#!/bin/bash
# Load config
. /etc/fai/lxc.conf
if [[ "$1" = "" ]]; then
echo Error: Hostname is required!
exit
fi
hostname=$1
fqdn=$1
hostname=`echo $hostname | sed 's/\..*//'` # strip off domain if exists
lxcuser=lxc-$hostname
lxchome=/home/$lxcuser
local=$lxchome/$local_subd
target=$local/$hostname
config=$lxchome/$config_subd
##############
# Chown jail #
##############
# Get last UID & GID range, and add offset
uid_start=$((`cut -d: -f2 /etc/subuid | sort -n | tail -1`+`cut -d: -f3 /etc/subuid | sort -n | tail -1`))
gid_start=$((`cut -d: -f2 /etc/subgid | sort -n | tail -1`+`cut -d: -f3 /etc/subgid | sort -n | tail -1`))
echo "$lxcuser:$uid_start:$ugid_offset" >> /etc/subuid
echo "$lxcuser:$gid_start:$ugid_offset" >> /etc/subgid
echo Configuring bridge...
echo "$lxcuser $net_type $bridge 1" >> $lxcusernet
echo Creating LXC user: $lxcuser...
adduser --system --shell /bin/sh --disabled-password --gid $lxcgid $lxcuser
usermod -a $lxcuser -G tty
echo Setting up HOME...
mkdir -p $local
mkdir -p $config
mkdir $lxchome/.ssh
cp /etc/lxc/default.conf $config
cp /root/.ssh/id_rsa.pub $lxchome/.ssh/authorized_keys
chown -R $lxcuser.$lxcgroup $lxchome
chmod 700 $lxchome/.ssh/
chmod 400 $lxchome/.ssh/authorized_keys
##################
# Install Chroot #
##################
echo Creating $hostname in $target
$fai -Nu $fqdn dirinstall $target/rootfs
echo Copying SSH Keys...
mkdir $target/rootfs/root/.ssh
cp /root/.ssh/id_rsa.pub $target/rootfs/root/.ssh/authorized_keys
chmod 700 $target/rootfs/root/.ssh
chmod 600 $target/rootfs/root/.ssh/authorized_keys
#############
# Configure #
#############
echo Writing config file...
cat <<EOF >$local/$hostname/config
lxc.utsname = $hostname
lxc.network.type = $net_type
lxc.network.flags = up
lxc.network.link = $bridge
lxc.network.name = eth0
lxc.rootfs = $target/rootfs
lxc.id_map = u 0 $uid_start 65536
lxc.id_map = g 0 $gid_start 65536
lxc.start.auto = 1
lxc.pts = 1024
lxc.kmsg = 0
lxc.mount.auto = proc:mixed sys:ro
EOF
###################
# Fix Permissions #
###################
chown root.$lxcgroup $local/$hostname/config
chmod 440 $local/$hostname/config
echo Setting UIDs and GIDs for $target/rootfs...
for olduid in `cut -d: -f3 $target/rootfs/etc/passwd`; do
newuid=$(($uid_start+$olduid))
find $target/rootfs \! -type l -uid $olduid -print0 | xargs -0 chown $newuid &>/dev/null
done
for oldgid in `cut -d: -f3 $target/rootfs/etc/group`; do
newgid=$(($gid_start+$oldgid))
find $target/rootfs \! -type l -gid $oldgid -print0 | xargs -0 chgrp $newgid &>/dev/null
done
# Work around for: https://gist.github.com/tarruda/2aea9107f04d8b8d8dbf
startscript=$lxcscripts/$hostname-start
cat <<EOF >$startscript
#!/usr/bin/expect
set timeout 300
set ssh_session {ssh $lxcuser@localhost -t lxc-autostart}
spawn {*}\$ssh_session
expect eof
EOF
stopscript=$lxcscripts/$hostname-stop
cat <<EOF >$stopscript
#!/usr/bin/expect
set timeout 300
set ssh_session {ssh $lxcuser@localhost -t lxc-stop -n $hostname}
spawn {*}\$ssh_session
expect eof
EOF
chmod u+x $stopscript
chmod u+x $startscript