X-Git-Url: https://git.cyclocoop.org/?p=lhc%2Fateliers.git;a=blobdiff_plain;f=vm_hosted;h=dc86ddcc152591cd1fbd87f8261446edb9709878;hp=81dec85202729227e12b8211d8b3212819ddbf81;hb=d501326a3e710da0ea34928b4a44d13103c0106a;hpb=fb16412c2b5c7d0264df73c117399ff244a4abee diff --git a/vm_hosted b/vm_hosted index 81dec85..dc86ddc 100755 --- a/vm_hosted +++ b/vm_hosted @@ -1,8 +1,9 @@ #!/bin/sh set -e -f ${DRY_RUN:+-n} -u tool=${0%/*} -. "$tool"/lib/functions.sh +. "$tool"/lib/rule.sh . "$tool"/etc/vm.sh +. "$tool"/lib/mk.sh rule_help () { # SYNTAX: [--hidden] local hidden; [ ${1:+set} ] || hidden=set @@ -37,6 +38,16 @@ rule_git_reset () { ) } +rule_apt_get_install () { # SYNTAX: $package + case $(dpkg -s "$1" | grep '^Status: ') in + ("Status: install ok installed");; + (*) + test ! -x /usr/bin/etckeeper || + assert 'sudo etckeeper unclean' + sudo apt-get "$@";; + esac + } + rule__chrooted_configure () { # NOTE: est-ce bien utile à un moment ? export LANG=C export LC_CTYPE=C @@ -64,7 +75,7 @@ rule_apt_configure () { EOF } rule_apticron_configure () { - sudo apt-get install --reinstall apticron + rule apt_get_install apticron mk_reg mod=644 own=root:root /etc/apticron/apticron.conf <<-EOF EMAIL="admin@heureux-cyclage.org" # DIFF_ONLY="1" @@ -80,12 +91,12 @@ rule_apticron_configure () { # CUSTOM_NO_UPDATES_SUBJECT="" # CUSTOM_FROM="root@ateliers.heureux-cyclage.org" EOF - sudo service apticron restart } rule_boot_configure () { - sudo apt-get install --reinstall grub-pc # XXX: attention à n'installer GRUB sur AUCUN disque proposé ! + warn "attention à n'installer GRUB sur AUCUN disque proposé !" + rule apt_get_install grub-pc mk_dir mod=644 own=root:root /boot/grub - sudo apt-get install --reinstall linux-image-$vm_arch + rule apt_get_install linux-image-$vm_arch mk_reg mod=644 own=root:root /etc/default/grub <<-EOF GRUB_DEFAULT=0 GRUB_TIMEOUT=5 @@ -112,6 +123,7 @@ rule_etckeeper_configure () { HIGHLEVEL_PACKAGE_MANAGER=apt LOWLEVEL_PACKAGE_MANAGER=dpkg EOF + rule apt_get_install etckeeper } rule_filesystem_configure () { mk_reg mod=644 own=root:root /etc/fstab <<-EOF @@ -314,7 +326,23 @@ rule_network_configure () { network $vm_ipv4 broadcast $vm_ipv4 netmask 255.255.255.255 - #mtu 1300 + mtu 1300 + # NOTE: il y a besoin de ça en l'état actuel du réseau de Grenode + # car la MTU des tunnels GRE/IPsec entre les routeurs de Grenode l'impose. + # + # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200)) soupirail.grenode.net + # PING soupirail.grenode.net (91.216.110.1) 1272(1300) bytes of data. + # 1280 bytes from soupirail.grenode.net (91.216.110.1): icmp_req=1 ttl=63 time=18.0 ms + # + # --- soupirail.grenode.net ping statistics --- + # 1 packets transmitted, 1 received, 0% packet loss, time 0ms + # rtt min/avg/max/mdev = 18.027/18.027/18.027/0.000 ms + # root@ateliers:~# ping -M do -c 1 -s \$((1500-20-8-200+1)) soupirail.grenode.net + # PING soupirail.grenode.net (91.216.110.1) 1273(1301) bytes of data. + # From estran.grenode.net (91.216.110.6) icmp_seq=1 Frag needed and DF set (mtu = 1300) + # + # --- soupirail.grenode.net ping statistics --- + # 0 packets transmitted, 0 received, +1 errors post-up ip address add $vm_ipv4/32 dev \$IFACE pre-down ip address delete $vm_ipv4/32 dev \$IFACE EOF @@ -437,10 +465,11 @@ rule_configure () { rule login_configure rule user_root_configure rule boot_configure + rule apticron_configure rule bin_configure } -rule_disk_key_change () { +rule_luks_key_change () { sudo cryptsetup luksChangeKey /dev/$vm_lvm_vg/${vm_lvm_lv}_root }