Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# Copyright (c) 2021-2025 community-scripts ORG
|
2024-12-16 12:41:51 +01:00
|
|
|
# Author: tteck (tteckster)
|
|
|
|
|
# Co-Author: MickLesk
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# License: MIT | https://github.com/community-scripts/ProxmoxVE/raw/main/LICENSE
|
|
|
|
|
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
# INSTALL.FUNC - CONTAINER INSTALLATION & SETUP
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
#
|
|
|
|
|
# This file provides installation functions executed inside LXC containers
|
|
|
|
|
# after creation. Handles:
|
|
|
|
|
#
|
|
|
|
|
# - Network connectivity verification (IPv4/IPv6)
|
|
|
|
|
# - OS updates and package installation
|
|
|
|
|
# - DNS resolution checks
|
|
|
|
|
# - MOTD and SSH configuration
|
|
|
|
|
# - Container customization and auto-login
|
|
|
|
|
#
|
|
|
|
|
# Usage:
|
|
|
|
|
# - Sourced by <app>-install.sh scripts
|
|
|
|
|
# - Executes via pct exec inside container
|
|
|
|
|
# - Requires internet connectivity
|
|
|
|
|
#
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
# SECTION 1: INITIALIZATION
|
|
|
|
|
# ==============================================================================
|
2024-12-16 12:41:51 +01:00
|
|
|
|
2025-06-20 13:28:06 +02:00
|
|
|
if ! command -v curl >/dev/null 2>&1; then
|
|
|
|
|
printf "\r\e[2K%b" '\033[93m Setup Source \033[m' >&2
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
apt update >/dev/null 2>&1
|
|
|
|
|
apt install -y curl >/dev/null 2>&1
|
2025-06-20 13:28:06 +02:00
|
|
|
fi
|
|
|
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/core.func)
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/error_handler.func)
|
2025-06-20 13:28:06 +02:00
|
|
|
load_functions
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
catch_errors
|
|
|
|
|
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
# SECTION 2: NETWORK & CONNECTIVITY
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# verb_ip6()
|
|
|
|
|
#
|
|
|
|
|
# - Configures IPv6 based on DISABLEIPV6 variable
|
|
|
|
|
# - If DISABLEIPV6=yes: disables IPv6 via sysctl
|
|
|
|
|
# - Sets verbose mode via set_std_mode()
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2025-02-24 11:18:38 +01:00
|
|
|
verb_ip6() {
|
|
|
|
|
set_std_mode # Set STD mode based on VERBOSE
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
if [ "${IPV6_METHOD:-}" = "disable" ]; then
|
2025-11-21 08:53:46 +01:00
|
|
|
msg_info "Disabling IPv6 (this may affect some services)"
|
|
|
|
|
mkdir -p /etc/sysctl.d
|
|
|
|
|
$STD tee /etc/sysctl.d/99-disable-ipv6.conf >/dev/null <<EOF
|
|
|
|
|
# Disable IPv6 (set by community-scripts)
|
|
|
|
|
net.ipv6.conf.all.disable_ipv6 = 1
|
|
|
|
|
net.ipv6.conf.default.disable_ipv6 = 1
|
|
|
|
|
net.ipv6.conf.lo.disable_ipv6 = 1
|
|
|
|
|
EOF
|
|
|
|
|
$STD sysctl -p /etc/sysctl.d/99-disable-ipv6.conf
|
2025-11-19 16:27:42 +01:00
|
|
|
msg_ok "Disabled IPv6"
|
2023-03-22 20:48:20 -04:00
|
|
|
fi
|
|
|
|
|
}
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# setting_up_container()
|
|
|
|
|
#
|
|
|
|
|
# - Verifies network connectivity via hostname -I
|
|
|
|
|
# - Retries up to RETRY_NUM times with RETRY_EVERY seconds delay
|
|
|
|
|
# - Removes Python EXTERNALLY-MANAGED restrictions
|
|
|
|
|
# - Disables systemd-networkd-wait-online.service for faster boot
|
|
|
|
|
# - Exits with error if network unavailable after retries
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2023-03-22 20:48:20 -04:00
|
|
|
setting_up_container() {
|
|
|
|
|
msg_info "Setting up Container OS"
|
|
|
|
|
for ((i = RETRY_NUM; i > 0; i--)); do
|
|
|
|
|
if [ "$(hostname -I)" != "" ]; then
|
|
|
|
|
break
|
|
|
|
|
fi
|
|
|
|
|
echo 1>&2 -en "${CROSS}${RD} No Network! "
|
2025-06-20 13:28:06 +02:00
|
|
|
sleep $RETRY_EVERY
|
2023-03-22 20:48:20 -04:00
|
|
|
done
|
|
|
|
|
if [ "$(hostname -I)" = "" ]; then
|
|
|
|
|
echo 1>&2 -e "\n${CROSS}${RD} No Network After $RETRY_NUM Tries${CL}"
|
2024-12-16 12:41:51 +01:00
|
|
|
echo -e "${NETWORK}Check Network Settings"
|
2023-03-22 20:48:20 -04:00
|
|
|
exit 1
|
|
|
|
|
fi
|
2023-06-25 00:00:32 -04:00
|
|
|
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
|
2023-07-23 08:34:20 -04:00
|
|
|
systemctl disable -q --now systemd-networkd-wait-online.service
|
2025-07-04 22:07:23 +02:00
|
|
|
msg_ok "Set up Container OS"
|
|
|
|
|
#msg_custom "${CM}" "${GN}" "Network Connected: ${BL}$(hostname -I)"
|
|
|
|
|
msg_ok "Network Connected: ${BL}$(hostname -I)"
|
2023-03-22 20:48:20 -04:00
|
|
|
}
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# network_check()
|
|
|
|
|
#
|
|
|
|
|
# - Comprehensive network connectivity check for IPv4 and IPv6
|
|
|
|
|
# - Tests connectivity to multiple DNS servers:
|
|
|
|
|
# * IPv4: 1.1.1.1 (Cloudflare), 8.8.8.8 (Google), 9.9.9.9 (Quad9)
|
|
|
|
|
# * IPv6: 2606:4700:4700::1111, 2001:4860:4860::8888, 2620:fe::fe
|
|
|
|
|
# - Verifies DNS resolution for GitHub and Community-Scripts domains
|
|
|
|
|
# - Prompts user to continue if no internet detected
|
|
|
|
|
# - Uses fatal() on DNS resolution failure for critical hosts
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2023-03-22 20:48:20 -04:00
|
|
|
network_check() {
|
|
|
|
|
set +e
|
|
|
|
|
trap - ERR
|
2024-02-21 12:19:48 -05:00
|
|
|
ipv4_connected=false
|
|
|
|
|
ipv6_connected=false
|
2024-08-06 13:25:55 -04:00
|
|
|
sleep 1
|
2025-07-04 21:55:35 +02:00
|
|
|
|
2025-02-24 11:18:38 +01:00
|
|
|
# Check IPv4 connectivity to Google, Cloudflare & Quad9 DNS servers.
|
|
|
|
|
if ping -c 1 -W 1 1.1.1.1 &>/dev/null || ping -c 1 -W 1 8.8.8.8 &>/dev/null || ping -c 1 -W 1 9.9.9.9 &>/dev/null; then
|
|
|
|
|
msg_ok "IPv4 Internet Connected"
|
2024-02-21 12:19:48 -05:00
|
|
|
ipv4_connected=true
|
|
|
|
|
else
|
2025-02-24 11:18:38 +01:00
|
|
|
msg_error "IPv4 Internet Not Connected"
