Update with BLACKBOXAI
This commit is contained in:
wm
346
nohup.out
346
nohup.out
@@ -1,346 +0,0 @@
|
||||
[2026-01-14 21:36:08] INFO: Argument-Parsing OK
|
||||
[2026-01-14 21:36:08] INFO: APT proxy enabled: http://192.168.45.2:3142
|
||||
[2026-01-14 21:36:10] WARN: pveam storage 'local-zfs' not available for templates; falling back to 'local'
|
||||
[2026-01-14 21:36:10] INFO: Template OK: local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst
|
||||
[2026-01-14 21:36:11] INFO: CTID selected: 768422970
|
||||
[2026-01-14 21:36:11] INFO: SCRIPT_DIR=/root/customer-installer
|
||||
[2026-01-14 21:36:11] INFO: CT_HOSTNAME=sb-1768422970
|
||||
[2026-01-14 21:36:11] INFO: FQDN=sb-1768422970.userman.de
|
||||
[2026-01-14 21:36:11] INFO: cores=4 memory=4096MB swap=512MB disk=50GB
|
||||
[2026-01-14 21:36:11] INFO: bridge=vmbr0 storage=local-zfs ip=dhcp vlan=90 unprivileged=1
|
||||
[2026-01-14 21:36:11] INFO: Step 5: Create CT
|
||||
[2026-01-14 21:36:11] INFO: Creating CT 768422970 (sb-1768422970) from local:vztmpl/debian-12-standard_12.12-1_amd64.tar.zst
|
||||
extracting archive '/var/lib/vz/template/cache/debian-12-standard_12.12-1_amd64.tar.zst'
|
||||
Total bytes read: 522782720 (499MiB, 228MiB/s)
|
||||
Detected container architecture: amd64
|
||||
Setting up 'proxmox-regenerate-snakeoil.service' to regenerate snakeoil certificate..
|
||||
Creating SSH host key 'ssh_host_ecdsa_key' - this may take some time ...
|
||||
done: SHA256:AYBSIYhUI08n1+A4rhSRDWvIy0yXsxEbO1GmnwfcVZo root@sb-1768422970
|
||||
Creating SSH host key 'ssh_host_rsa_key' - this may take some time ...
|
||||
done: SHA256:20qUj1Khne5X5sxk4SFq3y89UeZ3xLZZZMkPj0/LOs4 root@sb-1768422970
|
||||
Creating SSH host key 'ssh_host_ed25519_key' - this may take some time ...
|
||||
done: SHA256:kDSDpY7a/h0KF4bpuLIkl9yQDp83rMare6HVzsVJLsA root@sb-1768422970
|
||||
[2026-01-14 21:36:14] INFO: CT created (not started). Next step: start CT + wait for IP
|
||||
[2026-01-14 21:36:14] INFO: Starting CT 768422970
|
||||
[2026-01-14 21:36:20] INFO: Step 5 OK: LXC erstellt + IP ermittelt
|
||||
[2026-01-14 21:36:20] INFO: CT_HOSTNAME=sb-1768422970
|
||||
[2026-01-14 21:36:20] INFO: CT_IP=192.168.45.98
|
||||
[2026-01-14 21:36:20] INFO: Step 6: Provisioning im CT (Docker + Locales + Base)
|
||||
Acquire::http::Proxy "http://192.168.45.2:3142";
|
||||
Acquire::https::Proxy "http://192.168.45.2:3142";
|
||||
Get:1 http://security.debian.org bookworm-security InRelease [48.0 kB]
|
||||
Get:2 http://deb.debian.org/debian bookworm InRelease [151 kB]
|
||||
Get:3 http://deb.debian.org/debian bookworm-updates InRelease [55.4 kB]
|
||||
Get:4 http://security.debian.org bookworm-security/main amd64 Packages [291 kB]
|
||||
Get:5 http://security.debian.org bookworm-security/main Translation-en [176 kB]
|
||||
Get:6 http://security.debian.org bookworm-security/contrib Translation-en [652 B]
|
||||
Get:7 http://deb.debian.org/debian bookworm/main amd64 Packages [8792 kB]
|
||||
Get:8 http://deb.debian.org/debian bookworm/main Translation-en [6108 kB]
|
||||
Get:9 http://deb.debian.org/debian bookworm/contrib amd64 Packages [53.5 kB]
|
||||
Get:10 http://deb.debian.org/debian bookworm/contrib Translation-en [48.4 kB]
|
||||
Get:11 http://deb.debian.org/debian bookworm-updates/main Translation-en [5448 B]
|
||||
Fetched 15.7 MB in 2s (8185 kB/s)
|
||||
Reading package lists...
|
||||
Reading package lists...
|
||||
Building dependency tree...
|
||||
ca-certificates is already the newest version (20230311+deb12u1).
