diff --git a/config-lxc.sh b/config-lxc.sh index 500b8f2..6f8c2a0 100644 --- a/config-lxc.sh +++ b/config-lxc.sh @@ -1,5 +1,18 @@ #!/bin/bash +set -e + +# Function to display usage +usage() { + echo "Usage: $0 --ssh-key --ip --gateway --user " + echo " : ID of the container (100-999)" + echo " --ssh-key: SSH public key for the user" + echo " --ip: IP address for the container" + echo " --gateway: Gateway IP address" + echo " --user: Username for the admin user (default: admin)" + exit 1 +} + # Function to validate IP address format validate_ip() { if [[ $1 =~ ^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$ ]]; then @@ -8,19 +21,35 @@ validate_ip() { return 1 } +# Parse command-line arguments +CTID=$1 +shift + +while [[ $# -gt 0 ]]; do + case $1 in + --ssh-key) SSH_KEY="$2"; shift 2 ;; + --ip) IP_ADDRESS="$2"; shift 2 ;; + --gateway) GATEWAY="$2"; shift 2 ;; + --user) USERNAME="$2"; shift 2 ;; + *) echo "Unknown option: $1"; usage ;; + esac +done + +# Validate inputs +[[ ! $CTID =~ ^[1-9][0-9]{2}$ ]] && { echo "Error: Invalid container ID"; usage; } +[[ -z $SSH_KEY ]] && { echo "Error: SSH key is required"; usage; } +[[ -z $IP_ADDRESS ]] && { echo "Error: IP address is required"; usage; } +[[ -z $GATEWAY ]] && { echo "Error: Gateway is required"; usage; } +validate_ip "$IP_ADDRESS" || { echo "Error: Invalid IP address"; usage; } +validate_ip "$GATEWAY" || { echo "Error: Invalid gateway"; usage; } +USERNAME=${USERNAME:-admin} + # Function to generate NixOS configuration generate_nixos_config() { - local ssh_key="$1" - local ip_addr="$2" - local gateway="$3" - - cat << 'EOF' + cat << EOF { modulesPath, config, pkgs, ... }: { - imports = - [ - "${modulesPath}/virtualisation/lxc-container.nix" - ]; + imports = [ "\${modulesPath}/virtualisation/lxc-container.nix" ]; boot.isContainer = true; systemd.suppressedSystemUnits = [ @@ -29,31 +58,22 @@ generate_nixos_config() { "sys-fs-fuse-connections.mount" ]; - environment.systemPackages = with pkgs; [ - openssh - binutils - man - git - ]; + environment.systemPackages = with pkgs; [ openssh binutils man git ]; - users.users.admin = { + users.users.${USERNAME} = { isNormalUser = true; extraGroups = [ "wheel" ]; - openssh.authorizedKeys.keys = [ -EOF - echo " \"$ssh_key\"" - cat << 'EOF' - ]; + openssh.authorizedKeys.keys = [ "${SSH_KEY}" ]; }; - security.sudo.wheelNeedsPassword = true; + security.sudo.wheelNeedsPassword = false; programs.nix-ld.enable = true; services.openssh = { enable = true; settings = { - AllowUsers = ["admin"]; + AllowUsers = ["${USERNAME}"]; PasswordAuthentication = false; PermitRootLogin = "no"; }; @@ -63,11 +83,10 @@ EOF dhcpcd.enable = false; useDHCP = false; useHostResolvConf = false; -EOF - echo " defaultGateway = \"$gateway\";" - echo " interfaces.eth0.ipv4.addresses = [{" - echo " address = \"$ip_addr\";" - cat << 'EOF' + defaultGateway = "${GATEWAY}"; + nameservers = [ "8.8.8.8" "8.8.4.4" ]; + interfaces.eth0.ipv4.addresses = [{ + address = "${IP_ADDRESS}"; prefixLength = 24; }]; }; @@ -77,62 +96,21 @@ EOF EOF } -# Get Container ID -echo "Enter Container ID (100-999):" -read CTID -while ! [[ "$CTID" =~ ^[1-9][0-9]{2}$ ]]; do - echo "Invalid Container ID. Please enter a number between 100-999:" - read CTID -done - -# Get SSH Key -echo "Enter SSH public key:" -read SSH_KEY -while [ -z "$SSH_KEY" ]; do - echo "SSH key cannot be empty. Please enter your SSH public key:" - read SSH_KEY -done - -# Get IP Address -echo "Enter IP Address:" -read IP_ADDRESS -while ! validate_ip "$IP_ADDRESS"; do - echo "Invalid IP Address. Please enter a valid IP (e.g., 192.168.1.100):" - read IP_ADDRESS -done - -# Get Gateway -echo "Enter Gateway IP:" -read GATEWAY -while ! validate_ip "$GATEWAY"; do - echo "Invalid Gateway IP. Please enter a valid IP (e.g., 192.168.1.1):" - read GATEWAY -done - -# Confirm settings -echo -e "\nPlease confirm these settings:" -echo "Container ID: $CTID" -echo "IP Address: $IP_ADDRESS" -echo "Gateway: $GATEWAY" -echo "SSH Key: $SSH_KEY" -echo -e "\nProceed with these settings? (y/n)" -read CONFIRM - -if [ "$CONFIRM" != "y" ]; then - echo "Configuration cancelled" +# Main execution +if ! pct status "$CTID" >/dev/null 2>&1; then + echo "Error: Container $CTID does not exist" exit 1 fi -# Generate configuration -CONFIG_CONTENT=$(generate_nixos_config "$SSH_KEY" "$IP_ADDRESS" "$GATEWAY") +CONFIG_CONTENT=$(generate_nixos_config) -# Wait for container to be ready pct start ${CTID} sleep 10 -# Execute all commands in a single session pct enter ${CTID} << EOF /run/current-system/sw/bin/bash << 'INNEREOF' +export PATH=/run/current-system/sw/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin:\$PATH +source /etc/profile mkdir -p /etc/nixos cat > /etc/nixos/configuration.nix << 'CONFIGEOF' ${CONFIG_CONTENT}