dataset/seed/base-machine/manual/install/install_host

#!/bin/bash -e

HOST_NAME=$1
if [ -z "$HOST_NAME" ]; then
    echo "usage: $0 host name"
    exit 1
fi
# remove current rules
systemctl stop risottofirewall.service || true
apt install --yes systemd-container dnf jq debootstrap htop gettext patch unzip mlocate xz-utils iptables
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0asystemd-nspawn.conf
systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0rougail.conf
systemctl daemon-reload
systemctl restart systemd-sysctl.service
systemctl enable systemd-networkd
systemctl restart systemd-networkd
systemctl enable systemd-resolved
systemctl restart systemd-resolved
# systemctl mask dev-hugepages.mount
systemctl enable risotto-images.timer
systemctl restart risotto-images.timer
systemctl enable risottofirewall.service
systemctl start risottofirewall.service

#nft add table nat
#nft flush table nat;
#nft 'add chain nat prerouting { type nat hook prerouting priority -100; }'
#nft 'add rule nat prerouting iif enp0s3 tcp dport { 80, 443 } dnat to 192.168.45.12'
#nft 'add chain nat postrouting { type nat hook postrouting priority -100; }'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 tcp dport 53 snat to 10.0.3.15'
#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 udp dport 53 snat to 10.0.3.15'

echo "install host OK"

exit 0
dovecot 2022-05-04 10:29:03 +02:00			`#!/bin/bash -e`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00
			`HOST_NAME=$1`
			`if [ -z "$HOST_NAME" ]; then`
			`echo "usage: $0 host name"`
			`exit 1`
			`fi`
nsd\|unbound\|nginx reverse proxy use fedora 36 2022-07-04 15:44:18 +02:00			`# remove current rules`
			`systemctl stop risottofirewall.service \|\| true`
			`apt install --yes systemd-container dnf jq debootstrap htop gettext patch unzip mlocate xz-utils iptables`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0asystemd-nspawn.conf`
			`systemd-tmpfiles --create --clean --remove $PWD/host/configurations/$HOST_NAME/tmpfiles.d/0rougail.conf`
			`systemctl daemon-reload`
			`systemctl restart systemd-sysctl.service`
			`systemctl enable systemd-networkd`
			`systemctl restart systemd-networkd`
			`systemctl enable systemd-resolved`
			`systemctl restart systemd-resolved`
			`# systemctl mask dev-hugepages.mount`
build image/machine every night 2022-05-21 18:49:06 +02:00			`systemctl enable risotto-images.timer`
			`systemctl restart risotto-images.timer`
nsd\|unbound\|nginx reverse proxy use fedora 36 2022-07-04 15:44:18 +02:00			`systemctl enable risottofirewall.service`
			`systemctl start risottofirewall.service`
fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00
			`#nft add table nat`
			`#nft flush table nat;`
			`#nft 'add chain nat prerouting { type nat hook prerouting priority -100; }'`
			`#nft 'add rule nat prerouting iif enp0s3 tcp dport { 80, 443 } dnat to 192.168.45.12'`
			`#nft 'add chain nat postrouting { type nat hook postrouting priority -100; }'`
			`#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 tcp dport 53 snat to 10.0.3.15'`
			`#nft 'add rule nat postrouting ip saddr 192.168.45.10 oif enp0s8 udp dport 53 snat to 10.0.3.15'`

dovecot 2022-05-04 10:29:03 +02:00			`echo "install host OK"`

fork from cadoles' risotto-dataset 2022-03-08 19:42:28 +01:00			`exit 0`