configured nixos-pve-config to prompt for password if wanted

This commit is contained in:
root 2024-12-10 05:30:36 -08:00
parent 2f0ef69d01
commit 0865902a6f

218
scripts/nixos-pve-config Normal file → Executable file
View File

@ -7,116 +7,142 @@ GREEN='\033[0;32m'
RED='\033[0;31m' RED='\033[0;31m'
NC='\033[0m' NC='\033[0m'
# Function to list and select NixOS containers # Check for root
list_nixos_containers() {
declare -a valid_ctids
echo -e "${BLUE}Available NixOS Containers:${NC}"
printf "%-8s %s\n" "VMID" "Name"
echo "----------------"
for conf in /etc/pve/lxc/*.conf; do
if grep -q "^ostype: nixos" "$conf"; then
vmid=$(basename "$conf" .conf)
name=$(grep "^hostname:" "$conf" | cut -d' ' -f2)
printf "%-8s %s\n" "$vmid" "$name"
valid_ctids+=("$vmid")
fi
done
if [ ${#valid_ctids[@]} -eq 0 ]; then
echo -e "${RED}No NixOS containers found!${NC}" >&2
return 1
fi
echo -e "\nEnter the CTID of the container you want to configure:"
read -r selected_ctid
for ctid in "${valid_ctids[@]}"; do
if [ "$ctid" = "$selected_ctid" ]; then
echo "$selected_ctid"
return 0
fi
done
echo -e "${RED}Error: Invalid CTID selected!${NC}" >&2
return 1
}
# Function to setup LXC terminal
setup_lxc_terminal() {
local CTID="$1"
local PVE_CONFIG="/etc/pve/lxc/${CTID}.conf"
local LXC_CONFIG="/var/lib/lxc/${CTID}/config"
update_config_line "$PVE_CONFIG" "lxc.init_cmd:" "lxc.init_cmd: /run/current-system/sw/bin/bash"
update_config_line "$PVE_CONFIG" "cmode:" "cmode: shell"
update_config_line "$LXC_CONFIG" "lxc.init.cmd" "lxc.init.cmd = /run/current-system/sw/bin/bash"
update_config_line "$LXC_CONFIG" "lxc.environment = TERM" "lxc.environment = TERM=linux"
update_config_line "$LXC_CONFIG" "lxc.environment = PATH" "lxc.environment = PATH=/run/current-system/sw/bin"
}
# Function to update config lines
update_config_line() {
local file="$1"
local search="$2"
local replace="$3"
if [ -f "$file" ]; then
if ! grep -q "^${search}" "$file"; then
echo "${replace}" >> "$file"
else
sed -i "s|^${search}.*|${replace}|" "$file"
fi
fi
}
# Function to mount and copy configs
mount_nixos_config() {
local CTID="$1"
local MOUNT_POINT="/root/nixos-config-${CTID}"
local CONFIG_FILE="/etc/pve/lxc/${CTID}.conf"
ROOTFS_LINE=$(grep "^rootfs:" "$CONFIG_FILE")
VOLUME_NAME=$(echo "$ROOTFS_LINE" | sed 's/rootfs: local-lvm:\([^,]*\).*/\1/')
DEVICE_PATH="/dev/pve/${VOLUME_NAME}"
mkdir -p "$MOUNT_POINT"
mount "$DEVICE_PATH" "$MOUNT_POINT"
mkdir -p "${MOUNT_POINT}/etc/nixos"
cp -r "${REPO_DIR}/nix-config/"* "${MOUNT_POINT}/etc/nixos/"
umount "$MOUNT_POINT"
rmdir "$MOUNT_POINT"
}
# Main execution
if [ "$(id -u)" -ne 0 ]; then if [ "$(id -u)" -ne 0 ]; then
echo -e "${RED}This script must be run as root${NC}" echo -e "${RED}This script must be run as root${NC}"
exit 1 exit 1
fi fi
# Setup repository
REPO_DIR="/root/.nixos-utils" REPO_DIR="/root/.nixos-utils"
if [ -d "$REPO_DIR" ]; then
cd "$REPO_DIR"
git pull
else
git clone https://git.jeirslab.xyz/jeirmeister/NixOS-PVE-LXC.git "$REPO_DIR"
cd "$REPO_DIR"
fi
# Select and configure container # List and select NixOS containers
CTID=$(list_nixos_containers) declare -a valid_ctids
if [ -z "$CTID" ]; then echo -e "${BLUE}Available NixOS Containers:${NC}"
echo -e "${RED}No container ID was selected${NC}" printf "%-8s %s\n" "VMID" "Name"
echo "----------------"
for conf in /etc/pve/lxc/*.conf; do
if grep -q "^ostype: nixos" "$conf"; then
vmid=$(basename "$conf" .conf)
name=$(grep "^hostname:" "$conf" | cut -d' ' -f2)
printf "%-8s %s\n" "$vmid" "$name"
valid_ctids+=("$vmid")
fi
done
if [ ${#valid_ctids[@]} -eq 0 ]; then
echo -e "${RED}No NixOS containers found!${NC}" >&2
exit 1 exit 1
fi fi
# Container selection
while true; do
echo -e "\nEnter the CTID of the container you want to configure:"
read -r CTID
valid_selection=0
for ctid in "${valid_ctids[@]}"; do
if [ "$ctid" = "$CTID" ]; then
valid_selection=1
break
fi
done
if [ $valid_selection -eq 1 ]; then
break
else
echo -e "${RED}Error: Invalid CTID selected! Please try again.${NC}" >&2
fi
done
echo -e "${GREEN}Selected container: $CTID${NC}" echo -e "${GREEN}Selected container: $CTID${NC}"
# Password setup prompt
echo -e "\nWould you like to set a password for the 'nixos' user? (y/n)"
read -r set_password
if [[ "$set_password" =~ ^[Yy]$ ]]; then
while true; do
echo -e "\nEnter new password for 'nixos' user:"
read -s password
echo -e "\nConfirm password:"
read -s password_confirm
if [ "$password" = "$password_confirm" ]; then
echo -e "\n${GREEN}Password confirmed${NC}"
break
else
echo -e "\n${RED}Passwords do not match. Please try again.${NC}"
echo -e "Press Enter to continue or Ctrl+C to exit"
read -r
fi
done
fi
echo -e "\nConfiguring NixOS container $CTID..." echo -e "\nConfiguring NixOS container $CTID..."
setup_lxc_terminal "$CTID" # Setup LXC terminal configuration
mount_nixos_config "$CTID" PVE_CONFIG="/etc/pve/lxc/${CTID}.conf"
LXC_CONFIG="/var/lib/lxc/${CTID}/config"
# Update PVE config
if [ -f "$PVE_CONFIG" ]; then
if ! grep -q "^lxc.init_cmd:" "$PVE_CONFIG"; then
echo "lxc.init_cmd: /run/current-system/sw/bin/bash" >> "$PVE_CONFIG"
else
sed -i "s|^lxc.init_cmd:.*|lxc.init_cmd: /run/current-system/sw/bin/bash|" "$PVE_CONFIG"
fi
if ! grep -q "^cmode:" "$PVE_CONFIG"; then
echo "cmode: shell" >> "$PVE_CONFIG"
else
sed -i "s|^cmode:.*|cmode: shell|" "$PVE_CONFIG"
fi
fi
# Update LXC config
if [ -f "$LXC_CONFIG" ]; then
if ! grep -q "^lxc.init.cmd" "$LXC_CONFIG"; then
echo "lxc.init.cmd = /run/current-system/sw/bin/bash" >> "$LXC_CONFIG"
else
sed -i "s|^lxc.init.cmd.*|lxc.init.cmd = /run/current-system/sw/bin/bash|" "$LXC_CONFIG"
fi
if ! grep -q "^lxc.environment = TERM" "$LXC_CONFIG"; then
echo "lxc.environment = TERM=linux" >> "$LXC_CONFIG"
else
sed -i "s|^lxc.environment = TERM.*|lxc.environment = TERM=linux|" "$LXC_CONFIG"
fi
if ! grep -q "^lxc.environment = PATH" "$LXC_CONFIG"; then
echo "lxc.environment = PATH=/run/current-system/sw/bin" >> "$LXC_CONFIG"
else
sed -i "s|^lxc.environment = PATH.*|lxc.environment = PATH=/run/current-system/sw/bin|" "$LXC_CONFIG"
fi
fi
# Mount and copy configs
MOUNT_POINT="/root/nixos-config-${CTID}"
CONFIG_FILE="/etc/pve/lxc/${CTID}.conf"
ROOTFS_LINE=$(grep "^rootfs:" "$CONFIG_FILE")
VOLUME_NAME=$(echo "$ROOTFS_LINE" | sed 's/rootfs: local-lvm:\([^,]*\).*/\1/')
DEVICE_PATH="/dev/pve/${VOLUME_NAME}"
mkdir -p "$MOUNT_POINT"
mount "$DEVICE_PATH" "$MOUNT_POINT"
mkdir -p "${MOUNT_POINT}/etc/nixos"
cp -r "${REPO_DIR}/nix-config/"* "${MOUNT_POINT}/etc/nixos/"
# Set password if requested
if [[ "$set_password" =~ ^[Yy]$ ]]; then
pct exec ${CTID} -- echo "nixos:${password}" | chpasswd
fi
umount "$MOUNT_POINT"
rmdir "$MOUNT_POINT"
# Rebuild NixOS configuration
echo "Rebuilding NixOS configuration..." echo "Rebuilding NixOS configuration..."
pct exec ${CTID} -- nix-channel --update pct exec ${CTID} -- nix-channel --update
pct exec ${CTID} -- nixos-rebuild switch -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos -I nixos-config=/etc/nixos/configuration.nix pct exec ${CTID} -- nixos-rebuild switch -I nixpkgs=/nix/var/nix/profiles/per-user/root/channels/nixos -I nixos-config=/etc/nixos/configuration.nix