it-team/lmn-client
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'fvs' into fvs-wlanstick-feature

Browse source
This commit is contained in:
Raphael Dannecker 2024-02-06 08:09:23 +01:00
commit 94f19984e1
37 changed files with 1086 additions and 928 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

232
inventory.yml
View file

@ -1,116 +1,118 @@
$ANSIBLE_VAULT;1.1;AES256
63303732343036386466356537363861643266383035383662643235626563393563376361643465
6136616332373563366361376365316530393833303030300a383934353139653738646332343162
30383237613330366635653362316631356464333431313237356138383539653866613931373531
6132353838653830640a386665323538393166633035613132336363373537376163643534376362
63646561623062363636303863343536336363373865366138343238393435633461313163343035
65663264316130326336323161333166323462643835373363323331666332303133636635386666
31663361656533646233343936663332363233353836616463303661373035633534626337316430
65376333316463663932373631353561363839353161303235626634356230366334326235626430
65383737653538343638636165646639323535393834636232613833346365663634383336353632
34346361393131643863636563376134316163343031353666663034613362363235393266656163
33376439326236303866383763303532323335303263316332653039333131643232383562613437
30313838376337376561656338616566356632316236663734363937346561383761663635646237
36323234306465306430313839396238313739333262653966323666663961616239636135396639
31646130386363323930373030616439353265303261616333653730346532613562333464363265
34326237343930316435313561643033663332303566663836333063373164313734383230663865
63613934353761336238346135336233383237336130343831336439616665616436613630646136
36353338633062366439336261333538393032623335663664373933633965353032333136656138
64366366303432383733623239613532336666343864656132633063306166663839663638356539
37636532383935376565623161643431633638393064653562653963393561626230616663363362
30636335626633363732633431303436306633666533653937636166643566383033343238303235
38373966386430666235356665623030656566316464633531323833356435383262323638313833
66633930393435313663653239303439333035373132303633326263383264616631653133343032
34656236373962356131376562356261663066393162373039346232393364613964313865336565
36303463373633643134663939306432393632663831346138653639616232353437343866623434
62653139656361613137343938383838306437333230313564326663373636366433653438623166
61323532656262663532313663316433323838383834613433656432356533643131653933336537
63373361636539623832316236366664653262396365346365356561346362343866336432363366
32333037623735656535343538393364643033386137306563306137616433343239373764666364
39303237656666313937393635303932623738393239313662333537376134336532353963633636
61363164336536326633326564343433666430393537383639616630656433363262646366393537
61343533383963373533636135643138613136393031363032353332313862353863626634633739
37393232343462386230303034313639623134373465633066613331386338646161663435643633
63373130653839623231633336643461663130613661353133363338363335376538616639623134
38623731393164313133333433303862646434326137396466343162393333396161313937373662
32306536363139363330386465306237393434373937633634656331666433373433303662646364
37643731656436306463356236616337386461386463356539663362373130383434663932363735
62393935303963613061393534363366366134633064346261656437353833383662363364363061
37323437363065636665356234353535663766636338363236616237323264663162393134653364
33393462643033343431356463653338393830333737643538616664656131346638623639306565
30386436643863306237326532393637313161313061303136343362353135333036636638373763
32386437326435623438326635646263656464343231653535633364386463343539393838383364
61623733383534366335366339343664653066373031616639613131313266623536323530646261
33356432633633393564613336396131633238313831313162396539393530373366333462333437
30636436656531633162323630336630343434373635313563303131356534363036393162336431
36636162376239303866663236616630646439393732393930663237636231306134666361326333
33306161396534386164343262316337653562396234656139663564353064313062383338306531
35653631616133366564666330663264353166306630353732386633663061366430366266303465
37376163613330333635366661333665616430316362333936623030616537623230303137353831
39653566316462623131663735363631303566373863313430666266346239306532393530303438
39366261613038396338333861386565626139393066336134613165366132346362316232333764
34326238646233363035616461356336356534323538333137306236303933393930336336343038
34616236623635323765343536316262333837663831646637363233643133653630303139666337
62656432373163643537616138373739356164616463626438343164303934323266393636623963
34326465326532323135663837376265653964346661323937336163373337353830316461636339
66363139393938336539623261633035386231346563386366663162343334376639363332393636
32616136663234636632336363343765396161613439363038383838623566326432666362383762
36363366653462653265306664323435643561313338396231343661383435623331636632313862
36366462326238383433653233613931353033313262646339646331353236636137366632303432
36326433343131326130333062346139343263636132323338326163376531613633633130313339
66396231393965666535343834656139626265326535393135636335326365323136303336396361
66303930626233346663383066316636663639643233353136306537336134646433383433346661
33646638346133646162306562323365623861386534663332363739623462643439313634366230
30616265613433393162613834326634373331326636323766366432383861396135663135373135
33366166396365663962376538316331663161303862343961323335613033383137336261393037
37343761333234376466343534653030393936613064366563656633333565396431303039663062
66373138383736663036396531386330373137303361636264363963393138386232316364623766
36323362383439656234343462653239623030343466396339396335346639313565323261333232
66303139616238356465346530366639306639386336343939353663376132376365643361383936
65363761616661373834336438343364323166386162626234613431383737336133663235336434
66663032333530616633383837623837626665376230363037313438636632666261653666663431
32643232383932323566356530663665613934323564663938336238653465663535393461373765
62656661656234323637613961316536653064633661396363636564643836363636663361653062
64336630346661303633313938653038306633343937656135343461323432316230653531353138
66373838343232656432623064396533373033393630666161623331396566646539666233663961
65626135333562376264376665326663336134363431653237383034636431393463353038366364
30366666396363363664356635653934353163616233353538393434616634643230383162663532
37333632376631643333323664613436613230616137616532616634326435666238363562633661
34616239393133303533353264376463666436373563333864386634343838626536386638366437
37616261303761373831313264393234626130653232616432373536393335366638656334643265
64376633623339343135313131383837356232323437313364616438666632666438623237303534
31356635383233356164393762653361646131363337313031303333343964626663323636656564
34316164346235373162646234393462643136633430353731386564326137396634333663656532
36353063646663353464336438353362326236313063386564386639323036633038333232663233
61613366343335353362323735663162333164646661613032643834373237393230356235386537
35393737643337646237653063376565326164663965346434306538373434656330363738633935
39656164623939393434316235373333333865363536346532363834646438616566663662626165
33623739326336316630323032663437366462653566353136383161613834353135303332363735
30303761613632663662376236653931626131333834346137393166333933643332613732633464
30333431646664616138336566383662636535333233666161616462616261373934353762663834
36333564613361353938336436333830656233386432373366643632323238386538646337616262
39636533333135363337643333336135663537313539303062626266633437343163363436313236
32323533386161666136316662373465613261386163626637626138636539633139623830316333
33636164346634323330663461636131396166326564636563656535386562346530313435663436
39653663333764373961303932623266326463643335393336356333356661623666353533373066
36356365366261383130643733363131333130376238663137303261353334313136616332646662
30666430386264623438663330333337316234633863333264613730656434623437613738303465
66313162393339383632323937363634663066313235653631663032653531613362323937333066
32383233313135333637393562633266326261366162623362376366633863383537626133303762
35373038393331383663643966353066303663396234653261323836666234393138376563373661
31366636643562643939633661643061623664363131626666393861623164613365333036636161
36353832326438303565306166393939313132356262663563386161366132336335323235363831
38643039366561623364396537376138386233326433333537636265633865356632613137613233
39373632313832636235396637366263386531626165643764386138663632396366353433343163
32323564393034363561656633666265666661613263653838353833643364346434336562396566
66643936396163343430636130643963323666333936623932666661613531363436313333616131
39613430666438393264303634383633376630653439386135363664343366633062616438626632
37656535643838316338323062393335613034653439393064653139373262636363613335633139
37646631316536373032346433346663393566663562323432313263616331613738616236393335
64366636626463303265346265316530356663636538653036633133333361666334643934333763
39613766383332316162363636393063396236323034373239356138646561303334646661323139
35666562383439353965636132613264336235313235393161323236346539396436333665633237
34323762323664646233343934653731386563346239653935613036346139343562653136393532
61373135393932306462633762306261313130306163616361646364653036623761386163663365
37353866653431613838386566306236376663663763626466393436386137323834633436636262
313934393539626666323236353432346437
37356432653036643435373435613837356666343833373265643161646437393763366439383562
6135653064333338366562386134666331653462643932390a653065353834363738663563373237
63613862393833633835316337303336356136613537623032356236633736363661373433333632
3562633235343730340a353735356265396435366639623632396139613735316136346436653963
33393237313737313234666462326635626639323333393835656530633830376339623336353166
33616437383061376162363261633365333032666336363736663934316134383738346433346332
66386662306162356537313136636663656532363832636538656365316262393135336365343063
63363436636161386133383666613063316161666631383864326538376637303239643636643035
32356563383762663532356135366363396661366237366534323963333736616436653331393638
31663136393165323434393163323237656162333065336365646133326464623166343963376633
36393365353037346463626237336433353036383631393734353831303430306463656634313631
64313830613139356665323538663136353366393366353062386165636162626536626139663265
34313839633138333762366636653935373730613031393237393231393534383231333366616432
61656438323134363837646534303736386665393038653833646666353831323064613734386534
64306264643331356537663965623766623436373462333264613835656564356461363761303836
36636463356331363161613332313163313966313061313638313736396564353661313262663065
30323265363230623939353461383233366364366464633065633531316365303462383934386264
33373631333731323864633830653838633964323563336165326461653166343832316331396536
62656532323539313965383238343166636339393564366365316666393362633435656438313161
65353135393038666333333334653036643161333365306130666134343934623036633736613732
61653133353561636662616666336135633864373133623163383034623731396239663566353339
37333566653363656535386363356566656132343834653764353331343837323538623530303537
63666464313362646635616661616463313464343834353564393430383936643032646361336533
63333136646564663335373166373936613761323762366535326563626639396133646361363465
34313465653838316561663366633034613632306666336265363935643863383135323063613931
39383064363036633039633265643165653833353063353064373435613361336338643861333738
33333335613063323434313437346564356632333931356566353937363435303830333235386134
65363237313730666330303437333864363232333532646334646164643363323032653265646235
37613130313361306535623836633533386135326266626165663231666434373732663636393630
33653139666238346266323065616663653538656332333632663262393534386134663130353565
30383336353338306539646135393930353835343662633130363834323733666337653266373137
64663633646232636562333066613532383133343061323532346363383838346639663634326139
63373435393337333563303664613333366130326430316164646634653530656666353438343437
63656134666265613237363139626565323534663838393664353331643834313835343261343962
63316633323535633766323632393835336538316335353837376631316261333163383337623539
35356363303338343139643335313865303963643135366430336232626133333735366566323861
66626663343734323363386466303738633538363230613930613132646662303938643764373265
63326437373965383834343934643064363733613363623965356432376662623261333739636264
65376337336564353737333336306434333635346130386430613161303036643137643266366237
34663430303735356362303130376233636461383065306230663335363038356130613262396364
34623938353739343262373465393331663630303163636636323565653539663539303365346461
66373861626532663732373730616265343337353933393238633934356264323635323538336238
30333333653332313731313162346432633564303237616331666436353566646332613937616230
31343461376630653931613337663633613137363836353132316666336532633932376136613862
64383230666665366366636139653966326533343864316161666435353161373235396266613666
31646665323066366432656663323165613137666531343539356239393737333762393362323863
38353837373138396531383238643536323261643535623765373636653766333435613939333062
37316463633961646331303261653936643761386538626164316133326538366462646461326335
65343562383535323464653535356232343435373833643532376662643061323632643434363131
64643961333631343038636164623634383466373236656565313434636164363134636235616133
61663866346239353362396164656363336530643231393238643039306432633139653463616438
65336461386539343462323664383534396635323663656636313032663561346232386536653031
32333531646561643563643237383962626432303165393765396436393931626133303732353538
35396534623339373636313564343637623631333661393230656334666262363334653061616632
61616432363763383864333466313338616536376338343131303261663535626433343337343631
37643964303163616564323733393566373238633963643936303861636336346338363637656131
36323762333037356463346262643332333831623865306362643438313061663533333935396439
66313632633963373532633537336264306661653463656363666434363364633638666330333938
38386566343464363662633432653363306536323132303362356161636335393637303262343531
38383938393234653066663737333434316663326433333965326562363737663834313430653565
36646363386361393738643930366466633232396431636263303637346330663066376133393465
38616532623361376261323134343662623834323338643963663236303136303061653265626465
37346565373162306466356135333037353762656533386435643132383932373831303966643961
65396436623735303736653564353535343333366334313737303337376564313136633438646634
37353665636333383336623365663030333735353932623531653638646231396162613537316264
35663338663564363461363738623538616338343138356337656466373138316239633133666139
65353331346661663264386363333263303636313364303464363361316436303362633839393337
66356165326165333838336162326431616462633362343062376431646665396665613839356433
32633531353030663031623135316530616231643230643130373463636139633562653430393062
62386662613564363531346331316437353364376662366233383561616263366262666633373265
62376666623134613935356535343437653336623665366361376238366534623839643333626538
34373839343936373039343861653962363237353566383038623734653566313966626436336338
35393562626165313237333533353332343764323430393266656633636461353138336366303431
34646238323166616134333431653164666438333136383435346533343530316339653164396432
38663131303630316637633131323136393763393161656330623063373532623439386165326633
37323462663430336564333333306435616439353739616132356661373461336239313032343762
37646366383263623936393465303064653336316537616235336137343163666332666363386463
36303661336162316630383961323363336335356161366236333761666330613931336363653831
33323534336262303034313533663562313732306433633666386131336233623561666431343235
64366161366532376536303036633133653266616432376239313064363230656334393562643761
30343564303261363966303065626230326439613062623138323438653366333733626664353030
66376362643233396236366564613330303835393537653464333466653031666536333938623730
30393262656531663630346438653066316631366362366165353331303263373235373332646663
39666161383830373334623561323438313635313837656630366237643339356266393032626264
35656265303036316662316338636236356339633362393965323439633361646436316334363761
32363133616161303731663430366233323234383139393763363137626330633238656638393737
36613161333031643134376162646135306134643731343165326165636332616431346364346436
39353335356361396461326230643965653362656439336133353131376536383536613731363363
31303833333962333433393565386237383561313337353336363939343739343334643030343162
33616532666661653536383361623732646333663962363934383534653963663034303065363265
39666666353638323832353730393137356465626639636437666663656366646664363931353538
31333731373838613463346462643932343333376535323839373831363732363437633338373534
62656236653735626261316161646531346334373138623761306562653330393834353163303038
30336632306630356239663365303131363234373333666132303236323333333461623939393935
30633861336530643638643238356435346636656161306635323561663636343663623833633361
38393433376334623537633130383965623531646634306233356234346661343434376132666239
32393630653935376164613662666661353235323135636137363661336333383331356339393061
35383430383935383939353936613335333461346536636333353031616661393833346561363031
62656262316662653135316632363766653535353230323633383565663038303165653134373563
38656462353261316366663831303766633535643263653164623265393035383965323064376163
31643230633861343836643438316239366336656232613664646466646433636163616262646166
61376531386637313831326261623038393038333130323338653134623037323238373230623539
62663631646333306130656563643931383336366565623563303163653863666166306338623136
37643865383632616562306666616263316161653439623537313937383361326232653733343639
61626265343233336462636131316332343263383365383463363565633630313832663832363936
66396139663433383461646238313431326165356538316436383066323336333033363633316363
63663437373538353262336666363038643265376462396563666363633633633461643938613338
35626663353661613663393232663030356237373934333731393134333538326463636364306238
37623462623833623238646238346131383436663366363437663135306134626538316139323261
63343636386536646134663464373035356264306363646666653339626661636131386137323438
38623031366565353431663061663262336231333732333631316233316238643938633131633863
31336265613662303730633862383564396262633936666262333832316130613637383464363766
37343833633162313730633235343736646466653230356339626636626330633366376535316136
37316465333436333738623139333564373637303831626539666537313632333664663765636337
62363330653432363433396239653033623532623665356663363861656438623632306534666135
64323737646564346161333639346334323235626232623764626436336362653363663736656637
6535

32
lmn-client.yml
View file

@ -57,6 +57,7 @@
## Local mirror for libdvdcss. Remove or leave empty to use no mirror:
mirror_dvdcss: "{{ vault_mirror_dvdcss }}" ## http://livebox.example.org/libdvdcss/
uploadseed_pwd: "{{ vault_uploadseed_pwd }}"
rsyncsecret: "{{ vault_rsyncsecret }}"
keys2deploy: "{{ vault_keys2deploy }}" ## ['ssh-ed25519 AAAAC…uYlnS0', 'ssh-ed25519 AAAA…KTM']
localuser: "{{ vault_localuser }}" ## needed here for the (universal) pam-mount configuration
@ -74,7 +75,8 @@
roles:
- lmn_network
- up2date_debian
- role: up2date_debian
tags: upgrade
- lmn_sssd
- lmn_mount
- lmn_kde
@ -85,9 +87,10 @@
- lmn_security
tasks:
- name: Timestamp successfull ansible run
- name: Timestamp successfull run
ansible.builtin.shell: date --iso-8601=seconds >> /root/.ansible/stamps
changed_when: False
tags: upgrade
## Temporary fixes and quirks:
- name: Fix 8086:4909 external graphics card
@ -196,6 +199,16 @@
enabled: false
when: rmlpr.stat.exists
- name: check if vmimage-torrent.service is installed
stat: path=/etc/systemd/system/vmimage-torrent.service
register: vmimagetorrent
- name: disable vmimage-torrent.service
systemd:
name: vmimage-torrent.service
enabled: false
when: vmimagetorrent.stat.exists
- name: Remove deprecated files and directories
file:
path: "{{ item }}"
@ -208,6 +221,21 @@
- /etc/sudoers.d/90-lmn-sudotools
- /etc/systemd/system/rmlpr.service
- /etc/systemd/system/rmlpr.timer
- /usr/local/bin/sync-vm.sh
- /usr/local/bin/run-vm.sh
- /usr/local/bin/rebase-vm.sh
- /usr/local/bin/create-vm.sh
- /usr/local/bin/upload-vm.sh
- /usr/local/bin/vmimage-torrent
- /etc/systemd/system/vmimage-torrent.service
- /usr/local/bin/linbo-torrenthelper.sh
- /usr/local/bin/link-images.sh
- /usr/local/bin/start-virtiofsd.sh
- /etc/sudoers.d/90-lmn-upload-vm
- /etc/sudoers.d/90-lmn-sync-vm
- /etc/sudoers.d/90-lmn-startvirtiofsd
- /etc/sudoers.d/90-lmn-link-images
- /etc/rsync.secret
## bookworm fixes/hacks:
- name: Work around sddm hang on shutdown

220
lmn-vault
View file

@ -1,110 +1,112 @@
$ANSIBLE_VAULT;1.1;AES256
37663931383332613032386465663865336137383262383139636136653636623834343537316539
3930303237653661363630656261323537663931646161370a626232346237383930396362646564
34336337383932663166336166363933316238336632323364623161643136636438336637616530
3064373439646363620a326433316565333630643238373062343037653038316263383233346533
34396639656533656664323665653231633537366362616265343436626466393836363439636633
32656532373038396638393861313832386466643735393737626138373032353362613039336530
31306131616263333861346434636162303632356536656134346263623863306162643063353039
32623930356561356333326334613666393639633436363539326436333530326337626538396562
34353230306637623265623465313064623536343730396661306331313365343731366332613037
33303534643231653439653962636237333962656631636634353730313535616637343666626364
63633736393832663932636230356665626538313133333331323334336333353238623561313939
66653138666335633330386263623937326164346663616131363833383536306162323737313736
31343162633534366438306538376238333062646266666136376265383236363162313061326531
62333531353630613639353166323035393038666263623931653631646263323062326434386361
63646538656134616435663531393132663638383165643037303461643939373839626665663265
61303961306238343635383231646362626639623232623333366338356361343737656665613431
34363161626266346438303235363032646235303933383634303034343536626332623761306361
39616239383161303334313936393632633866623031373265386661353330396432396364373330
36386264633866316337393765333039373361653338663462663939323839373732393736393361
32333034663966323665303532313039333438663466366435653136623166366263636434303966
61303934633939373463373664376230363831383630633639663031303237356166663931386635
30303461663236326536383439396139316232323162343965353034656464616431643439633837
30346231643561636263343738613239396361383238636261646262373137383461373432343635
33386631653139316436313532646630626230613335633538306666386163653439613462343662
30626130326463393336643039396433643266393266646238353566306633643561386430613161
30363263616231353661303030356638323438373466633466323833393463663562343933326631
34313162383433356662346166383761636438636466633462396230383133613038323666643233
63383138616637363830613661313236336564636162383262373064336365303435313463323564
39313539656136613564393239343032373038393266656366643639303662646534306665396237
35393264626430373662376231323165316333353263306637313962663736353633636661663961
37336134643031323361333538613933666634666363313535636631323366613066633037653939
32643165393631353534623435613732653364303833356436356263356438363961303665626364
66363463633665393737616265613439326361353134623537626437303566343962626364623134
34343165626230383039316134343238653933386134303936346162613261386539353064303330
36353135323235663165353662643735636361646239333238306163393235663461613938643163
34373464376163623961646262363437303563386333633764346366343066313065386530633334
38306138616436653732316638373335353437363162373830623864633139313130386464666233
31366165373539343766643135363136346430623335333061656664656338386661353366613865
31323036633662636364343664626165346561323664366263383762343036373338346236353738
31666361613036663861343937613364323130356565353161373431303732396337343134373538
34326666346132656234623365643137343864363138666139333032393636333537626336313365
65343136356261323637303833633132343334303366633063363437316331383434313164616332
35636430643666626631353164646361303034366461343331376363323535303265353435323764
63393935353731633364326365316238313031623662323235316237356663303236633838336365
30323862656562643134363362323335396336666532336338346561623163653861316165633731
61383736353137643339353638373035373136353161643737353839663833646230633230333962
33363030333139613338396635396332613738363837356566646661336638613838303764616334
32653234656265313566316463363235373337623634393764663066613530306166613238653164
33636339336135666661303338376439636334326634373538326233653566346663376166346239
33376130633439663130313637653865626464363531663035643466343932323439333638303663
37346234316233373663303230353631646437616534396639396139616262383238323938666533
38613061613632333637303731323564343664386365646562363766323734613332323462303266
38626133643638376663343337393836663265633763326136336436346130316533373131366534
32386465353938383266343930386362636265363761303431333730373261306564333137326562
37643362316161643436633066343537336561623033326165623837633464663163326630346531
38653233336639353938323932383761386230383639666265346536653035313530363665653562
39333834313736316430666534353134373561343337323330376331323532643137663938306463
30313162383230333138316339663432633962303161323065613039356464626166643430373465
38343536343261346232636464316332336664643638653665333535366362303461633665666237
31333937373762363166663936623034313934353137636266663665623066373239363164633731
66303066336134343566313030613866313332626338363634336639636239613032343166366331
64626130613163626230343366643063333766313530383734626161336565633635643639633361
39663931656632333539383430393465636634663734656662393831316639316138663636373761
34346363343966626235326338333264313266343334303533393932633032616661643236303537
32653239393133373331623538313365636538326262373865373533646332663862373530363130
32663938663266643461356237333139373133613833653333616464663635663131643336363534
31313131376163633331326434303961353032633862366137326439363838383064323462643964
30623433326361666136326237653866386534626133363334373838643635613436333035313364
64393030323230393336373566393966326637363932336133333762626437373163626231336562
64316538306366343732333031373765303339373436313535636231623739653932363064646461
35323735393032333433633462313938626666303466356336323031343533346466383631653839
32306139393039333336633639363034343566646164646334663561373563393434326233353863
32336437623662396430623261633338623130386631616333373732383239386139326138643761
33393031396563323566326262363037663439333233373435343039633664643064386665383931
34653133373334346265656361333036636163386462316636643637313631323965623139313864
37346161386539636438636533623563646535373731653336313130343365633365663533316233
33343938333435333865653863363266326334383961396537373561366130316632376135393836
63363033616164326364613537343037343632383638656237613633633139626363666163646537
64393665373036396536376466633666653038613166353138636462633934306336396164323831
32613434623539666439653131393365643738383032303930386135336664636239313031356330
34643661643762313739386661326238343036633936376439643535383766323731353464616336
63316438303937333232666339393635653265653066626335393839313131316164383131626637
64313831306637313135633661333632376235656563323836656335303931663731303366326161
63386137393835303339643933333130646532393262613635366139326434333731633630393433
31646231616339363839623833326665333936316538343339663863356362356435666162633534
39313833363962666139326535636133663332316431323835383035616161363032383766366363
33653730616164313139623163356234633538356232386332656631643833663239663038643336
35396563653433376661303961663563663333313132326263366137373263623566626634636332
63393536303963626364653862333664616236386461323865363333663936363235653064383864
61363464313434643938366230613139353034333330383435336364623136626565663764633230
39383064323135336132356663366435333164313435363636353230386365316631393636613262
37373666303836653664363266303534633037616630656633333466643631313865646462363931
66353934393637623634326632326334616266393636343662396663373236326333663932333235
36616439333265396266616364333239306166646335383462353235323661353837616534333433
32623637326434613738326538323661356566373833393836343036373361393539363462393265
33316237333532663266306139323464656530363539316364666638386338633137363533313065
38626538323064656561613431613039323937333738353338323331656362306538613463393661
36306237646264383338666563656239353439303265623763353839363032326261636238353235
30353666373633396136336361363164353835646432643938316533613262373462626435646335
62646134663362366266663565633934616166353363663039653464353330366130623930623237
61353162376264646132393831376433303433663339336439623430346664353761363061363436
32616539333066356563646363333133626262366566616133623635323335363936336362333062
38303239353434306230663465623736313035376165623838346338383238383666313133333366
62396633386133613538303565663332333730346638656161356637623931333062313462393562
31336135326533653961393661656162653561653139333161643139363962373138383661303838
34396461616538396331306331666434396537663534616465376565313837373232366235313830
66393961346139393763333933326537383161373564656131323837376233393565333937616566
39643961323236316661353331346164363137323536626665643864393137353964313465323930
3334
65646637366132333430346461646331313431363233363736306264633633396665626332623934
6439363764316132383635626137313764633162636362340a613832323934646431663632396361
36323539663238363738393131363034333561343233383238396234613434633334323235626637
6266326166333334650a353637383131313136613635333237616361353732663734613833306538
35643831653332346634616139363032656433623032383832363837653231306465353766343961
65313134303434333635306634633731313462396535383662616134653762343732366431373032
65346564663335633936636662626162636134636339343463376166666333346133616136626665
66373064303562323564363864366363663336383862336632373436666330373465636135623762
36656632346664326463646666313663343662363865343166376363313866663536623234383561
61616637653630316230626337653135396134323636303538346435663639643662646133383363
39393234333934656166366633356663326162396431383362306339623534646162613339383836
39666464666163633033653434306365393933383232653364363062356133356239626538633338
32303030626538373637323533303964643838383331366365326465666530623965613731663261
33626563386262353531353635356430333633633665393230613561633836653636636639313663
37373736346234313134313232376164633332386563383863343266626231373237643063663533
39343939393331653665633335653264376531383364376565646239616231343531336134626531
38396630363865376161313835376261646637383438323537626433323232353632386439393933
32306238643436653666333561643764633831343962643165356232663932633763396437383634
35313763323633643439376333643836613637613339343731636633313064386231613135623832
32643934376233663865326534313735633535316635393932646263313135373633636333333737
33386365363830336139323763303734383966616165356462333734333666343830356234616662
30616434623237653138623538643331373432663137323333376632343065316431313734333965
64333237396236666664613466623039626634343238363136363438663730626132646562646536
61653562666636613164373464663931356565623862306332653230396230326636363638393862
62663765373436303831613435383866323138316633336532336632383065343537326332653235
30383764396361396565323035346531396365623130636538396238613037353438346365363331
64383636376566306136653033613638323865653266383136373231353063303434636332363166
37373462353530326663386139333536616138386431373763383838336365336634366339636637
32356263653964343461393162396539303534343562653032643461626235373339666363646637
37633934393036356331363563303330316234393535376338646235663235383966396634383166
37656633373562643530663037333735396638363963323837653831396233653962356536616236
37323139306131323561303061633136303234316335363361633766623530303762663465353163
33313733386265346333663065366536616533326364613231313330373137616130373539313131
37316637653934653035373965636633626262626561313338646261313530356163356364663834
64663037666133626261386266666633336666323362373237626639373535333937336331353039
30313833353766626332376432326531616464643364313232386633613361623234653536313830
61626666333037393564303738646333643534623138366264353339326331386433343733623837
63646431646533383331356334656466316465623735613537646536623364636632323566626233
31663263623539343562383836366134366236346539386532373735633237373363636438366632
39613330336365626137363765313930623262666263393835626532333262343265313761356333
34623663633636373734326662363865396635613933393464356436393161303132663564366437
35323166643762333862656561306239343034643562316534316236636362363162306131633961
31653736613732643930666338333131373634333166633466656663636163396266306538626666
65326163646137373236633363663063383162393435356163366665653033666161333037303035
35396334663135373863646664613137666565356161353865316164633939323037323664346331
63313230333565336232663166616465363038326663633066623531363338623430313332333138
34363532643036343831353463356665646363363239643835396661356665393035303561653337
62663335636533366334643636653366303231353630633166343832313133303663393836623036
33616563636266356130356635663538343236356632376461626532626436616334386330356430
62323864323534333032643737656164343633636365623664336236626239633138626230383536
39306534383933326638666130383139316334373530373335633238316238353038643136366533
38396661626661373964363630633963373732343161663065386539306637313633303534663466
66396361373163313865373131636239613930333963663462306636626431363934343136616330
30643763343838316338643463323833666639616437336361303363393361356431356266353233
63366366336231386530313961356538613136366530343338353063343332333165323763613566
34653133633532613332376634616234383237666261363038613437646366356332636530623534
30613735663666636232623230633161663064666436333161633334356336383038386535336133
39663963333031383961643232636539313137346132336462336165313862653366303135353730
63303834313462646633333232646661623731613439633434663266303834376635346438356438
39303066663633656234633131366330356363636535373034613037363837326562306562663538
61316666643230626662663266373330643865393938313232306130376333306536393930363037
66636562396339633763656431653036646361313632313932636231626333303337366266623238
39616336656537363439373231643132363264306135346437386465326265666137353032336261
61323234643662653233353737346661373630376630343635383834313038373162643135343434
37613634333330326132623437623834363539343037643764303631613463343863643065643063
33326537376130346365323361343266663331343038663037623438666362656236613065366235
65363130356133353739623733376531636438643535633731646431653837343531313531373436
31356139393363646262623664663261613931636330663436336466633038643763336337336330
33393433346332623538653262303462636363363338346538376463373838363036343634363131
31636332343931643436393464656165616631373339336537623130343630346164383830313165
36316364653739646330663762356332393262653931613933643963626433633532353766663632
65616262666433383763363636303131373064636261616661613139373766336639376336393962
65336332303164353763636332323031363363653262386331313038646564393131303366653834
33303464303566656363343464336164363264626436306465633261386464663764636431353037
31363034323331333235346137653139323835326135653337323339346239383038363861313638
31363136353037396634326239306665303230616131363965653439656361356538623135613238
66366639333331306337323562343934313532323633613034353863623839636135393465383832
34323031326262306161613439323836646538363136336537313266343662383935373762666138
64336132356662366436326664653234303034623066313736353439396334653630643136336431
31386330326636303334313535363564383964623538656666376136366365633538386139333862
65336662653965343035306534393962616438636366646664383231316365366435663763643663
64383034336565663561626262636263616336303066396164633464313830363338303932356638
32373162313330303935316137366435373532346363386461303933643237383830623335626639
33383335653436353831303163656530613962303439383563376534663738383035346433303834
31663863343864656463643433383938393464613865356134346261663333616537663066333965
32366466373165633936323232333237383638313434366437376237653837363532393564323035
64623234376538666237653938346634346532656135333165353864383739353737643965636539
63626134376330346538656539333362633765363735656161323635323164323038633139653663
64616466353137623937333237633163646266326437663833393437336662356465336566353832
30653063666261613534393439663664326336353338393439336137386662316137666236636337
32326336396430633136333064383164373033366230333832333564616364663931653233333233
62353264343865663865323461643032633465336564646161303039356266303738306435353131
30376431616631613463313666383664343962306265613361376365353361303162653834623631
33643762306232636134666366373637353234353265303437306261383861333235383530383638
62353338323535333438376335636339386161326564623037323861343134396637366362646335
66633865386339666265396438353362333463376361306666313331353063313331636539343835
66326661386532343865653365356531663365663865666439653039643333363363653838616436
38333037353333373866316333613538373263386334626665363239353162376335373238613737
31616465326138663934356530353263653133636232396134316163343131316664633964643437
37353937653665326638663631383733646563336162643361643366633564663439396639373966
66356163343731353430626537326466393538363939313134343464643666323037356639323538
35626137303439316233313664326535396234326432396132646361663936636362626232383530
37366334333035656638383161663732393864333562373761303031353262303666626436373065
66396233393864373463363065373461353538626135663937656330326632663863353438643838
63663438356663313039616135393833623838366530353735333161663739366431393139623737
63306464353039323065623765363665663266393934653962303761383362646364373239313062
38353737663434646138303562303835373439653137656234653333313234366436623963386636
66313837393636373537663030393331613633306531306339306261636366343362333736363465
32316662666664636437393736383130663235373266393263623131643339323266633633336334
30643737396364303462363262653332346637643466323339633435323436366430626339393537
633439343732646238343833663731646631

2
roles/lmn_fvs/tasks/main.yml
View file

@ -53,9 +53,11 @@
- shellcheck
- sigrok
- sigrok-cli
- texlive-latex-recommended
- tmux
- tree
- ttf-mscorefonts-installer
- twinkle
- unison-gtk
- w3m
- wireshark

9
roles/lmn_network/tasks/main.yml
View file

@ -19,3 +19,12 @@
path: /etc/systemd/timesyncd.conf
insertafter: '^#NTP='
line: NTP={{ ntp_serv }}
- name: Add proposed-updates repository
apt_repository:
repo: >
deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
main non-free-firmware
state: present
update_cache: true
when: proposed_updates | default(False)

6
roles/lmn_sssd/tasks/main.yml
View file

@ -1,5 +1,5 @@
---
- name: install needed packages
- name: Install needed packages
apt:
name:
- sssd-ad
@ -7,7 +7,7 @@
- adcli
state: latest
- name: provide identities from directory
- name: Provide user identities from AD
template:
src: sssd.conf.j2
dest: /etc/sssd/sssd.conf
@ -15,7 +15,7 @@
notify: restart sssd
## Either one of the variables is defined:
- name: join the domain
- name: Join the domain
shell:
cmd: >
echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |

48
roles/lmn_vm/files/create-vm.sh
View file

@ -1,48 +0,0 @@
#!/usr/bin/bash
# create 1st level-Clones
set -eu
# if less than two arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM to clone" >&2
echo "Usage: $0 vm_name_orig vm_name_clone" >&2
exit 1
fi
VM_NAME=$1
VM_CLONE=$2
VM_DIR="/tmp/${UID}/vm"
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
sudo /usr/local/bin/link-images.sh
# change to image-directory
cd "${VM_DIR}"
if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "/lmn/vm/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
echo "xml or qcow2 File does not exists." >&2
exit 1
fi
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
# virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
# copy machine-definition-file
if [[ -f "${VM_NAME}.xml" ]]; then
cp "${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
elif [[ -f "/lmn/vm/${VM_NAME}.xml" ]]; then
cp "/lmn/vm/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
else
echo "no machine definition file found" >&2
exit 1
fi
# hardware addresses need to be removed, libvirt will assign
# new addresses automatically
# and actually rename the vm: (this also updates the storage path)
sed -i -E \
-e '/<uuid>.+<\/uuid>/d' \
-e '/.+mac address.+[[:xdigit:]:]{17}.+/d' \
-e "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"

14
roles/lmn_vm/files/desktop-sync Normal file
View file

@ -0,0 +1,14 @@
#!/usr/bin/bash
#
# Synchronize desktop starters
#
set -eu
source /etc/lmn/vm.conf
RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache \
--chown=root:root --chmod=F644,D755 "${DESKTOPSTARTERDIR}" \
/usr/local/share/applications/ | sed '/ \.\//d')
if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
echo "${RSYNC_COMMAND}"
update-desktop-database /usr/local/share/applications
fi

5
roles/lmn_vm/files/images.list
View file

@ -1,5 +0,0 @@
win10.qcow2
win10-SolidWorks.qcow2
win10-Elektro.qcow2
deb11.qcow2
deb11-virtualbox.qcow2

33
roles/lmn_vm/files/linbo-torrent
View file

@ -1,33 +0,0 @@
# default values for linbo-torrenthelper service provided by ctorrent
# thomas@linuxmuster.net
# 20220317
#
# note: you have to invoke 'linbo-torrent restart' after you have changed any values
#
# Exit while seed <SEEDHOURS> hours later (default 72 hours)
SEEDHOURS="100000"
# Max peers count (default 100)
MAXPEERS="100"
# Min peers count (default 1)
MINPEERS="1"
# Download slice/block size, unit KB (default 16, max 128)
SLICESIZE="128"
# Max bandwidth down (unit KB/s, default unlimited)
MAXDOWN=""
# Max bandwidth up (unit KB/s, default unlimited)
MAXUP=""
# Supplemental ctorrent options, separated by space (-v: Verbose output for debugging)
#OPTIONS="-v"
# Timeout in seconds until rsync fallback (client only)
TIMEOUT="300"
# user to run ctorrent (server only)
CTUSER="lmnsynci"

31
roles/lmn_vm/files/linbo-torrenthelper.sh
View file

@ -1,31 +0,0 @@
#!/bin/bash
#
# thomas@linuxmuster.net
# GPL v3
# 20220317
#
# linbo ctorrent helper script, started in a screen session by init script
#
torrent="$1"
[ -s "$torrent" ] || exit 1
# get ctorrent options from file
[ -e /etc/default/linbo-torrent ] && source /etc/default/linbo-torrent
[ -n "$SEEDHOURS" ] && OPTIONS="$OPTIONS -e $SEEDHOURS"
[ -n "$MAXPEERS" ] && OPTIONS="$OPTIONS -M $MAXPEERS"
[ -n "$MINPEERS" ] && OPTIONS="$OPTIONS -m $MINPEERS"
[ -n "$SLICESIZE" ] && OPTIONS="$OPTIONS -z $SLICESIZE"
[ -n "$MAXDOWN" ] && OPTIONS="$OPTIONS -D $MAXDOWN"
[ -n "$MAXUP" ] && OPTIONS="$OPTIONS -U $MAXUP"
OPTIONS="$OPTIONS $torrent"
[ -n "$CTUSER" ] && SUDO="/usr/bin/sudo -u $CTUSER"
while true; do
#$SUDO /usr/bin/ctorrent $OPTIONS || exit 1
nice -n 20 /usr/bin/ctorrent $OPTIONS || exit 1
# hash check only on initial start, add -f parameter
echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
done

19
roles/lmn_vm/files/link-images.sh
View file

@ -1,19 +0,0 @@
#!/usr/bin/bash
# link VM in Use-Dir in /tmp
set -eu
# change to image-directory
cd /lmn/vm
VM_DIR="/tmp/${SUDO_UID}/vm"
# link system-VM-Images to User VM Directory
for i in *.qcow2; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done
# link system-VM-Machine-Definitions to User VM Directory
for i in *.xml; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done

3
roles/lmn_vm/files/lmn-link-images
View file

@ -1,3 +0,0 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh

2
roles/lmn_vm/files/lmn-mounthome
View file

@ -1,3 +1,3 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh

3
roles/lmn_vm/files/lmn-startvirtiofsd
View file

@ -1,3 +0,0 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh

3
roles/lmn_vm/files/lmn-sync-vm
View file

@ -1,3 +0,0 @@
%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh

1
roles/lmn_vm/files/lmn-upload-vm
View file

@ -1 +0,0 @@
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/upload-vm.sh

25
roles/lmn_vm/files/lmn-vm Normal file
View file

@ -0,0 +1,25 @@
# vm-sync: Download and synchronize VM-Images and xml-Files
%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
# vm-aria2: Start/Stop aria2 as systemd-service for VM-Images
lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
# vm-link-images: Link VM-Images to User-tmp-directory
%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
# vm-virtiofsd: Start Virtiofsd as systemd-service
%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
# desktop-sync:
%examusers ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
%role-student ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
# vm-upload:
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-upload

162
roles/lmn_vm/files/run-vm.sh
View file

@ -1,162 +0,0 @@
#!/usr/bin/bash
# create and run clone
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") [-n] vmname"
Create a new clone, start the vm (if not yet running) and run virt-viewer.
Squid-Proxy will be started too.
### remove, old ### User Home will be mounted on /media/USERNAME/home
-n new clone will be created, even if exists
-s qemu:///system instead of default qemu:///session
EOF
}
exit_script() {
echo "run-vm.sh ${VM_NAME} terminated by trap!" >> "/tmp/${UID}/exit-run-vm.log"
virsh --connect="${QEMU}" destroy "${VM_NAME}-clone"
trap - SIGHUP SIGINT SIGTERM # clear the trap
kill -- -$$ # Sends SIGTERM to child/sub processes
}
check_images() {
# sync vm-torrents and machine definition file
sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
BACKINGARRAY=()
imgfile="/lmn/vm/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
BACKINGARRAY+=("${imgfile}")
echo "Imgfile=$imgfile"
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
if [[ ! -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
exit 1
fi
# sync vm-disk image by torrent
echo "Try to sync VM ${VM_NAME} by torrent"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${VM_NAME}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
while [[ ! -z "${backingfile}" ]]; do
echo "Backingfile required: ${backingfile}"
imgfile="/lmn/vm/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
BACKINGARRAY+=("${imgfile}")
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
# sync vm-disk image by torrent
echo "Try to sync backingfile ${backingfile} by torrent"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${backingfile%.qcow2}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
done
echo "VM-Image and required backingfiles available"
echo "Now, let's check the images."
# Check VM-Images in reverse order
for ((i=${#BACKINGARRAY[@]}-1; i>=0; i--))
do
echo "Checking ${BACKINGARRAY[$i]}"
if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
echo "check failed!"
echo "sync ${BACKINGARRAY[$i]} again"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh $(basename "${BACKINGARRAY[$i]}" .qcow2)
fi
done
echo "VM-Image and required backingfiles available and checked"
}
create-clone() {
local VM_NAME="$1"
local VM_DIR="/tmp/${UID}/vm"
local VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
local VM_SYSDIR="/lmn/vm"
if ! [[ -f "$VM_SYSDIR/${VM_NAME}.xml" && -f "$VM_SYSDIR/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
echo "xml or qcow2 File does not exists." >&2
exit 1
fi
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
sudo /usr/local/bin/link-images.sh
# Create backing file
cd "${VM_DIR}"
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
# Create machine-definition-file
cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
# set VM_DIR:
sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
# and actually rename the vm (this also updates part of the storage path):
sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
# set virtiofs-Socket
sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
# find macvtap interface MAC address:
MAC="$(ip link | grep -A1 "vm-macvtap" |
sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
}
QEMU='qemu:///session'
NEWCLONE=0
while getopts ':ns' OPTION; do
case "$OPTION" in
n)
NEWCLONE=1
;;
s)
QEMU='qemu:///system'
;;
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
VM_DIR="/tmp/${UID}/vm"
# check, if we have to start squid
if ! killall -s 0 squid; then
echo "starting squid."
/usr/sbin/squid -f /etc/squid/squid-usermode.conf
fi
# because virsh has problems with long pathnames, using diffent configdir
export XDG_CONFIG_HOME="/tmp/${UID}/.config"
if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
echo "VM not yet running."
check_images
if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
create-clone "${VM_NAME}"
fi
# delete the old vm
virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
# finally, create the new vm
virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
#trap exit_script SIGHUP SIGINT SIGTERM
[[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
virsh --connect="${QEMU}" start "${VM_NAME}-clone"
fi
echo "starting viewer"
trap exit_script SIGHUP SIGINT SIGTERM
virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"

13
roles/lmn_vm/files/sync.desktop Normal file
View file

@ -0,0 +1,13 @@
[Desktop Entry]
Version=1.0
Type=Application
Name=Sync Starters
GenericName=Aktualisiert Info über vorhandene VMs
Comment=Sync VM Image information
#TryExec=konsole
Exec=if sudo /usr/local/bin/desktop-sync; then echo 'sync erfolgreich.\nFenster schließt sich in 3 Sekunden.'; sleep 3; else echo "Fehler - sollte nicht vorkommen."; read; fi
Icon=bittorrent-sync
Categories=fvs;
MimeType=image/vnd.dxf;
Keywords=design;VM;diagrams;graphics
Terminal=true

67
roles/lmn_vm/files/upload-vm.sh
View file

@ -1,67 +0,0 @@
#!/usr/bin/bash
# Push VM-Disk-Image on server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") vmname"
Create torrent and upload disk, torrent and xml-VM-Definiton on server.
EOF
}
VM_DIR="/tmp/${SUDO_UID}/vm"
upload_image() {
# check if VM-Diskimage exists
if [[ ! (-f "/lmn/vm/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
echo "File not found ${VM_NAME}.qcow2" >&2
exit 1
fi
# check if VM-Machine-Definition XML exists
if [[ ! (-f "/lmn/vm/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
echo "File not found ${VM_NAME}.xml" >&2
exit 1
fi
sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2" || echo "VMImage-torrent not running"
# link private VM-Diskimage to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
&& ( -f "/lmn/vm/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/lmn/vm/${VM_NAME}.qcow2") \
|| ! -f "/lmn/vm/${VM_NAME}.qcow2") ]]; then
echo "copy private VM-Diskimage to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/lmn/vm/${VM_NAME}.qcow2"
fi
# copy private VM-Maschine-Definition XML to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
&& ( -f "/lmn/vm/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/${VM_NAME}.xml") \
|| ! -f "/lmn/vm/${VM_NAME}.xml") ]]; then
echo "copy private VM-Maschine-Definition XML to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
cp -a "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/"
fi
cd /lmn/vm
# (re-) create torrent file
sudo -u lmnsynci /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
# create size-information-file
stat -c%s "${VM_NAME}.qcow2" > "${VM_NAME}.qcow2.size"
chown lmnsynci:lmnsynci "${VM_NAME}.qcow2.size"
# Upload Torrent, qcow2 and machine-definition-XML
[[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
"/lmn/vm/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2.size" \
rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2" \
rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.xml" \
rsync://vmuser@server:/vmimages-upload/
}
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
upload_image

93
roles/lmn_vm/files/uploadseed Executable file
View file

@ -0,0 +1,93 @@
#!/usr/bin/python3
import os, sys
import subprocess
import xmlrpc.client as xc
import ssl
import argparse
parser = argparse.ArgumentParser(description='Upload a file to the bittorrent seeder.')
parser.add_argument('--server', required=True,
help="the server address and RPC port like 'IPaddress:port'")
parser.add_argument('--dht-port', required=True,
help='the DHT port the RPC server is listening on')
pwgrp = parser.add_mutually_exclusive_group(required=True)
pwgrp.add_argument('--passwd',
help='the RPC secret. Either this or --pwdfile needs to be ' \
'provided')
pwgrp.add_argument('--pwdfile',
help="file containing the RPC secret in the form " \
"'secret = \"token:SECRET\"'. " \
'Either this or --secret needs to be provided')
certgrp = parser.add_mutually_exclusive_group(required=True)
certgrp.add_argument('--no-cert', action='store_true',
help='do not use SSL certificate')
certgrp.add_argument('--cert', help='the certificate to use for verification')
parser.add_argument('FILE', help='the file to upload')
args = parser.parse_args()
rpcseeder = 'https://' + args.server + '/rpc'
dhtentry = args.server.split(':')[0] + ':' + args.dht_port
file2send = args.FILE
torrent = '/tmp/' + os.path.basename(file2send) + '.torrent'
if args.passwd:
secret = 'token:' + args.passwd
else:
exec(open(args.pwdfile).read())
ssl_ctx = ssl.create_default_context()
if args.no_cert:
ssl_ctx.check_hostname = False
ssl_ctx.verify_mode = ssl.CERT_NONE
print("Certificate verification disabled.")
elif args.cert is not None:
ssl_ctx.load_verify_locations(args.cert)
s = xc.ServerProxy(rpcseeder, context = ssl_ctx)
def make_torrent():
if os.path.isfile(torrent):
print("Torrent file", torrent, "exists already, please (re)move it.")
sys.exit(1)
subprocess.run(["/usr/bin/mktorrent", "-l 24", "-v", "-o", torrent, file2send], check=True)
h = subprocess.check_output(["/usr/bin/aria2c", "-S ", torrent])
for line in h.decode().splitlines():
if "Info Hash" in line:
return line.split(': ')[1]
def check_seeds(bthash):
active_seeds = s.aria2.tellActive(secret)
for seed in active_seeds:
f = seed['bittorrent']['info']['name']
gid = seed['gid']
ihash = seed['infoHash']
if f == os.path.basename(file2send):
print(file2send, "is already seeded with GID:", gid)
print("Info Hash is:", ihash)
if bthash == ihash:
print("The torrent file has not changed, exiting.")
return False
else:
print("The torrent file has changed, replacing torrent.")
s.aria2.remove(secret, gid)
return True
print("="*19, " Uploading new torrent with aria2 now. ", "="*19)
return True
def upload_torrent():
s.aria2.addTorrent(secret, xc.Binary(open(torrent, mode='rb').read()))
subprocess.run(["/usr/bin/aria2c",
"--dht-entry-point=" + dhtentry,
"--check-integrity",
"--dir=" + os.path.dirname(file2send),
torrent])
############################
if __name__ == '__main__':
infoHash = make_torrent()
if check_seeds(infoHash):
upload_torrent()
print("Upload finished.")

33
roles/lmn_vm/files/vm-aria2 Executable file
View file

@ -0,0 +1,33 @@
#!/usr/bin/bash
set -eu
# if less than one arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM " >&2
echo "Usage: $0 [start|stop] vm_name" >&2
exit 1
fi
COMMAND="$1"
VM_NAME="$2"
source /etc/lmn/vm.conf
if [[ "${COMMAND}" = "start" ]]; then
systemd-run --unit=aria2-"${VM_NAME}" \
--slice=system-aria2 \
--uid="$(id -u lmnsynci)" \
--gid="$(id -g lmnsynci)" \
--nice=19 \
--working-directory="${VM_SYSDIR}" \
--collect \
--property=Type=exec \
--property=SuccessExitStatus=1 \
aria2c --bt-hash-check-seed=true --check-integrity=true --seed-ratio=0.0 \
--dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
--dht-file-path=$DHTDAT \
"${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
elif [[ "${COMMAND}" = "stop" ]] && systemctl is-active "aria2-${VM_NAME}.service"; then
systemctl stop "aria2-${VM_NAME}.service"
fi

47
roles/lmn_vm/files/vm-create Executable file
View file

@ -0,0 +1,47 @@
#!/usr/bin/bash
# create 1st level-Clones
set -eu
source /etc/lmn/vm.conf
PERSISTENT=0
while getopts ':p' OPTION; do
case "$OPTION" in
p)
PERSISTENT=1
VM_DIR="${VM_DIR_PERSISTENT}"
;;
esac
done
shift "$((OPTIND -1))"
# if less than two arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM to clone" >&2
echo "Usage: $0 vm_name_orig vm_name_clone" >&2
exit 1
fi
VM_NAME=$1
VM_CLONE=$2
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
if [[ "${PERSISTENT}" -eq 1 ]]; then
sudo /usr/local/bin/vm-link-images -p
else
sudo /usr/local/bin/vm-link-images
fi
# change to image-directory
cd "${VM_DIR}"
if [[ ! -f "${VM_NAME}.qcow2" ]]; then
echo "qcow2 File does not exists." >&2
exit 1
fi
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"

24
roles/lmn_vm/files/vm-link-images Executable file
View file

@ -0,0 +1,24 @@
#!/usr/bin/bash
# link VM in User-Dir in /tmp or /var/vm
set -eu
source /etc/lmn/vm.conf
# change to image-directory
cd "${VM_SYSDIR}"
while getopts ':p' OPTION; do
case "$OPTION" in
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
esac
done
shift "$((OPTIND -1))"
# link system-VM-Images to User VM Directory
for i in *.qcow2; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done

47
roles/lmn_vm/files/vm-netboot
View file

@ -4,18 +4,15 @@
#
set -eu
menu=(standard "CLI Standard Debian GNU/Linux"
kde-desktop "KDE Plasma Desktop Debian GNU/Linux"
gnome-desktop "Gnome Desktop Debian GNU/Linux")
menu=(standard "CLI Standard Debian GNU/Linux NFS"
standard-ram "CLI Standard Debian GNU/Linux RAM"
kde-desktop "KDE Plasma Desktop Debian GNU/Linux NFS"
gnome-desktop "Gnome Desktop Debian GNU/Linux NFS")
img=$(dialog --clear --backtitle "Virtual Machine Chooser" \
--title "Choose the Virtual Machine to Start" \
--menu "Start VM:" 12 60 6 \
"${menu[@]}" 2>&1 >/dev/tty)
--menu "Start VM:" 12 70 6 "${menu[@]}" 2>&1 >/dev/tty)
if [[ -z $img ]] ; then
echo "Starting VM canceled."
exit 1
fi
## If the menu is canceled, $0 stops here because of set -e
mac="$(ip link | grep -A1 "vm-macvtap" | \
sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
@ -29,31 +26,35 @@ else
arg=("$@")
fi
kernel="http://livebox/d-i/n-live/$img/live/vmlinuz"
initrd="http://livebox/d-i/n-live/$img/live/initrd.img"
kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de \
swap=true live-config.timezone=Europe/Berlin netboot=nfs \
"nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
kernel="http://livebox/d-i/n-live/${img%-ram}/live/vmlinuz"
initrd="http://livebox/d-i/n-live/${img%-ram}/live/initrd.img"
kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de
swap=true live-config.timezone=Europe/Berlin)
case "$img" in
standard*)
arg+=(--autoconsole=text)
kargs+=(console=ttyS0)
;;&
*-ram)
kargs+=("fetch=http://10.190.1.2/d-i/n-live/${img%-ram}/live/filesystem.squashfs")
;;
*)
kargs+=(netboot=nfs "nfsroot=10.190.1.2:/srv/nfs/debian-live/${img%-ram}")
;;
esac
type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
## FIXME: use passt, needs more settings for correct DNS/gateway
# type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1
case "$img" in
standard)
arg+=("--autoconsole=text")
kargs+=("console=ttyS0")
;;
*)
;;
esac
http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
exec virt-install \
--name "$img" \
--osinfo debiantesting \
--nodisks --import --noreboot --transient \
--controller type=scsi,model=virtio-scsi \
--install kernel="$kernel",initrd="$initrd",kernel_args="${kargs[*]}" \
--network "type=$type" "${arg[@]}"

21
roles/lmn_vm/files/rebase-vm.sh → roles/lmn_vm/files/vm-rebase
View file

@ -10,11 +10,16 @@ This script takes as input the name of the VM to rebase one level down
EOF
}
while getopts ':n:' OPTION; do
source /etc/lmn/vm.conf
while getopts ':n:p' OPTION; do
case "$OPTION" in
n)
NEWNAME=$OPTARG
;;
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
?)
show_help
exit 1
@ -31,7 +36,6 @@ if [[ $# -ne 1 ]]; then
fi
# change to Images directory
VM_DIR="/tmp/${UID}/vm"
cd "${VM_DIR}"
VM_NAME="$1"
@ -66,20 +70,9 @@ fi
# rebasing disk image
qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
if [[ -v NEWNAME ]]; then
# copy and adapt machine definition file
CURRENTNAME="${CURRENTBASE/.qcow2/}"
if [[ -f "${CURRENTNAME}.xml" ]]; then
cp "${CURRENTNAME}.xml" "${NEWNAME}.xml"
elif [[ -f "/lmn/vm/${CURRENTNAME}.xml" ]]; then
cp "/lmn/vm/${CURRENTNAME}.xml" "${NEWNAME}.xml"
else
echo "no machine definition file found" >&2
exit 1
fi
sed -i "s/${CURRENTNAME}/${NEWNAME}/" "${NEWNAME}.xml"
NEWNAME="${NEWNAME}.qcow2"
else
rm "${CURRENTBASE}"
rm -f "${CURRENTBASE}"
NEWNAME="${CURRENTBASE}"
fi

232
roles/lmn_vm/files/vm-run Executable file
View file

@ -0,0 +1,232 @@
#!/usr/bin/bash
# create and run clone
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") [options] vmname"
Create a new clone, start the vm (if not yet running) and run virt-viewer.
Squid-Proxy will be started too.
options:
-n|--new new clone will be created, even if exists
-p|--persistent new clone will be created persistent, so available after reboot too
-s|--system qemu:///system instead of default qemu:///session
--memory sizeMB memory size in MB
--cpu num number of CPUs
--os OS operating system (win10|linux|..)
--data-disk size additional data-disk
--bridge virbrX additional network interface on bridge virbrX
--options options additional options for virt-install command
EOF
}
exit_script() {
echo "run-vm.sh ${VM_NAME} terminated by trap!" >> "/tmp/${UID}/exit-run-vm.log"
virsh --connect="${QEMU}" destroy "${VM_NAME}-clone"
trap - SIGHUP SIGINT SIGTERM # clear the trap
kill -- -$$ # Sends SIGTERM to child/sub processes
}
check_images() {
# sync vm-torrents and machine definition file
sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.qcow2.torrent"
[[ -f "${VM_NAME}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
BACKINGARRAY=()
imgfile="${VM_SYSDIR}/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
BACKINGARRAY+=("${imgfile}")
echo "Imgfile=$imgfile"
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
exit 1
fi
# sync vm-disk image by torrent
echo "Try to sync VM ${VM_NAME} by torrent"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${VM_NAME}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
while [[ -n "${backingfile}" ]]; do
echo "Backingfile required: ${backingfile}"
imgfile="${VM_SYSDIR}/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
BACKINGARRAY+=("${imgfile}")
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
# sync vm-disk image by torrent
echo "Try to sync backingfile ${backingfile} by torrent"
sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${backingfile}.torrent"
[[ -f "${backingfile}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${backingfile}"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${backingfile%.qcow2}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
done
echo "VM-Image and required backingfiles available"
echo "Now, let's check the images."
# Check VM-Images in reverse order
for ((i=${#BACKINGARRAY[@]}-1; i>=0; i--))
do
echo "Checking ${BACKINGARRAY[$i]}"
if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
echo "check failed!"
echo "sync ${BACKINGARRAY[$i]} again"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "$(basename "${BACKINGARRAY[$i]}" .qcow2)"
fi
done
echo "VM-Image and required backingfiles available and checked"
}
create_clone() {
local VM_NAME="$1"
if ! [[ -f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
echo "qcow2 File does not exists." >&2
exit 1
fi
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
if [[ "${PERSISTENT}" -eq 1 ]]; then
sudo /usr/local/bin/vm-link-images -p
else
sudo /usr/local/bin/vm-link-images
fi
# Create backing file
cd "${VM_DIR}"
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
}
QEMU='qemu:///session'
NEWCLONE=0
PERSISTENT=0
LIBVIRTOSINFO="win10"
LIBVIRTOPTS=""
source /etc/lmn/vm.conf
TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,bridge:,os:,help -n $0 -- "$@")
if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
eval set -- "$TEMP"
while true; do
case "$1" in
-p | --persistent )
PERSISTENT=1;
VM_DIR="${VM_DIR_PERSISTENT}"
shift
;;
-n | --new )
NEWCLONE=1
shift
;;
-s | --system )
QEMU='qemu:///system'
shift
;;
-o | --options )
LIBVIRTOPTS=$2
shift 2
;;
--data-disk )
LIBVIRTOPTS="${LIBVIRTOPTS} --disk ${VM_DIR}/data.qcow2,size=$2,sparse=yes"
shift 2
;;
--memory )
LIBVIRTOPTS="${LIBVIRTOPTS} --memory $2"
shift 2
;;
--cpu )
LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
shift 2
;;
--bridge )
if ip link | grep $2; then
LIBVIRTOPTS="${LIBVIRTOPTS} --network=bridge=$2,model.type=virtio"
fi
shift 2
;;
--os )
LIBVIRTOSINFO=$2
shift 2
;;
--help )
show_help
exit 1
;;
-- ) shift; break ;;
* ) break ;;
esac
done
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
# check, if we have to start squid
if ! killall -s 0 squid; then
echo "starting squid."
/usr/sbin/squid -f /etc/squid/squid-usermode.conf
fi
# because virsh has problems with long pathnames, using diffent configdir
export XDG_CONFIG_HOME="/tmp/${UID}/.config"
if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
echo "VM not yet running."
sudo /usr/local/bin/desktop-sync
check_images
if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
create_clone "${VM_NAME}"
fi
# delete the old vm
virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
#trap exit_script SIGHUP SIGINT SIGTERM
# start virtiofsd-service
[[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/vm-virtiofsd "${VM_NAME}"
# finally, create the new vm
# TODO
# # find macvtap interface MAC address:
# MAC="$(ip link | grep -A1 "vm-macvtap" |
# sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
# sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
virt-install \
--osinfo "${LIBVIRTOSINFO}" \
--name "${VM_NAME}-clone" \
--import \
--clock hpet_present=yes,hypervclock_present=yes \
--features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
--memorybacking source.type=memfd,access.mode=shared \
--disk "${VM_DIR}/${VM_NAME}-clone.qcow2",driver.discard=unmap,target.bus=scsi,cache=writeback \
--network=bridge=virbr0,model.type=virtio \
--filesystem driver.type=virtiofs,accessmode=passthrough,target.dir=virtiofs,xpath1.set=./source/@socket="/run/user/${UID}/virtiofs-${VM_NAME}.sock" \
--controller type=scsi,model=virtio-scsi \
--check path_in_use=off \
--connect="${QEMU}" \
--noautoconsole \
${LIBVIRTOPTS}
# --dry-run \
# --print-xml \
# > /tmp/vm.xml
# --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
# --network type=ethernet,target.dev=vm-macvtap,xpath1.set=./target/@managed=no \
# virsh --connect="${QEMU}" start "${VM_NAME}-clone"
fi
echo "starting viewer"
trap exit_script SIGHUP SIGINT SIGTERM
virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"

137
roles/lmn_vm/files/vm-sync Executable file
View file

@ -0,0 +1,137 @@
#!/usr/bin/bash
# Push/Pull VM-Disk-Image and Infos from server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") command [args]"
command:
push_file
get_file
get_image
delete_outdated_image
EOF
}
get_torrent() {
if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
echo "No torrent-File found"
exit 1
fi
lockfile="/tmp/sync-vm-${VM_NAME}.lock"
if ! flock -n "$lockfile" echo "try to acquire lock"; then
echo torrent seems to be in process.
echo waiting for completion ...
flock -w 3600 "$lockfile" echo "...completed"
sleep 5
else
(
if ! flock -n 200; then
echo "failed to acquire lock"
echo "Bitte noch einmal starten."
echo "Beliebige Taste zum Beenden."
read -n 1
exit 1
fi
# stop aria2-seeding if running
sudo vm-aria2 stop "${VM_NAME}"
cd "${VM_SYSDIR}"
# get image
aria2c --seed-time=0 --dht-file-path=$DHTDAT \
--dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
"${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
# and seed
sudo vm-aria2 start "${VM_NAME}"
if ! flock -u 200; then
echo failed to drop lock
exit 1
fi
) 200>"$lockfile"
fi
}
get_image_size() {
torrentfile=$1
length=$(aria2c -S "${torrentfile}" | grep "Total Length" | \
sed -E -e 's/.*\(([0-9,]*)\)/\1/' -e 's/,//g')
echo "$length"
}
delete_outdated_image() {
cd "${VM_SYSDIR}"
qcowsize=$(stat -c%s "${FILENAME}")
if [[ -f "${FILENAME}.torrent" ]] && [[ "${qcowsize}" != $(get_image_size "${FILENAME}.torrent") ]]; then
sudo vm-aria2 stop "${FILENAME%.qcow2}"
rm -f "${FILENAME}"
fi
}
get_file() {
cd "${VM_SYSDIR}"
curl --fail --noproxy ${SEEDBOX_HOST} -o "${FILENAME}" \
"http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
}
push_file() {
cd "${VM_SYSDIR}"
uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
--pwdfile "${SEEDBOX_PWFILE}" --no-cert "${FILENAME}"
}
########################
if [[ "$(id -nu)" != "lmnsynci" ]]; then
echo "$(basename "$0") must be run as lmnsynci user"
show_help
exit 1
fi
source /etc/lmn/vm.conf
while getopts ':' OPTION; do
case "$OPTION" in
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -lt 1 ]]; then
show_help
exit 1
fi
command=$1
shift
case "$command" in
push_file)
for FILENAME in "$@"; do
push_file
done
;;
get_file)
for FILENAME in "$@"; do
get_file
done
;;
get_image)
for VM_NAME in "$@"; do
get_torrent
done
;;
delete_outdated_image)
for FILENAME in "$@"; do
delete_outdated_image
done
;;
*)
show_help
exit 1
;;
esac

60
roles/lmn_vm/files/vm-upload Executable file
View file

@ -0,0 +1,60 @@
#!/usr/bin/bash
# Push VM-Disk-Image on server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") vmname"
Create torrent and upload disk on server.
EOF
}
upload_image() {
# check if VM-Diskimage exists
if [[ ! (-f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
echo "File not found ${VM_NAME}.qcow2" >&2
exit 1
fi
vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
# link private VM-Diskimage to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
&& ( -f "${VM_SYSDIR}/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "${VM_SYSDIR}/${VM_NAME}.qcow2") \
|| ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2") ]]; then
echo "copy private VM-Diskimage to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
ln -f "${VM_DIR}/${VM_NAME}.qcow2" "${VM_SYSDIR}/${VM_NAME}.qcow2"
fi
cd "${VM_SYSDIR}"
if [[ -f "/tmp/${VM_NAME}.qcow2.torrent" ]]; then
rm -f "/tmp/${VM_NAME}.qcow2.torrent"
fi
uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
--pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.qcow2"
}
source /etc/lmn/vm.conf
while getopts ':p' OPTION; do
case "$OPTION" in
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
upload_image

0
roles/lmn_vm/files/start-virtiofsd.sh → roles/lmn_vm/files/vm-virtiofsd
View file

17
roles/lmn_vm/files/vm.conf Normal file
View file

@ -0,0 +1,17 @@
# variables for LMN VM submodule
SEEDBOX_HOST="seedbox.pn.steinbeis.schule"
SEEDBOX_PORT=6789
SEEDBOX_RPC_PORT=6800
SEEDBOX_PWFILE="/etc/lmn/uploadseed.conf"
DHTDAT="/var/cache/aria2/dht.dat"
DESKTOPSTARTERDIR="/srv/samba/schools/default-school/share/school/AdminIT/desktop/"
VM_SYSDIR="/lmn/vm"
if [[ -v SUDO_UID ]]; then
VM_DIR="/tmp/${SUDO_UID}/vm"
VM_DIR_PERSISTENT="/var/vm/${SUDO_UID}"
else
VM_DIR="/tmp/${UID}/vm"
VM_DIR_PERSISTENT="/var/vm/${UID}"
fi

213
roles/lmn_vm/files/vmimage-torrent
View file

@ -1,213 +0,0 @@
#!/bin/bash
#
# starts tmux sessions for each valid torrent in LINBODIR
# thomas@linuxmuster.net
# 20221103
#
# read environment
#. /usr/share/linuxmuster/defaults.sh || exit 1
#THELPER=$LINBOSHAREDIR/linbo-torrenthelper.sh
THELPER=linbo-torrenthelper.sh
#. $LINBOSHAREDIR/helperfunctions.sh || exit 1
LINBOIMGEXT="qcow2 qdiff"
LINBOIMGDIR="/lmn/vm"
serverip="10.190.1.1"
# start of functions
# help message
usage(){
echo
echo "Info: vmimage-torrent manages the torrent tmux sessions of linbo images."
echo
echo "Usage:"
echo " vmimage-torrent <start|stop|restart|reload|status|create|check> [image_name]"
echo " vmimage-torrent attach <image_name|session_name>"
echo
echo "Note:"
echo " * Only qcow2 & qdiff image files located below $LINBOIMGDIR are processed."
echo " * The commands \"start\", \"stop\" and \"restart\" may have optionally an image"
echo " filename as parameter. In this case the commands are only applied to the tmux"
echo " session of the certain file. Without an explicit image filename the commands"
echo " were applied to all image file sessions currently running."
echo " * An image filename parameter is mandatory with the commands \"check\", \"create\""
echo " and \"attach\"."
echo " * \"check\" checks if the image file matches to the correspondig torrent."
echo " * \"create\" creates/recreates the torrent of a certain image file."
echo " * \"status\" shows a list of currently running torrent tmux sessions."
echo " * \"attach\" attaches a torrent tmux session of a certain image. An image or"
echo " session name must be given as parameter."
echo " Press [CTRL+B]+[D] to detach the session again."
echo " * \"reload\" is the identical to \"restart\" and is there for backwards compatibility."
echo
exit 1
}
# check torrent
check(){
local image="$(basename "$IMGLIST")"
local torrent="$image.torrent"
local tdir="$(dirname "$IMGLIST")"
cd "$tdir"
echo "Checking $torrent ..."
if ctorrent -c "$torrent"; then
echo "Ok!"
else
echo "Failed!"
exit 1
fi
}
# creates torrent files
create(){
local image="$(basename "$IMGLIST")"
local tdir="$(dirname "$IMGLIST")"
local torrent="${image}.torrent"
local session="${torrent//./_}"
# stop torrent service
vmimage-torrent status | grep -q ^"$session" && vmimage-torrent stop "$IMGLIST"
# skip already running torrents
echo "Creating $torrent ..."
cd "$tdir"
rm -f "$torrent"
if ctorrent -t -u "http://$serverip:6969/announce" -s "$torrent" "$image" ; then
[ "$START" = "no" ] || vmimage-torrent start "$IMGLIST"
else
echo "Failed!"
exit 1
fi
}
# starts torrent tmux sessions
start(){
local item
local torrent
local image
local tdir
local session
for item in $IMGLIST; do
image="$(basename "$item")"
torrent="${image}.torrent"
tdir="$(dirname "$item")"
session="${torrent//./_}"
cd "$tdir"
if [ ! -s "$image" ]; then
echo "Image $image does not exist! Skipping this torrent."
continue
fi
# skip already running torrents
if vmimage-torrent status | grep -qw ^"$session"; then
echo "tmux session $session is already running."
continue
fi
# create torrent file if there is none
if [ ! -e "$torrent" ]; then
START="no" vmimage-torrent create "$item" || continue
fi
echo -n "Starting tmux session $session ... "
tmux new -ds "$session" "$THELPER $torrent ; exec $SHELL"
sleep 1
if vmimage-torrent status | grep -qw ^"$session"; then
echo "Ok!"
else
echo "Failed!"
fi
done
}
stop(){
if [ -n "$SESSION" ]; then
vmimage-torrent status | grep -qw ^"$SESSION" || return
tmux kill-session -t "$SESSION"
else
local item
vmimage-torrent status | awk -F\: '{print $1}' | while read item; do
tmux kill-session -t "$item"
done
fi
}
attach(){
if ! tmux list-sessions | grep -qw "$SESSION"; then
echo "There is no session $SESSION."
exit 1
fi
echo "Hint: Detach tmux session with [CTRL+B]+[D]."
sleep 3
tmux attach -t "$SESSION"
}
status(){
tmux list-sessions | grep _torrent
}
find_images(){
local search="$(basename "$1")"
if [ -n "$search" ]; then
find "$LINBOIMGDIR" -maxdepth 2 -name "$search"
return
fi
local IMGLIST
for search in $LINBOIMGEXT; do
IMGLIST="$IMGLIST $(find "$LINBOIMGDIR" -maxdepth 2 -name \*.$search)"
done
# trim leading and trailing spaces
echo $IMGLIST | awk '{$1=$1};1'
}
# end of functions
# check parameters
if [ -n "$2" ] ; then
# trap torrent parameter
image="${2/.torrent/}"
case "$image" in
*.qcow2|*.qdiff)
if [ -e "$image" ]; then
IMGLIST="$image"
else
IMGLIST="$(find_images "$image")"
fi
if [ ! -e "$IMGLIST" ]; then
echo "Image file $(basename $image) not found."
usage
fi
filename="$(basename "$IMGLIST")"
SESSION="${filename//./_}_torrent"
;;
*_torrent)
if [ "$1" = "attach" ]; then
SESSION="$image"
else
usage
fi
;;
*) usage ;;
esac
else
case "$1" in
stop|status) ;;
attach|check|create) usage ;;
*)
IMGLIST="$(find_images)"
if [ -z "$IMGLIST" ]; then
echo "No linbo images found."
exit 0
fi
;;
esac
fi
case "$1" in
start) start ;;
stop) stop ;;
restart|reload) stop ; start ;;
status) status ;;
create) create ;;
check) check ;;
attach) attach ;;
*) usage ;;
esac
exit 0

