diff --git a/vm.sh b/vm.sh index be71927..2a09266 100755 --- a/vm.sh +++ b/vm.sh @@ -14,8 +14,8 @@ echo # Set up repositories cat </etc/apk/repositories -http://dl-cdn.alpinelinux.org/alpine/v3.9/main -http://dl-cdn.alpinelinux.org/alpine/v3.9/community +http://dl-cdn.alpinelinux.org/alpine/v3.11/main +http://dl-cdn.alpinelinux.org/alpine/v3.11/community EOF # Install disk management tools @@ -63,8 +63,8 @@ mount -t ext4 /dev/sda1 /mnt/boot setup-disk -m sys /mnt # Update boot-time volume information -export BOOT_UUID=$(blkid -o value /dev/sda1 | head -1) -export CRYPT_UUID=$(blkid -o value /dev/sda2 | head -1) +export BOOT_UUID=$(blkid -s UUID -o value /dev/sda1) +export CRYPT_UUID=$(blkid -s UUID -o value /dev/sda2) cat </mnt/etc/fstab /dev/vg0/root / ext4 rw,noatime,data=ordered 0 1 UUID=${BOOT_UUID} /boot ext4 rw,noatime,data=ordered 0 2 @@ -88,10 +88,9 @@ chroot /mnt setup-timezone -z Europe/Prague apk --no-cache add apache2-utils gettext wget https://repo.spotter.cz/vm.tar -O - | tar xf - -C /mnt envsubst /mnt/boot/extlinux.conf -chroot /mnt apk --no-cache add bridge ca-certificates curl e2fsprogs-extra gettext iptables kbd-misc libressl logrotate lxc postfix nginx openssh-server openssh-sftp-server util-linux wireguard-virt@vm wireguard-tools-wg@vm acme-sh@vm vmmgr@vm +chroot /mnt apk --no-cache add bridge ca-certificates curl e2fsprogs-extra gettext iptables kbd-misc libressl logrotate postfix nginx openssh-server openssh-sftp-server util-linux wireguard-virt wireguard-tools-wg acme-sh@vm spoc@vm vmmgr@vm chroot /mnt newaliases -mkdir -p /mnt/var/log/lxc -for SERVICE in cgroups consolefont crond iptables networking nginx ntpd postfix swap urandom vmmgr; do +for SERVICE in consolefont crond iptables networking nginx ntpd postfix spoc swap urandom vmmgr; do ln -s /etc/init.d/${SERVICE} /mnt/etc/runlevels/boot done ADMINPWD=$(htpasswd -bnBC 10 '' "${ENCPWD}" | tr -d ':\n' | sed 's/$2y/$2b/') envsubst /mnt/etc/vmmgr/config.json diff --git a/vm/etc/apk/repositories b/vm/etc/apk/repositories index 1e79354..a99e30b 100644 --- a/vm/etc/apk/repositories +++ b/vm/etc/apk/repositories @@ -1,3 +1,3 @@ -http://dl-cdn.alpinelinux.org/alpine/v3.9/main -http://dl-cdn.alpinelinux.org/alpine/v3.9/community -@vm https://repo.spotter.cz/alpine/v3.9/apk +http://dl-cdn.alpinelinux.org/alpine/v3.11/main +http://dl-cdn.alpinelinux.org/alpine/v3.11/community +@vm https://repo.spotter.cz/alpine/v3.11/apk diff --git a/vm/etc/conf.d/iptables b/vm/etc/conf.d/iptables index e2a9fd4..fec1ad5 100644 --- a/vm/etc/conf.d/iptables +++ b/vm/etc/conf.d/iptables @@ -8,7 +8,7 @@ IPTABLES_SAVE="/etc/iptables/rules-save" SAVE_RESTORE_OPTIONS="-c" # Save state on stopping iptables -SAVE_ON_STOP="yes" +SAVE_ON_STOP="no" # Enable/disable IPv4 forwarding with the rules IPFORWARD="yes" diff --git a/vm/etc/iptables/rules-save b/vm/etc/iptables/rules-save index 8d489a6..2cc9795 100644 --- a/vm/etc/iptables/rules-save +++ b/vm/etc/iptables/rules-save @@ -3,5 +3,5 @@ :INPUT ACCEPT [0:0] :OUTPUT ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -[0:0] -A POSTROUTING -o eth0 -j MASQUERADE +[0:0] -A POSTROUTING -o spocbr0 -j MASQUERADE COMMIT diff --git a/vm/etc/network/interfaces b/vm/etc/network/interfaces index beb0049..1704644 100644 --- a/vm/etc/network/interfaces +++ b/vm/etc/network/interfaces @@ -4,8 +4,8 @@ iface lo inet loopback auto eth0 iface eth0 inet dhcp -auto lxcbr0 -iface lxcbr0 inet static +auto spocbr0 +iface spocbr0 inet static address 172.17.0.1 netmask 255.255.0.0 bridge_fd 0 diff --git a/vm/etc/rc.conf b/vm/etc/rc.conf index 2a701ab..1eaf389 100644 --- a/vm/etc/rc.conf +++ b/vm/etc/rc.conf @@ -1,2 +1,3 @@ -unicode="YES" +rc_cgroup_mode=unified rc_tty_number=1 +unicode="YES"