -prefix_base=2a0a:e5c1:3 -my_prefix=${prefix_base}${hex_id} -my_network=${my_prefix}::/48 -my_wireguard_ip=${my_prefix}::42 -my_lan_ip=${my_prefix}:cafe::42 -my_wifi_ip=${my_prefix}:7ea::42 - -vpn_endpoint_host=vpn-2a0ae5c1300.ungleich.ch - -# cdist -dot_cdist_files=${dot_cdist}/type/__ungleich_wireguard/files -peerfilename=${vpn_endpoint_host}.peer${hex_id} -peerfile=${dot_cdist_files}/${peerfilename} -vpnconfig=${dot_cdist_files}/${vpn_endpoint_host} - - -# Configure VPN server / update cdist -echo Updating VPNserver -cat < ${peerfile} -# ${viirb_hostname}, $(date +%F) -[Peer] -PublicKey = ${public_key} -AllowedIPs = ${my_network} - -EOF - -# Generate real config -cat ${dot_cdist_files}/${vpn_endpoint_host}.* > ${vpnconfig} -cd ${dot_cdist_files} -git add ${vpn_endpoint_host} ${peerfilename} -git commit -m "[vpn] Updated config for peer ${viirb_hostname} ${my_network}" -git pull -git push - -cdist config -vv -j8 ${vpn_endpoint_host} -c ${dot_cdist} - -# Test that the VPN connection is established -# Might take longer due to reboot -sleep 10 - -ping -c10 ${my_wireguard_ip} -ping -c10 ${my_lan_ip} -ping -c90 ${my_wifi_ip} diff --git a/viirb-4-cleanup-final-stage.sh b/viirb-4-cleanup-final-stage.sh deleted file mode 100755 index a9a116a..0000000 --- a/viirb-4-cleanup-final-stage.sh +++ /dev/null @@ -1,41 +0,0 @@ -#!/bin/sh -# Nico Schottelius -# 2020-06-14 - -set -e -set -x - -if [ $# -ne 2 ]; then - echo "$0 viirb-ip-address viirb-id" - echo " viirb-ip-address: where to find the viirb" - echo " viirb-id: number in decimal format" - exit 1 -fi - -viirb_ip=$1; shift - -id=$1; shift -viirb_hostname=viirb${id} - -root_password=$(pwgen -1 32) - -# Save for sending to user -# FIXME: future make this more easy / better to transfer -echo $root_password > ${viirb_hostname}.rootpw - -cat <> ~/vm_vnc_list - done -done \ No newline at end of file diff --git a/vm_list_dual_uid b/vm_list_dual_uid deleted file mode 100644 index bf21c0b..0000000 --- a/vm_list_dual_uid +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/bash -e -#option $1 is ldap password -#option $2 is ou - - -uid_list=( $(ldapsearch -x -H ldaps://ldap1.ungleich.ch:636 -D cn=manager,dc=ungleich,dc=ch -w $1 -b "ou=$2,dc=ungleich,dc=ch" | grep uid: | awk '{print $2}') ) - -for ((i=0; i<${#uid_list[@]}; i++)) do - uid_temp=$(echo ${uid_list[i]} | sed "s/b'//g" | sed "s/'//g") - list_email[$i]=$(ldapsearch -x -H ldaps://ldap1.ungleich.ch:636 -D cn=manager,dc=ungleich,dc=ch -w $1 -b "uid=${uid_list[$i]},ou=$2,dc=ungleich,dc=ch" | grep mail: | awk '{print $2}' ) - list_vmid=() - list_vmid=( $(onevm list | grep ${list_email[$i]} | grep runn | awk '{print $1}' ) ) - for ((j=0; j<${#list_vmid[@]}; j++)) do - temp=$(onevm show ${list_vmid[$j]} | grep PORT) - temp1="${temp#*\"}" - port="${temp1%%\"*}" - host=$(onevm show ${list_vmid[$j]} | grep HOST | grep ungleich | awk '{print $3}') - echo $uid_temp ${list_vmid[$j]} $port $host >> ~/vm_vnc_list - done -done diff --git a/vm_map.sh b/vm_map.sh deleted file mode 100755 index 15c80dc..0000000 --- a/vm_map.sh +++ /dev/null @@ -1,5 +0,0 @@ -vm_list=( $(virsh list | awk '{print $2}') ) - -for ((i=0; i<${#vm_list[@]}; i++)) do - ceph osd map hdd ${vm_list[i]} -done diff --git a/vnc_console_connection/.gitkeep b/vnc_console_connection/.gitkeep deleted file mode 100644 index e69de29..0000000 diff --git a/vnc_console_connection/config.py b/vnc_console_connection/config.py deleted file mode 100755 index 7b7acc7..0000000 --- a/vnc_console_connection/config.py +++ /dev/null @@ -1,5 +0,0 @@ -import configparser - -config = configparser.ConfigParser(allow_no_value=True) -config.read('/opt/ungleich-tools/vnc_console_connection/config-and-secrets.conf') - diff --git a/vnc_console_connection/db_export.py b/vnc_console_connection/db_export.py deleted file mode 100755 index d283eb4..0000000 --- a/vnc_console_connection/db_export.py +++ /dev/null @@ -1,55 +0,0 @@ -import psycopg2 as pg2 -from config import config - -db_name = config['db']['db_name'] -db_user = config['db']['db_user'] -db_password = config['db']['db_password'] -db_port = config['db']['db_port'] - - -def setconn(u_id, vm_num, vm_port,vm_host): - conn = pg2.connect("host = localhost dbname={} user={} password={} port={}".format(db_name,db_user,db_password,db_port)) - conn.autocommit = True - cur = conn.cursor() - cur.execute("SELECT entity_id FROM guacamole_entity WHERE name = '{}'".format(u_id)) - row = cur.fetchone() - if row == None: - cur.execute("INSERT INTO guacamole_entity (name, type) VALUES ('{}','USER')".format(u_id)) - cur.execute("SELECT entity_id FROM guacamole_entity WHERE name = '{}'".format(u_id)) - row = cur.fetchone() - en_id = row[0] - cur.execute("INSERT INTO guacamole_user(entity_id, password_hash, password_date) VALUES ('{}', '\x74657374', now())".format(en_id)) - print("create user : " , u_id) - else: - en_id = row[0] - cur.execute("SELECT password_hash FROM guacamole_user WHERE entity_id = '{}'".format(en_id)) - row = cur.fetchone() - if row == None: - cur.execute("INSERT INTO guacamole_user(entity_id, password_hash, password_date) VALUES ('{}', '\x74657374', now())".format(en_id)) - print("user exsit") - cn = "{}{}".format(u_id,vm_num) - cur.execute("SELECT connection_id FROM guacamole_connection WHERE connection_name = '{}'".format(cn)) - row = cur.fetchone() - if row == None: - #create connection - cur.execute("INSERT INTO guacamole_connection (connection_name, protocol) VALUES ('{}', 'vnc')".format(cn)) - cur.execute("SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '{}' AND parent_id IS NULL".format(cn)) - temp_cn_id = cur.fetchone() - cn_id = temp_cn_id[0] - cur.execute("INSERT INTO guacamole_connection_parameter VALUES ('{}','hostname','{}')".format(cn_id, vm_host)) - cur.execute("INSERT INTO guacamole_connection_parameter VALUES ('{}','port','{}')".format(cn_id,vm_port)) - #connection permission - cur.execute("INSERT INTO guacamole_connection_permission(entity_id, connection_id, permission) VALUES ('{}', '{}', 'READ')".format(en_id,cn_id)) - #clipboard-encoding - cur.execute("INSERT INTO guacamole_connection_parameter VALUES ('{}','clipboard-encoding','UTF-8')".format(cn_id)) - print("create connection") - else: - cur.execute("SELECT MAX(connection_id) FROM guacamole_connection WHERE connection_name = '{}' AND parent_id IS NULL".format(cn)) - temp_cn_id = cur.fetchone() - cn_id = temp_cn_id[0] - cur.execute("UPDATE guacamole_connection_parameter SET parameter_value='{}' where connection_id='{}' and parameter_name='hostname'".format(vm_host,cn_id)) - cur.execute("UPDATE guacamole_connection_parameter SET parameter_value='{}' where connection_id='{}' and parameter_name='port'".format(vm_port,cn_id)) - #cur.execute("UPDATE guacamole_connection_parameter SET parameter_value='UTF-8' where connection_id='{}' and parameter_name='clipboard-encoding'".format(cn_id)) - print("no connection") - conn.close() - return None \ No newline at end of file diff --git a/vnc_console_connection/get_info.py b/vnc_console_connection/get_info.py deleted file mode 100755 index e98ae72..0000000 --- a/vnc_console_connection/get_info.py +++ /dev/null @@ -1,88 +0,0 @@ -import json - -from enum import IntEnum -from xmlrpc.client import ServerProxy as RPCClient -from xmltodict import parse -from config import config -from ldap_list import vm_list -from db_export import setconn - -# Constants -ALL_VM_STATES = -1 -START_ID = -1 # First id whatever it is -END_ID = -1 # Last id whatever it is -session_string = config['oca']['client_secrets'] -opnserver = config['oca']['opn_server'] - -class VMState(IntEnum): - INIT = 0 - PENDING = 1 - HOLD = 2 - ACTIVE = 3 - STOPPED = 4 - SUSPENDED = 5 - DONE = 6 - FAILED = 7 - POWEROFF = 8 - UNDEPLOYED = 9 - CLONING = 10 - CLONING_FAILURE = 11 - - -class VmFilterFlag(IntEnum): - UIDUserResources = 0 # UID User’s Resources - UserAndItsGroupsResources = -1 # Resources belonging to the user and any of his groups - AllResources = -2 # All resources - UserResources = -3 # Resources belonging to the user - UserPrimaryGroupResources = -4 # Resources belonging to the user’s primary group - - -class VM: - def __init__(self, vm: dict): - self.id = vm.get('ID', None) - self.owner = { - 'id': vm.get('UID', None), - 'name': vm.get('UNAME', None), - 'gname': vm.get('GNAME', None) - } - self.name = vm.get('NAME', None) - self.status = vm.get('STATE', None) - if self.status: - self.status = VMState(int(self.status)).name.lower() - - template = vm['TEMPLATE'] - - self.graphics = template.get('GRAPHICS', {}) - self.memory = template.get('MEMORY', None) - self.vcpu = template.get('VCPU', None) - self.host = { - 'name': ((vm.get('HISTORY_RECORDS', {}) or {}).get('HISTORY', {}) or {}).get('HOSTNAME', None), - 'id': ((vm.get('HISTORY_RECORDS', {}) or {}).get('HISTORY', {}) or {}).get('HID', None), - } - - -def main(): - with RPCClient(opnserver) as rpc_client: - success, response, *_ = rpc_client.one.vmpool.infoextended( - session_string , VmFilterFlag.AllResources.value, START_ID, END_ID, VMState.ACTIVE.value - ) - if success: - vms = json.loads(json.dumps(parse(response)))['VM_POOL']['VM'] - for entry in vm_list.entries: - temp_uname = entry.uid - for i, vm in enumerate(vms): - vm_user = vm['UNAME'] - vm_id = vm['ID'] - vm_port = vm['TEMPLATE']['GRAPHICS'].get('PORT') - vm_host = vm['HISTORY_RECORDS']['HISTORY']['HOSTNAME'] - if vm['UNAME'] == temp_uname: - #print(entry.uid, vm_id, vm_port, vm_host) - setconn(entry.uid, vm_id, vm_port, vm_host) - - else: - print(response) - - -if __name__ == "__main__": - main() - diff --git a/vnc_console_connection/ldap_list.py b/vnc_console_connection/ldap_list.py deleted file mode 100755 index a9e322f..0000000 --- a/vnc_console_connection/ldap_list.py +++ /dev/null @@ -1,30 +0,0 @@ -import ldap3 -import sys -from config import config -from ldap3 import Server, Connection, ObjectDef, Reader, ALL, SUBTREE, ALL_ATTRIBUTES -from ldap3.core import exceptions - - -LDAP_SERVER = config['ldap']['server'] -LDAP_PASSWORD = config['ldap']['admin_password'] -LDAP_USER = config['ldap']['admin_dn'] -LDAP_PORT = int(config['ldap']['ldap_port']) - -# Create the Server object with the given address. -server = Server(LDAP_SERVER, LDAP_PORT, get_info=ALL) -#Create a connection object, and bind with the given DN and password. -try: - conn = Connection(server, LDAP_USER, LDAP_PASSWORD, auto_bind=True) - print('LDAP Bind Successful.') - # Perform a search for a pre-defined criteria. - # Mention the search filter / filter type and attributes. - conn.search('ou=customer,dc=ungleich,dc=ch', '(&(!({}={})))'.format('mail','*@ungleich.ch') , attributes=['uid','mail']) - #conn.search('ou=customer,dc=ungleich,dc=ch', '(objectClass=*)' , attributes=['uid','mail']) - # Print the resulting entriesn. - #for entry in conn.entries: - #print(entry.uid, entry.mail) - vm_list = conn -except exceptions.LDAPException as err: - sys.exit(f'LDAP Error: {err}') - - diff --git a/vpn-statistics.sh b/vpn-statistics.sh index c721cf9..a1e7960 100755 --- a/vpn-statistics.sh +++ b/vpn-statistics.sh @@ -9,10 +9,3 @@ done # countries with counter ( for ip in $(wg | grep endpoint | sed -e 's/endpoint: //' -e 's/\(.*\):[0-9]*/\1/' -e 's/\[//' -e 's/\]//'); do curl -s ipinfo.io/$ip | grep -e country ; done ) | sort | uniq -c | sort -g - -# Get number of configured VPNs -configured_vpns=$(wg show | grep ^peer | wc -l) -active_vpns=$(wg show | grep endpoint | wc -l) - -echo "Configured VPNs: ${configured_vpns}" -echo "Active VPNs: ${active_vpns}"