15
roles/lmn_vm/files/vmimage-torrent.service
View file

@ -1,15 +0,0 @@
[Unit]
Description=VM-image torrent service
After=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
User=lmnsynci
Group=lmnsynci
ExecStart=/usr/local/bin/vmimage-torrent start
ExecStop=/usr/local/bin/vmimage-torrent stop
ExecReload=/usr/local/bin/vmimage-torrent reload
[Install]
WantedBy=multi-user.target

8
roles/lmn_vm/handlers/main.yml
View file

@ -3,14 +3,6 @@
name: libvirtd.service
listen: reload libvirtd
- name: Enable vmimage-torrent service
systemd:
name: vmimage-torrent.service
state: restarted
daemon_reload: true
enabled: true
listen: "enable vmimage-torrent.service"
- name: Run update-desktop-database
command: update-desktop-database "{{ item }}"
loop:

95
roles/lmn_vm/tasks/main.yml
View file

@ -13,7 +13,8 @@
- name: install libvirt packages
apt:
name:
- ctorrent
- aria2
- mktorrent
- libvirt-daemon-system
- virt-manager
- dialog # for vm-netboot menu
@ -81,6 +82,11 @@
system: true
create_home: false
- name: Create /etc/lmn directory
file:
path: /etc/lmn
state: directory
- name: Create /lmn directory
file:
path: /lmn
@ -92,6 +98,12 @@
state: directory
mode: '1777'
- name: Create /var/vm directory
file:
path: /var/vm
state: directory
mode: '1777'
- name: Create vm directory
file:
path: /lmn/vm
@ -128,10 +140,7 @@
mode: '0700'
loop:
- lmn-mounthome
- lmn-sync-vm
- lmn-upload-vm
- lmn-link-images
- lmn-startvirtiofsd
- lmn-vm
- name: Deploy vmimages scripts
copy:
@ -142,33 +151,40 @@
mode: '0755'
loop:
- mounthome.sh
- create-vm.sh
- rebase-vm.sh
- run-vm.sh
- upload-vm.sh
- sync-vm.sh
- link-images.sh
- start-virtiofsd.sh
- linbo-torrenthelper.sh
- vmimage-torrent
- vm-create
- vm-rebase
- vm-run
- vm-upload
- vm-sync
- vm-link-images
- vm-virtiofsd
- virtiofsd
- vm-aria2
- uploadseed
- desktop-sync
- name: Deploy linbo-torrent defaults
copy:
src: linbo-torrent
dest: /etc/default/
- name: Deploy vm configuration file vm.conf
ansible.builtin.copy:
src: vm.conf
dest: /etc/lmn/vm.conf
owner: root
group: root
mode: '0755'
- name: Deploy vmimage-torrent.service
copy:
src: vmimage-torrent.service
dest: /etc/systemd/system/
- name: Deploy aria2 RPC password file
ansible.builtin.copy:
dest: /etc/lmn/uploadseed.conf
owner: root
group: root
mode: '0644'
notify: "enable vmimage-torrent.service"
group: lmnsynci
mode: '0640'
content: |
{{ uploadseed_pwd }}
- name: Prepare directory for aria2 dht.dat
ansible.builtin.file:
path: /var/cache/aria2/
state: directory
owner: lmnsynci
group: lmnsynci
- name: Prepare directory for qemu bridge config
ansible.builtin.file:
@ -181,14 +197,7 @@
content: |
allow virbr0
allow virbr1
- name: Deploy rsync.secret
lineinfile:
path: /etc/rsync.secret
line: "{{ rsyncsecret }}"
create: True
mode: '0600'
allow virbr2
- name: Configure macvtap interface
ansible.builtin.copy:
@ -244,10 +253,20 @@
dest: /etc/xdg/menus/applications-merged/
notify: Run update-desktop-database
- name: Sync .torrent, .xml and .desktop files and run update-desktop-database
command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
register: result
changed_when: result.stdout | length > 0
- name: check if sync.desktop is installed
stat: path=/usr/local/share/applications/sync.desktop
register: syncdesktop
- name: remove deprecated desktop-files
ansible.builtin.shell: rm -f /usr/local/share/applications/*.desktop
when: not syncdesktop.stat.exists
notify: Run update-desktop-database
- name: Copy initial sync starter
ansible.builtin.copy:
src: sync.desktop
dest: /usr/local/share/applications/
notify: Run update-desktop-database
- name: Start virt-manager in session mode by default
ansible.builtin.copy:

42
tools/emitter
View file

@ -1,4 +1,9 @@
#!/usr/bin/bash
#
# Run ansible on all hosts older than the latest git commit.
# Use argument "$(date)" to update all machines independent
# of the last ansible run.
#
set -eu
## maximal age of file in minutes:
@ -11,27 +16,36 @@ debug=false
## date of latest git commit in ansible repository:
git_date="$(date --iso-8601=seconds --date="$(git log --date=iso-strict | \
head -3 | sed -nE "s/^Date:\s+(.+)$/\1/p")")"
echo "Latest commit in git at: $git_date."
if [[ $# = 0 ]] ; then
timestamp="$git_date"
else
timestamp="$(date --iso-8601=seconds --date="$1")"
fi
echo "Time stamp at: $timestamp."
#dir="$(mktemp -d)"
dir="/tmp/emitter"
mkdir -vp "$dir"
touch "$dir/${git_date//T*/}"
touch "$dir/${timestamp//T*/}"
hlist=""
n=0
running=0
ansible_arg=""
find_outdated(){
hlist=""
n=0
running=0
ansible_arg="--tags=upgrade"
while IFS= read -r -d '' file ; do
running=$(( running + 1 ))
$debug && echo -n "Processing host '$file' with IP address "
d="$(sed -nE "s/^2\s+(\S.+)$/\1/p" "$file")"
if [[ -z "$d" ]] || \
[[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
[[ $(date --date="$d" +%s) -lt $(date --date="$timestamp" +%s) ]] ; then
r='([0-9]{1,3}\.){3}[0-9]{1,3}'
ipa="$(sed -nE "s/^3\s+default via.+ src ($r) metric.+/\1/p" "$file")"
if [[ -z "$ipa" ]] ; then
@ -39,29 +53,33 @@ find_outdated(){
ipa="$(sed -nE "s|^.+default via.+ src ($r) metric.+|\1|p" "$file" | head -1)"
fi
$debug && echo "'$ipa'."
if ! grep -q "$ipa" "$dir/${git_date//T*/}" ; then
echo "$ipa" >> "$dir/${git_date//T*/}"
if ! grep -q "$ipa" "$dir/${timestamp//T*/}" ; then
echo "$ipa" >> "$dir/${timestamp//T*/}"
hlist="$hlist,$ipa"
n=$(( n + 1 ))
if [[ $(date --date="$d" +%s) -lt $(date --date="$git_date" +%s) ]] ; then
## ansible run needed at least on one machine, run it on all:
echo "Triggering full ansible run!"
ansible_arg=""
fi
else
$debug && echo "Host already processed before."
fi
fi
done < <(find "$logdir" -maxdepth 1 -type f -mmin -$age -print0)
hlist="${hlist//^,/}"
hlist="${hlist#,}"
echo -n "Running hosts: $running, to be upgraded: $n. "
}
run_ansible(){
local hsts="$1"
if [[ -n "$hsts" ]] ; then
if ! echo | ANSIBLE_RETRY_FILES_ENABLED=1 \
ANSIBLE_RETRY_FILES_SAVE_PATH="$dir" \
ansible-playbook --vault-password-file ~/.vaultpwd \
-bi inventory.yml "$pbook.yml" -l "$hsts" ; then
if ! echo | eval ANSIBLE_RETRY_FILES_ENABLED=1 ANSIBLE_RETRY_FILES_SAVE_PATH="$dir" \
ansible-playbook --vault-password-file ~/.vaultpwd \
-bi inventory.yml "$pbook.yml" "$ansible_arg" -l "$hsts" ; then
while IFS= read -r ipa ; do
sed -i "/$ipa/d" "$dir/${git_date//T*/}"
echo "IP address '$ipa' removed from '$dir/${git_date//T*/}'."
sed -i "/$ipa/d" "$dir/${timestamp//T*/}"
echo "IP address '$ipa' removed from '$dir/${timestamp//T*/}'."
done < "$dir/$pbook.retry"
fi
fi