|
2024-02-21 12:19:48 -05:00
|
|
|
fi
|
|
|
|
|
|
2025-02-24 11:18:38 +01:00
|
|
|
# Check IPv6 connectivity to Google, Cloudflare & Quad9 DNS servers.
|
2024-12-16 12:41:51 +01:00
|
|
|
if ping6 -c 1 -W 1 2606:4700:4700::1111 &>/dev/null || ping6 -c 1 -W 1 2001:4860:4860::8888 &>/dev/null || ping6 -c 1 -W 1 2620:fe::fe &>/dev/null; then
|
2025-02-24 11:18:38 +01:00
|
|
|
msg_ok "IPv6 Internet Connected"
|
2024-02-21 12:19:48 -05:00
|
|
|
ipv6_connected=true
|
|
|
|
|
else
|
2025-02-24 11:18:38 +01:00
|
|
|
msg_error "IPv6 Internet Not Connected"
|
2023-03-22 20:48:20 -04:00
|
|
|
fi
|
2024-02-02 07:40:50 -05:00
|
|
|
|
2025-02-24 11:18:38 +01:00
|
|
|
# If both IPv4 and IPv6 checks fail, prompt the user
|
2024-02-21 12:19:48 -05:00
|
|
|
if [[ $ipv4_connected == false && $ipv6_connected == false ]]; then
|
2025-06-20 13:28:06 +02:00
|
|
|
read -r -p "No Internet detected, would you like to continue anyway? <y/N> " prompt
|
2024-02-21 12:19:48 -05:00
|
|
|
if [[ "${prompt,,}" =~ ^(y|yes)$ ]]; then
|
2024-12-16 12:41:51 +01:00
|
|
|
echo -e "${INFO}${RD}Expect Issues Without Internet${CL}"
|
2024-02-02 07:40:50 -05:00
|
|
|
else
|
2024-12-16 12:41:51 +01:00
|
|
|
echo -e "${NETWORK}Check Network Settings"
|
2024-02-21 12:19:48 -05:00
|
|
|
exit 1
|
2024-02-02 07:40:50 -05:00
|
|
|
fi
|
|
|
|
|
fi
|
2025-07-04 22:19:35 +02:00
|
|
|
|
|
|
|
|
# DNS resolution checks for GitHub-related domains (IPv4 and/or IPv6)
|
|
|
|
|
GIT_HOSTS=("github.com" "raw.githubusercontent.com" "api.github.com" "git.community-scripts.org")
|
|
|
|
|
GIT_STATUS="Git DNS:"
|
|
|
|
|
DNS_FAILED=false
|
|
|
|
|
|
|
|
|
|
for HOST in "${GIT_HOSTS[@]}"; do
|
|
|
|
|
RESOLVEDIP=$(getent hosts "$HOST" | awk '{ print $1 }' | grep -E '(^([0-9]{1,3}\.){3}[0-9]{1,3}$)|(^[a-fA-F0-9:]+$)' | head -n1)
|
|
|
|
|
if [[ -z "$RESOLVEDIP" ]]; then
|
|
|
|
|
GIT_STATUS+="$HOST:($DNSFAIL)"
|
|
|
|
|
DNS_FAILED=true
|
|
|
|
|
else
|
|
|
|
|
GIT_STATUS+=" $HOST:($DNSOK)"
|
|
|
|
|
fi
|
|
|
|
|
done
|
|
|
|
|
|
|
|
|
|
if [[ "$DNS_FAILED" == true ]]; then
|
|
|
|
|
fatal "$GIT_STATUS"
|
|
|
|
|
else
|
|
|
|
|
msg_ok "$GIT_STATUS"
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
set -e
|
|
|
|
|
trap 'error_handler $LINENO "$BASH_COMMAND"' ERR
|
2023-03-22 20:48:20 -04:00
|
|
|
}
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# ==============================================================================
|
|
|
|
|
# SECTION 3: OS UPDATE & PACKAGE MANAGEMENT
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# update_os()
|
|
|
|
|
#
|
|
|
|
|
# - Updates container OS via apt-get update and dist-upgrade
|
|
|
|
|
# - Configures APT cacher proxy if CACHER=yes (accelerates package downloads)
|
|
|
|
|
# - Removes Python EXTERNALLY-MANAGED restrictions for pip
|
|
|
|
|
# - Sources tools.func for additional setup functions after update
|
|
|
|
|
# - Uses $STD wrapper to suppress output unless VERBOSE=yes
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2023-03-22 20:48:20 -04:00
|
|
|
update_os() {
|
|
|
|
|
msg_info "Updating Container OS"
|
2024-01-12 15:00:42 -05:00
|
|
|
if [[ "$CACHER" == "yes" ]]; then
|
2025-07-30 15:31:00 +02:00
|
|
|
echo 'Acquire::http::Proxy-Auto-Detect "/usr/local/bin/apt-proxy-detect.sh";' >/etc/apt/apt.conf.d/00aptproxy
|
|
|
|
|
cat <<EOF >/usr/local/bin/apt-proxy-detect.sh
|
2024-02-12 05:53:26 -05:00
|
|
|
#!/bin/bash
|
|
|
|
|
if nc -w1 -z "${CACHER_IP}" 3142; then
|
|
|
|
|
echo -n "http://${CACHER_IP}:3142"
|
|
|
|
|
else
|
|
|
|
|
echo -n "DIRECT"
|
|
|
|
|
fi
|
|
|
|
|
EOF
|
2025-02-24 11:18:38 +01:00
|
|
|
chmod +x /usr/local/bin/apt-proxy-detect.sh
|
2024-01-12 15:00:42 -05:00
|
|
|
fi
|
2023-03-22 20:48:20 -04:00
|
|
|
$STD apt-get update
|
2024-01-03 16:09:16 -05:00
|
|
|
$STD apt-get -o Dpkg::Options::="--force-confold" -y dist-upgrade
|
2024-06-29 11:03:54 -04:00
|
|
|
rm -rf /usr/lib/python3.*/EXTERNALLY-MANAGED
|
2023-03-22 20:48:20 -04:00
|
|
|
msg_ok "Updated Container OS"
|
2025-03-24 11:51:58 +01:00
|
|
|
|
2025-04-28 15:25:10 +02:00
|
|
|
source <(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/misc/tools.func)
|
2023-03-22 20:48:20 -04:00
|
|
|
}
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# ==============================================================================
|
|
|
|
|
# SECTION 4: MOTD & SSH CONFIGURATION
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# motd_ssh()
|
|
|
|
|
#
|
|
|
|
|
# - Configures Message of the Day (MOTD) with container information
|
|
|
|
|
# - Creates /etc/profile.d/00_lxc-details.sh with:
|
|
|
|
|
# * Application name
|
|
|
|
|
# * Warning banner (DEV repository)
|
|
|
|
|
# * OS name and version
|
|
|
|
|
# * Hostname and IP address
|
|
|
|
|
# * GitHub repository link
|
|
|
|
|
# - Disables executable flag on /etc/update-motd.d/* scripts
|
|
|
|
|
# - Enables root SSH access if SSH_ROOT=yes
|
|
|
|
|
# - Configures TERM environment variable for better terminal support
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2023-03-22 20:48:20 -04:00
|
|
|
motd_ssh() {
|
2024-12-16 12:41:51 +01:00
|
|
|
# Set terminal to 256-color mode
|
2025-02-24 11:18:38 +01:00
|
|
|
grep -qxF "export TERM='xterm-256color'" /root/.bashrc || echo "export TERM='xterm-256color'" >>/root/.bashrc
|
2024-12-16 12:41:51 +01:00
|
|
|
|
2025-01-21 11:02:11 +01:00
|
|
|
PROFILE_FILE="/etc/profile.d/00_lxc-details.sh"
|
2025-02-24 11:18:38 +01:00
|
|
|
echo "echo -e \"\"" >"$PROFILE_FILE"
|
|
|
|
|
echo -e "echo -e \"${BOLD}${APPLICATION} LXC Container${CL}"\" >>"$PROFILE_FILE"
|
|
|
|
|
echo -e "echo -e \"${TAB}${GATEWAY}${YW} Provided by: ${GN}community-scripts ORG ${YW}| GitHub: ${GN}https://github.com/community-scripts/ProxmoxVE${CL}\"" >>"$PROFILE_FILE"
|
|
|
|
|
echo "echo \"\"" >>"$PROFILE_FILE"
|
2025-12-07 21:29:09 +01:00
|
|
|
echo -e "echo -e \"${TAB}${OS}${YW} OS: ${GN}\$(grep ^NAME /etc/os-release | cut -d= -f2 | tr -d '\"') - Version: \$(grep ^VERSION_ID /etc/os-release | cut -d= -f2 | tr -d '\"')${CL}\"" >>"$PROFILE_FILE"
|
2025-02-24 11:18:38 +01:00
|
|
|
echo -e "echo -e \"${TAB}${HOSTNAME}${YW} Hostname: ${GN}\$(hostname)${CL}\"" >>"$PROFILE_FILE"
|
|
|
|
|
echo -e "echo -e \"${TAB}${INFO}${YW} IP Address: ${GN}\$(hostname -I | awk '{print \$1}')${CL}\"" >>"$PROFILE_FILE"
|
2024-12-16 12:41:51 +01:00
|
|
|
|
|
|
|
|
# Disable default MOTD scripts
|
|
|
|
|
chmod -x /etc/update-motd.d/*
|
2024-12-16 23:43:32 +01:00
|
|
|
|
|
|
|
|
if [[ "${SSH_ROOT}" == "yes" ]]; then
|
|
|
|
|
sed -i "s/#PermitRootLogin prohibit-password/PermitRootLogin yes/g" /etc/ssh/sshd_config
|
|
|
|
|
systemctl restart sshd
|
|
|
|
|
fi
|
2023-03-22 20:48:20 -04:00
|
|
|
}
|
|
|
|
|
|
Three-tier defaults system | security improvements | error_handler | improved logging | improved container creation | improved architecture (#9540)
* Refactor Core
Refactored misc/alpine-install.func to improve error handling, network checks, and MOTD setup. Added misc/alpine-tools.func and misc/error_handler.func for modular tool installation and error management. Enhanced misc/api.func with detailed exit code explanations and telemetry functions. Updated misc/core.func for better initialization, validation, and execution helpers. Removed misc/create_lxc.sh as part of cleanup.
* Delete config-file.func
* Update install.func
* Refactor stop_all_services function and variable names
Refactor service stopping logic and improve variable handling
* Refactor installation script and update copyright
Updated copyright information and adjusted package installation commands. Enhanced IPv6 disabling logic and improved container customization process.
* Update install.func
* Update license comment format in install.func
* Refactor IPv6 handling and enhance MOTD and SSH
Refactor IPv6 handling and update OS function. Enhance MOTD with additional details and configure SSH settings.
* big core refactor
* Enhance IPv6 configuration menu options
Updated IPv6 Address Management menu options for clarity and added a new option for fully disabling IPv6.
* Update default Node.js version to 24 LTS
* Update misc/alpine-tools.func
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
* indention
* remove debugf and duplicate codes
* Update whiptail backtitles and error codes
Removed '[dev]' from whiptail --backtitle strings for consistency. Refactored custom exit codes in build.func and error_handler.func: updated Proxmox error codes, shifted MySQL/MariaDB codes to 260-263, and removed unused MongoDB code. Updated error descriptions to match new codes.
* comments
* Refactor error handling and clean up debug comments
Standardized bash variable checks, removed unnecessary debug and commented code, and clarified error handling logic in container build and setup scripts. These changes improve code readability and maintainability without altering functional behavior.
* Update build.func
* feat: Improve LXC network checks and LINSTOR storage handling
Enhanced LXC container network setup to check for both IPv4 and IPv6 addresses, added connectivity (ping) tests, and provided troubleshooting tips on failure. Updated storage validation to support LINSTOR, including cluster connectivity checks and special handling for LINSTOR template storage.
---------
Co-authored-by: Michel Roegl-Brunner <73236783+michelroegl-brunner@users.noreply.github.com>
2025-12-04 07:52:18 +01:00
|
|
|
# ==============================================================================
|
|
|
|
|
# SECTION 5: CONTAINER CUSTOMIZATION
|
|
|
|
|
# ==============================================================================
|
|
|
|
|
|
|
|
|
|
# ------------------------------------------------------------------------------
|
|
|
|
|
# customize()
|
|
|
|
|
#
|
|
|
|
|
# - Customizes container for passwordless root login if PASSWORD is empty
|
|
|
|
|
# - Configures getty for auto-login via /etc/systemd/system/container-getty@1.service.d/override.conf
|
|
|
|
|
# - Creates /usr/bin/update script for easy application updates
|
|
|
|
|
# - Injects SSH authorized keys if SSH_AUTHORIZED_KEY variable is set
|
|
|
|
|
# - Sets proper permissions on SSH directories and key files
|
|
|
|
|
# ------------------------------------------------------------------------------
|
2023-03-22 20:48:20 -04:00
|
|
|
customize() {
|
2023-05-15 07:39:30 -04:00
|
|
|
if [[ "$PASSWORD" == "" ]]; then
|
2023-06-25 00:00:32 -04:00
|
|
|
msg_info "Customizing Container"
|
|
|
|
|
GETTY_OVERRIDE="/etc/systemd/system/container-getty@1.service.d/override.conf"
|
|
|
|
|
mkdir -p $(dirname $GETTY_OVERRIDE)
|
|
|
|
|
cat <<EOF >$GETTY_OVERRIDE
|
2023-03-22 20:48:20 -04:00
|
|
|
[Service]
|
|
|
|
|
ExecStart=
|
|
|
|
|
ExecStart=-/sbin/agetty --autologin root --noclear --keep-baud tty%I 115200,38400,9600 \$TERM
|
|
|
|
|
EOF
|
2023-06-25 00:00:32 -04:00
|
|
|
systemctl daemon-reload
|
|
|
|
|
systemctl restart $(basename $(dirname $GETTY_OVERRIDE) | sed 's/\.d//')
|
|
|
|
|
msg_ok "Customized Container"
|
2023-03-22 20:48:20 -04:00
|
|
|
fi
|
2025-04-04 16:05:12 +02:00
|
|
|
echo "bash -c \"\$(curl -fsSL https://raw.githubusercontent.com/community-scripts/ProxmoxVE/main/ct/${app}.sh)\"" >/usr/bin/update
|
2023-10-05 15:36:19 -04:00
|
|
|
chmod +x /usr/bin/update
|
2025-01-15 15:01:24 +01:00
|
|
|
|
|
|
|
|
if [[ -n "${SSH_AUTHORIZED_KEY}" ]]; then
|
|
|
|
|
mkdir -p /root/.ssh
|
2025-02-24 11:18:38 +01:00
|
|
|
echo "${SSH_AUTHORIZED_KEY}" >/root/.ssh/authorized_keys
|
2025-01-15 15:01:24 +01:00
|
|
|
chmod 700 /root/.ssh
|
|
|
|
|
chmod 600 /root/.ssh/authorized_keys
|
|
|
|
|
fi
|
2024-01-21 04:30:01 -05:00
|
|
|
}
|
