Last active
September 5, 2023 15:45
-
-
Save bx-sa1/5757bc1ddf9d3acfbbe95ac48bb2bfe4 to your computer and use it in GitHub Desktop.
lxc container creation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash -e | |
if [ "$EUID" -ne 0 ];then | |
echo "Please run this script as root" | |
exit 1 | |
fi | |
echo "Allow user to create network devices..." | |
echo "$(id -un) veth lxcbr0 10" | sudo tee -a /etc/lxc/lxc-usernet | |
echo "Remap uids and gids and copy to user config dir..." | |
mkdir ~/.config/lxc | |
cp /etc/lxc/default.conf ~/.config/lxc/default.conf | |
MS_UID="$(grep "$(id -un)" /etc/subuid | cut -d : -f 2)" | |
ME_UID="$(grep "$(id -un)" /etc/subuid | cut -d : -f 3)" | |
MS_GID="$(grep "$(id -un)" /etc/subgid | cut -d : -f 2)" | |
ME_GID="$(grep "$(id -un)" /etc/subgid | cut -d : -f 3)" | |
echo "lxc.idmap = u 0 $MS_UID $ME_UID" >> ~/.config/lxc/default.conf | |
echo "lxc.idmap = g 0 $MS_GID $ME_GID" >> ~/.config/lxc/default.conf | |
echo "Create network bridge lxcbr0..." | |
echo "Allow lxcbr0 in firewall...." | |
firewall-cmd --permanent --zone=trusted --add-interface=lxcbr0 | |
firewall-cmd --reload | |
if grep -qF "alias lxc-user" ~/.bashrc ; then | |
echo "Add alias to bashrc so user can call lxc commands..." | |
cat >> ~/.bashrc << EOM | |
function --lxc-user() { | |
systemd-run --unit=my-unit --user --scope -p "Delegate=yes" -- lxc-$1 ${@:2} | |
} | |
alias lxc-user="--lxc-user" | |
EOM | |
fi | |
echo "Add +x perms to home and .local/share..." | |
chmod +x ~ | |
chmod +x ~/.local/share | |
echo "" | |
echo "Done. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment