1 |
dpavlin |
4 |
#!/usr/bin/perl -w |
2 |
|
|
# |
3 |
|
|
# Dobrica Pavlinusic <dpavlin@rot13.org> 2007-01-07 |
4 |
|
|
# |
5 |
|
|
use strict; |
6 |
|
|
use Shell qw/host mkdir vzsplit rm/; |
7 |
|
|
use IO::Prompt; |
8 |
|
|
use Regexp::Common qw/net/; |
9 |
|
|
|
10 |
|
|
# default debian distribution |
11 |
|
|
my $dist = 'etch'; |
12 |
|
|
# debian mirror to use |
13 |
|
|
my $debian_mirror_uri = 'http://debian.carnet.hr/debian'; |
14 |
|
|
# split physicial machine in how meny virtual ones? |
15 |
|
|
my $ve_total = 2; |
16 |
|
|
# swap size (Mb) |
17 |
|
|
my $swap_size = 512; |
18 |
|
|
|
19 |
|
|
print "Creating new OpenVZ instance...\n"; |
20 |
|
|
|
21 |
|
|
my $arg = shift @ARGV; |
22 |
|
|
|
23 |
|
|
my ($hostname, $ip); |
24 |
|
|
|
25 |
|
|
if ($arg =~ m/$RE{net}{IPv4}/) { |
26 |
|
|
$ip = $arg; |
27 |
|
|
chomp($hostname); |
28 |
|
|
$hostname = host($arg); |
29 |
|
|
$hostname =~ s/^.*\s(\S+)$/$1/; |
30 |
|
|
} else { |
31 |
|
|
$hostname = $arg; |
32 |
|
|
$ip = host($arg); |
33 |
|
|
chomp($ip); |
34 |
|
|
$ip =~ s/^.*\s(\S+)$/$1/; |
35 |
|
|
} |
36 |
|
|
|
37 |
|
|
$ip ||= prompt('Enter IP: ', -require => { |
38 |
|
|
'Must be IP (e.g. 192.168.0.1): ' => qr/$RE{net}{IPv4}/, |
39 |
|
|
}) unless ($ip =~ /$RE{net}{IPv4}/); |
40 |
|
|
|
41 |
|
|
$hostname ||= prompt('Enter hostname: ') unless ($hostname); |
42 |
|
|
|
43 |
|
|
my @ip_split = split(/\./,$ip); |
44 |
|
|
|
45 |
|
|
my $ve_id = sprintf('%03d%03d', $ip_split[2], $ip_split[3]); |
46 |
|
|
|
47 |
|
|
my $vz_root = '/vz'; |
48 |
|
|
|
49 |
|
|
die "need to know vz_root, and $vz_root doesn't exist: $!\n" unless (-e $vz_root); |
50 |
|
|
|
51 |
|
|
print "VEID: $ve_id hostname: $hostname ip: $ip\n"; |
52 |
|
|
|
53 |
|
|
warn ">> creating directories\n"; |
54 |
|
|
|
55 |
|
|
mkdir('-p', "$vz_root/root/$ve_id", "$vz_root/private/$ve_id"); |
56 |
|
|
|
57 |
|
|
warn ">> installing debian\n"; |
58 |
|
|
|
59 |
|
|
if (! -e "$vz_root/private/$ve_id/etc/debian_version") { |
60 |
|
|
|
61 |
|
|
my $debootstrap = "debootstrap --arch i386 $dist $vz_root/private/$ve_id $debian_mirror_uri"; |
62 |
|
|
warn "# $debootstrap\n"; |
63 |
|
|
system($debootstrap); |
64 |
|
|
|
65 |
|
|
} else { |
66 |
|
|
warn "Debian allready installed in $vz_root/private/$ve_id\n"; |
67 |
|
|
} |
68 |
|
|
|
69 |
|
|
sub vzctl { |
70 |
|
|
my @args = @_; |
71 |
|
|
warn "## vzctl ", join(" ",@args), "\n"; |
72 |
|
|
system "vzctl", @args; |
73 |
|
|
} |
74 |
|
|
|
75 |
|
|
my $conf_path = "/etc/vz/conf/${ve_id}.conf"; |
76 |
|
|
warn ">> creating configuration file $conf_path\n"; |
77 |
|
|
|
78 |
|
|
if (-e $conf_path) { |
79 |
|
|
warn "$conf_path allready exists, not touching it\n"; |
80 |
|
|
} else { |
81 |
|
|
vzsplit('-n', $ve_total, '-s', $swap_size * 1024, '>', $conf_path); |
82 |
|
|
|
83 |
|
|
open(my $tmp, '>>', $conf_path) || die "can't open $conf_path: $!"; |
84 |
|
|
print $tmp "OSTEMPLATE=debian-3.1\n"; |
85 |
|
|
close($tmp); |
86 |
|
|
|
87 |
|
|
vzctl('set', $ve_id, '--applyconfig', 'vps.basic', '--save'); |
88 |
|
|
vzctl('set', $ve_id, '--ipadd', $ip, '--save'); |
89 |
|
|
vzctl('set', $ve_id, '--hostname', $hostname, '--save'); |
90 |
|
|
} |
91 |
|
|
|
92 |
|
|
sub create_file { |
93 |
|
|
my ($path, $code) = @_; |
94 |
|
|
if (! -e $path) { |
95 |
|
|
warn ">> creating $path\n"; |
96 |
|
|
open(my $tmp, '>', $path) || die "can't create $path: $!"; |
97 |
|
|
print $tmp $code->($path); |
98 |
|
|
close($tmp); |
99 |
|
|
} |
100 |
|
|
} |
101 |
|
|
|
102 |
|
|
create_file( |
103 |
|
|
"$vz_root/private/$ve_id/etc/apt/sources.list", |
104 |
|
|
"deb $debian_mirror_uri $dist main contrib non-free\n" |
105 |
|
|
); |
106 |
|
|
|
107 |
|
|
vzctl('start', $ve_id); |
108 |
|
|
|
109 |
|
|
my $customize_sh = <<'__END_OF_SH__'; |
110 |
|
|
|
111 |
|
|
# use shadow passwords |
112 |
|
|
pwconv |
113 |
|
|
|
114 |
|
|
# upgrade to lastest version |
115 |
|
|
apt-get update |
116 |
|
|
apt-get upgrade |
117 |
|
|
|
118 |
|
|
# install additional packages |
119 |
dpavlin |
5 |
apt-get -y install vim less ssh sudo |
120 |
dpavlin |
4 |
|
121 |
dpavlin |
5 |
# remove unwanted packages |
122 |
|
|
apt-get -y remove nano |
123 |
|
|
|
124 |
dpavlin |
4 |
# lock root user |
125 |
|
|
usermod -L root |
126 |
|
|
|
127 |
|
|
# disable getty |
128 |
|
|
sed -i -e '/getty/d' /etc/inittab |
129 |
|
|
|
130 |
|
|
# sane permissions for /root directory |
131 |
|
|
chmod 700 /root |
132 |
|
|
|
133 |
|
|
# disable sync() for syslog |
134 |
|
|
sed -i -e 's@\([[:space:]]\)\(/var/log/\)@\1-\2@' /etc/syslog.conf |
135 |
|
|
|
136 |
|
|
# fix /etc/mtab |
137 |
|
|
rm -f /etc/mtab |
138 |
|
|
ln -s /proc/mounts /etc/mtab |
139 |
|
|
|
140 |
|
|
# remove unneeded packages |
141 |
|
|
dpkg --purge modutils |
142 |
|
|
dpkg --purge ppp pppoeconf pppoe pppconfig |
143 |
|
|
|
144 |
|
|
# disable services |
145 |
|
|
update-rc.d -f klogd remove |
146 |
|
|
update-rc.d -f quotarpc remove |
147 |
|
|
update-rc.d -f exim4 remove |
148 |
|
|
update-rc.d -f inetd remove |
149 |
|
|
|
150 |
|
|
# clean packages |
151 |
|
|
apt-get clean |
152 |
|
|
|
153 |
|
|
__END_OF_SH__ |
154 |
|
|
|
155 |
|
|
foreach my $l (split(/\n/, $customize_sh)) { |
156 |
|
|
next if ($l =~ /^\s*$/); |
157 |
|
|
if ($l =~ /^#\s+(.+)$/) { |
158 |
|
|
warn ">> $1\n"; |
159 |
|
|
} else { |
160 |
|
|
vzctl('exec', $ve_id, $l); |
161 |
|
|
} |
162 |
|
|
} |
163 |
|
|
|
164 |
|
|
#vzctl('stop', $ve_id); |
165 |
|
|
|