|
||||
The following additional packages will be installed:
|
||||
dirmngr gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client gpg-wks-server
|
||||
gpgconf gpgsm gpgv libassuan0 libcurl4 libksba8 libnpth0 pinentry-curses
|
||||
Suggested packages:
|
||||
dbus-user-session pinentry-gnome3 tor parcimonie xloadimage scdaemon
|
||||
pinentry-doc
|
||||
The following NEW packages will be installed:
|
||||
curl dirmngr gnupg gnupg-l10n gnupg-utils gpg gpg-agent gpg-wks-client
|
||||
gpg-wks-server gpgconf gpgsm libassuan0 libcurl4 libksba8 libnpth0
|
||||
lsb-release pinentry-curses
|
||||
The following packages will be upgraded:
|
||||
gpgv
|
||||
1 upgraded, 17 newly installed, 0 to remove and 17 not upgraded.
|
||||
Need to get 9247 kB of archives.
|
||||
After this operation, 17.4 MB of additional disk space will be used.
|
||||
Get:1 http://deb.debian.org/debian bookworm/main amd64 gpgv amd64 2.2.40-1.1+deb12u2 [649 kB]
|
||||
Get:2 http://deb.debian.org/debian bookworm/main amd64 libcurl4 amd64 7.88.1-10+deb12u14 [392 kB]
|
||||
Get:3 http://deb.debian.org/debian bookworm/main amd64 curl amd64 7.88.1-10+deb12u14 [316 kB]
|
||||
Get:4 http://deb.debian.org/debian bookworm/main amd64 libassuan0 amd64 2.5.5-5 [48.5 kB]
|
||||
Get:5 http://deb.debian.org/debian bookworm/main amd64 gpgconf amd64 2.2.40-1.1+deb12u2 [565 kB]
|
||||
Get:6 http://deb.debian.org/debian bookworm/main amd64 libksba8 amd64 1.6.3-2 [128 kB]
|
||||
Get:7 http://deb.debian.org/debian bookworm/main amd64 libnpth0 amd64 1.6-3 [19.0 kB]
|
||||
Get:8 http://deb.debian.org/debian bookworm/main amd64 dirmngr amd64 2.2.40-1.1+deb12u2 [793 kB]
|
||||
Get:9 http://deb.debian.org/debian bookworm/main amd64 gnupg-l10n all 2.2.40-1.1+deb12u2 [1093 kB]
|
||||
Get:10 http://deb.debian.org/debian bookworm/main amd64 gnupg-utils amd64 2.2.40-1.1+deb12u2 [927 kB]
|
||||
Get:11 http://deb.debian.org/debian bookworm/main amd64 gpg amd64 2.2.40-1.1+deb12u2 [950 kB]
|
||||
Get:12 http://deb.debian.org/debian bookworm/main amd64 pinentry-curses amd64 1.2.1-1 [77.4 kB]
|
||||
Get:13 http://deb.debian.org/debian bookworm/main amd64 gpg-agent amd64 2.2.40-1.1+deb12u2 [695 kB]
|
||||
Get:14 http://deb.debian.org/debian bookworm/main amd64 gpg-wks-client amd64 2.2.40-1.1+deb12u2 [541 kB]
|
||||
Get:15 http://deb.debian.org/debian bookworm/main amd64 gpg-wks-server amd64 2.2.40-1.1+deb12u2 [531 kB]
|
||||
Get:16 http://deb.debian.org/debian bookworm/main amd64 gpgsm amd64 2.2.40-1.1+deb12u2 [671 kB]
|
||||
Get:17 http://deb.debian.org/debian bookworm/main amd64 gnupg all 2.2.40-1.1+deb12u2 [846 kB]
|
||||
Get:18 http://deb.debian.org/debian bookworm/main amd64 lsb-release all 12.0-1 [6416 B]
|
||||
apt-listchanges: Can't set locale; make sure $LC_* and $LANG are correct!
|
||||
apt-listchanges: Reading changelogs...
|
||||
perl: warning: Setting locale failed.
|
||||
perl: warning: Please check that your locale settings:
|
||||
LANGUAGE = (unset),
|
||||
LC_ALL = (unset),
|
||||
LANG = "en_US.UTF-8"
|
||||
are supported and installed on your system.
|
||||
perl: warning: Falling back to the standard locale ("C").
|
||||
locale: Cannot set LC_CTYPE to default locale: No such file or directory
|
||||
locale: Cannot set LC_MESSAGES to default locale: No such file or directory
|
||||
locale: Cannot set LC_ALL to default locale: No such file or directory
|
||||
Fetched 9247 kB in 0s (162 MB/s)
|
||||
(Reading database ...
|
||||
(Reading database ... 5%
|
||||
(Reading database ... 10%
|
||||
(Reading database ... 15%
|
||||
(Reading database ... 20%
|
||||
(Reading database ... 25%
|
||||
(Reading database ... 30%
|
||||
(Reading database ... 35%
|
||||
(Reading database ... 40%
|
||||
(Reading database ... 45%
|
||||
(Reading database ... 50%
|
||||
(Reading database ... 55%
|
||||
(Reading database ... 60%
|
||||
(Reading database ... 65%
|
||||
(Reading database ... 70%
|
||||
(Reading database ... 75%
|
||||
(Reading database ... 80%
|
||||
(Reading database ... 85%
|
||||
(Reading database ... 90%
|
||||
(Reading database ... 95%
|
||||
(Reading database ... 100%
|
||||
(Reading database ... 19144 files and directories currently installed.)
|
||||
Preparing to unpack .../gpgv_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpgv (2.2.40-1.1+deb12u2) over (2.2.40-1.1+deb12u1) ...
|
||||
Setting up gpgv (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package libcurl4:amd64.
|
||||
(Reading database ...
|
||||
(Reading database ... 5%
|
||||
(Reading database ... 10%
|
||||
(Reading database ... 15%
|
||||
(Reading database ... 20%
|
||||
(Reading database ... 25%
|
||||
(Reading database ... 30%
|
||||
(Reading database ... 35%
|
||||
(Reading database ... 40%
|
||||
(Reading database ... 45%
|
||||
(Reading database ... 50%
|
||||
(Reading database ... 55%
|
||||
(Reading database ... 60%
|
||||
(Reading database ... 65%
|
||||
(Reading database ... 70%
|
||||
(Reading database ... 75%
|
||||
(Reading database ... 80%
|
||||
(Reading database ... 85%
|
||||
(Reading database ... 90%
|
||||
(Reading database ... 95%
|
||||
(Reading database ... 100%
|
||||
(Reading database ... 19144 files and directories currently installed.)
|
||||
Preparing to unpack .../00-libcurl4_7.88.1-10+deb12u14_amd64.deb ...
|
||||
Unpacking libcurl4:amd64 (7.88.1-10+deb12u14) ...
|
||||
Selecting previously unselected package curl.
|
||||
Preparing to unpack .../01-curl_7.88.1-10+deb12u14_amd64.deb ...
|
||||
Unpacking curl (7.88.1-10+deb12u14) ...
|
||||
Selecting previously unselected package libassuan0:amd64.
|
||||
Preparing to unpack .../02-libassuan0_2.5.5-5_amd64.deb ...
|
||||
Unpacking libassuan0:amd64 (2.5.5-5) ...
|
||||
Selecting previously unselected package gpgconf.
|
||||
Preparing to unpack .../03-gpgconf_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpgconf (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package libksba8:amd64.
|
||||
Preparing to unpack .../04-libksba8_1.6.3-2_amd64.deb ...
|
||||
Unpacking libksba8:amd64 (1.6.3-2) ...
|
||||
Selecting previously unselected package libnpth0:amd64.
|
||||
Preparing to unpack .../05-libnpth0_1.6-3_amd64.deb ...
|
||||
Unpacking libnpth0:amd64 (1.6-3) ...
|
||||
Selecting previously unselected package dirmngr.
|
||||
Preparing to unpack .../06-dirmngr_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking dirmngr (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gnupg-l10n.
|
||||
Preparing to unpack .../07-gnupg-l10n_2.2.40-1.1+deb12u2_all.deb ...
|
||||
Unpacking gnupg-l10n (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gnupg-utils.
|
||||
Preparing to unpack .../08-gnupg-utils_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gnupg-utils (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gpg.
|
||||
Preparing to unpack .../09-gpg_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpg (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package pinentry-curses.
|
||||
Preparing to unpack .../10-pinentry-curses_1.2.1-1_amd64.deb ...
|
||||
Unpacking pinentry-curses (1.2.1-1) ...
|
||||
Selecting previously unselected package gpg-agent.
|
||||
Preparing to unpack .../11-gpg-agent_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpg-agent (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gpg-wks-client.
|
||||
Preparing to unpack .../12-gpg-wks-client_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpg-wks-client (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gpg-wks-server.
|
||||
Preparing to unpack .../13-gpg-wks-server_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpg-wks-server (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gpgsm.
|
||||
Preparing to unpack .../14-gpgsm_2.2.40-1.1+deb12u2_amd64.deb ...
|
||||
Unpacking gpgsm (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package gnupg.
|
||||
Preparing to unpack .../15-gnupg_2.2.40-1.1+deb12u2_all.deb ...
|
||||
Unpacking gnupg (2.2.40-1.1+deb12u2) ...
|
||||
Selecting previously unselected package lsb-release.
|
||||
Preparing to unpack .../16-lsb-release_12.0-1_all.deb ...
|
||||
Unpacking lsb-release (12.0-1) ...
|
||||
Setting up libksba8:amd64 (1.6.3-2) ...
|
||||
Setting up libnpth0:amd64 (1.6-3) ...
|
||||
Setting up libassuan0:amd64 (2.5.5-5) ...
|
||||
Setting up gnupg-l10n (2.2.40-1.1+deb12u2) ...
|
||||
Setting up gpgconf (2.2.40-1.1+deb12u2) ...
|
||||
Setting up libcurl4:amd64 (7.88.1-10+deb12u14) ...
|
||||
Setting up curl (7.88.1-10+deb12u14) ...
|
||||
Setting up lsb-release (12.0-1) ...
|
||||
Setting up gpg (2.2.40-1.1+deb12u2) ...
|
||||
Setting up gnupg-utils (2.2.40-1.1+deb12u2) ...
|
||||
Setting up pinentry-curses (1.2.1-1) ...
|
||||
Setting up gpg-agent (2.2.40-1.1+deb12u2) ...
|
||||
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-browser.socket → /usr/lib/systemd/user/gpg-agent-browser.socket.
|
||||
|
||||
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-extra.socket → /usr/lib/systemd/user/gpg-agent-extra.socket.
|
||||
|
||||
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent-ssh.socket → /usr/lib/systemd/user/gpg-agent-ssh.socket.
|
||||
|
||||
Created symlink /etc/systemd/user/sockets.target.wants/gpg-agent.socket → /usr/lib/systemd/user/gpg-agent.socket.
|
||||
|
||||
Setting up gpgsm (2.2.40-1.1+deb12u2) ...
|
||||
Setting up dirmngr (2.2.40-1.1+deb12u2) ...
|
||||
Created symlink /etc/systemd/user/sockets.target.wants/dirmngr.socket → /usr/lib/systemd/user/dirmngr.socket.
|
||||
|
||||
Setting up gpg-wks-server (2.2.40-1.1+deb12u2) ...
|
||||
Setting up gpg-wks-client (2.2.40-1.1+deb12u2) ...
|
||||
Setting up gnupg (2.2.40-1.1+deb12u2) ...
|
||||
Processing triggers for man-db (2.11.2-2) ...
|
||||
Processing triggers for libc-bin (2.36-9+deb12u13) ...
|
||||
Hit:1 http://deb.debian.org/debian bookworm InRelease
|
||||
Hit:2 http://security.debian.org bookworm-security InRelease
|
||||
Hit:3 http://deb.debian.org/debian bookworm-updates InRelease
|
||||
Reading package lists...
|
||||
Reading package lists...
|
||||
Building dependency tree...
|
||||
Reading state information...
|
||||
locales is already the newest version (2.36-9+deb12u13).
|
||||
ca-certificates is already the newest version (20230311+deb12u1).
|
||||
curl is already the newest version (7.88.1-10+deb12u14).
|
||||
gnupg is already the newest version (2.2.40-1.1+deb12u2).
|
||||
lsb-release is already the newest version (12.0-1).
|
||||
0 upgraded, 0 newly installed, 0 to remove and 17 not upgraded.
|
||||
Hit:1 http://deb.debian.org/debian bookworm InRelease
|
||||
Hit:2 http://security.debian.org bookworm-security InRelease
|
||||
Hit:3 http://deb.debian.org/debian bookworm-updates InRelease
|
||||
Get:4 https://download.docker.com/linux/debian bookworm InRelease [46.6 kB]
|
||||
Get:5 https://download.docker.com/linux/debian bookworm/stable amd64 Packages [59.1 kB]
|
||||
Fetched 106 kB in 0s (277 kB/s)
|
||||
Reading package lists...
|
||||
Reading package lists...
|
||||
Building dependency tree...
|
||||
Reading state information...
|
||||
The following additional packages will be installed:
|
||||
apparmor dbus-user-session docker-ce-rootless-extras git git-man iptables
|
||||
liberror-perl libglib2.0-0 libglib2.0-data libip6tc2 libnetfilter-conntrack3
|
||||
libnfnetlink0 libslirp0 patch pigz shared-mime-info slirp4netns
|
||||
xdg-user-dirs
|
||||
Suggested packages:
|
||||
apparmor-profiles-extra apparmor-utils cgroupfs-mount | cgroup-lite
|
||||
docker-model-plugin git-daemon-run | git-daemon-sysvinit git-doc git-email
|
||||
git-gui gitk gitweb git-cvs git-mediawiki git-svn firewalld
|
||||
low-memory-monitor ed diffutils-doc
|
||||
The following NEW packages will be installed:
|
||||
apparmor containerd.io dbus-user-session docker-buildx-plugin docker-ce
|
||||
docker-ce-cli docker-ce-rootless-extras docker-compose-plugin git git-man
|
||||
iptables liberror-perl libglib2.0-0 libglib2.0-data libip6tc2
|
||||
libnetfilter-conntrack3 libnfnetlink0 libslirp0 patch pigz shared-mime-info
|
||||
slirp4netns xdg-user-dirs
|
||||
0 upgraded, 23 newly installed, 0 to remove and 17 not upgraded.
|
||||
Need to get 105 MB of archives.
|
||||
After this operation, 437 MB of additional disk space will be used.
|
||||
Get:1 http://deb.debian.org/debian bookworm/main amd64 libip6tc2 amd64 1.8.9-2 [19.4 kB]
|
||||
Get:2 http://deb.debian.org/debian bookworm/main amd64 libnfnetlink0 amd64 1.0.2-2 [15.1 kB]
|
||||
Get:3 http://deb.debian.org/debian bookworm/main amd64 libnetfilter-conntrack3 amd64 1.0.9-3 [40.7 kB]
|
||||
Get:4 http://deb.debian.org/debian bookworm/main amd64 iptables amd64 1.8.9-2 [360 kB]
|
||||
Get:5 http://deb.debian.org/debian bookworm/main amd64 pigz amd64 2.6-1 [64.0 kB]
|
||||
Get:6 http://deb.debian.org/debian bookworm/main amd64 apparmor amd64 3.0.8-3 [616 kB]
|
||||
Get:7 http://deb.debian.org/debian bookworm/main amd64 dbus-user-session amd64 1.14.10-1~deb12u1 [78.1 kB]
|
||||
Get:8 http://deb.debian.org/debian bookworm/main amd64 liberror-perl all 0.17029-2 [29.0 kB]
|
||||
Get:9 http://deb.debian.org/debian bookworm/main amd64 git-man all 1:2.39.5-0+deb12u3 [2,053 kB]
|
||||
Get:10 http://deb.debian.org/debian bookworm/main amd64 git amd64 1:2.39.5-0+deb12u3 [7,264 kB]
|
||||
Get:11 http://deb.debian.org/debian bookworm/main amd64 libglib2.0-0 amd64 2.74.6-2+deb12u8 [1,402 kB]
|
||||
Get:12 http://deb.debian.org/debian bookworm/main amd64 libglib2.0-data all 2.74.6-2+deb12u8 [1,210 kB]
|
||||
Get:13 http://deb.debian.org/debian bookworm/main amd64 libslirp0 amd64 4.7.0-1 [63.0 kB]
|
||||
Get:14 http://deb.debian.org/debian bookworm/main amd64 patch amd64 2.7.6-7 [128 kB]
|
||||
Get:15 http://deb.debian.org/debian bookworm/main amd64 shared-mime-info amd64 2.2-1 [729 kB]
|
||||
Get:16 http://deb.debian.org/debian bookworm/main amd64 slirp4netns amd64 1.2.0-1 [37.5 kB]
|
||||
Get:17 http://deb.debian.org/debian bookworm/main amd64 xdg-user-dirs amd64 0.18-1 [54.4 kB]
|
||||
Get:18 https://download.docker.com/linux/debian bookworm/stable amd64 containerd.io amd64 2.2.1-1~debian.12~bookworm [23.4 MB]
|
||||
Get:19 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce-cli amd64 5:29.1.4-1~debian.12~bookworm [16.3 MB]
|
||||
Get:20 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce amd64 5:29.1.4-1~debian.12~bookworm [21.0 MB]
|
||||
Get:21 https://download.docker.com/linux/debian bookworm/stable amd64 docker-buildx-plugin amd64 0.30.1-1~debian.12~bookworm [16.4 MB]
|
||||
Get:22 https://download.docker.com/linux/debian bookworm/stable amd64 docker-ce-rootless-extras amd64 5:29.1.4-1~debian.12~bookworm [6,384 kB]
|
||||
Get:23 https://download.docker.com/linux/debian bookworm/stable amd64 docker-compose-plugin amd64 5.0.1-1~debian.12~bookworm [7,713 kB]
|
||||
Preconfiguring packages ...
|
||||
Fetched 105 MB in 1s (84.4 MB/s)
|
||||
Selecting previously unselected package containerd.io.
|
||||
(Reading database ...
|
||||
(Reading database ... 5%
|
||||
(Reading database ... 10%
|
||||
(Reading database ... 15%
|
||||
(Reading database ... 20%
|
||||
(Reading database ... 25%
|
||||
(Reading database ... 30%
|
||||
(Reading database ... 35%
|
||||
(Reading database ... 40%
|
||||
(Reading database ... 45%
|
||||
(Reading database ... 50%
|
||||
(Reading database ... 55%
|
||||
(Reading database ... 60%
|
||||
(Reading database ... 65%
|
||||
(Reading database ... 70%
|
||||
(Reading database ... 75%
|
||||
(Reading database ... 80%
|
||||
(Reading database ... 85%
|
||||
(Reading database ... 90%
|
||||
(Reading database ... 95%
|
||||
(Reading database ... 100%
|
||||
(Reading database ... 19417 files and directories currently installed.)
|
||||
Preparing to unpack .../00-containerd.io_2.2.1-1~debian.12~bookworm_amd64.deb ...
|
||||
Unpacking containerd.io (2.2.1-1~debian.12~bookworm) ...
|
||||
Selecting previously unselected package docker-ce-cli.
|
||||
Preparing to unpack .../01-docker-ce-cli_5%3a29.1.4-1~debian.12~bookworm_amd64.deb ...
|
||||
Unpacking docker-ce-cli (5:29.1.4-1~debian.12~bookworm) ...
|
||||
Selecting previously unselected package libip6tc2:amd64.
|
||||
Preparing to unpack .../02-libip6tc2_1.8.9-2_amd64.deb ...
|
||||
Unpacking libip6tc2:amd64 (1.8.9-2) ...
|
||||
Selecting previously unselected package libnfnetlink0:amd64.
|
||||
Preparing to unpack .../03-libnfnetlink0_1.0.2-2_amd64.deb ...
|
||||
Unpacking libnfnetlink0:amd64 (1.0.2-2) ...
|
||||
Selecting previously unselected package libnetfilter-conntrack3:amd64.
|
||||
Preparing to unpack .../04-libnetfilter-conntrack3_1.0.9-3_amd64.deb ...
|
||||
Unpacking libnetfilter-conntrack3:amd64 (1.0.9-3) ...
|
||||
Selecting previously unselected package iptables.
|
||||
Preparing to unpack .../05-iptables_1.8.9-2_amd64.deb ...
|
||||
Unpacking iptables (1.8.9-2) ...
|
||||
Selecting previously unselected package docker-ce.
|
||||
Preparing to unpack .../06-docker-ce_5%3a29.1.4-1~debian.12~bookworm_amd64.deb ...
|
||||
Unpacking docker-ce (5:29.1.4-1~debian.12~bookworm) ...
|
||||
Selecting previously unselected package pigz.
|
||||
Preparing to unpack .../07-pigz_2.6-1_amd64.deb ...
|
||||
Unpacking pigz (2.6-1) ...
|
||||
Selecting previously unselected package apparmor.
|
||||
Preparing to unpack .../08-apparmor_3.0.8-3_amd64.deb ...
|
||||
Unpacking apparmor (3.0.8-3) ...
|
||||
Selecting previously unselected package dbus-user-session.
|
||||
Preparing to unpack .../09-dbus-user-session_1.14.10-1~deb12u1_amd64.deb ...
|
||||
Unpacking dbus-user-session (1.14.10-1~deb12u1) ...
|
||||
Selecting previously unselected package docker-buildx-plugin.
|
||||
Preparing to unpack .../10-docker-buildx-plugin_0.30.1-1~debian.12~bookworm_amd64.deb ...
|
||||
Unpacking docker-buildx-plugin (0.30.1-1~debian.12~bookworm) ...
|
||||
Selecting previously unselected package docker-ce-rootless-extras.
|
||||
Preparing to unpack .../11-docker-ce-rootless-extras_5%3a29.1.4-1~debian.12~bookworm_amd64.deb ...
|
||||
Unpacking docker-ce-rootless-extras (5:29.1.4-1~debian.12~bookworm) ...
|
||||
Selecting previously unselected package docker-compose-plugin.
|
||||
Preparing to unpack .../12-docker-compose-plugin_5.0.1-1~debian.12~bookworm_amd64.deb ...
|
||||
@@ -26,9 +26,10 @@ die() {
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# Configuration
|
||||
# Default Configuration
|
||||
# =============================================================================
|
||||
OPNSENSE_HOST="${OPNSENSE_HOST:-mediametzkabel.metz.tech}"
|
||||
# OPNsense kann über Hostname ODER IP angesprochen werden
|
||||
OPNSENSE_HOST="${OPNSENSE_HOST:-192.168.45.1}"
|
||||
OPNSENSE_API_KEY="${OPNSENSE_API_KEY:-cUUs80IDkQelMJVgAVK2oUoDHrQf+cQPwXoPKNd3KDIgiCiEyEfMq38UTXeY5/VO/yWtCC7k9Y9kJ0Pn}"
|
||||
OPNSENSE_API_SECRET="${OPNSENSE_API_SECRET:-2egxxFYCAUjBDp0OrgbJO3NBZmR4jpDm028jeS8Nq8OtCGu/0lAxt4YXWXbdZjcFVMS0Nrhru1I2R1si}"
|
||||
|
||||
@@ -36,9 +37,6 @@ OPNSENSE_API_SECRET="${OPNSENSE_API_SECRET:-2egxxFYCAUjBDp0OrgbJO3NBZmR4jpDm028j
|
||||
# Kann über --certificate-uuid oder Umgebungsvariable gesetzt werden
|
||||
CERTIFICATE_UUID="${CERTIFICATE_UUID:-}"
|
||||
|
||||
# API Base URL
|
||||
API_BASE="https://${OPNSENSE_HOST}/api"
|
||||
|
||||
# =============================================================================
|
||||
# Usage
|
||||
# =============================================================================
|
||||
@@ -47,7 +45,7 @@ usage() {
|
||||
Usage:
|
||||
bash setup_nginx_proxy.sh [options]
|
||||
|
||||
Required options:
|
||||
Required options (for proxy setup):
|
||||
--ctid <id> Container ID (used as description)
|
||||
--hostname <name> Hostname (e.g., sb-1768736636)
|
||||
--fqdn <domain> Full domain name (e.g., sb-1768736636.userman.de)
|
||||
@@ -55,20 +53,31 @@ Required options:
|
||||
--backend-port <port> Backend port (default: 5678)
|
||||
|
||||
Optional:
|
||||
--opnsense-host <host> OPNsense hostname (default: mediametzkabel.metz.tech)
|
||||
--opnsense-host <ip> OPNsense IP or hostname (default: 192.168.45.1)
|
||||
--certificate-uuid <uuid> UUID of the SSL certificate in OPNsense
|
||||
--list-certificates List available certificates and exit
