diff options
| -rw-r--r-- | README.md | 1 | ||||
| -rw-r--r-- | configs/hosts | 1 | ||||
| -rw-r--r-- | configs/nfs/interfaces | 14 | ||||
| -rwxr-xr-x | create | 3 | ||||
| -rwxr-xr-x | destroy | 4 | ||||
| -rwxr-xr-x | scripts/debian_roll | 11 | ||||
| -rwxr-xr-x | scripts/kerberos | 15 | ||||
| -rwxr-xr-x | scripts/nfs | 4 |
8 files changed, 44 insertions, 9 deletions
@@ -7,4 +7,5 @@ ideas -set up kerberos -set up nfs -set up two clients +-ldap? -some sort of home directory sharing diff --git a/configs/hosts b/configs/hosts index 03fb37e..de1585f 100644 --- a/configs/hosts +++ b/configs/hosts @@ -4,3 +4,4 @@ ff02::1 ip6-allnodes ff02::2 ip6-allrouters 192.168.122.100 krb.hades.hr +192.168.122.110 nfs.hades.hr diff --git a/configs/nfs/interfaces b/configs/nfs/interfaces new file mode 100644 index 0000000..f5d11ed --- /dev/null +++ b/configs/nfs/interfaces @@ -0,0 +1,14 @@ +# This file describes the network interfaces available on your system +# and how to activate them. For more information, see interfaces(5). + +# The loopback network interface +auto lo +iface lo inet loopback + +auto eth0 +iface eth0 inet static + address 192.168.122.110/24 + post-up route add -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.122.1 + pre-down route del -net 0.0.0.0 netmask 0.0.0.0 gw 192.168.122.1 + +source /etc/network/interfaces.d/*.cfg @@ -3,3 +3,6 @@ set -e scripts/kerberos > logs/kerberos lxc-info -n kerberos + +scripts/nfs > logs/nfs +lxc-info -n nfs @@ -3,3 +3,7 @@ lxc-stop -n kerberos lxc-destroy -n kerberos ssh-keygen -R "192.168.122.100" + +lxc-stop -n nfs +lxc-destroy -n nfs +ssh-keygen -R "192.168.122.110" diff --git a/scripts/debian_roll b/scripts/debian_roll index e7ae1ff..83b7d76 100755 --- a/scripts/debian_roll +++ b/scripts/debian_roll @@ -28,3 +28,14 @@ lxc-attach -n $NAME -- bash -c 'echo "AllowTcpForwarding yes" >> /etc/ssh/sshd_c lxc-attach -n $NAME -- bash -c 'echo "X11UseLocalhost yes" >> /etc/ssh/sshd_config' lxc-attach -n $NAME -- bash -c 'echo "PermitRootLogin yes" >> /etc/ssh/sshd_config' lxc-attach -n $NAME -- systemctl restart sshd + +# setup networking +IP="$(lxc-info -n $NAME | grep IP | tr -s ' ' | cut -d ' ' -f 2)" +sshpass -p $ROOT_PASS ssh-copy-id -o "StrictHostKeyChecking=no" root@$IP +scp configs/$NAME/interfaces root@$IP:/etc/network/ +scp configs/hosts root@$IP:/etc/ +lxc-attach -n $NAME -- systemctl restart networking +ssh-keygen -R "$IP" + +IP="$(lxc-info -n $NAME | grep IP | tr -s ' ' | cut -d ' ' -f 2)" +sshpass -p $ROOT_PASS ssh-copy-id -o "StrictHostKeyChecking=no" root@$IP diff --git a/scripts/kerberos b/scripts/kerberos index 0fb455d..919ee7d 100755 --- a/scripts/kerberos +++ b/scripts/kerberos @@ -4,22 +4,19 @@ set -e ROOT_PASS=root KRB5_PASS=krb5 KRB5_ADMIN_PASS=pass +USER_PASS=tommie scripts/debian_roll kerberos lxc-attach -n kerberos -v DEBIAN_FRONTEND=noninteractive -- apt-get -y install krb5-admin-server -IP="$(lxc-info -n kerberos | grep IP | tr -s ' ' | cut -d ' ' -f 2)" - -sshpass -p $ROOT_PASS ssh-copy-id -o "StrictHostKeyChecking=no" root@$IP -scp configs/kerberos/krb5.conf root@$IP:/etc/ -scp configs/kerberos/kdc.conf root@$IP:/etc/krb5kdc/ -scp configs/kerberos/kadm5.acl root@$IP:/etc/krb5kdc/ -scp configs/kerberos/interfaces root@$IP:/etc/network/ -scp configs/hosts root@$IP:/etc/ +scp configs/kerberos/krb5.conf root@192.168.122.100:/etc/ +scp configs/kerberos/kdc.conf root@192.168.122.100:/etc/krb5kdc/ +scp configs/kerberos/kadm5.acl root@192.168.122.100:/etc/krb5kdc/ lxc-attach -n kerberos -- bash -c 'echo -e "'$KRB5_PASS'\n'$KRB5_PASS'" | krb5_newrealm' lxc-attach -n kerberos -- bash -c 'echo -e "'$KRB5_ADMIN_PASS'\n'$KRB5_ADMIN_PASS'" | kadmin.local addprinc root/admin' -lxc-attach -n kerberos -- systemctl restart networking lxc-attach -n kerberos -- systemctl restart krb5-admin-server lxc-attach -n kerberos -- systemctl restart krb5-kdc + +lxc-attach --clear-env -n kerberos -- bash -c 'echo -e "'$KRB5_ADMIN_PASS'\n'$USER_PASS'\n'$USER_PASS'\n" | kadmin addprinc tom' diff --git a/scripts/nfs b/scripts/nfs new file mode 100755 index 0000000..4439eba --- /dev/null +++ b/scripts/nfs @@ -0,0 +1,4 @@ +#!/bin/bash +set -e + +scripts/debian_roll nfs |