tuto3: add vm for vitrine
This commit is contained in:
parent
c880529034
commit
259375f316
31
tuto3.yml
31
tuto3.yml
@ -213,6 +213,21 @@ services:
|
||||
- /etc/hosts:/etc/hosts:ro
|
||||
- /etc/dresolv.conf:/etc/resolv.conf
|
||||
- /etc/services:/etc/services:ro
|
||||
- name: web
|
||||
image: nemunaire/tinydeb:eaa617bf726fb4cadfa22b3947709579e6001212
|
||||
net: /run/netns/web
|
||||
pid: new
|
||||
ipc: new
|
||||
uts: new
|
||||
hostname: vitrine
|
||||
command: ["/sbin/init"]
|
||||
capabilities:
|
||||
- all
|
||||
mounts:
|
||||
- type: cgroup
|
||||
options: ["rw","nosuid","noexec","nodev","relatime"]
|
||||
binds:
|
||||
- /etc/dresolv.conf:/etc/resolv.conf
|
||||
|
||||
files:
|
||||
- path: etc/hosts
|
||||
@ -350,6 +365,17 @@ files:
|
||||
ip netns exec ttrss ip route add default via $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:1#")
|
||||
}
|
||||
|
||||
ip netns add web
|
||||
ip link add vethin-web type veth peer name veth-web
|
||||
ip link set vethin-web netns web
|
||||
ip netns exec web ip link set vethin-web up
|
||||
ip netns exec web ip a add 172.23.42.7/24 dev vethin-web
|
||||
ip netns exec web ip route add default via 172.23.42.1
|
||||
grep MyIPv6= /var/lib/adlin/wireguard/adlin.conf > /dev/null && {
|
||||
ip netns exec web ip a add $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:7/96#") dev vethin-web
|
||||
ip netns exec web ip route add default via $(sed 's/^.*MyIPv6=//p;d' /var/lib/adlin/wireguard/adlin.conf | sed "s#:[^:/]*/.*\$#:1#")
|
||||
}
|
||||
|
||||
# Network: bridges
|
||||
ip l add brsrv type bridge
|
||||
ip link set veth-srv master brsrv
|
||||
@ -358,12 +384,14 @@ files:
|
||||
ip link set veth-db master brsrv
|
||||
ip link set veth-chat master brsrv
|
||||
ip link set veth-ttrss master brsrv
|
||||
ip link set veth-web master brsrv
|
||||
ip link set veth-srv up
|
||||
ip link set veth-ns up
|
||||
ip link set veth-nsauth up
|
||||
ip link set veth-db up
|
||||
ip link set veth-chat up
|
||||
ip link set veth-ttrss up
|
||||
ip link set veth-web up
|
||||
ip link set brsrv up
|
||||
|
||||
ip l add brwks type bridge
|
||||
@ -390,6 +418,8 @@ files:
|
||||
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/matrix/rootfs/etc/shadow
|
||||
cp /etc/services /containers/services/matrix/rootfs/etc/services
|
||||
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/ns-auth/rootfs/etc/shadow
|
||||
cp /etc/services /containers/services/web/rootfs/etc/services
|
||||
sed -ri '/^root/s@^.*$@root:$6$QNuPvO59Xk4UO3le$3P0V2ef6dHlKgO1FHsKcPPgOvL.YeCOPFqfIVTtpYn5eEn3xkgGYeM1RMCQ9l/eTc6rRc.l.WeRe1iJVznVGj/:17968:0:99999:7:::@' /containers/services/web/rootfs/etc/shadow
|
||||
exit 0
|
||||
mode: "0555"
|
||||
|
||||
@ -471,6 +501,7 @@ files:
|
||||
local-zone: "adlin.p0m.fr" typetransparent
|
||||
local-data: "news.adlin.p0m.fr A 172.23.42.1"
|
||||
local-data: "matrix.adlin.p0m.fr A 172.23.42.1"
|
||||
local-data: "www.adlin.p0m.fr A 172.23.42.1"
|
||||
remote-control:
|
||||
control-enable: no
|
||||
forward-zone:
|
||||
|
Reference in New Issue
Block a user