forked from oneclickvirt/pve
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathbuildvm.sh
423 lines (414 loc) · 17.5 KB
/
buildvm.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
#!/bin/bash
# from
# https://github.com/oneclickvirt/pve
# 2024.03.12
# ./buildvm.sh VMID 用户名 密码 CPU核数 内存 硬盘 SSH端口 80端口 443端口 外网端口起 外网端口止 系统 存储盘 独立IPV6
# ./buildvm.sh 102 test1 1234567 1 512 5 40001 40002 40003 50000 50025 debian11 local N
cd /root >/dev/null 2>&1
# 创建NAT的虚拟机
vm_num="${1:-102}"
user="${2:-test}"
password="${3:-123456}"
core="${4:-1}"
memory="${5:-512}"
disk="${6:-5}"
sshn="${7:-40001}"
web1_port="${8:-40002}"
web2_port="${9:-40003}"
port_first="${10:-49975}"
port_last="${11:-50000}"
system="${12:-ubuntu22}"
storage="${13:-local}"
independent_ipv6="${14:-N}"
independent_ipv6=$(echo "$independent_ipv6" | tr '[:upper:]' '[:lower:]')
# in="${15:-300}"
# out="${16:-300}"
rm -rf "vm$name"
_red() { echo -e "\033[31m\033[01m$@\033[0m"; }
_green() { echo -e "\033[32m\033[01m$@\033[0m"; }
_yellow() { echo -e "\033[33m\033[01m$@\033[0m"; }
_blue() { echo -e "\033[36m\033[01m$@\033[0m"; }
reading() { read -rp "$(_green "$1")" "$2"; }
utf8_locale=$(locale -a 2>/dev/null | grep -i -m 1 -E "utf8|UTF-8")
if [[ -z "$utf8_locale" ]]; then
_yellow "No UTF-8 locale found"
else
export LC_ALL="$utf8_locale"
export LANG="$utf8_locale"
export LANGUAGE="$utf8_locale"
_green "Locale set to $utf8_locale"
fi
get_system_arch() {
local sysarch="$(uname -m)"
if [ "${sysarch}" = "unknown" ] || [ "${sysarch}" = "" ]; then
local sysarch="$(arch)"
fi
# 根据架构信息设置系统位数并下载文件,其余 * 包括了 x86_64
case "${sysarch}" in
"i386" | "i686" | "x86_64")
system_arch="x86"
;;
"armv7l" | "armv8" | "armv8l" | "aarch64")
system_arch="arch"
;;
*)
system_arch=""
;;
esac
}
check_cdn() {
local o_url=$1
for cdn_url in "${cdn_urls[@]}"; do
if curl -sL -k "$cdn_url$o_url" --max-time 6 | grep -q "success" >/dev/null 2>&1; then
export cdn_success_url="$cdn_url"
return
fi
sleep 0.5
done
export cdn_success_url=""
}
check_cdn_file() {
check_cdn "https://raw.githubusercontent.com/spiritLHLS/ecs/main/back/test"
if [ -n "$cdn_success_url" ]; then
_yellow "CDN available, using CDN"
else
_yellow "No CDN available, no use CDN"
fi
}
cdn_urls=("https://cdn0.spiritlhl.top/" "http://cdn3.spiritlhl.net/" "http://cdn1.spiritlhl.net/" "https://ghproxy.com/" "http://cdn2.spiritlhl.net/")
if [ ! -d "qcow" ]; then
mkdir qcow
fi
get_system_arch
if [ -z "${system_arch}" ] || [ ! -v system_arch ]; then
_red "This script can only run on machines under x86_64 or arm architecture."
exit 1
fi
if [ "$system_arch" = "x86" ]; then
file_path=""
# 过去手动修补的镜像
old_images=(
"debian10"
"debian11"
"debian12"
"ubuntu18"
"ubuntu20"
"ubuntu22"
"centos7"
"archlinux"
"almalinux8"
"fedora33"
"fedora34"
"opensuse-leap-15"
"alpinelinux_edge"
"alpinelinux_stable"
"rockylinux8"
"centos8-stream"
)
# 新的自动修补的镜像
# response=$(curl -sSL -m 6 -H "Accept: application/vnd.github.v3+json" "https://api.github.com/repos/oneclickvirt/pve_kvm_images/releases/tags/images")
# # 如果 https://api.github.com/ 请求失败,则使用 https://githubapi.spiritlhl.workers.dev/ ,此时可能宿主机无IPV4网络
# if [ -z "$response" ]; then
# response=$(curl -sSL -m 6 -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.workers.dev/repos/oneclickvirt/pve_kvm_images/releases/tags/images")
# fi
# # 如果 https://githubapi.spiritlhl.workers.dev/ 请求失败,则使用 https://githubapi.spiritlhl.top/ ,此时可能宿主机在国内
# if [ -z "$response" ]; then
# response=$(curl -sSL -m 6 -H "Accept: application/vnd.github.v3+json" "https://githubapi.spiritlhl.top/repos/oneclickvirt/pve_kvm_images/releases/tags/images")
# fi
# if [[ -n "$response" ]]; then
# new_images=($(echo "$response" | grep -oP '"name": "\K[^"]+' | grep 'qcow2' | awk '{print $1}'))
# for ((i=0; i<${#new_images[@]}; i++)); do
# new_images[i]=${new_images[i]%.qcow2}
# done
# combined=($(echo "${old_images[@]}" "${new_images[@]}" | tr ' ' '\n' | sort -u))
# systems=("${combined[@]}")
# else
# systems=("${old_images[@]}")
# fi
new_images=($(curl -slk -m 6 https://down.idc.wiki/Image/realServer-Template/current/qcow2/ | grep -o '<a href="[^"]*">' | awk -F'"' '{print $2}' | sed -n '/qcow2$/s#/Image/realServer-Template/current/qcow2/##p'))
if [[ -n "$new_images" ]]; then
for ((i=0; i<${#new_images[@]}; i++)); do
new_images[i]=${new_images[i]%.qcow2}
done
combined=($(echo "${old_images[@]}" "${new_images[@]}" | tr ' ' '\n' | sort -u))
systems=("${combined[@]}")
else
systems=("${old_images[@]}")
fi
for sys in ${systems[@]}; do
if [[ "$system" == "$sys" ]]; then
file_path="/root/qcow/${system}.qcow2"
break
fi
done
if [[ -z "$file_path" ]]; then
_red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images "
_red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 "
exit 1
fi
if [ ! -f "$file_path" ]; then
check_cdn_file
ver=""
# 使用新镜像,自动修补版本
if [[ -n "$new_images" ]]; then
for image in "${new_images[@]}"; do
if [[ " ${image} " == *" $system "* ]]; then
ver="auto_build"
url="${cdn_success_url}https://github.com/oneclickvirt/pve_kvm_images/releases/download/images/${image}.qcow2"
curl -Lk -o "$file_path" "$url"
if [ $? -ne 0 ]; then
_red "Failed to download $file_path"
ver=""
rm -rf "$file_path"
break
else
_blue "Use auto-fixed image: ${image}"
break
fi
fi
done
fi
# 使用旧镜像,手动修补版本
if [[ -z "$ver" ]]; then
v20=("fedora34" "almalinux8" "debian11" "debian12" "ubuntu18" "ubuntu20" "ubuntu22" "centos7" "alpinelinux_edge" "alpinelinux_stable" "rockylinux8")
v11=("ubuntu18" "ubuntu20" "ubuntu22" "debian10" "debian11")
v10=("almalinux8" "archlinux" "fedora33" "opensuse-leap-15" "ubuntu18" "ubuntu20" "ubuntu22" "debian10" "debian11")
ver_list=(v20 v11 v10)
ver_name_list=("v2.0" "v1.1" "v1.0")
for ver in "${ver_list[@]}"; do
array_name="${ver}[@]"
array=("${!array_name}")
if [[ " ${array[*]} " == *" $system "* ]]; then
index=$(echo ${ver_list[*]} | tr -s ' ' '\n' | grep -n "$ver" | cut -d':' -f1)
ver="${ver_name_list[$((index - 1))]}"
break
fi
done
if [[ "$system" == "centos8-stream" ]]; then
url="https://api.ilolicon.com/centos8-stream.qcow2"
curl -Lk -o "$file_path" "$url"
if [ $? -ne 0 ]; then
_red "Unable to download corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images "
_red "无法下载对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 "
rm -rf "$file_path"
exit 1
else
_blue "Use manual-fixed image: ${system}"
break
fi
else
if [[ -n "$ver" ]]; then
url="${cdn_success_url}https://github.com/oneclickvirt/kvm_images/releases/download/${ver}/${system}.qcow2"
curl -Lk -o "$file_path" "$url"
if [ $? -ne 0 ]; then
_red "Unable to download corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images "
_red "无法下载对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 "
rm -rf "$file_path"
exit 1
else
_blue "Use manual-fixed image: ${system}"
break
fi
else
_red "Unable to install corresponding system, please check https://github.com/oneclickvirt/kvm_images/ for supported system images "
_red "无法安装对应系统,请查看 https://github.com/oneclickvirt/kvm_images/ 支持的系统镜像 "
exit 1
fi
fi
fi
fi
elif [ "$system_arch" = "arch" ]; then
systems=("ubuntu14" "ubuntu16" "ubuntu18" "ubuntu20" "ubuntu22")
for sys in ${systems[@]}; do
if [[ "$system" == "$sys" ]]; then
file_path="/root/qcow/${system}.img"
break
fi
done
if [[ -z "$file_path" ]]; then
# https://www.debian.org/mirror/list
_red "Unable to install corresponding system, please check http://cloud-images.ubuntu.com for supported system images "
_red "无法安装对应系统,请查看 http://cloud-images.ubuntu.com 支持的系统镜像 "
exit 1
fi
if [ -n "$file_path" ] && [ ! -f "$file_path" ]; then
case "$system" in
ubuntu14)
version="trusty"
;;
ubuntu16)
version="xenial"
;;
ubuntu18)
version="bionic"
;;
ubuntu20)
version="focal"
;;
ubuntu22)
version="jammy"
;;
*)
echo "Unsupported Ubuntu version."
exit 1
;;
esac
url="http://cloud-images.ubuntu.com/${version}/current/${version}-server-cloudimg-arm64.img"
curl -L -o "$file_path" "$url"
fi
fi
# 检测IPV6相关的信息
if [ "$independent_ipv6" == "y" ]; then
# 检测ndppd服务是否启动了
service_status=$(systemctl is-active ndpresponder.service)
if [ "$service_status" == "active" ]; then
_green "The ndpresponder service started successfully and is running, and the host can open a service with a separate IPV6 address."
_green "ndpresponder服务启动成功且正在运行,宿主机可开设带独立IPV6地址的服务。"
else
_green "The status of the ndpresponder service is abnormal and the host may not open a service with a separate IPV6 address."
_green "ndpresponder服务状态异常,宿主机不可开设带独立IPV6地址的服务。"
exit 1
fi
if [ -f /usr/local/bin/pve_check_ipv6 ]; then
host_ipv6_address=$(cat /usr/local/bin/pve_check_ipv6)
ipv6_address_without_last_segment="${host_ipv6_address%:*}:"
fi
if [ -f /usr/local/bin/pve_ipv6_prefixlen ]; then
ipv6_prefixlen=$(cat /usr/local/bin/pve_ipv6_prefixlen)
fi
if [ -f /usr/local/bin/pve_ipv6_gateway ]; then
ipv6_gateway=$(cat /usr/local/bin/pve_ipv6_gateway)
fi
else
if [ -f /usr/local/bin/pve_check_ipv6 ]; then
ipv6_address=$(cat /usr/local/bin/pve_check_ipv6)
IFS="/" read -ra parts <<<"$ipv6_address"
part_1="${parts[0]}"
part_2="${parts[1]}"
IFS=":" read -ra part_1_parts <<<"$part_1"
if [ ! -z "${part_1_parts[*]}" ]; then
part_1_last="${part_1_parts[-1]}"
if [ "$part_1_last" = "$vm_num" ]; then
ipv6_address=""
else
part_1_head=$(echo "$part_1" | awk -F':' 'BEGIN {OFS=":"} {last=""; for (i=1; i<NF; i++) {last=last $i ":"}; print last}')
ipv6_address="${part_1_head}${vm_num}"
fi
fi
fi
if [ -f /usr/local/bin/pve_ipv6_prefixlen ]; then
ipv6_prefixlen=$(cat /usr/local/bin/pve_ipv6_prefixlen)
fi
if [ -f /usr/local/bin/pve_ipv6_gateway ]; then
ipv6_gateway=$(cat /usr/local/bin/pve_ipv6_gateway)
fi
fi
first_digit=${vm_num:0:1}
second_digit=${vm_num:1:1}
third_digit=${vm_num:2:1}
if [ $first_digit -le 2 ]; then
if [ $second_digit -eq 0 ]; then
num=$third_digit
else
num=$second_digit$third_digit
fi
else
num=$((first_digit - 2))$second_digit$third_digit
fi
if [ "$independent_ipv6" == "n" ]; then
qm create $vm_num --agent 1 --scsihw virtio-scsi-single --serial0 socket --cores $core --sockets 1 --cpu host --net0 virtio,bridge=vmbr1,firewall=0
else
qm create $vm_num --agent 1 --scsihw virtio-scsi-single --serial0 socket --cores $core --sockets 1 --cpu host --net0 virtio,bridge=vmbr1,firewall=0 --net1 virtio,bridge=vmbr2,firewall=0
fi
if [ "$system_arch" = "x86" ]; then
qm importdisk $vm_num /root/qcow/${system}.qcow2 ${storage}
else
qm set $vm_num --bios ovmf
qm importdisk $vm_num /root/qcow/${system}.img ${storage}
fi
sleep 3
raw_name=$(ls /var/lib/vz/images/${vm_num}/*.raw | xargs -n1 basename | tail -n 1)
if [ -n "$raw_name" ]; then
qm set $vm_num --scsihw virtio-scsi-pci --scsi0 ${storage}:${vm_num}/${raw_name}
else
qm set $vm_num --scsihw virtio-scsi-pci --scsi0 ${storage}:${vm_num}/vm-${vm_num}-disk-0.raw
fi
qm set $vm_num --bootdisk scsi0
qm set $vm_num --boot order=scsi0
qm set $vm_num --memory $memory
# --swap 256
qm set $vm_num --ide2 ${storage}:cloudinit
user_ip="172.16.1.${num}"
if [ "$independent_ipv6" == "y" ]; then
if [ ! -z "$host_ipv6_address" ] && [ ! -z "$ipv6_prefixlen" ] && [ ! -z "$ipv6_gateway" ] && [ ! -z "$ipv6_address_without_last_segment" ]; then
if grep -q "vmbr2" /etc/network/interfaces; then
qm set $vm_num --ipconfig0 ip=${user_ip}/24,gw=172.16.1.1
qm set $vm_num --ipconfig1 ip6="${ipv6_address_without_last_segment}${vm_num}/128",gw6="${host_ipv6_address}"
qm set $vm_num --nameserver 1.1.1.1
# qm set $vm_num --nameserver 1.0.0.1
qm set $vm_num --searchdomain local
independent_ipv6_status="Y"
else
independent_ipv6_status="N"
fi
else
independent_ipv6_status="N"
fi
else
independent_ipv6_status="N"
fi
if [ "$independent_ipv6_status" == "N" ]; then
# if [ -z "$ipv6_address" ] || [ -z "$ipv6_prefixlen" ] || [ -z "$ipv6_gateway" ] || [ "$ipv6_prefixlen" -gt 112 ]; then
qm set $vm_num --ipconfig0 ip=${user_ip}/24,gw=172.16.1.1
qm set $vm_num --nameserver 8.8.8.8
# qm set $vm_num --nameserver 8.8.4.4
qm set $vm_num --searchdomain local
# else
# qm set $vm_num --ipconfig0 ip=${user_ip}/24,gw=172.16.1.1,ip6=${ipv6_address}/${ipv6_prefixlen},gw6=${ipv6_gateway}
# qm set $vm_num --nameserver 8.8.8.8,2001:4860:4860::8888
# qm set $vm_num --searchdomain 8.8.4.4,2001:4860:4860::8844
# fi
fi
qm set $vm_num --cipassword $password --ciuser $user
sleep 5
qm resize $vm_num scsi0 ${disk}G
if [ $? -ne 0 ]; then
if [[ $disk =~ ^[0-9]+G$ ]]; then
dnum=${disk::-1}
disk_m=$((dnum * 1024))
qm resize $vm_num scsi0 ${disk_m}M
fi
fi
qm start $vm_num
iptables -t nat -A PREROUTING -p tcp --dport ${sshn} -j DNAT --to-destination ${user_ip}:22
iptables -t nat -A PREROUTING -p tcp -m tcp --dport ${web1_port} -j DNAT --to-destination ${user_ip}:80
iptables -t nat -A PREROUTING -p tcp -m tcp --dport ${web2_port} -j DNAT --to-destination ${user_ip}:443
iptables -t nat -A PREROUTING -p tcp -m tcp --dport ${port_first}:${port_last} -j DNAT --to-destination ${user_ip}:${port_first}-${port_last}
iptables -t nat -A PREROUTING -p udp -m udp --dport ${port_first}:${port_last} -j DNAT --to-destination ${user_ip}:${port_first}-${port_last}
if [ ! -f "/etc/iptables/rules.v4" ]; then
touch /etc/iptables/rules.v4
fi
iptables-save | awk '{if($1=="COMMIT"){delete x}}$1=="-A"?!x[$0]++:1' | iptables-restore
iptables-save >/etc/iptables/rules.v4
service netfilter-persistent restart
# 虚拟机的相关信息将会存储到对应的虚拟机的NOTE中,可在WEB端查看
if [ "$independent_ipv6_status" == "Y" ]; then
echo "$vm_num $user $password $core $memory $disk $sshn $web1_port $web2_port $port_first $port_last $system $storage ${ipv6_address_without_last_segment}${vm_num}" >>"vm${vm_num}"
data=$(echo " VMID 用户名-username 密码-password CPU核数-CPU 内存-memory 硬盘-disk SSH端口 80端口 443端口 外网端口起-port-start 外网端口止-port-end 系统-system 存储盘-storage 独立IPV6地址-ipv6_address")
else
echo "$vm_num $user $password $core $memory $disk $sshn $web1_port $web2_port $port_first $port_last $system $storage" >>"vm${vm_num}"
data=$(echo " VMID 用户名-username 密码-password CPU核数-CPU 内存-memory 硬盘-disk SSH端口 80端口 443端口 外网端口起-port-start 外网端口止-port-end 系统-system 存储盘-storage")
fi
values=$(cat "vm${vm_num}")
IFS=' ' read -ra data_array <<<"$data"
IFS=' ' read -ra values_array <<<"$values"
length=${#data_array[@]}
for ((i = 0; i < $length; i++)); do
echo "${data_array[$i]} ${values_array[$i]}"
echo ""
done >"/tmp/temp${vm_num}.txt"
sed -i 's/^/# /' "/tmp/temp${vm_num}.txt"
cat "/etc/pve/qemu-server/${vm_num}.conf" >>"/tmp/temp${vm_num}.txt"
cp "/tmp/temp${vm_num}.txt" "/etc/pve/qemu-server/${vm_num}.conf"
rm -rf "/tmp/temp${vm_num}.txt"
cat "vm${vm_num}"