|
||||
--test-connection Test API connection and exit
|
||||
--debug Enable debug mode
|
||||
--help Show this help
|
||||
|
||||
Example:
|
||||
Examples:
|
||||
# List certificates:
|
||||
bash setup_nginx_proxy.sh --list-certificates --debug
|
||||
|
||||
# Test API connection:
|
||||
bash setup_nginx_proxy.sh --test-connection --debug
|
||||
|
||||
# Setup proxy:
|
||||
bash setup_nginx_proxy.sh --ctid 768736636 --hostname sb-1768736636 \
|
||||
--fqdn sb-1768736636.userman.de --backend-ip 192.168.45.135
|
||||
|
||||
# With custom OPNsense IP:
|
||||
bash setup_nginx_proxy.sh --opnsense-host 192.168.45.1 --list-certificates
|
||||
EOF
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# Default values
|
||||
# Default values for arguments
|
||||
# =============================================================================
|
||||
CTID=""
|
||||
HOSTNAME=""
|
||||
@@ -76,6 +85,7 @@ FQDN=""
|
||||
BACKEND_IP=""
|
||||
BACKEND_PORT="5678"
|
||||
LIST_CERTIFICATES="0"
|
||||
TEST_CONNECTION="0"
|
||||
|
||||
# =============================================================================
|
||||
# Argument parsing
|
||||
@@ -90,6 +100,7 @@ while [[ $# -gt 0 ]]; do
|
||||
--opnsense-host) OPNSENSE_HOST="${2:-}"; shift 2 ;;
|
||||
--certificate-uuid) CERTIFICATE_UUID="${2:-}"; shift 2 ;;
|
||||
--list-certificates) LIST_CERTIFICATES="1"; shift 1 ;;
|
||||
--test-connection) TEST_CONNECTION="1"; shift 1 ;;
|
||||
--debug) DEBUG="1"; export DEBUG; shift 1 ;;
|
||||
--help|-h) usage; exit 0 ;;
|
||||
*) die "Unknown option: $1 (use --help)" ;;
|
||||
@@ -97,61 +108,12 @@ while [[ $# -gt 0 ]]; do
|
||||
done
|
||||
|
||||
# =============================================================================
|
||||
# List Certificates Function
|
||||
# API Base URL (nach Argument-Parsing setzen!)
|
||||
# =============================================================================
|
||||
list_certificates() {
|
||||
info "Fetching available certificates from OPNsense..."
|
||||
|
||||
local response
|
||||
response=$(api_request "GET" "/trust/cert/search")
|
||||
|
||||
echo "Available SSL Certificates in OPNsense:"
|
||||
echo "========================================"
|
||||
echo "$response" | python3 -c "
|
||||
import json, sys
|
||||
try:
|
||||
data = json.load(sys.stdin)
|
||||
rows = data.get('rows', [])
|
||||
for row in rows:
|
||||
uuid = row.get('uuid', 'N/A')
|
||||
descr = row.get('descr', 'N/A')
|
||||
cn = row.get('cn', 'N/A')
|
||||
print(f'UUID: {uuid}')
|
||||
print(f' Description: {descr}')
|
||||
print(f' Common Name: {cn}')
|
||||
print()
|
||||
except Exception as e:
|
||||
print(f'Error parsing response: {e}', file=sys.stderr)
|
||||
print('Raw response:', file=sys.stderr)
|
||||
sys.exit(1)
|
||||
" 2>&1
|
||||
}
|
||||
API_BASE="https://${OPNSENSE_HOST}/api"
|
||||
|
||||
# =============================================================================
|
||||
# Validation
|
||||
# =============================================================================
|
||||
|
||||
# Handle --list-certificates first
|
||||
if [[ "$LIST_CERTIFICATES" == "1" ]]; then
|
||||
list_certificates
|
||||
exit 0
|
||||
fi
|
||||
|
||||
[[ -n "$CTID" ]] || die "--ctid is required"
|
||||
[[ -n "$HOSTNAME" ]] || die "--hostname is required"
|
||||
[[ -n "$FQDN" ]] || die "--fqdn is required"
|
||||
[[ -n "$BACKEND_IP" ]] || die "--backend-ip is required"
|
||||
|
||||
info "Configuration:"
|
||||
info " CTID: ${CTID}"
|
||||
info " Hostname: ${HOSTNAME}"
|
||||
info " FQDN: ${FQDN}"
|
||||
info " Backend: ${BACKEND_IP}:${BACKEND_PORT}"
|
||||
info " OPNsense: ${OPNSENSE_HOST}"
|
||||
info " Certificate UUID: ${CERTIFICATE_UUID:-auto-detect}"
|
||||
|
||||
# =============================================================================
|
||||
# API Helper Functions
|
||||
# API Helper Functions (MÜSSEN VOR list_certificates definiert werden!)
|
||||
# =============================================================================
|
||||
|
||||
# Make API request to OPNsense
|
||||
@@ -163,7 +125,7 @@ api_request() {
|
||||
local url="${API_BASE}${endpoint}"
|
||||
local auth="${OPNSENSE_API_KEY}:${OPNSENSE_API_SECRET}"
|
||||
|
||||
info "API ${method} ${endpoint}"
|
||||
info "API ${method} ${url}"
|
||||
|
||||
local response
|
||||
if [[ -n "$data" ]]; then
|
||||
@@ -222,11 +184,11 @@ try:
|
||||
cn = row.get('cn', '')
|
||||
descr = row.get('descr', '')
|
||||
# Match wildcard or exact domain
|
||||
if pattern in cn or pattern in descr or '*.' + pattern.split('.')[-2] + '.' + pattern.split('.')[-1] in cn:
|
||||
if pattern in cn or pattern in descr:
|
||||
print(row.get('uuid', ''))
|
||||
sys.exit(0)
|
||||
# Also check for wildcard pattern
|
||||
if cn.startswith('*.') and pattern.endswith(cn[1:]):
|
||||
if cn.startswith('*.') and pattern.endswith(cn[2:]):
|
||||
print(row.get('uuid', ''))
|
||||
sys.exit(0)
|
||||
except:
|
||||
@@ -234,6 +196,90 @@ except:
|
||||
" 2>/dev/null || true
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# Utility Functions
|
||||
# =============================================================================
|
||||
|
||||
# Test API connection
|
||||
test_connection() {
|
||||
info "Testing API connection to OPNsense at ${OPNSENSE_HOST}..."
|
||||
|
||||
local response
|
||||
response=$(api_request "GET" "/core/firmware/status")
|
||||
|
||||
if echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print('OK' if 'product' in d or 'status' in d else 'FAIL')" 2>/dev/null | grep -q "OK"; then
|
||||
echo "✓ API connection successful to ${OPNSENSE_HOST}"
|
||||
echo "Response: $(echo "$response" | python3 -c "import json,sys; d=json.load(sys.stdin); print(json.dumps(d, indent=2)[:500])" 2>/dev/null || echo "$response")"
|
||||
return 0
|
||||
else
|
||||
echo "✗ API connection failed to ${OPNSENSE_HOST}"
|
||||
echo "Response: $response"
|
||||
return 1
|
||||
fi
|
||||
}
|
||||
|
||||
# List available certificates
|
||||
list_certificates() {
|
||||
info "Fetching available certificates from OPNsense at ${OPNSENSE_HOST}..."
|
||||
|
||||
local response
|
||||
response=$(api_request "GET" "/trust/cert/search")
|
||||
|
||||
echo "Available SSL Certificates in OPNsense (${OPNSENSE_HOST}):"
|
||||
echo "============================================================"
|
||||
echo "$response" | python3 -c "
|
||||
import json, sys
|
||||
try:
|
||||
data = json.load(sys.stdin)
|
||||
rows = data.get('rows', [])
|
||||
if not rows:
|
||||
print('No certificates found.')
|
||||
print('Raw response:', data)
|
||||
for row in rows:
|
||||
uuid = row.get('uuid', 'N/A')
|
||||
descr = row.get('descr', 'N/A')
|
||||
cn = row.get('cn', 'N/A')
|
||||
print(f'UUID: {uuid}')
|
||||
print(f' Description: {descr}')
|
||||
print(f' Common Name: {cn}')
|
||||
print()
|
||||
except Exception as e:
|
||||
print(f'Error parsing response: {e}', file=sys.stderr)
|
||||
print(f'Raw response: {sys.stdin.read()}', file=sys.stderr)
|
||||
sys.exit(1)
|
||||
" 2>&1
|
||||
}
|
||||
|
||||
# =============================================================================
|
||||
# Handle special commands first (before validation)
|
||||
# =============================================================================
|
||||
|
||||
if [[ "$TEST_CONNECTION" == "1" ]]; then
|
||||
test_connection
|
||||
exit $?
|
||||
fi
|
||||
|
||||
if [[ "$LIST_CERTIFICATES" == "1" ]]; then
|
||||
list_certificates
|
||||
exit 0
|
||||
fi
|
||||
|
||||
# =============================================================================
|
||||
# Validation (nur für Proxy-Setup)
|
||||
# =============================================================================
|
||||
[[ -n "$CTID" ]] || die "--ctid is required"
|
||||
[[ -n "$HOSTNAME" ]] || die "--hostname is required"
|
||||
[[ -n "$FQDN" ]] || die "--fqdn is required"
|
||||
[[ -n "$BACKEND_IP" ]] || die "--backend-ip is required"
|
||||
|
||||
info "Configuration:"
|
||||
info " CTID: ${CTID}"
|
||||
info " Hostname: ${HOSTNAME}"
|
||||
info " FQDN: ${FQDN}"
|
||||
info " Backend: ${BACKEND_IP}:${BACKEND_PORT}"
|
||||
info " OPNsense: ${OPNSENSE_HOST}"
|
||||
info " Certificate UUID: ${CERTIFICATE_UUID:-auto-detect}"
|
||||
|
||||
# =============================================================================
|
||||
# NGINX Configuration Steps
|
||||
# =============================================================================
|
||||
|
||||
Reference in New Issue
Block a user