teach
/
adlin
Archived
0
0
Fork 0
Code Issues 1 Pull Requests 4 Releases Activity

tuto3: add vm for vitrine

This commit is contained in:
nemunaire 2020-04-07 19:50:46 +02:00
parent c880529034
commit 259375f316
1 changed files with 31 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
tuto3.yml
View File

@ -213,6 +213,21 @@ services:
- /etc/hosts:/etc/hosts:ro
- /etc/dresolv.conf:/etc/resolv.conf
- /etc/services:/etc/services:ro
- name: web
image: nemunaire/tinydeb:eaa617bf726fb4cadfa22b3947709579e6001212
net: /run/netns/web
pid: new
ipc: new
uts: new
hostname: vitrine
command: ["/sbin/init"]
capabilities:
- all
mounts:
- type: cgroup
options: ["rw","nosuid","noexec","nodev","relatime"]
binds:
- /etc/dresolv.conf:/etc/resolv.conf
files:
- path: etc/hosts
@ -350,6 +365,17 @@ files:
ip netns exec ttrss ip route add default via $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:1#")
}
ip netns add web
ip link add vethin-web type veth peer name veth-web
ip link set vethin-web netns web
ip netns exec web ip link set vethin-web up
ip netns exec web ip a add 172.23.42.7/24 dev vethin-web
ip netns exec web ip route add default via 172.23.42.1
grep MyIPv6= /var/lib/adlin/wireguard/adlin.conf > /dev/null && {
ip netns exec web ip a add $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:7/96#") dev vethin-web
ip netns exec web ip route add default via $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:1#")
}
# Network: bridges
ip l add brsrv type bridge
ip link set veth-srv master brsrv
@ -358,12 +384,14 @@ files:
ip link set veth-db master brsrv
ip link set veth-chat master brsrv
ip link set veth-ttrss master brsrv
ip link set veth-web master brsrv
ip link set veth-srv up
ip link set veth-ns up
ip link set veth-nsauth up
ip link set veth-db up
ip link set veth-chat up
ip link set veth-ttrss up
ip link set veth-web up
ip link set brsrv up
ip l add brwks type bridge
@ -390,6 +418,8 @@ files:
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/matrix/rootfs/etc/shadow
cp /etc/services /containers/services/matrix/rootfs/etc/services
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/ns-auth/rootfs/etc/shadow
cp /etc/services /containers/services/web/rootfs/etc/services
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/web/rootfs/etc/shadow
exit 0
mode: "0555"
@ -471,6 +501,7 @@ files:
local-zone: "adlin.p0m.fr" typetransparent
local-data: "news.adlin.p0m.fr A 172.23.42.1"
local-data: "matrix.adlin.p0m.fr A 172.23.42.1"
local-data: "www.adlin.p0m.fr A 172.23.42.1"
remote-control:
control-enable: no
forward-zone: