-
Notifications
You must be signed in to change notification settings - Fork 2
/
jjo-lxc-launch.sh
executable file
·55 lines (50 loc) · 1.38 KB
/
jjo-lxc-launch.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
#!/bin/bash
# jjo-lxc-launch.sh: launch LXD/lxc priviledged container with:
# - $HOME bindmount'd
# - 1st user == myself
# Author: JuanJo Ciarlante <juanjosec@gmail.com>
# License: GPLv3
# Keywords: lxc, lxd, idmap, bind mount
#
help() {
(
echo "Usage: ${0##*/} imagename name"
echo ""
echo "# Sync images:"
echo " lxc image copy ubuntu:14.04 local: --alias ubuntu-trusty"
echo " lxc image copy ubuntu:16.04 local: --alias ubuntu-xenial"
echo "# Launch:"
echo " ${0##*/} ubuntu-xenial $USER-xenial-01"
echo ""
) >&2
}
image=${1:?missing imagename. $(help)}
name=${2:?missing name. $(help)}
# Init privileged container, needed to have 1:1 idmapping
(set -x;lxc init $image $name -c security.nesting=true -c security.privileged=true)
# Create cloud-init userdata with my account, ssh keys in it
(
group=$(groups | sed 's/ .*//')
cat << EOF
#cloud-config
groups:
- ${group}
users:
- name: $USER
shell: /bin/bash
primary-group: ${group}
#uid: $(id -u)
#gid: $(id -g)
sudo: ALL=(ALL) NOPASSWD:ALL
#ssh-import-id: [$USER]
ssh_authorized_keys:
- $(cat ~/.ssh/id_rsa.pub)
runcmd:
- usermod -u $(id -u) $USER
- groupmod -g $(id -g) ${group}
EOF
) | (set -x; lxc config set $name user.user-data -)
# Add $HOME bindmount
(set -x; lxc config device add $name homedir disk source=$HOME path=$HOME)
# Start it
(set -x;lxc start $name)