playbooks/trixie
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge branch 'fvs' into fvs-wlanstick-feature

Browse source
This commit is contained in:
Raphael Dannecker 2024-02-06 08:09:23 +01:00
commit 94f19984e1
37 changed files with 1086 additions and 928 deletions
Download patch file Download diff file Expand all files Collapse all files

2
roles/lmn_fvs/tasks/main.yml
View file

@ -53,9 +53,11 @@
- shellcheck
- sigrok
- sigrok-cli
- texlive-latex-recommended
- tmux
- tree
- ttf-mscorefonts-installer
- twinkle
- unison-gtk
- w3m
- wireshark

9
roles/lmn_network/tasks/main.yml
View file

@ -19,3 +19,12 @@
path: /etc/systemd/timesyncd.conf
insertafter: '^#NTP='
line: NTP={{ ntp_serv }}
- name: Add proposed-updates repository
apt_repository:
repo: >
deb http://deb.debian.org/debian/ {{ ansible_distribution_release }}-proposed-updates
main non-free-firmware
state: present
update_cache: true
when: proposed_updates | default(False)

6
roles/lmn_sssd/tasks/main.yml
View file

@ -1,5 +1,5 @@
---
- name: install needed packages
- name: Install needed packages
apt:
name:
- sssd-ad
@ -7,7 +7,7 @@
- adcli
state: latest
- name: provide identities from directory
- name: Provide user identities from AD
template:
src: sssd.conf.j2
dest: /etc/sssd/sssd.conf
@ -15,7 +15,7 @@
notify: restart sssd
## Either one of the variables is defined:
- name: join the domain
- name: Join the domain
shell:
cmd: >
echo "{{ ansible_cmdline.adpw | default('') + adpw.user_input | default('') }}" |

48
roles/lmn_vm/files/create-vm.sh
View file

@ -1,48 +0,0 @@
#!/usr/bin/bash
# create 1st level-Clones
set -eu
# if less than two arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM to clone" >&2
echo "Usage: $0 vm_name_orig vm_name_clone" >&2
exit 1
fi
VM_NAME=$1
VM_CLONE=$2
VM_DIR="/tmp/${UID}/vm"
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
sudo /usr/local/bin/link-images.sh
# change to image-directory
cd "${VM_DIR}"
if { [[ ! -f "${VM_NAME}.xml" ]] && [[ ! -f "/lmn/vm/${VM_NAME}.xml" ]]; } || [[ ! -f "${VM_NAME}.qcow2" ]]; then
echo "xml or qcow2 File does not exists." >&2
exit 1
fi
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"
# virsh --connect=qemu:///system dumpxml "${VM_NAME}" > "xml/${VM_NAME}-${VM_CLONE}.xml"
# copy machine-definition-file
if [[ -f "${VM_NAME}.xml" ]]; then
cp "${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
elif [[ -f "/lmn/vm/${VM_NAME}.xml" ]]; then
cp "/lmn/vm/${VM_NAME}.xml" "${VM_NAME}-${VM_CLONE}.xml"
else
echo "no machine definition file found" >&2
exit 1
fi
# hardware addresses need to be removed, libvirt will assign
# new addresses automatically
# and actually rename the vm: (this also updates the storage path)
sed -i -E \
-e '/<uuid>.+<\/uuid>/d' \
-e '/.+mac address.+[[:xdigit:]:]{17}.+/d' \
-e "s/${VM_NAME}/${VM_NAME}-${VM_CLONE}/" "${VM_NAME}-${VM_CLONE}.xml"

14
roles/lmn_vm/files/desktop-sync Normal file
View file

@ -0,0 +1,14 @@
#!/usr/bin/bash
#
# Synchronize desktop starters
#
set -eu
source /etc/lmn/vm.conf
RSYNC_COMMAND=$(rsync -ai --delete --exclude=mimeinfo.cache \
--chown=root:root --chmod=F644,D755 "${DESKTOPSTARTERDIR}" \
/usr/local/share/applications/ | sed '/ \.\//d')
if [[ $? -eq 0 ]] && [[ -n "${RSYNC_COMMAND}" ]]; then
echo "${RSYNC_COMMAND}"
update-desktop-database /usr/local/share/applications
fi

5
roles/lmn_vm/files/images.list
View file

@ -1,5 +0,0 @@
win10.qcow2
win10-SolidWorks.qcow2
win10-Elektro.qcow2
deb11.qcow2
deb11-virtualbox.qcow2

33
roles/lmn_vm/files/linbo-torrent
View file

@ -1,33 +0,0 @@
# default values for linbo-torrenthelper service provided by ctorrent
# thomas@linuxmuster.net
# 20220317
#
# note: you have to invoke 'linbo-torrent restart' after you have changed any values
#
# Exit while seed <SEEDHOURS> hours later (default 72 hours)
SEEDHOURS="100000"
# Max peers count (default 100)
MAXPEERS="100"
# Min peers count (default 1)
MINPEERS="1"
# Download slice/block size, unit KB (default 16, max 128)
SLICESIZE="128"
# Max bandwidth down (unit KB/s, default unlimited)
MAXDOWN=""
# Max bandwidth up (unit KB/s, default unlimited)
MAXUP=""
# Supplemental ctorrent options, separated by space (-v: Verbose output for debugging)
#OPTIONS="-v"
# Timeout in seconds until rsync fallback (client only)
TIMEOUT="300"
# user to run ctorrent (server only)
CTUSER="lmnsynci"

31
roles/lmn_vm/files/linbo-torrenthelper.sh
View file

@ -1,31 +0,0 @@
#!/bin/bash
#
# thomas@linuxmuster.net
# GPL v3
# 20220317
#
# linbo ctorrent helper script, started in a screen session by init script
#
torrent="$1"
[ -s "$torrent" ] || exit 1
# get ctorrent options from file
[ -e /etc/default/linbo-torrent ] && source /etc/default/linbo-torrent
[ -n "$SEEDHOURS" ] && OPTIONS="$OPTIONS -e $SEEDHOURS"
[ -n "$MAXPEERS" ] && OPTIONS="$OPTIONS -M $MAXPEERS"
[ -n "$MINPEERS" ] && OPTIONS="$OPTIONS -m $MINPEERS"
[ -n "$SLICESIZE" ] && OPTIONS="$OPTIONS -z $SLICESIZE"
[ -n "$MAXDOWN" ] && OPTIONS="$OPTIONS -D $MAXDOWN"
[ -n "$MAXUP" ] && OPTIONS="$OPTIONS -U $MAXUP"
OPTIONS="$OPTIONS $torrent"
[ -n "$CTUSER" ] && SUDO="/usr/bin/sudo -u $CTUSER"
while true; do
#$SUDO /usr/bin/ctorrent $OPTIONS || exit 1
nice -n 20 /usr/bin/ctorrent $OPTIONS || exit 1
# hash check only on initial start, add -f parameter
echo "$OPTIONS" | grep -q ^"-f " || OPTIONS="-f $OPTIONS"
done

19
roles/lmn_vm/files/link-images.sh
View file

@ -1,19 +0,0 @@
#!/usr/bin/bash
# link VM in Use-Dir in /tmp
set -eu
# change to image-directory
cd /lmn/vm
VM_DIR="/tmp/${SUDO_UID}/vm"
# link system-VM-Images to User VM Directory
for i in *.qcow2; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done
# link system-VM-Machine-Definitions to User VM Directory
for i in *.xml; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done

3
roles/lmn_vm/files/lmn-link-images
View file

@ -1,3 +0,0 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/link-images.sh

2
roles/lmn_vm/files/lmn-mounthome
View file

@ -1,3 +1,3 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/mounthome.sh

3
roles/lmn_vm/files/lmn-startvirtiofsd
View file

@ -1,3 +0,0 @@
%examusers ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
%role-student ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/start-virtiofsd.sh

3
roles/lmn_vm/files/lmn-sync-vm
View file

@ -1,3 +0,0 @@
%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh
%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/sync-vm.sh

1
roles/lmn_vm/files/lmn-upload-vm
View file

@ -1 +0,0 @@
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/upload-vm.sh

25
roles/lmn_vm/files/lmn-vm Normal file
View file

@ -0,0 +1,25 @@
# vm-sync: Download and synchronize VM-Images and xml-Files
%role-teacher ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
%role-student ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
%examusers ALL=(lmnsynci) NOPASSWD: /usr/local/bin/vm-sync
# vm-aria2: Start/Stop aria2 as systemd-service for VM-Images
lmnsynci ALL=(root) NOPASSWD: /usr/local/bin/vm-aria2
# vm-link-images: Link VM-Images to User-tmp-directory
%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-link-images
# vm-virtiofsd: Start Virtiofsd as systemd-service
%examusers ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
%role-student ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-virtiofsd
# desktop-sync:
%examusers ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
%role-student ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/desktop-sync
# vm-upload:
%role-teacher ALL=(root) NOPASSWD: /usr/local/bin/vm-upload

162
roles/lmn_vm/files/run-vm.sh
View file

@ -1,162 +0,0 @@
#!/usr/bin/bash
# create and run clone
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") [-n] vmname"
Create a new clone, start the vm (if not yet running) and run virt-viewer.
Squid-Proxy will be started too.
### remove, old ### User Home will be mounted on /media/USERNAME/home
-n new clone will be created, even if exists
-s qemu:///system instead of default qemu:///session
EOF
}
exit_script() {
echo "run-vm.sh ${VM_NAME} terminated by trap!" >> "/tmp/${UID}/exit-run-vm.log"
virsh --connect="${QEMU}" destroy "${VM_NAME}-clone"
trap - SIGHUP SIGINT SIGTERM # clear the trap
kill -- -$$ # Sends SIGTERM to child/sub processes
}
check_images() {
# sync vm-torrents and machine definition file
sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
BACKINGARRAY=()
imgfile="/lmn/vm/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
BACKINGARRAY+=("${imgfile}")
echo "Imgfile=$imgfile"
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
if [[ ! -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]]; then
echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
exit 1
fi
# sync vm-disk image by torrent
echo "Try to sync VM ${VM_NAME} by torrent"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${VM_NAME}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
while [[ ! -z "${backingfile}" ]]; do
echo "Backingfile required: ${backingfile}"
imgfile="/lmn/vm/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
BACKINGARRAY+=("${imgfile}")
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
# sync vm-disk image by torrent
echo "Try to sync backingfile ${backingfile} by torrent"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh "${backingfile%.qcow2}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
done
echo "VM-Image and required backingfiles available"
echo "Now, let's check the images."
# Check VM-Images in reverse order
for ((i=${#BACKINGARRAY[@]}-1; i>=0; i--))
do
echo "Checking ${BACKINGARRAY[$i]}"
if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
echo "check failed!"
echo "sync ${BACKINGARRAY[$i]} again"
sudo -u lmnsynci /usr/local/bin/sync-vm.sh $(basename "${BACKINGARRAY[$i]}" .qcow2)
fi
done
echo "VM-Image and required backingfiles available and checked"
}
create-clone() {
local VM_NAME="$1"
local VM_DIR="/tmp/${UID}/vm"
local VM_XML="${VM_DIR}/${VM_NAME}-clone.xml"
local VM_SYSDIR="/lmn/vm"
if ! [[ -f "$VM_SYSDIR/${VM_NAME}.xml" && -f "$VM_SYSDIR/${VM_NAME}.qcow2" ]] && ! [[ -f "${VM_DIR}/${VM_NAME}.xml" && -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
echo "xml or qcow2 File does not exists." >&2
exit 1
fi
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
sudo /usr/local/bin/link-images.sh
# Create backing file
cd "${VM_DIR}"
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
# Create machine-definition-file
cp "${VM_DIR}/${VM_NAME}.xml" "${VM_XML}"
# set VM_DIR:
sed -i "s:VMIMAGEDIR:${VM_DIR}:" "${VM_XML}"
# and actually rename the vm (this also updates part of the storage path):
sed -i "s/${VM_NAME}/${VM_NAME}-clone/" "${VM_XML}"
# set virtiofs-Socket
sed -i "s:VIRTIOFSSOCKET:/run/user/${UID}/virtiofs-${VM_NAME}.sock:" "${VM_XML}"
# find macvtap interface MAC address:
MAC="$(ip link | grep -A1 "vm-macvtap" |
sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
}
QEMU='qemu:///session'
NEWCLONE=0
while getopts ':ns' OPTION; do
case "$OPTION" in
n)
NEWCLONE=1
;;
s)
QEMU='qemu:///system'
;;
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
VM_DIR="/tmp/${UID}/vm"
# check, if we have to start squid
if ! killall -s 0 squid; then
echo "starting squid."
/usr/sbin/squid -f /etc/squid/squid-usermode.conf
fi
# because virsh has problems with long pathnames, using diffent configdir
export XDG_CONFIG_HOME="/tmp/${UID}/.config"
if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
echo "VM not yet running."
check_images
if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
create-clone "${VM_NAME}"
fi
# delete the old vm
virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
# finally, create the new vm
virsh --connect=qemu:///session define "${VM_DIR}/${VM_NAME}-clone.xml"
#trap exit_script SIGHUP SIGINT SIGTERM
[[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/start-virtiofsd.sh "${VM_NAME}"
virsh --connect="${QEMU}" start "${VM_NAME}-clone"
fi
echo "starting viewer"
trap exit_script SIGHUP SIGINT SIGTERM
virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"

13
roles/lmn_vm/files/sync.desktop Normal file
View file

@ -0,0 +1,13 @@
[Desktop Entry]
Version=1.0
Type=Application
Name=Sync Starters
GenericName=Aktualisiert Info über vorhandene VMs
Comment=Sync VM Image information
#TryExec=konsole
Exec=if sudo /usr/local/bin/desktop-sync; then echo 'sync erfolgreich.\nFenster schließt sich in 3 Sekunden.'; sleep 3; else echo "Fehler - sollte nicht vorkommen."; read; fi
Icon=bittorrent-sync
Categories=fvs;
MimeType=image/vnd.dxf;
Keywords=design;VM;diagrams;graphics
Terminal=true

67
roles/lmn_vm/files/upload-vm.sh
View file

@ -1,67 +0,0 @@
#!/usr/bin/bash
# Push VM-Disk-Image on server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") vmname"
Create torrent and upload disk, torrent and xml-VM-Definiton on server.
EOF
}
VM_DIR="/tmp/${SUDO_UID}/vm"
upload_image() {
# check if VM-Diskimage exists
if [[ ! (-f "/lmn/vm/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
echo "File not found ${VM_NAME}.qcow2" >&2
exit 1
fi
# check if VM-Machine-Definition XML exists
if [[ ! (-f "/lmn/vm/${VM_NAME}.xml" || -f "${VM_DIR}/${VM_NAME}.xml") ]]; then
echo "File not found ${VM_NAME}.xml" >&2
exit 1
fi
sudo -u lmnsynci /usr/local/bin/vmimage-torrent stop "${VM_NAME}.qcow2" || echo "VMImage-torrent not running"
# link private VM-Diskimage to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
&& ( -f "/lmn/vm/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "/lmn/vm/${VM_NAME}.qcow2") \
|| ! -f "/lmn/vm/${VM_NAME}.qcow2") ]]; then
echo "copy private VM-Diskimage to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
ln -f "${VM_DIR}/${VM_NAME}.qcow2" "/lmn/vm/${VM_NAME}.qcow2"
fi
# copy private VM-Maschine-Definition XML to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.xml" \
&& ( -f "/lmn/vm/${VM_NAME}.xml" && $(cmp -s "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/${VM_NAME}.xml") \
|| ! -f "/lmn/vm/${VM_NAME}.xml") ]]; then
echo "copy private VM-Maschine-Definition XML to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.xml"
cp -a "${VM_DIR}/${VM_NAME}.xml" "/lmn/vm/"
fi
cd /lmn/vm
# (re-) create torrent file
sudo -u lmnsynci /usr/local/bin/vmimage-torrent create "${VM_NAME}.qcow2"
# create size-information-file
stat -c%s "${VM_NAME}.qcow2" > "${VM_NAME}.qcow2.size"
chown lmnsynci:lmnsynci "${VM_NAME}.qcow2.size"
# Upload Torrent, qcow2 and machine-definition-XML
[[ -f "/lmn/vm/${VM_NAME}.qcow2.torrent" ]] && rsync -av --password-file=/etc/rsync.secret \
"/lmn/vm/${VM_NAME}.qcow2.torrent" rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2.size" \
rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.qcow2" \
rsync://vmuser@server:/vmimages-upload/
rsync -av --password-file=/etc/rsync.secret "/lmn/vm/${VM_NAME}.xml" \
rsync://vmuser@server:/vmimages-upload/
}
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
upload_image

93
roles/lmn_vm/files/uploadseed Executable file
View file

@ -0,0 +1,93 @@
#!/usr/bin/python3
import os, sys
import subprocess
import xmlrpc.client as xc
import ssl
import argparse
parser = argparse.ArgumentParser(description='Upload a file to the bittorrent seeder.')
parser.add_argument('--server', required=True,
help="the server address and RPC port like 'IPaddress:port'")
parser.add_argument('--dht-port', required=True,
help='the DHT port the RPC server is listening on')
pwgrp = parser.add_mutually_exclusive_group(required=True)
pwgrp.add_argument('--passwd',
help='the RPC secret. Either this or --pwdfile needs to be ' \
'provided')
pwgrp.add_argument('--pwdfile',
help="file containing the RPC secret in the form " \
"'secret = \"token:SECRET\"'. " \
'Either this or --secret needs to be provided')
certgrp = parser.add_mutually_exclusive_group(required=True)
certgrp.add_argument('--no-cert', action='store_true',
help='do not use SSL certificate')
certgrp.add_argument('--cert', help='the certificate to use for verification')
parser.add_argument('FILE', help='the file to upload')
args = parser.parse_args()
rpcseeder = 'https://' + args.server + '/rpc'
dhtentry = args.server.split(':')[0] + ':' + args.dht_port
file2send = args.FILE
torrent = '/tmp/' + os.path.basename(file2send) + '.torrent'
if args.passwd:
secret = 'token:' + args.passwd
else:
exec(open(args.pwdfile).read())
ssl_ctx = ssl.create_default_context()
if args.no_cert:
ssl_ctx.check_hostname = False
ssl_ctx.verify_mode = ssl.CERT_NONE
print("Certificate verification disabled.")
elif args.cert is not None:
ssl_ctx.load_verify_locations(args.cert)
s = xc.ServerProxy(rpcseeder, context = ssl_ctx)
def make_torrent():
if os.path.isfile(torrent):
print("Torrent file", torrent, "exists already, please (re)move it.")
sys.exit(1)
subprocess.run(["/usr/bin/mktorrent", "-l 24", "-v", "-o", torrent, file2send], check=True)
h = subprocess.check_output(["/usr/bin/aria2c", "-S ", torrent])
for line in h.decode().splitlines():
if "Info Hash" in line:
return line.split(': ')[1]
def check_seeds(bthash):
active_seeds = s.aria2.tellActive(secret)
for seed in active_seeds:
f = seed['bittorrent']['info']['name']
gid = seed['gid']
ihash = seed['infoHash']
if f == os.path.basename(file2send):
print(file2send, "is already seeded with GID:", gid)
print("Info Hash is:", ihash)
if bthash == ihash:
print("The torrent file has not changed, exiting.")
return False
else:
print("The torrent file has changed, replacing torrent.")
s.aria2.remove(secret, gid)
return True
print("="*19, " Uploading new torrent with aria2 now. ", "="*19)
return True
def upload_torrent():
s.aria2.addTorrent(secret, xc.Binary(open(torrent, mode='rb').read()))
subprocess.run(["/usr/bin/aria2c",
"--dht-entry-point=" + dhtentry,
"--check-integrity",
"--dir=" + os.path.dirname(file2send),
torrent])
############################
if __name__ == '__main__':
infoHash = make_torrent()
if check_seeds(infoHash):
upload_torrent()
print("Upload finished.")

33
roles/lmn_vm/files/vm-aria2 Executable file
View file

@ -0,0 +1,33 @@
#!/usr/bin/bash
set -eu
# if less than one arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM " >&2
echo "Usage: $0 [start|stop] vm_name" >&2
exit 1
fi
COMMAND="$1"
VM_NAME="$2"
source /etc/lmn/vm.conf
if [[ "${COMMAND}" = "start" ]]; then
systemd-run --unit=aria2-"${VM_NAME}" \
--slice=system-aria2 \
--uid="$(id -u lmnsynci)" \
--gid="$(id -g lmnsynci)" \
--nice=19 \
--working-directory="${VM_SYSDIR}" \
--collect \
--property=Type=exec \
--property=SuccessExitStatus=1 \
aria2c --bt-hash-check-seed=true --check-integrity=true --seed-ratio=0.0 \
--dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
--dht-file-path=$DHTDAT \
"${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
elif [[ "${COMMAND}" = "stop" ]] && systemctl is-active "aria2-${VM_NAME}.service"; then
systemctl stop "aria2-${VM_NAME}.service"
fi

47
roles/lmn_vm/files/vm-create Executable file
View file

@ -0,0 +1,47 @@
#!/usr/bin/bash
# create 1st level-Clones
set -eu
source /etc/lmn/vm.conf
PERSISTENT=0
while getopts ':p' OPTION; do
case "$OPTION" in
p)
PERSISTENT=1
VM_DIR="${VM_DIR_PERSISTENT}"
;;
esac
done
shift "$((OPTIND -1))"
# if less than two arguments supplied, display usage
if [[ $# -ne 2 ]]; then
echo "This script takes as input the name of the VM to clone" >&2
echo "Usage: $0 vm_name_orig vm_name_clone" >&2
exit 1
fi
VM_NAME=$1
VM_CLONE=$2
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
if [[ "${PERSISTENT}" -eq 1 ]]; then
sudo /usr/local/bin/vm-link-images -p
else
sudo /usr/local/bin/vm-link-images
fi
# change to image-directory
cd "${VM_DIR}"
if [[ ! -f "${VM_NAME}.qcow2" ]]; then
echo "qcow2 File does not exists." >&2
exit 1
fi
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-${VM_CLONE}.qcow2"
chmod a-w "${VM_NAME}-${VM_CLONE}.qcow2"

24
roles/lmn_vm/files/vm-link-images Executable file
View file

@ -0,0 +1,24 @@
#!/usr/bin/bash
# link VM in User-Dir in /tmp or /var/vm
set -eu
source /etc/lmn/vm.conf
# change to image-directory
cd "${VM_SYSDIR}"
while getopts ':p' OPTION; do
case "$OPTION" in
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
esac
done
shift "$((OPTIND -1))"
# link system-VM-Images to User VM Directory
for i in *.qcow2; do
[[ -f "${VM_DIR}/${i}" ]] || ln "${i}" "${VM_DIR}/${i}"
done

47
roles/lmn_vm/files/vm-netboot
View file

@ -4,18 +4,15 @@
#
set -eu
menu=(standard "CLI Standard Debian GNU/Linux"
kde-desktop "KDE Plasma Desktop Debian GNU/Linux"
gnome-desktop "Gnome Desktop Debian GNU/Linux")
menu=(standard "CLI Standard Debian GNU/Linux NFS"
standard-ram "CLI Standard Debian GNU/Linux RAM"
kde-desktop "KDE Plasma Desktop Debian GNU/Linux NFS"
gnome-desktop "Gnome Desktop Debian GNU/Linux NFS")
img=$(dialog --clear --backtitle "Virtual Machine Chooser" \
--title "Choose the Virtual Machine to Start" \
--menu "Start VM:" 12 60 6 \
"${menu[@]}" 2>&1 >/dev/tty)
--menu "Start VM:" 12 70 6 "${menu[@]}" 2>&1 >/dev/tty)
if [[ -z $img ]] ; then
echo "Starting VM canceled."
exit 1
fi
## If the menu is canceled, $0 stops here because of set -e
mac="$(ip link | grep -A1 "vm-macvtap" | \
sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
@ -29,31 +26,35 @@ else
arg=("$@")
fi
kernel="http://livebox/d-i/n-live/$img/live/vmlinuz"
initrd="http://livebox/d-i/n-live/$img/live/initrd.img"
kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de \
swap=true live-config.timezone=Europe/Berlin netboot=nfs \
"nfsroot=10.190.1.2:/srv/nfs/debian-live/$img/")
kernel="http://livebox/d-i/n-live/${img%-ram}/live/vmlinuz"
initrd="http://livebox/d-i/n-live/${img%-ram}/live/initrd.img"
kargs=(boot=live components splash locales=de_DE.UTF-8 keyboard-layouts=de
swap=true live-config.timezone=Europe/Berlin)
case "$img" in
standard*)
arg+=(--autoconsole=text)
kargs+=(console=ttyS0)
;;&
*-ram)
kargs+=("fetch=http://10.190.1.2/d-i/n-live/${img%-ram}/live/filesystem.squashfs")
;;
*)
kargs+=(netboot=nfs "nfsroot=10.190.1.2:/srv/nfs/debian-live/${img%-ram}")
;;
esac
type="ethernet,mac=${mac},target.dev=vm-macvtap,xpath1.set=./target/@managed=no"
## FIXME: use passt, needs more settings for correct DNS/gateway
# type=user,xpath1.create=./backend,xpath2.set=./backend/@type=passt,xpath3.create=./ip,xpath4.set=./ip/@family=ipv4,xpath5.set=./ip/@address=172.16.1.1,xpath6.set=./ip/@prefix=24,xpath7.create=./portForward,xpath8.set=./portForward/@proto=tcp,xpath9.set=./portForward/range/@start=2001,xpath10.set=./portForward/range/@end=2500,xpath11.set=./portForward/range/@to=1
case "$img" in
standard)
arg+=("--autoconsole=text")
kargs+=("console=ttyS0")
;;
*)
;;
esac
http_proxy='' XDG_CONFIG_HOME="/tmp/${UID}/.config" \
exec virt-install \
--name "$img" \
--osinfo debiantesting \
--nodisks --import --noreboot --transient \
--controller type=scsi,model=virtio-scsi \
--install kernel="$kernel",initrd="$initrd",kernel_args="${kargs[*]}" \
--network "type=$type" "${arg[@]}"

21
roles/lmn_vm/files/rebase-vm.sh → roles/lmn_vm/files/vm-rebase
View file

@ -10,11 +10,16 @@ This script takes as input the name of the VM to rebase one level down
EOF
}
while getopts ':n:' OPTION; do
source /etc/lmn/vm.conf
while getopts ':n:p' OPTION; do
case "$OPTION" in
n)
NEWNAME=$OPTARG
;;
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
?)
show_help
exit 1
@ -31,7 +36,6 @@ if [[ $# -ne 1 ]]; then
fi
# change to Images directory
VM_DIR="/tmp/${UID}/vm"
cd "${VM_DIR}"
VM_NAME="$1"
@ -66,20 +70,9 @@ fi
# rebasing disk image
qemu-img rebase -f qcow2 -b "${NEWBASE}" -F qcow2 "${VM_NAME}.qcow2"
if [[ -v NEWNAME ]]; then
# copy and adapt machine definition file
CURRENTNAME="${CURRENTBASE/.qcow2/}"
if [[ -f "${CURRENTNAME}.xml" ]]; then
cp "${CURRENTNAME}.xml" "${NEWNAME}.xml"
elif [[ -f "/lmn/vm/${CURRENTNAME}.xml" ]]; then
cp "/lmn/vm/${CURRENTNAME}.xml" "${NEWNAME}.xml"
else
echo "no machine definition file found" >&2
exit 1
fi
sed -i "s/${CURRENTNAME}/${NEWNAME}/" "${NEWNAME}.xml"
NEWNAME="${NEWNAME}.qcow2"
else
rm "${CURRENTBASE}"
rm -f "${CURRENTBASE}"
NEWNAME="${CURRENTBASE}"
fi

232
roles/lmn_vm/files/vm-run Executable file
View file

@ -0,0 +1,232 @@
#!/usr/bin/bash
# create and run clone
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") [options] vmname"
Create a new clone, start the vm (if not yet running) and run virt-viewer.
Squid-Proxy will be started too.
options:
-n|--new new clone will be created, even if exists
-p|--persistent new clone will be created persistent, so available after reboot too
-s|--system qemu:///system instead of default qemu:///session
--memory sizeMB memory size in MB
--cpu num number of CPUs
--os OS operating system (win10|linux|..)
--data-disk size additional data-disk
--bridge virbrX additional network interface on bridge virbrX
--options options additional options for virt-install command
EOF
}
exit_script() {
echo "run-vm.sh ${VM_NAME} terminated by trap!" >> "/tmp/${UID}/exit-run-vm.log"
virsh --connect="${QEMU}" destroy "${VM_NAME}-clone"
trap - SIGHUP SIGINT SIGTERM # clear the trap
kill -- -$$ # Sends SIGTERM to child/sub processes
}
check_images() {
# sync vm-torrents and machine definition file
sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${VM_NAME}.qcow2.torrent"
[[ -f "${VM_NAME}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${VM_NAME}.qcow2"
BACKINGARRAY=()
imgfile="${VM_SYSDIR}/${VM_NAME}.qcow2" && [[ -f "${VM_DIR}/${VM_NAME}.qcow2" ]] && imgfile="${VM_DIR}/${VM_NAME}.qcow2"
BACKINGARRAY+=("${imgfile}")
echo "Imgfile=$imgfile"
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
echo "no base VM disk '${VM_NAME}.qcow2' found and/or ${VM_NAME} not found on server" >&2
exit 1
fi
# sync vm-disk image by torrent
echo "Try to sync VM ${VM_NAME} by torrent"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${VM_NAME}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
while [[ -n "${backingfile}" ]]; do
echo "Backingfile required: ${backingfile}"
imgfile="${VM_SYSDIR}/${backingfile}" && [[ -f "${VM_DIR}/${backingfile}" ]] && imgfile="${VM_DIR}/${backingfile}"
BACKINGARRAY+=("${imgfile}")
if [[ ! -f "${imgfile}" ]] || ! qemu-img info -U "${imgfile}" | grep "file format: qcow2"; then
# sync vm-disk image by torrent
echo "Try to sync backingfile ${backingfile} by torrent"
sudo -u lmnsynci /usr/local/bin/vm-sync get_file "${backingfile}.torrent"
[[ -f "${backingfile}" ]] && sudo -u lmnsynci /usr/local/bin/vm-sync delete_outdated_image "${backingfile}"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "${backingfile%.qcow2}"
fi
backingfile=$(qemu-img info -U "${imgfile}" | grep "^backing file:" | cut -d ' ' -f 3)
done
echo "VM-Image and required backingfiles available"
echo "Now, let's check the images."
# Check VM-Images in reverse order
for ((i=${#BACKINGARRAY[@]}-1; i>=0; i--))
do
echo "Checking ${BACKINGARRAY[$i]}"
if ! qemu-img check -U "${BACKINGARRAY[$i]}" 2>/dev/null; then
echo "check failed!"
echo "sync ${BACKINGARRAY[$i]} again"
sudo -u lmnsynci /usr/local/bin/vm-sync get_image "$(basename "${BACKINGARRAY[$i]}" .qcow2)"
fi
done
echo "VM-Image and required backingfiles available and checked"
}
create_clone() {
local VM_NAME="$1"
if ! [[ -f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2" ]]; then
echo "qcow2 File does not exists." >&2
exit 1
fi
# Create User-VM-Dir and link system VM-Images
[[ -d "${VM_DIR}" ]] || mkdir -p "${VM_DIR}"
if [[ "${PERSISTENT}" -eq 1 ]]; then
sudo /usr/local/bin/vm-link-images -p
else
sudo /usr/local/bin/vm-link-images
fi
# Create backing file
cd "${VM_DIR}"
qemu-img create -f qcow2 -F qcow2 -b "${VM_NAME}.qcow2" "${VM_NAME}-clone.qcow2"
}
QEMU='qemu:///session'
NEWCLONE=0
PERSISTENT=0
LIBVIRTOSINFO="win10"
LIBVIRTOPTS=""
source /etc/lmn/vm.conf
TEMP=$(getopt -o no:ps --long new,options:,persistent:,system,memory:,data-disk:,cpu:,bridge:,os:,help -n $0 -- "$@")
if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi
eval set -- "$TEMP"
while true; do
case "$1" in
-p | --persistent )
PERSISTENT=1;
VM_DIR="${VM_DIR_PERSISTENT}"
shift
;;
-n | --new )
NEWCLONE=1
shift
;;
-s | --system )
QEMU='qemu:///system'
shift
;;
-o | --options )
LIBVIRTOPTS=$2
shift 2
;;
--data-disk )
LIBVIRTOPTS="${LIBVIRTOPTS} --disk ${VM_DIR}/data.qcow2,size=$2,sparse=yes"
shift 2
;;
--memory )
LIBVIRTOPTS="${LIBVIRTOPTS} --memory $2"
shift 2
;;
--cpu )
LIBVIRTOPTS="${LIBVIRTOPTS} --vcpu $2"
shift 2
;;
--bridge )
if ip link | grep $2; then
LIBVIRTOPTS="${LIBVIRTOPTS} --network=bridge=$2,model.type=virtio"
fi
shift 2
;;
--os )
LIBVIRTOSINFO=$2
shift 2
;;
--help )
show_help
exit 1
;;
-- ) shift; break ;;
* ) break ;;
esac
done
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
# check, if we have to start squid
if ! killall -s 0 squid; then
echo "starting squid."
/usr/sbin/squid -f /etc/squid/squid-usermode.conf
fi
# because virsh has problems with long pathnames, using diffent configdir
export XDG_CONFIG_HOME="/tmp/${UID}/.config"
if ! virsh --connect="${QEMU}" list | grep "${VM_NAME}-clone"; then
echo "VM not yet running."
sudo /usr/local/bin/desktop-sync
check_images
if [[ "${NEWCLONE}" = 1 ]] || [[ ! -f "${VM_DIR}/${VM_NAME}-clone.qcow2" ]]; then
create_clone "${VM_NAME}"
fi
# delete the old vm
virsh --connect=qemu:///session undefine "${VM_NAME}-clone" || echo "${VM_NAME}-clone did not exist"
#trap exit_script SIGHUP SIGINT SIGTERM
# start virtiofsd-service
[[ "${QEMU}" = 'qemu:///session' ]] && sudo /usr/local/bin/vm-virtiofsd "${VM_NAME}"
# finally, create the new vm
# TODO
# # find macvtap interface MAC address:
# MAC="$(ip link | grep -A1 "vm-macvtap" |
# sed -nE "s%\s+link/ether ([[:xdigit:]:]{17}) .+%\1%p")"
# sed -i -E -e "s/MACMACVTAP/$MAC/" "${VM_XML}"
virt-install \
--osinfo "${LIBVIRTOSINFO}" \
--name "${VM_NAME}-clone" \
--import \
--clock hpet_present=yes,hypervclock_present=yes \
--features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
--memorybacking source.type=memfd,access.mode=shared \
--disk "${VM_DIR}/${VM_NAME}-clone.qcow2",driver.discard=unmap,target.bus=scsi,cache=writeback \
--network=bridge=virbr0,model.type=virtio \
--filesystem driver.type=virtiofs,accessmode=passthrough,target.dir=virtiofs,xpath1.set=./source/@socket="/run/user/${UID}/virtiofs-${VM_NAME}.sock" \
--controller type=scsi,model=virtio-scsi \
--check path_in_use=off \
--connect="${QEMU}" \
--noautoconsole \
${LIBVIRTOPTS}
# --dry-run \
# --print-xml \
# > /tmp/vm.xml
# --features hyperv.synic.state=on,xpath1.set=./hyperv/vpindex/@state=on,xpath2.set=./hyperv/stimer/@state=on \
# --network type=ethernet,target.dev=vm-macvtap,xpath1.set=./target/@managed=no \
# virsh --connect="${QEMU}" start "${VM_NAME}-clone"
fi
echo "starting viewer"
trap exit_script SIGHUP SIGINT SIGTERM
virt-viewer --connect="${QEMU}" --full-screen "${VM_NAME}-clone"

137
roles/lmn_vm/files/vm-sync Executable file
View file

@ -0,0 +1,137 @@
#!/usr/bin/bash
# Push/Pull VM-Disk-Image and Infos from server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") command [args]"
command:
push_file
get_file
get_image
delete_outdated_image
EOF
}
get_torrent() {
if [[ ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2.torrent" ]]; then
echo "No torrent-File found"
exit 1
fi
lockfile="/tmp/sync-vm-${VM_NAME}.lock"
if ! flock -n "$lockfile" echo "try to acquire lock"; then
echo torrent seems to be in process.
echo waiting for completion ...
flock -w 3600 "$lockfile" echo "...completed"
sleep 5
else
(
if ! flock -n 200; then
echo "failed to acquire lock"
echo "Bitte noch einmal starten."
echo "Beliebige Taste zum Beenden."
read -n 1
exit 1
fi
# stop aria2-seeding if running
sudo vm-aria2 stop "${VM_NAME}"
cd "${VM_SYSDIR}"
# get image
aria2c --seed-time=0 --dht-file-path=$DHTDAT \
--dht-entry-point="${SEEDBOX_HOST}:${SEEDBOX_PORT}" \
"${VM_SYSDIR}/${VM_NAME}.qcow2.torrent"
# and seed
sudo vm-aria2 start "${VM_NAME}"
if ! flock -u 200; then
echo failed to drop lock
exit 1
fi
) 200>"$lockfile"
fi
}
get_image_size() {
torrentfile=$1
length=$(aria2c -S "${torrentfile}" | grep "Total Length" | \
sed -E -e 's/.*\(([0-9,]*)\)/\1/' -e 's/,//g')
echo "$length"
}
delete_outdated_image() {
cd "${VM_SYSDIR}"
qcowsize=$(stat -c%s "${FILENAME}")
if [[ -f "${FILENAME}.torrent" ]] && [[ "${qcowsize}" != $(get_image_size "${FILENAME}.torrent") ]]; then
sudo vm-aria2 stop "${FILENAME%.qcow2}"
rm -f "${FILENAME}"
fi
}
get_file() {
cd "${VM_SYSDIR}"
curl --fail --noproxy ${SEEDBOX_HOST} -o "${FILENAME}" \
"http://${SEEDBOX_HOST}/aria2/${FILENAME}" || echo "File not found on seedbox"
}
push_file() {
cd "${VM_SYSDIR}"
uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
--pwdfile "${SEEDBOX_PWFILE}" --no-cert "${FILENAME}"
}
########################
if [[ "$(id -nu)" != "lmnsynci" ]]; then
echo "$(basename "$0") must be run as lmnsynci user"
show_help
exit 1
fi
source /etc/lmn/vm.conf
while getopts ':' OPTION; do
case "$OPTION" in
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -lt 1 ]]; then
show_help
exit 1
fi
command=$1
shift
case "$command" in
push_file)
for FILENAME in "$@"; do
push_file
done
;;
get_file)
for FILENAME in "$@"; do
get_file
done
;;
get_image)
for VM_NAME in "$@"; do
get_torrent
done
;;
delete_outdated_image)
for FILENAME in "$@"; do
delete_outdated_image
done
;;
*)
show_help
exit 1
;;
esac

60
roles/lmn_vm/files/vm-upload Executable file
View file

@ -0,0 +1,60 @@
#!/usr/bin/bash
# Push VM-Disk-Image on server
set -eu
show_help() {
cat << EOF >&2
Usage: $(basename "$0") vmname"
Create torrent and upload disk on server.
EOF
}
upload_image() {
# check if VM-Diskimage exists
if [[ ! (-f "${VM_SYSDIR}/${VM_NAME}.qcow2" || -f "${VM_DIR}/${VM_NAME}.qcow2") ]]; then
echo "File not found ${VM_NAME}.qcow2" >&2
exit 1
fi
vm-aria2 stop "${VM_NAME}" || echo "VMImage-torrent not running"
# link private VM-Diskimage to system-Dir
if [[ -f "${VM_DIR}/${VM_NAME}.qcow2" \
&& ( -f "${VM_SYSDIR}/${VM_NAME}.qcow2" && ("${VM_DIR}/${VM_NAME}.qcow2" -nt "${VM_SYSDIR}/${VM_NAME}.qcow2") \
|| ! -f "${VM_SYSDIR}/${VM_NAME}.qcow2") ]]; then
echo "copy private VM-Diskimage to system-dir"
chown lmnsynci:lmnsynci "${VM_DIR}/${VM_NAME}.qcow2"
ln -f "${VM_DIR}/${VM_NAME}.qcow2" "${VM_SYSDIR}/${VM_NAME}.qcow2"
fi
cd "${VM_SYSDIR}"
if [[ -f "/tmp/${VM_NAME}.qcow2.torrent" ]]; then
rm -f "/tmp/${VM_NAME}.qcow2.torrent"
fi
uploadseed --server "${SEEDBOX_HOST}:${SEEDBOX_RPC_PORT}" --dht-port "${SEEDBOX_PORT}" \
--pwdfile "${SEEDBOX_PWFILE}" --no-cert "${VM_NAME}.qcow2"
}
source /etc/lmn/vm.conf
while getopts ':p' OPTION; do
case "$OPTION" in
p)
VM_DIR="${VM_DIR_PERSISTENT}"
;;
?)
show_help
exit 1
;;
esac
done
shift "$((OPTIND -1))"
# if less than one arguments supplied, display usage
if [[ $# -ne 1 ]] ; then
show_help
exit 1
fi
VM_NAME=$1
upload_image

0
roles/lmn_vm/files/start-virtiofsd.sh → roles/lmn_vm/files/vm-virtiofsd
View file

17
roles/lmn_vm/files/vm.conf Normal file
View file

@ -0,0 +1,17 @@
# variables for LMN VM submodule
SEEDBOX_HOST="seedbox.pn.steinbeis.schule"
SEEDBOX_PORT=6789
SEEDBOX_RPC_PORT=6800
SEEDBOX_PWFILE="/etc/lmn/uploadseed.conf"
DHTDAT="/var/cache/aria2/dht.dat"
DESKTOPSTARTERDIR="/srv/samba/schools/default-school/share/school/AdminIT/desktop/"
VM_SYSDIR="/lmn/vm"
if [[ -v SUDO_UID ]]; then
VM_DIR="/tmp/${SUDO_UID}/vm"
VM_DIR_PERSISTENT="/var/vm/${SUDO_UID}"
else
VM_DIR="/tmp/${UID}/vm"
VM_DIR_PERSISTENT="/var/vm/${UID}"
fi

213
roles/lmn_vm/files/vmimage-torrent
View file

@ -1,213 +0,0 @@
#!/bin/bash
#
# starts tmux sessions for each valid torrent in LINBODIR
# thomas@linuxmuster.net
# 20221103
#
# read environment
#. /usr/share/linuxmuster/defaults.sh || exit 1
#THELPER=$LINBOSHAREDIR/linbo-torrenthelper.sh
THELPER=linbo-torrenthelper.sh
#. $LINBOSHAREDIR/helperfunctions.sh || exit 1
LINBOIMGEXT="qcow2 qdiff"
LINBOIMGDIR="/lmn/vm"
serverip="10.190.1.1"
# start of functions
# help message
usage(){
echo
echo "Info: vmimage-torrent manages the torrent tmux sessions of linbo images."
echo
echo "Usage:"
echo " vmimage-torrent <start|stop|restart|reload|status|create|check> [image_name]"
echo " vmimage-torrent attach <image_name|session_name>"
echo
echo "Note:"
echo " * Only qcow2 & qdiff image files located below $LINBOIMGDIR are processed."
echo " * The commands \"start\", \"stop\" and \"restart\" may have optionally an image"
echo " filename as parameter. In this case the commands are only applied to the tmux"
echo " session of the certain file. Without an explicit image filename the commands"
echo " were applied to all image file sessions currently running."
echo " * An image filename parameter is mandatory with the commands \"check\", \"create\""
echo " and \"attach\"."
echo " * \"check\" checks if the image file matches to the correspondig torrent."
echo " * \"create\" creates/recreates the torrent of a certain image file."
echo " * \"status\" shows a list of currently running torrent tmux sessions."
echo " * \"attach\" attaches a torrent tmux session of a certain image. An image or"
echo " session name must be given as parameter."
echo " Press [CTRL+B]+[D] to detach the session again."
echo " * \"reload\" is the identical to \"restart\" and is there for backwards compatibility."
echo
exit 1
}
# check torrent
check(){
local image="$(basename "$IMGLIST")"
local torrent="$image.torrent"
local tdir="$(dirname "$IMGLIST")"
cd "$tdir"
echo "Checking $torrent ..."
if ctorrent -c "$torrent"; then
echo "Ok!"
else
echo "Failed!"
exit 1
fi
}
# creates torrent files
create(){
local image="$(basename "$IMGLIST")"
local tdir="$(dirname "$IMGLIST")"
local torrent="${image}.torrent"
local session="${torrent//./_}"
# stop torrent service
vmimage-torrent status | grep -q ^"$session" && vmimage-torrent stop "$IMGLIST"
# skip already running torrents
echo "Creating $torrent ..."
cd "$tdir"
rm -f "$torrent"
if ctorrent -t -u "http://$serverip:6969/announce" -s "$torrent" "$image" ; then
[ "$START" = "no" ] || vmimage-torrent start "$IMGLIST"
else
echo "Failed!"
exit 1
fi
}
# starts torrent tmux sessions
start(){
local item
local torrent
local image
local tdir
local session
for item in $IMGLIST; do
image="$(basename "$item")"
torrent="${image}.torrent"
tdir="$(dirname "$item")"
session="${torrent//./_}"
cd "$tdir"
if [ ! -s "$image" ]; then
echo "Image $image does not exist! Skipping this torrent."
continue
fi
# skip already running torrents
if vmimage-torrent status | grep -qw ^"$session"; then
echo "tmux session $session is already running."
continue
fi
# create torrent file if there is none
if [ ! -e "$torrent" ]; then
START="no" vmimage-torrent create "$item" || continue
fi
echo -n "Starting tmux session $session ... "
tmux new -ds "$session" "$THELPER $torrent ; exec $SHELL"
sleep 1
if vmimage-torrent status | grep -qw ^"$session"; then
echo "Ok!"
else
echo "Failed!"
fi
done
}
stop(){
if [ -n "$SESSION" ]; then
vmimage-torrent status | grep -qw ^"$SESSION" || return
tmux kill-session -t "$SESSION"
else
local item
vmimage-torrent status | awk -F\: '{print $1}' | while read item; do
tmux kill-session -t "$item"
done
fi
}
attach(){
if ! tmux list-sessions | grep -qw "$SESSION"; then
echo "There is no session $SESSION."
exit 1
fi
echo "Hint: Detach tmux session with [CTRL+B]+[D]."
sleep 3
tmux attach -t "$SESSION"
}
status(){
tmux list-sessions | grep _torrent
}
find_images(){
local search="$(basename "$1")"
if [ -n "$search" ]; then
find "$LINBOIMGDIR" -maxdepth 2 -name "$search"
return
fi
local IMGLIST
for search in $LINBOIMGEXT; do
IMGLIST="$IMGLIST $(find "$LINBOIMGDIR" -maxdepth 2 -name \*.$search)"
done
# trim leading and trailing spaces
echo $IMGLIST | awk '{$1=$1};1'
}
# end of functions
# check parameters
if [ -n "$2" ] ; then
# trap torrent parameter
image="${2/.torrent/}"
case "$image" in
*.qcow2|*.qdiff)
if [ -e "$image" ]; then
IMGLIST="$image"
else
IMGLIST="$(find_images "$image")"
fi
if [ ! -e "$IMGLIST" ]; then
echo "Image file $(basename $image) not found."
usage
fi
filename="$(basename "$IMGLIST")"
SESSION="${filename//./_}_torrent"
;;
*_torrent)
if [ "$1" = "attach" ]; then
SESSION="$image"
else
usage
fi
;;
*) usage ;;
esac
else
case "$1" in
stop|status) ;;
attach|check|create) usage ;;
*)
IMGLIST="$(find_images)"
if [ -z "$IMGLIST" ]; then
echo "No linbo images found."
exit 0
fi
;;
esac
fi
case "$1" in
start) start ;;
stop) stop ;;
restart|reload) stop ; start ;;
status) status ;;
create) create ;;
check) check ;;
attach) attach ;;
*) usage ;;
esac
exit 0

15
roles/lmn_vm/files/vmimage-torrent.service
View file

@ -1,15 +0,0 @@
[Unit]
Description=VM-image torrent service
After=network.target
[Service]
Type=oneshot
RemainAfterExit=yes
User=lmnsynci
Group=lmnsynci
ExecStart=/usr/local/bin/vmimage-torrent start
ExecStop=/usr/local/bin/vmimage-torrent stop
ExecReload=/usr/local/bin/vmimage-torrent reload
[Install]
WantedBy=multi-user.target

8
roles/lmn_vm/handlers/main.yml
View file

@ -3,14 +3,6 @@
name: libvirtd.service
listen: reload libvirtd
- name: Enable vmimage-torrent service
systemd:
name: vmimage-torrent.service
state: restarted
daemon_reload: true
enabled: true
listen: "enable vmimage-torrent.service"
- name: Run update-desktop-database
command: update-desktop-database "{{ item }}"
loop:

95
roles/lmn_vm/tasks/main.yml
View file

@ -13,7 +13,8 @@
- name: install libvirt packages
apt:
name:
- ctorrent
- aria2
- mktorrent
- libvirt-daemon-system
- virt-manager
- dialog # for vm-netboot menu
@ -81,6 +82,11 @@
system: true
create_home: false
- name: Create /etc/lmn directory
file:
path: /etc/lmn
state: directory
- name: Create /lmn directory
file:
path: /lmn
@ -92,6 +98,12 @@
state: directory
mode: '1777'
- name: Create /var/vm directory
file:
path: /var/vm
state: directory
mode: '1777'
- name: Create vm directory
file:
path: /lmn/vm
@ -128,10 +140,7 @@
mode: '0700'
loop:
- lmn-mounthome
- lmn-sync-vm
- lmn-upload-vm
- lmn-link-images
- lmn-startvirtiofsd
- lmn-vm
- name: Deploy vmimages scripts
copy:
@ -142,33 +151,40 @@
mode: '0755'
loop:
- mounthome.sh
- create-vm.sh
- rebase-vm.sh
- run-vm.sh
- upload-vm.sh
- sync-vm.sh
- link-images.sh
- start-virtiofsd.sh
- linbo-torrenthelper.sh
- vmimage-torrent
- vm-create
- vm-rebase
- vm-run
- vm-upload
- vm-sync
- vm-link-images
- vm-virtiofsd
- virtiofsd
- vm-aria2
- uploadseed
- desktop-sync
- name: Deploy linbo-torrent defaults
copy:
src: linbo-torrent
dest: /etc/default/
- name: Deploy vm configuration file vm.conf
ansible.builtin.copy:
src: vm.conf
dest: /etc/lmn/vm.conf
owner: root
group: root
mode: '0755'
- name: Deploy vmimage-torrent.service
copy:
src: vmimage-torrent.service
dest: /etc/systemd/system/
- name: Deploy aria2 RPC password file
ansible.builtin.copy:
dest: /etc/lmn/uploadseed.conf
owner: root
group: root
mode: '0644'
notify: "enable vmimage-torrent.service"
group: lmnsynci
mode: '0640'
content: |
{{ uploadseed_pwd }}
- name: Prepare directory for aria2 dht.dat
ansible.builtin.file:
path: /var/cache/aria2/
state: directory
owner: lmnsynci
group: lmnsynci
- name: Prepare directory for qemu bridge config
ansible.builtin.file:
@ -181,14 +197,7 @@
content: |
allow virbr0
allow virbr1
- name: Deploy rsync.secret
lineinfile:
path: /etc/rsync.secret
line: "{{ rsyncsecret }}"
create: True
mode: '0600'
allow virbr2
- name: Configure macvtap interface
ansible.builtin.copy:
@ -244,10 +253,20 @@
dest: /etc/xdg/menus/applications-merged/
notify: Run update-desktop-database
- name: Sync .torrent, .xml and .desktop files and run update-desktop-database
command: sudo -u lmnsynci /usr/local/bin/sync-vm.sh -t
register: result
changed_when: result.stdout | length > 0
- name: check if sync.desktop is installed
stat: path=/usr/local/share/applications/sync.desktop
register: syncdesktop
- name: remove deprecated desktop-files
ansible.builtin.shell: rm -f /usr/local/share/applications/*.desktop
when: not syncdesktop.stat.exists
notify: Run update-desktop-database
- name: Copy initial sync starter
ansible.builtin.copy:
src: sync.desktop
dest: /usr/local/share/applications/
notify: Run update-desktop-database
- name: Start virt-manager in session mode by default
ansible.builtin.copy: